Synergy major release 2022 - improved cybersecurity and the implications for installation and upgrade

Follow

This article has been updated to reflect that the 2022 major release of Synergy is now available

The 2022 major release of Synergy is available now. With our continued focus on cybersecurity we’ve made some important changes that affect how Synergy is installed and configured. These changes are crucial to meet the needs of our users who demand a cyber-secure platform.

  • Synergy has moved to a more cyber-secure platform called Corretto 17 – this is compatible with 64-bit Synergy only
  • Our ‘secure by default’ ethos means changes to how a new system is configured by default
  • Installation will be prevented if the operating system is Windows 7 (including Windows Embedded Standard 7), Server 2008 or earlier.

The importance of cybersecure platforms

Our customers and end-users are increasingly moving to more inter-connected environments, which increases the risk of cyber attacks.

The components used to develop Synergy are continuously evolving to address emerging vulnerabilities. These vulnerabilities can often be 'patched' - see What is a software vulnerability and how are they managed?

Older platforms - including operating systems - can't always be patched to address vulnerabilities. In these circumstances, the vendor will 'end of life' the platform. In these circumstances Synectics will move away from the legacy platform to ensure our solutions are as cyber secure as possible.

What is Corretto 17?

Synergy is developed using a Java runtime environment. The current version of the Java Development Kit (JDK) has been identified as vulnerable to cyber attacks. Corretto 17 is a production-ready distribution of OpenJDK 17 that enables us to develop Synergy effectively and address the vulnerabilities of older versions of Java. The vendor of Corretto 17 has committed to provide security patches and critical updates until at least July 2029 (more info: external link).

Synergy 64-bit only

64-bit support was introduced in Synergy v19.1.102, with general support for 32-bit Synergy extending to mid-2022.

Synergy will be available for 64-bit systems only from major release v22.1.100 onwards - Corretto 17 is not compatible with 32-bit systems. If a site has 32-bit Synergy it will need upgrading to 64-bit Synergy before Synergy can be upgraded to major release v22.1.100 or above.

Integrations: 64-bit and Corretto 17 support

While most of the integrations supported by Synergy are already 64-bit compatible, there could be existing integrations on sites that will need to be updated to be either 64-bit or Corretto 17 compatible.

In order to make this a smooth process, please fill out this form to let us know your upgrade plans and the existing integrations on those sites.

New Synergy installations will be 'secure by default'

Synergy has many features that allow the system to be hardened against cyber-attack, including rules regarding password strength and re-use, and encryption of configuration and comms. Synergy's 'Secure Check' tool, introduced in major release v20.1, helps Synergy administrators check which security features have been enabled.

From v22.1.100 and above, new installations of Synergy will have many of these features turned on with a fresh install - this means that Synergy is in its most secure configuration by default. There are some important considerations such as: installing engineers having to reset passwords on the default user accounts and DB2 database encryption being the default setting of the Synergy installer. Further information will be provided on these changes.

Windows 7 and Server 2008 'end of life'

As Microsoft no longer supports the Windows 7 (Including Windows Embedded Standard 7) and Server 2008 operating systems, patches for vulnerabilities are no longer provided for them. This means that sites running these operating systems are carrying greater risk of cyber-attack.

From major release v22.1.100 of Synergy and above, the installer will check the system and prevent installation if the operating system is Windows 7, Server 2008 or earlier.

Windows Embedded Standard 7 SP1 operating system was 'end of life' in October 2020. There is an upgrade path to Windows 10 LTSB 2016 or Windows 10 LTSC 2019 for selected Synectics hardware. Please contact your Synectics sales representative for more info.

Synergy GIS 2 mapping 'end of life'

The third-party components used for GIS 2 mapping are no longer supported by the vendor. We recommend sites using GIS 2 mapping are upgraded to the latest Synergy Maps introduced in December 2020.

The benefit of updating our platforms and components

Using third-party components allows us to leverage expertise across multiple areas (e.g. mapping and logging) and enables us to focus on our core strengths in security and surveillance solutions. It's important that we keep these components up-to-date to give our users confidence that Synergy is cybersecure and vulnerabilities can be managed effectively - What is a software vulnerability and how are they managed?

What are the other benefits of the 22.1 major release?

As well as the significant improvements to cybersecurity, Synergy major release v22.1 improves the power and flexibility of alarm and incident management, and brings a more modern look and feel.

mceclip0.png

mceclip1.png

mceclip2.png

We continue to improve our mapping capabilities based on feedback from end users. Synergy Maps will include easier, more configurable icon clustering, and better SVG icons to distinguish clustered map items and active cameras. 

mceclip0.png

Integrations

Key integrations available with the 22.1 major release include:

  • Aloha Point of Sale
  • Axis ANPR 
  • Dallmeier DVR
  • Digital Video Network Protocol (DVNP)
  • Hanwha Techwin DVR
  • Hanwha Wisenet Wave VMS
  • Honeywell Pro-Watch Access Control 
  • VuWall Display Wall

The general release of Synergy v22.1 is available now. For more info, check out this article: Synergy release notes November 2022 - version 22.1

 

Was this article helpful?
0 out of 0 found this helpful