WAPT 2.0 : Secure your information system
Here we are at a long awaited moment within our team: The passage of WAPT to version 2.0! As you can see, the development of this version pushes us to a new level! Let’s discover together what this version contains!
Before we go any further and to simplify your reading, we have to go back to one of our previous announcements. If you are not aware of the end of WAPT Community, please refer to our dedicated blog post. We’ll meet you here, right after!
What’s new in WAPT 2.0?
The development of this version is a bit special. The end of Python 2.7 support has guided our roadmap. This rewriting work has therefore required a lot of time. Nevertheless, we wanted WAPT 2.0 to have new features as well.
So what’s new in WAPT 2.0?
- Python 3 language support
- ACL (Access Control List) management
- Integration of WAPT with GLPI
- Improved package maturity management
- The addition of several features to facilitate your use of WAPT
- The resolution of some bugs in WAPT 1.8.2
Without forgetting the creation of our brand new free version of WAPT: WAPT Discovery
WAPT uses Python 3
As we explained in the introduction, the Python 2.7 language, formerly used in WAPT, is no longer supported. We have therefore decided to integrate the higher version into the core of WAPT. WAPT Enterprise and WAPT Discovery benefit from this change.
Why is WAPT based on Python 3?
Security has always been at the heart of WAPT development, especially since the ANSSI qualification. This is also the case for this version 2.0 ! Thus, for obvious security reasons, we could not (and did not want to) keep an unsupported language.
Moreover, the switch to Python 3 allows us to support new libraries. An interesting advantage, especially if you develop your own packages!
WAPT changes related to the switch to Python 3:
Since we are talking about WAPT packages, we have to give you some details about this. The new version of Python relies on new encryption libraries, so it will be necessary to resign all your packages. It is also possible that some of your packages are not compatible with the Python 3 syntax, so you will have to correct these packages to make them compatible with Python 3 and then redeploy them on your computer.
This work has been greatly simplified with this new version! It is now possible to re-sign packages with a single right click. Nevertheless, do not hesitate to contact us if you wish to benefit from our assistance offer to help you.
Going further with WAPT Enterprise
WAPT Enterprise is the ideal tool to quickly deploy software, perform a complete inventory of your computer park or control Windows updates. Numerous features are also designed to simplify the administration of the largest computer fleets. Still not sure? You get one month free to try WAPT Enterprise!
ACL management within WAPT
For the uninitiated, let’s go first over the principle of Access Control List.ACL, also known as Access Control List, allows you to take advantage of a more precise management of access rights to the different functions of WAPT.
To simplify this definition, you can allow (or deny) access to different parts of the console to certain users. The implementation of ACL is therefore a significant contribution in terms of security, especially for large computer parks.
How do ACLs work in WAPT?
Within WAPT, ACLs allow you to define the different use cases of the console and to prioritize them. In fact, all the functionalities available in the console can be subject to this system of rights. Thus, not all users will be able to undertake the same actions.
There are many situations where ACLs will be useful, for example:
- An administrator creates the organization’s packages.
- The user support team will only be able to assign them to workstations and modify the WAPT self-service rules.
- The CISO takes care of the Windows Update through WAPT WUA.
- The management team focuses on reporting on the IT assets.
The implementation of ACLs is also interesting for all organizations that use WAPT in different departments for different functionalities.
How to set up ACLs in WAPT:
You can manage ACLs from the “User and rights management” tab. If you want a WAPT user to appear in this tab, he will have to connect to the console with his certificate (the first connection is enough). By default, the user will only have read only rights on the console. The “User management and rights” tab is therefore not used to create an account for a user.
After that, you will be able to give him the rights he will need. If you check the “Admin” option, the user will have full rights to the console. We invite you to be careful, the management of rights is defined at the server level and not at the console level.
Once you have upgraded to 2.0, don’t hesitate to set the ACLs, otherwise other users will not have any rights when connecting to the WAPT console.
Take advantage of the integration of GLPI with WAPT
We are proud to present you this functionality that was long awaited! But before going to the complementarity of WAPT and GLPI, some presentations are necessary!
GLPI is an IT Asset Management solution. This type of tool allows you to manage your IT assets and other service centers. If you don’t know the tool, we let you discover GLPI by yourself. We are not moving from here!
How does the integration of GLPI with WAPT work?
The connection between GLPI and WAPT is unidirectional and is done from WAPT to GLPI. Thus, it is not necessary any more to install the “fusion” agent on the whole of your data-processing stations since WAPT is in charge of sending the information to the server GLPI. The “Fusion” plugin must be installed on the GLPI server for the combination to work.
Thus, the integration of GLPI with WAPT allows you to synchronize the inventory of WAPT towards the inventory of GLPI. This new feature is an interesting advantage for the management of computer inventory.
Manage package maturity from the WAPT console
If you discover this feature, don’t worry, its name is very explicit. With this version 2.0, you can:
- Choose the default maturity of imported packages.
- Change the maturity of a package when you import it.
- Change the maturity of packages already in your private repository.
How does the package maturity change work?
When you configure WAPT agents, you can tag your machines with one or more maturity levels: DEV, PREPROD and PROD. Thus, the packages can be deployed on the computers with the corresponding tag. Packages with a different tag than the one allowed will be ignored by the machine.
To change the maturity of a package, go to the “Private repository” tab of your WAPT console and right click on the package in question.
How to set up a software deployment process:
Here is an example of a software deployment process that is quite simple to set up:
- Choose the default import maturity: “DEV”.
- Deploy a package on the machines with the “DEV ” tag*.
- Fix any bugs.
- Set the package maturity to “PREPROD”.
- Deploy the package on machines with the “PREPROD” tag**.
- Fix the bugs until the package is considered stable.
- Set the package maturity to “PROD”.
- Deploy it on the computer park and check its compatibility.
* The “DEV” tag is often reserved for machines that are not in production and are used as a test lab.
**The “PREPROD” tag is often reserved for machines in production but which are not a sensitive asset for the organization.
Benefits of implementing deployment processes:
This change brings better management of the development and testing of your WAPT packages. This feature will be very useful if you are concerned about implementing secure application deployment processes. The recent changes make it much easier to integrate this methodology into an ITIL process.
WAPT Discovery is coming soon
WAPT Discovery is the new free version of WAPT! Based on the code of version 2.0, WAPT Discovery benefits from the transition to Python 3.
Although WAPT Enterprise also has a free trial version, we still wanted to offer a version that promotes the discovery of our tool. So the name WAPT Discovery was a natural choice!
For the moment, we are still working on this new tool. Here are the features of WAPT Discovery:
- WAPT Discovery is a proprietary version, just like WAPT Enterprise.
- This version is limited to 300 computers.
- WAPT Discovery will have the same features as WAPT Community 1.8.2.
- This version will not support “Windows XP” and “Mac OS”.
And this is the conclusion of the traditional presentation of the new version! We hope you will like the new features of WAPT 2.0! Although we still have many projects for this year, we are still listening to your wildest dreams! The comment section is yours!
Secure and optimize your workstation with WAPT
Managing the confidentiality, security and auditing of workstations has become crucial in companies. Poorly optimized configurations can expose vulnerabilities that can be exploited by parties outside the organization. This guide offers several steps and tools for...
Tranquil IT and Cyberwatch interface to detect and correct vulnerabilities in Linux, Windows and MacOS environments
Tranquil IT and Cyberwatch: How to detect and correct vulnerabilities in Linux, Windows and MacOS.
FAQ WAPT 2.5 : Answers to your questions
WAPT 2.5 has been available for several months now. In this specific FAQ, you'll find 10 of the most frequently asked questions and comments.If you receive the error: EWaptCertificateUntrustedIssuer ('Issuer CA certificate CN=blemoigne,C=FR can not be found in...