New features of Snare Server v7.0 include:

• The base operating system has been upgraded to Ubuntu 14.04 LTS, from Ubuntu 10.04 LTS in v6. This provides significantly newer hardware support, and numerous fixes and optimisations within the base operating system.
• The Event Collection System has been through a major restructure, resulting in significant speedups, and associated jumps in events-per-second collection rates. In some cases this has introduced an improvement of up to 500%.
• The Monitor Live Data tool has been rebuilt to remove the confusion and ambiguity that existed with it in previous versions. It now monitors all incoming events, not just events on a specific port, and no longer has issues with fragmented packets and other networking challenges.
• The Snare Configuration Wizard has been updated to include the option to set the system-level Timezone. This removes the need to manually SSH into the Snare Server and run the timezone change command.
• The internal configuration database has been updated from SQLite2 to SQLite3. This introduces massive performance and stability enhancements into the configuration handling component.
• Extra statistics have been added to the System Status report, to aid in monitoring the status of the Snare Server.
• The Snare Update system has been completely rebuilt, to make the process a lot simpler and faster. Unlike the update process in the v6 release, v7 updates are completed in two steps: first the update file is verified, and after user confirmation, it is applied fully in the next step. There is no more need to click the ‘Next’ button through multiple steps. This should significantly reduce downtime during theupdate process. This new update system also includes a full update version history to keep a record of every update applied to the server.
• Upgraded the geographic IP address database to the GeoLite2 database available from MaxMind. This change brings a much greater accuracy in IP address lookups than was available in the legacy Snare Geographic IP Address Database. Upgrading to the full GeoIP2 database from MaxMind is available via a manual process in this release, with a user interface to be released in a future version.
• The current Snare Server License details have been added into a new section within the Health Checker. This should make it easier for customers to check their license details to aid in support requests and for internal tracking purposes.
• Cache selected downloadable objective clusters locally on the installed Snare Server, so that installations that do not have access to the Internet can install regulatory compliance (and related) objectives. These options have also been added into the Snare Configuration Wizard, to provide an introduction to the available options as part of the installation process.
• The Windows Users and Groups objective now imports Group information alongside Users when querying the provided Active Directory connection. This can be used in place of the Snare Agent group information import process.
• Added in new collection module to support Microsoft Exchange 2013, alongside the older Exchange formats.