Best Practical attended the Educause Security conference in Baltimore. One of our favorite sessions was a presentation by the University of Pennsylvania about how they use RTIR and automation to manage their high volume of incidents.
To celebrate the release of RTIR 4.0, we recorded a video showing a typical workflow and some key features of RTIR.
We're very excited to announce the availability of RTIR 4.0.0: the first release for the next major version of RTIR. We have completely rearchitected RTIR queues in order to significantly improve RTIR's flexibility and performance. As this is a new major version number, with many changes throughout the entire system, we urge you to carefully test your configuration and customizations. Additionally, RTIR 4.0.0 is the first release of RTIR compatible with RT 4.4.
A quick note on the version number: while this next version of RTIR was under development, we had naturally labelled it RTIR 3.4. However, to reflect the significant architectural changes we made for constituencies and multiple queues, we decided to give this release a new major version number. If you're looking for the version of RTIR compatible with RT 4.4, RTIR 4.0i s it!
Please be sure to review the RTIR 4.0 upgrade documentation, as there are a number of backward-incompatible changes that come along with the new version number. If you are also upgrading to RT 4.4, be sure to also read RT's upgrade documentation.
A list of the major new features in RTIR 4.0.0 is included below. We'll be describing and demoing these new features in a series of right here on our blog in the coming weeks.
The list of new features is provided below. Please see our official release announcement for more information.
- The constituency system has been completely redesigned from the ground up. Don't worry, your existing constituencies will be migrated as part of the upgrade. Now constituencies get a full-fledged queue for each stage of the incident response workflow (one for each of reports, incidents, investigations, and countermeasures). This lets constituency queues tap into much more of RT's flexibility around custom fields, watchers, scrips, etc. This addresses many longstanding limitations around the previous constituency queue design, and significantly improves performance as well.
- You may now have multiple queues for each type of RTIR queue: multiple Incident Report queues, multiple Incident queues, etc. Each of these queues may have its own custom fields, watchers, permissions, scrips, templates, and so on. We're excited to hear about how you make use of this new flexibility.
- If a user has permissions to work with multiple constituencies, it is now possible to limit RTIR's web interface to a single constituency by clicking a link from the new "Work with constituency" box on the RTIR homepage.
- Blocks have been renamed to Countermeasures to reflect their more generic use case.
We're very excited to announce the availability of RTIR 4.0.0rc1: the first release candidate for the next major version of RTIR. We have completely rearchitected RTIR queues in order to significantly improve RTIR's flexibility and performance. As this is a new major version number, with many changes throughout the entire system, we urge you to carefully test your configuration and customizations. Additionally, RTIR 4.0.0 is the first release of RTIR compatible with RT 4.4.
We're thrilled to be in Hamburg, Germany on March 14-15! This training will introduce you to the new features in RT 4.4 as part of a comprehensive overview of RT. Whether you're an old hand at RT or a recent convert, you'll have a good understanding of all of RT's features and functionality by the end of the session.
Also, this session will include our very first RTIR training! We will walk through the incident response workflow, how to integrate RTIR with other systems, and how to best leverage RT's features for security teams (especially the new ones in RT 4.4!). We're also happy to show you the new flexible workflows that the next version, RTIR 3.4, offers you.
We can’t wait to tell you about what we’ve added for you in RT 4.4, including Assets, for tracking physical and digital resources. We’ll show you how to set up service level agreements (SLA) which take your business hours and holidays into account. There’s a new built-in timer for tracking time worked on tickets. You can now upload multiple files at once with a quick drag-and-drop, as well as reuse existing attachments on replies.
We’ll show how RT 4.4 improves things behind the scenes for you. You can have your users authenticate against external services (LDAP). RT can now seamlessly store attachments outside of its database, putting them on the filesystem, uploading to Amazon S3, or in Dropbox. You can even serve them directly out of S3. You can create custom role groups then assign them to queues and tickets. These custom roles can have their own permissions and notifications. We think you’ll find these are foundational for improving automation. There are also some major performance enhancements like gradual ticket history loading that will improve your team’s day to day experience.
The first day of training starts off with a tour of RT's web interface and continues with a detailed exploration and explanation of RT's functionality, aimed at non-programmer RT administrators and users. We'll walk through setting up a common helpdesk configuration, from rights management, constructing workflows and notifications, and the basics of Lifecycles.
The second day of training picks up with server-side RT administration and dives into what you need to safely customize and extend RT. We'll cover upgrading and deploying RT, database tuning, advanced Lifecycle configurations, writing tools with RT's API, building an extension, and demonstrate how to extensibly alter the web UI and internal functions. RTIR will be the focus in the afternoon of the second day.
It goes without saying that you'll get the most out of training if you attend both days of the course, but we've designed the material so that you can step out after the first day with a dramatically improved understanding of how to use RT.
We do have a limit on how many people we can effectively teach, so please register as soon as you can to make sure you get a seat. If you can't make Hamburg, please feel free to suggest a future location by dropping us a line at firstname.lastname@example.org! Our spring training will be in Washington, DC.
For both days, the cost is USD $1,495. A single day is USD $995. Each class includes training materials, a continental breakfast, and snacks (lunch is not provided).
If you'd like to pay with Visa, MasterCard, or Discover, please visit Best Practical's online store. Unfortunately we are unable to accept American Express or PayPal. If you'd prefer to pay with a purchase order, please email us at email@example.com. Be sure to include: if you want to attend both days or a single day and the full names and email addresses of attendees.
Finally, please contact us at firstname.lastname@example.org for discounted pricing if you are from an academic institution or if you'd like to send more than 3 people.
Thanks for supporting RT!
RTIR 3.2.0 is the first release of RTIR compatible with RT 4.2.
It is only compatible with RT 4.2.9 and later and will refuse to install on earlier versions of RT 4.2.