Release Notes

Enhancements and Bug Fixes done in each release listed below:

Network Configuration Manager version 12.8 (Build 128249) - May 31, 2024

Enhancements

  • Now, users can backup, monitor, and compare custom configurations such as VTP, VLAN, etc. similar to how they manage running and startup configurations. Additionally, they can create new custom configurations using templates predefined under MultiConfig templates.
  • Now, users have enhanced accessibility for managing device templates through an upgraded UI design.
  • Now, users can conveniently access all configurations available for devices directly from the Inventory page.
  • Now, by default, Network Configuration Manager supports Aruba Access Point.
  • Now, Association of devices/device groups is allowed for CIS standard policies.
  • Now, marking the CVE status of a device as 'Fixed', 'Resolved', or 'Not applicable' will also clear the associated CVE alarms for that device. Additionally, alarms for existing CVEs with these states will be cleared as well.
  • Now, the Note card to allow external database server 'https://ncm.nimbuspop.com/' for EOL, device template, and firmware vulnerability sync under DB Sync Settings in Basic Settings will always be visible.
  • Now, REST support has been introduced for FortiSwitchOS devices.

Issues fixed

  • Earlier, from version 127102, there was a problem with detecting changes in RFC 3164 compliant syslog messages from third-party syslog servers. This issue has been fixed now.
  • Earlier, cleared firmware vulnerability CVE alarms were raised again after performing a vulnerability sync. This issue has been fixed now.
  • Earlier, Network Configuration Manager's security reports (Nipper reports) were restricted for BV users in OpManager setups. This issue has been fixed now.
  • Earlier, there was an issue with displaying the compliance policy status. This issue has been fixed now.

Network Configuration Manager version 12.8 (Build 128247) - May 14, 2024

Issue fixed

  • General: Previously, CSRF vulnerability (ZVE-2024-1132) was detected where the external users were able to utilize the network tools without authentication to perform ping or SNMP ping on network devices. This has now been fixed. (Reported by Jayateertha Guruprasad).

Network Configuration Manager version 12.8 (Build 128183) - April 02, 2024

Enhancements

  • Now, users can automatically authorize all the changes for backup by enabling the option from Client/Server Settings.
  • Now, by default, Network Configuration Manager supports F5 BIG-IP 14.1.
  • Now, an option to add a device with its corresponding device template based on the nearest sysobject ID is available.

Issues fixed

  • Earlier, there was an issue while editing block exclude criteria. This issue has been fixed now.
  • Earlier, there was an issue when sending change notification for configurations that were not in a readable format. This issue has been fixed now.
  • Earlier, in some cases, the scheduled backup operation would be in the 'in-progress' state for a long time. This issue has been fixed now.
  • Earlier, there was an issue in SNMP trap messages that were generated as change notifications from probe servers. This issue has been fixed now.
  • Earlier, the Default and Advanced configuration search options were case-sensitive. Now, both configuration search options have been modified to be case-insensitive.
  • Earlier, there was an issue with Configlet preview when there were multiple entries for a resource (IP/HOSTNAME) in the provided file. This issue has been fixed now.
  • Earlier, syslog change detection was not working while carrying out changes from Network Configuration Manager SSH or TELNET terminal. This issue has been fixed now.
  • Earlier, if a Configlet name had a trailing space, any alarm generated for such Configlets could not be cleared. This issue has been fixed now.

Network Configuration Manager version 12.8 (Build 128165) - February 13, 2024

Enhancements

  • Now, In Client/Server settings, there is an option to exclude configuration change alarms if changed by user details are not available.
  • Now, support for backup via REST API is added for Cisco ACI devices.
  • Now, a new permission (Security Reports) has been added in Network Configuration Manager under User Management. Users with this permission or full access admin users will have access to Network Configuration Manager security reports (Configuration Analysis Report & Security Audit Report).
  • Now, new reports have been added to Network Configuration Manager including CLI Device Credentials Report, Device Credential Profiles Report, and Firmware History Report. Also, the data regarding EOL unavailable devices and EOL announced devices have been updated across PDF, CSV, and XLSX file formats.

Issues fixed

  • Earlier, there was an issue where backup would fail due to delay in retrieving the initial line of device configuration after executing the backup command. This issue has been fixed now.
  • Earlier, if the configuration line was long, it would be backed up as two separate lines. This issue has been fixed now.
  • Earlier, there was a backup performance issue caused due to unreachable devices. This issue has been fixed now.
  • Earlier, when there was a delay in establishing a device connection, the backup process would fail, displaying the error message "message was not received before the specified timeout period." This issue has been fixed now.
  • Earlier, there was an issue where a user would be assigned "All Devices" in Network Configuration Manager if they did not select any devices. This issue has been fixed now.

Network Configuration Manager version 12.8 (Build 128100) - January 17, 2024

Enhancements

  • Now, unmanaged devices in Network Configuration Manager will be listed under the "Unmanaged Devices" tab in Inventory.
  • Now, Network Configuration Manager is enabled by default in OpManager as well as its related products such as OpManager EE, OpManager MSP, and OpManager RMM.
  • Now, the backup failure alarm for devices will only be triggered if the devices have been successfully backed up at least once.
  • Now, for REST credentials, the Save And Test option is available.
  • Now, by default, Network Configuration Manager supports Calix Switch, Comnet Switch, and Vubiq Ethernet Switch.
  • Now, the Maverick package has been updated to version 1.7.56 in response to CVE-2023-48795.
  • Now, support for CIS compliance standards has been incorporated for Cisco IOS and Cisco ASA devices.

Issues fixed

  • Earlier, when the 'Execute Now' action was clicked for a completed schedule operation, there was no message displayed, even though it would not be executed in the backend. Now, a message will be displayed, informing the user that it cannot be executed.
  • Earlier, there was an issue with exported content of the compliance custom report in PDF. This issue has been fixed now.

Network Configuration Manager version 12.8 (Build 128001) - March 29, 2024

Issue fixed

  • Earlier, upgrade failures occurred due to a data sync issue in Network Configuration Manager Enterprise Edition. This issue has been fixed now.

Network Configuration Manager version 12.7 (Build 127261) - December 22, 2023

Enhancement

  • General: Now, the Maverick package has been updated to version 1.7.56 in response to CVE-2023-48795.

Network Configuration Manager version 12.7 (Build 127260) - December 11, 2023

Issue fixed

  • General: Previously, path traversal vulnerability (CVE-2023-47211) was detected for MIB browser. This issue has now been fixed by implementing path sanitization, ensuring a new MIB is stored exclusively under the "OpManager/mibs" directory.

Network Configuration Manager version 12.7 (Build 127257) - October 20, 2023

Enhancements

  • Now, reports covering Firmware inventory, Device inventory, Network health status, Device management status, Device audit, Startup-Running Conflict, Configuration Changes, Configuration Change Annotation, EOL/EOS, Compliance, User Access, User Audit, and PCI support exporting in both CSV and XLS formats.
  • Now, you can schedule reports in CSV and XLS formats for various report categories including Firmware inventory, Device inventory, Network health status, Device management status, Device audit, Startup-Running Conflict, Configuration Changes, Configuration Change Annotation, EOL/EOS, Compliance, User Access, User Audit, PCI, Hardware Inventory, Backup Status, CVE ID, Exposed Devices, Firmware versions with vulnerabilities, Vulnerability Fix Trend, Device, and Vulnerability History.

Issues fixed

  • Earlier, there was an Out Of Memory issue when deleting Network Configuration Manager devices. This issue has been fixed now.
  • Earlier, when a Tag linked to a user was deleted, the users associated with that Tag experienced scope issues. This issue has been fixed now.

Network Configuration Manager version 12.7 (Build 127243) - September 27, 2023

Enhancements

  • Now, REST support has been introduced for ArubaOS-CX devices.
  • Now, In client server settings, the option to remove charts of PDF format is available.
  • Now, customer can request vulnerability data by sharing the device's OS version information.
  • Now, users can schedule Advanced reports.
  • Now, an option to schedule SNMP operations like interface, VLAN, System Details, and Device SysOID is available.

Issue fixed

  • Earlier, there was a sync issue in Custom Column values and System Details between the Probe and Central servers. This issue has been fixed now.

Network Configuration Manager version 12.7 (Build 127193) - January 24, 2024

Enhancement

  • Now, the Maverick package has been updated to version 1.7.56 in response to CVE-2023-48795.

Issues fixed

  • NCM: Earlier, when a Tag linked to a user was deleted, the users associated with that Tag experienced scope issues. This issue has been fixed now.
  • NCM: Previously from 127189 version, when a new Probe was installed, new user management data were not synced from the Central to Probe server. This issue has now been fixed.

Network Configuration Manager version 12.7 (Build 127142) - January 04, 2024

Enhancement

  • Now, the Maverick package has been updated to version 1.7.56 in response to CVE-2023-48795.

Network Configuration Manager version 12.7 (Build 127132) - July 25, 2023

Enhancements

  • Now, a new device property called 'System Contact' has been added which will be updated with the system description and location.
  • Now, the dependency of a few topology-related tables when adding a Network Configuration Manager device has been removed.
  • Now, users can filter the firmware vulnerabilities report and export them as PDF/CSV/XLS based on time filter selection.
  • Now, optional FIPS compliance mode can be enabled for fresh installations from version 12.7.132.
  • Now, new REST Configlets are added to the Arista REST template.
  • Now, a few enhancements have been made in Firewall NAT rules and policy Configlets of PFSense REST template.
  • Now, by default, Network Configuration Manager supports Array Networks Devices, Audiocodes, Century Systems NX Series, Cisco CIMC, Cisco Email Security Appliance, Cisco Prime, Ericsson Mini-Link, Extreme AccessPoint, Extreme Networks C-Series, HPE Lights Out, HP Procurve 26XX Switch, Hitachi Energy Ethernet Switch, Huawei Eudemon Firewall, Huawei Gpon MA5800 Series, Infinity SD-WAN Device, Lenovo Flex Fabric Switch, Maipu Switch, Maipu MP Series Router, Maipu SM Series Router, Netonix Switch, and RuggedCom RX Series models.
  • Now, REST API support has been introduced for Checkpoint devices. For now, we have only enabled backup option for Checkpoint REST API.
  • Now, REST support has been introduced for HP Procurve devices.
  • Earlier, exporting a large number of configurations took a significant amount of time. Now, this process has now been streamlined for faster exports.
  • The note in SSH Settings has been updated as "The changes will be effective immediately after successfully restarting the NCM service".
  • Enterprise: Now, Network Configuration Manager EE Summary Dashboard in the OPM-Enterprise Edition "Scalability & Unified-Console" modes has been made available with Network Configuration Manager add-on data.

Issues fixed

  • Earlier, there was an issue (duplicate key in ConnectionSpec table) when adding a Network Configuration Manager device to a probe server. This issue has been fixed now.
  • Earlier, backup failure status was not displayed properly in Japanese language. This issue has been fixed now.

Network Configuration Manager version 12.7 (Build 127124) - January 04, 2024

Enhancement

  • Now, the Maverick package has been updated to version 1.7.56 in response to CVE-2023-48795.

Issues fixed

  • Previously in 127123 version, when a new Probe was installed, new user management data were not synced from the Central to Probe server. This issue has now been fixed.
  • Previously there was an issue with viewing generated reports within the Schedule Audit section. This issue has been fixed now.
  • Previously there was an issue with sending reports via email. This issue has been fixed now.
  • Earlier, exporting a large number of configurations took a significant amount of time. Now, this process has now been streamlined for faster exports.

Network Configuration Manager version 12.7 (Build 127105) - June 2, 2023

Issue fixed

  • Earlier, there was an issue while deleting the probe, where Network Configuration Manager devices were not deleted from Central. This issue has been fixed now.

Network Configuration Manager version 12.7 (Build 127102) - May 18, 2023

Enhancements

  • Now, in Network Configuration Manager, multibyte character is supported across the modules.
  • Now, users can generate Security Audit Reports for Cisco ASA, Fortinet, Hillstone, Netscreen, PFSense, Watchguard, Dell Sonicwall, Juniper SRX, and Checkpoint firewalls.
  • Now, Velocity Jar has been upgraded to the latest version of 2.3.
  • Now, Network Configuration Manager supports Cambium Networks Switch; Citrix ADC Loadbalancer; FireEye EX and NX Series Modules; FS Series Switch; Huawei USG Series; Opengear CM and IM Console Servers; and Netgear M Series Switch models by default.
  • Now, users can add multiple Additional block Criteria for Advanced Custom Criteria in Compliance Rule.
  • Now, Config Block End in Advanced Custom Criteria in Compliance Rule is made optional and supports single line block.
  • Now, PagerDuty can be configured in Network Configuration Manager to raise incidents automatically on configuration upload requests and backup failures.

Issues fixed

  • Earlier, from version 126258, we had an issue where configurations were not being saved for "Cisco Firepower Threat Defence" device. This issue has been fixed now.
  • Earlier, we had an issue where viewing configuration differences was not possible when the content was in XML format through change notification and backup schedule emails. This issue has been fixed now.
  • Earlier, we had an issue with syslog change detection for certain H3C devices. This issue has been fixed now.
  • Earlier, there was an issue in OpManager edition where deleting Network Configuration Manager devices did not remove their corresponding alarms. This issue has been fixed now.
  • Earlier, there was a discrepancy between the Critical and Major columns in the Custom Compliance Report. This issue has been fixed now.
  • General: Earlier, PostgreSQL database read only user faced a permission issue in accessing newly created tables. The issue has been fixed now.
  • General: After upgrading to version 127100, there was an issue in enabling SSL with a self-signed certificate if it was enabled for the first time via OpManager UI. This issue has been fixed now.

Network Configuration Manager version 12.7 (Build 127000) - April 26, 2023

General

  • PostgreSQL version has been upgraded to 14.7. The PostgreSQL vulnerability issues from version 10.21 have been fixed now.
  • JRE version 1.8.0_362 will be used in fresh installations (exe / bin).
  • Earlier, from version 12.5.415, there was an issue in "Remember Me". This issue has been fixed now.
  • Tomcat, Wrapper, and various product-specific components have been updated.

Network Configuration Manager version 12.6 (Build 126324) - April 19, 2023

Enhancement

  • Now, Network Configuration Manager automatically clears script execution failure alarms when the same script is successfully executed for the same device.

Network Configuration Manager version 12.6 (Build 126309) - March 21, 2023

Enhancements

  • Bouncy Castle Jars are now upgraded to version 1.72.
  • Now, Network Configuration Manager supports ssh-ed25519 public key algorithm for device connection.
  • Now, Network Configuration Manager gets data from ManageEngine database for firmware vulnerability sync, device templates, and EOL/EOS reports.
  • Now, users can configure to set current configuration as baseline configuration automatically when a new configuration is generated.
  • Now, the approver can directly execute or perform approval alone to a pending request. Later, the requestor or approver (admin) can execute the request from the "Executable request" page. However, schedule request is an exception.

Issues fixed

  • General: Initially, there was a browser crash issue while accessing demo video urls from https-enabled Network Configuration Manager. This issue has been fixed now.
  • Earlier, we had an issue in auto clearance of backup alarms in the event of next successful backup if failure alarm was generated w.r.t service restart. This issue has been fixed now.

Network Configuration Manager version 12.6 (Build 126291) - February 16, 2023

Enhancements

  • Network Configuration Manager now supports Configlet group, which is grouping of Configlets for better management of Configlet scripts.
  • Network Configuration Manager now supports advanced custom reports, where users can configure multiple criteria for a report.
  • Maverick package has been upgraded to the latest version 1.7.47.
  • Now, in Network Configuration Manager Enterprise Edition, schedules can be created in Central and distributed to all Probes.
  • Now, by default, Network Configuration Manager supports Raisecom Switch and Siemens Scalance Switch device models.
  • Now, users can generate device vulnerability history and fix trend information report for network devices added in the inventory.
  • Now, users can update firmware vulnerability state in bulk through file.
  • Now, users can create public schedules which will be available to all users irrespective of role / privilege of the users.
  • Now, users can export Configlet execution output in XLSX format.
  • Now, users can export firmware vulnerability reports in XLSX format.
  • Now, users can generate alerts for device firmware vulnerabilities in Network Configuration Manager and ServiceNow.
  • Now, under the "Add Schedule" section, when selecting "Report Generation" as the schedule type, various reports such as Device Audit, Network Backup Status, Compliance, EOL/EOS, Configuration Change Annotation, CVE ID, Exposed Devices, Firmware versions with vulnerabilities, Vulnerability Fix Trend, and Device Vulnerability History reports are added.

Issues fixed

  • Earlier, there was a mismatch in devices between the Central and Probes in Network Configuration Manager Enterprise Edition. This issue has been addressed by introducing a scheduled operation which will check for any mismatch and sync the devices between Central and all Probes.
  • Earlier, users faced Configlet script failure issue even if '$NO_RESPONSE' is used in case of device reboot scripts. This issue has been fixed now.
  • Earlier, there was an issue while updating SysobjectID, Syslocation, and description using SNMPv2. This issue has been fixed now.
  • Earlier, there was an issue with SNMP V1/V2 Credential Profile association. This issue has been fixed now.

Network Configuration Manager version 12.6 (Build 126288) - June 6, 2023

Issues fixed

  • Earlier, there was an issue while sending firmware vulnerability report through mail. This issue has been fixed now.
  • Earlier, there was an issue while exporting Device Audit report in CSV format. This issue has been fixed now.
  • Earlier, there was an issue in Startup-Running Conflict report in 'Last Operation Status' column while exporting in Japanese. This issue has been fixed now.
  • Earlier, there was an issue in last modified time in CSV and XLS formats of the Backup Status Report in Japanese language. This issue has been fixed now.
  • Earlier, backup failure status was translated incorrectly in Japanese language. This issue has been fixed now.

Network Configuration Manager version 12.6 (Build 126274) - January 10, 2023

Enhancements

  • Now, Network Configuration Manager supports configuration file backup in tgz format.
  • Network Configuration Manager now supports TP-Link Gigabit Switch, Cisco Firepower Threat Defense, MiMOMax-BRU-T, MiMOMax-RRU-T, MiMOMax-BRU-P, and MiMOMax-RRU-P models by default.
  • Network Configuration Manager now supports ArubaOS CX, Ubiquiti Unifi, Ubiquiti Edge Switch models, and Ruckus Unleashed network models by default.
  • Network Configuration Manager now provides CLI support for Cisco APIC by default.
  • Now, schedule time will also be displayed when an operator requests for Configlet Schedule approval.
  • Now, creation of a schedule is blocked when there are no devices available in the selected device group.
  • Now, whenever scheduling fails without a device, an email is sent to the user and a notification is sent to all administrators.
  • Now, Inventory Report in PDF format can be exported with selected columns.
  • Now, administrators can allow users to upload configuration directly by configuring auto approval for upload request.
  • Now, Network Configuration Manager supports Transition Networks Switches and ZyXEL device models by default.
  • Earlier, configuration change alarm will be triggered only if the configuration changed by user details are available. Now, alarms will be triggered for every configuration changes and user can choose to exclude all configuration change alarms.

Issues fixed

  • Earlier, there was an issue in adding bulk devices and because of this there was an issue in the distribution of devices. This has been fixed now.
  • Earlier, there was an issue in creating a device group from the inventory of role-based users and operators. This has been fixed now.
  • Earlier, there was an issue in running a credential rule for bulk devices via "Run Rule Through" option. This has been fixed now.
  • Earlier, there was an issue where role-based users' data were not generated in User Access Report. This issue is fixed now.
  • Earlier, there was a mismatch of terms which were used to represent the status of PCI review report in the GUI and exported format. This issue is fixed now.
  • Earlier, backup failure status was not displayed properly in Japanese language. This issue is fixed now.
  • Earlier, when the admin approves the upload request, requested user was displayed as approved user. This issue is fixed now.
  • Earlier, there was an issue in importing conditional Advanced Script Configlets. This has been fixed now.
  • Earlier, there was an issue in notifying the change through syslog when mail notification too was configured. This has been fixed now.
  • Earlier, on applying PPM for versions below 125455, SSH key based authentication was not working. This issue has been fixed now.

Network Configuration Manager version 12.6 (Build 126258) - October 30, 2022

Enhancement

  • Now, the integration with PMP has been improved to address and prevent any security concerns.

Network Configuration Manager version 12.6 (Build 126165) - October 14, 2022

Enhancement

  • General: To enhance security, changes have been done in the Installshield for Linux builds.

Network Configuration Manager version 12.6 (Build 126162) - October 06, 2022

Enhancement

  • Earlier, database tables were used to populate the hardware details of devices. Now, this dependency is removed and the hardware details are populated directly using the parser XML file.

Network Configuration Manager version 12.6 (Build 126148) - September 14, 2022

Issues fixed

  • Earlier, report generation was not working from device group page. This issue is fixed now.
  • Earlier, report generation was not working for REST Configlets history. This issue is fixed now.
  • Earlier, multibyte characters were not supported in Custom column fields. This issue is fixed now.

Enhancements

  • Now, Network Configuration Manager supports SFTP protocol.
  • Now, users who have enabled 2FA, need to provide a six-digit OTP for Configlet execution sent via mail or authenticator app. If disabled, it can be executed without OTP.

Network Configuration Manager version 12.6 (Build 126130) - August 04, 2022

Enhancements

  • Users can now detect Citrix, Mikrotik, and F5 devices running on vulnerable firmware versions.
  • Under privacy settings, Personally Identifiable Information(PII) search and update has been implemented (PII search helps identify the PII details given by the user across various modules. The PII data can also be updated as anonymous to maintain privacy).

Network Configuration Manager version 12.6 (Build 126122) - September 26, 2022

Issues fixed

  • Previously, on configuring Radius authentication in MSP Central, the Radius authentication option present in the login page of MSP Probe was only shown after service restart. This issue has been fixed now.
  • There were issues in starting a newly installed NCM Probe service, when Autologin is configured under AD authentication in NCM Central. This issue has been fixed now.

Network Configuration Manager version 12.6 (Build 126120) - July 29, 2022

Issues fixed

  • General: Earlier, there was a Remote Code Execution (RCE) vulnerability in IPv6 address management (CVE-2022-37024) and IPv4 address management (CVE-2022-38772) reported by an anonymous working with Trend Micro Zero Day Initiative. This has been fixed now.

Network Configuration Manager version 12.6 (Build 126118) - July 27, 2022

Issues fixed

  • General: A vulnerability resulted in unauthenticated access of the user API key. This issue has been fixed now. (Reported by Anonymous working with Trend Micro Zero Day Initiative. Refer: CVE-2022-36923)

Network Configuration Manager version 12.6 (Build 126116) - July 19, 2022

Enhancement

  • General: Users have the option to skip TFA now. Option to disable Two Factor Authentication is now available.

Network Configuration Manager version 12.6 (Build 126108) - December 14, 2022

Issues fixed

  • Earlier, multibyte characters were not supported in Custom column fields. This issue has been fixed now.
  • Earlier, there was an issue in sending firmware vulnerability report via mail. This issue has been fixed now.
  • Earlier, there were issues in starting a newly installed NCM Probe service when Autologin was configured under AD authentication in NCM Central. This issue has been fixed now.
  • Earlier, there was an issue where role-based users' data were not generated in User Access Report. This issue has been fixed now.
  • Earlier, there was a mismatch of terms which were used to represent the status of PCI review report in the GUI and exported format. This issue has been fixed now.
  • Earlier, backup failure status was not displayed properly in Japanese language. This issue has been fixed now.
  • Earlier, when the admin approves the upload request, requested user was displayed as approved user. This issue has been fixed now.
  • Earlier, there was an issue in firmware vulnerability report pie chart with color coding. This issue has been fixed now.
  • Earlier, there was an issue in firmware vulnerability report with device group and severity filter. This issue has been fixed now.
  • Earlier, there was an issue in exporting compliance report in Japanese language. This issue has been fixed now.
  • Earlier, there was an issue in viewing schedule discovery report from schedule audit. This issue has been fixed now.
  • Earlier, in the Backup Status Report, the 'Last Backup At' column details were not available when exporting CSV and XLS reports in Japanese. This issue has been fixed now.

Network Configuration Manager version 12.6 (Build 126102) - June 29, 2022

Enhancements

  • Users can now generate Backup status report for network devices added in the inventory.
  • A checksum feature has been introduced to verify the file's authenticity and integrity while importing vulnerability data dump into the product.
  • NCM now supports Antristu Device Models by default.

Network Configuration Manager version 12.6 (Build 126101) - June 23, 2022

Issues Fixed

  • General: Unauthorized creation of files lead to high resource consumption. This has been fixed now. (Reported by Tenable. Refer: CVE-2022-35404)

Network Configuration Manager version 12.6 (Build 126000) - June 15, 2022

Enhancement

  • General: Antisamy has been upgraded to version 1.6.4

Network Configuration Manager version 12.5 (Build 125659) - August 11, 2022

  • General: There was an issue with loading the NOC page in Embed view. This issue has been fixed now.

Network Configuration Manager version 12.5 (Build 125656)

  • General: Users have the option to skip TFA now. Option to disable Two Factor Authentication is now available.

Network Configuration Manager version 12.5 (Build 125650)

Enhancement

  • Edit and Delete functionalities are now added for PFSense REST API configlets.

Network Configuration Manager version 12.5 (Build 125646)

Issue fixed

  • Earlier, there was a UI glitch when users tried to execute validate rule while creating compliance rule. This has been fixed now.

Network Configuration Manager version 12.5 (Build 125617)

Issue fixed

  • Earlier, there was a stored XSS vulnerability in the Configlet command in Workflow logs page. This issue has been fixed now.
  • Earlier, imported NCM devices were added to OPM only when service was restarted. This issue has been fixed now.
  • Earlier, when devices were deleted as bulk in NCM Probe, they were not deleted from Central. This issue has been fixed now.
  • Earlier, we had an issue in updating hostname via file. This issue has been fixed now.
  • Earlier, there was an issue in showing NCM tab in OPM Device snapshot for loadbalancers, wireless and unknown device types. This issue has been fixed now.

Enhancement

  • Now Configlets will be executed on the device on multiple retries if the previous try fails.

Network Configuration Manager version 12.5 (Build 125615)

Enhancement

  • Log4j upgraded to version 2.17.2.

Network Configuration Manager version 12.5 (Build 125612)

Issue fixed

  • Multiple XSS vulnerabilities have been fixed in Change Notification, Credential Profile, Compliance, Show Commands, Label Management and Terminal pages.

Network Configuration Manager version 12.5 (Build 125606)

Issue fixed

  • General: A vulnerability resulted in unauthenticated access of the user API key. This issue has been fixed now. (Reported by Anonymous working with Trend Micro Zero Day Initiative. Refer: CVE-2022-36923 )
  • General: Earlier, there was a Remote Code Execution (RCE) vulnerability in IPv6 address management (CVE-2022-37024) and IPv4 address management (CVE-2022-38772) reported by an anonymous working with Trend Micro Zero Day Initiative. This has been fixed now.
  • Earlier, there was a mismatch of terms which were used to represent the status of PCI review report in the GUI and exported format. This issue is fixed now.​
  • Earlier, there was an issue in firmware vulnerability report pie chart with color coding. This issue is fixed now.​
  • Earlier, there was an issue in firmware vulnerability report with device group and severity filter. This issue is fixed now.​
  • Earlier, backup failure status was not displayed properly in Japanese language. This issue is fixed now.​
  • Earlier, there was an issue in sending firmware vulnerability report via mail. This issue is fixed now.​
  • Earlier, there was an issue where role-based users' data were not generated in User Access Report. This issue is fixed now.​
  • Earlier, there was an issue in exporting compliance report in Japanese language. This issue is fixed now.​
  • Earlier, when the admin approves the upload request, requested user was displayed as approved user. This issue is fixed now.​
  • Earlier, there was an issue in viewing schedule discovery report from schedule audit. This issue is fixed now.

Network Configuration Manager version 12.5 (Build 125598)

Issue fixed

  • Earlier, there was an issue while loading settings page in MSP Central when a role user is created with NCM add on. It has been fixed now.

Enhancements

  • REST API based configuration management support has now been added for HPE Aruba OS devices.
  • Users can now configure the syslog change detection status from UI.

Network Configuration Manager version 12.5 (Build 125584)

Issues fixed

  • Earlier, there was a stored XSS vulnerability in the Schedule name field of Schedule page, reported by Hazem Osama. This has been fixed.This has been fixed. (Refer CVE-2022-24703)
  • Earlier, there was a stored XSS vulnerability in the Change rule name field of Change Notification page. This has been fixed.

Network Configuration Manager version 12.5 (Build 125583)

Issues fixed

  • Multiple stored XSS vulnerabilities have been fixed in compliance and device template modules.
  • Multiple low privilege escalation vulnerabilities have been fixed in compliance and firmware vulnerability modules.

Enhancement

  • Now users can remove device(s) from config management in the Device-based licensing model for OpManager Plus installation.

Network Configuration Manager version 12.5 (Build 125568)

Issue fixed

  • General: The upgrade process failed in secondary failover setup due to an issue. This issue occurs when upgrading from builds below 125561. This issue has been fixed.

Network Configuration Manager version 12.5 (Build 125565)

Issues fixed

  • Earlier, configuration backup was failing even with correct enable credentials in few cases. This has been fixed now.
  • NCM Custom Device Templates were not populating in OPMEE if Central base build was less than 125311 and Probe build is greater than 125311. The issue is now fixed.
  • Unauthorized users were able to view alarms of other devices in alarm popups and dashboard widget. This issue is fixed now.
  • Adding/editing a device group using criteria could not be completed successfully due to an issue. This is fixed now.

Enhancements

  • Alarms tab will be shown to all users.
  • A new REST template has been introduced for PFSense devices.
  • REST credentials are now supported for PFSense devices.
  • New REST Configlets have been introduced for PFSense devices.
  • A detailed summary can now be accessed for REST templates.
  • Users can now also check the list of CLI device templates associated with a particular REST template.
  • Look and feel for confirm dialogue boxes have been upgraded throughout NCM.

Network Configuration Manager version 12.5 (Build 125490)

Issue fixed

  • OpUtils: The authentication issue in very few of OpUtils modules' audit directories has been fixed. (Refer CVE-2021-44514).

Network Configuration Manager version 12.5 (Build 125488)

Issues fixed

  • Earlier, there was a Remote Code Execution (RCE) vulnerability in the Ping functionality (Reported by Nam (aka m3) from ECQ). This issue has been fixed now. The corresponding CVE ID: CVE-2021-43319.

Network Configuration Manager version 12.5 (Build 125485)

Issues fixed

  • Earlier there was an issue in viewing Configlet Schedule Report. It has been fixed now.
  • Earlier, whenever a Configlet Schedule was requested by an Operator role user, the Configlet content was not show in the request. The content will be displayed henceforth.
  • Earlier, when a Configlet was executed or scheduled by an Operator role user with variable values provided via file import option, the Configlet was directly executed instead of getting raised as an Upload Request. This has been fixed now.
  • Earlier, while creating Sync Configuration Schedule, whenever foreign characters were used in the Schedule Name, Garbled characters were displayed in the Schedule Audit Result. This has been fixed now.
  • Earlier when suffix='$NO_ENTER' was used in a command in Advanced Script Mode Configlets, its functionality was retained in all succeeding commands. This has been fixed now.

Enhancements

  • Two-Factor Authentication, when enabled, will be applicable for Mobile App login also.
  • Users can now create a new device template xml with new device type and vendor with ease.
  • Users can now perform Firmware vulnerability Advanced CVE search in both OPM and NFA instances.
  • We have introduced a password reset policy for default SCP password.

Network Configuration Manager version 12.5 (Build 125483)

Issue fixed

  • Low privileged users were able to access Audit reports and mail server details (Reported by Ranjit Pahan). This issue has been fixed.

Network Configuration Manager version 12.5 (Build 125482)

Issues fixed

  • Earlier, there was an issue while updating Startup-Running Configuration Conflict Status. This has been fixed now.
  • Earlier, there was "Unauthorized page" warning when users tried to edit the NCM Credential Profile in OpManager. This has been fixed now.
  • Earlier, there was an issue while adding Nortel devices with default Nortel Device Templates. This has been fixed now.
  • Earlier, users were unable to navigate to config file snapshot page if the previous configuration version was removed during cleanup. This has been fixed now.
  • Earlier, users were unable to execute Configlets in devices associated to a few device templates. This has been fixed now.
  • Earlier, configuration change notification email for Cisco manual/schedule backup reports did not contain "Changed by" information. This has been fixed now.
  • Earlier, there was a configuration backup issue due to device max connection. This has been fixed now.
  • Earlier, there was an issue while running compliance checks for Startup Configurations. This has been fixed now.
  • Earlier, XLS Hardware Reports did not contain all the necessary data when the reports had to include a large set of data. This has been fixed now.

Enhancements

  • NCM now supports devices with empty/no Enable Password.
  • Configuration blocks can now be excluded from configuration conflicts if either one of the files contains those blocks.
  • Users can now export configurations of devices whose last configuration backup was successful.

Network Configuration Manager version 12.5 (Build 125475)

Issues fixed

  • Earlier, there was an issue during the redirection of discovery reports from schedule audit. This has been fixed now.
  • Earlier, Configuration Upload Request report showed invalid data for approved requests and rejected requests. This has been fixed now.
  • Earlier, there was an issue in device filtration in User Access report. It has been fixed now.
  • Earlier, there was an issue in CSV file of Startup Running conflict Report. It has been fixed now.
  • Earlier, there was an issue in filtering firmware vulnerability mail report based on the device group. It has been fixed now.
  • Earlier, there was an issue in color code used in firmware vulnerability report. It has been fixed now.
  • Earlier, there was an issue while updating Startup-Running Configuration Conflict status. It has been fixed now.
  • Earlier, there was an issue while adding device groups in the 'Device Group Name' field with Japanese characters. It has been fixed now.
  • Earlier Japanese translation was missing for some fields in the firmware exposed devices reports, approval requests, export configurations and change notification pages. This issue has been fixed now.
  • Earlier, there was an issue while creating PCI Schedule from the PCI Page. It has been fixed now.
  • Earlier the PCI Reports Page and the exported PCI Reports did not match the terms used to indicate the PCI review status. It has been fixed now.
  • Earlier, whenever a Configlet Schedule was requested by an Operator role user, the Configlet content was not show in the request. The content will be displayed henceforth.
  • Earlier, while creating Sync Configuration Schedule, whenever foreign characters were used in the Schedule Name, Garbled characters were displayed in the Schedule Audit Result. This has been fixed now.
  • Earlier in the Hardware Inventory report, Cisco Inventory details were displayed for all vendors in XLSX format. This has been fixed now.
  • Japanese translation was missing for few fields in Credential Rules page, they have been added now.
  • New OPMEE probe was not starting after applying any PPM post 125445 (including), due to a bug in NCM addon's code. It has been fixed now.

Network Configuration Manager version 12.5 (Build 125471)

Issues fixed

  • Multiple stored XSS and low privilege escalation vulnerabilities have been fixed. (Reported by Ranjit Pahan.)

Network Configuration Manager version 12.5 (Build 125469)

Issues fixed

  • General: The XSS vulnerability issue in Task Name of Workflow has now been fixed. (Reported by Ranjit Pahan.)

Network Configuration Manager version 12.5 (Build 125465)

Issues fixed

  • The SQL injection vulnerability issue in configuration search has now been fixed. Refer CVE-2021-41081.(Reported by Hồng DÆ°Æ¡ng Trần)
  • The SQL injection vulnerability issue in hardware details search has now been fixed.Refer CVE-2021-41080.(Reported by Hồng DÆ°Æ¡ng Trần)

Network Configuration Manager version 12.5 (Build 125459)

Issue fixed

  • General: Low privileged users were able to access Support Module (Reported by Ranjit Pahan). This issue has been fixed.

Network Configuration Manager version 12.5 (Build 125445)

New feature

  • NCM now supports Public Key Authentication for connecting to devices.
  • Users can now integrate NCM with ServiceDesk Plus OnDemand and enable ticket creation for Backup failure alerts and Configuration Approval requests.
  • NCM now supports REST API for Arista devices.

Enhancements

  • Users can now select Firmware Vulnerability states to be hidden on the GUI.
  • Users can now generate Security Audit Reports for Palo Alto Firewall devices.
  • Schedules created by users will now be retained after the users have been deleted.

Issues fixed

  • Earlier, the entries in Device Audit Report in CSV format were classified based on 'Operation Details ' column. Now, the entries are classified based on 'Executed At' column.
  • Earlier, there was an issue while submitting email addresses of users for User Access Report. It has been fixed now.
  • Earlier, there was an icon mismatch in the Last Operation Status in Startup-Running Conflict Reports. It has been fixed now.
  • Earlier, a UI glitch displayed the option to edit Upload requests to Operators when they tried to execute Configlets. It has been fixed now and the edit Upload requests will no longer appear for Operators.
  • Earlier, there was an issue while creating monthly Schedules with the Last Date selected. It has been fixed now.
  • Earlier, there was an issue while creating Configlet Schedules with Import File option. It has been fixed now.

Network Configuration Manager version 12.5 (Build 125417)

New feature

  • Users can now automate the process of associating Credential Profiles to devices using Credential Rules.

Enhancements

  • Users can now access the Credential Profile page from the Config Automation dropdown.
  • Device Group names can now be edited.

Issues fixed

  • Minor UI glitches were identified in earlier versions. They have been fixed now.
  • Earlier, Administrators were unable to execute Configlets created by other users. This issue has been fixed now.

Network Configuration Manager version 12.5 (Build 125399)

New Features

  • User Management now supports custom role creation.

Issues fixed

  • Earlier, unauthorized users were able to view other user devices in Compliance Report. This issue has been fixed now.
  • There was an issue when restoring backup during MSSQL installation after the 125301 upgrade. This has now been fixed.

Enhancement

  • Now, the upload request approval permissions are restricted for NCM power users(Admin with limited device/device groups) for security reasons.

Network Configuration Manager version 12.5 (Build 125392)

New Features

  • Users can now detect Palo Alto devices running on vulnerable firmware versions.

Issues fixed

  • Earlier, there was a UI slide issue while adding devices from OpManager to NCM. This has been fixed now.

Network Configuration Manager version 12.5 (Build 125378)

Issues fixed

  • Earlier, there was a stored XSS vulnerability in the Spark gateway due to custom terminal hostname parameter, reported by Ranjit Pahan. This has been fixed.
  • Earlier, the auto SSH/Telnet option didn't work for custom terminal devices. This issue has been fixed.

Network Configuration Manager version 12.5 (Build 125363)

New Features

  • Users can now create tags and use them to group Users, Devices, Device Group, Schedules, Configlets, Compliance Policies, Credential Profiles and Change Notifications.
  • Users can now exclude a block of configuration from being considered while identifying changes between two configuration versions.
  • Users can now integrate NCM with ServiceNow and sync network devices from the ServiceNow CMDB to the NCM Inventory.

Enhancements

  • Users can now change the report type in Schedules by editing the corresponding Schedule.
  • Earlier, there was overall execution timeout for Configlet execution. This has been removed and users can now execute Configlets with longer execution time.
  • Users can now add a delay between each command execution in Advanced Script Execution Mode Configlets.
  • Users can enable/disable Spark Gateway terminal audit from NCM's GUI.
  • Spark gateway terminal is now disabled by default. Users can enable it from NCM's GUI.
  • Maverick package has been upgraded to the latest version 1.7.35.

Issues fixed

  • Earlier, there was an issue while viewing Chinese characters in configuration files. This issue has been fixed now.
  • Earlier, there was an OOM error while scanning network devices for firmware vulnerabilities. This issue has been fixed now.
  • Earlier, Operators had the privilege to update device details from snapshot page. This has been fixed now.
  • Earlier, unauthorized users had the privilege to view devices alarms. This has been fixed and device alarms will now only be visible to authorized users.

Network Configuration Manager version 12.5 (Build 125362)

Enhancement

  • The SparkGateway package has been upgraded to the latest version (SparkGateway 5.9.0) due to a path traversal vulnerability reported by David.(Refer CVE-2021-20078)
  • Earlier, there was a vulnerability, reported by Ranjit Pahan, where Operators were able to access terminals of devices in Administrator's Scope. This vulnerability has been fixed now.

Network Configuration Manager version 12.5 (Build 125358)

Issues fixed

  • There was an issue while trying to add devices to NCM in OpManager and NetFlow Analyzer instances. This has been fixed now.

Network Configuration Manager version 12.5 (Build 125345)

Enhancements

  • Rest API support has been added for Virtual IP Group, Virtual IPv6 Group and Service Group Objects for Fortigate firewall devices.
  • Rest configlet execution history has been moved to an individual page.
  • Complete execution details, including parameter details, along with the results can now be viewed in the rest configlets execution history.

Issued fixed

  • Earlier, there was an issue with rest configlet approval slide. This has been fixed now.

Network Configuration Manager version 12.5 (Build 125343)

Issue fixed

  • Earlier, there was an issue in the probe to device mapping while trying to view device snapshot pages in the enterprise edition. This issue has been fixed in the latest update.

Network Configuration Manager version 12.5 (Build 125329)

Issue fixed

  • General : There was an unauthenticated Remote Code Execution (RCE) vulnerability due to general bypass for the deserialization class, as reported by Johannes Mortiz. This has now been fixed. (Refer CVE-2021-3287)

Network Configuration Manager version 12.5 (Build 125327)

Enhancements

  • Users can now select "Any" in the interface selection for adding Fortigate Address objects, using REST Configlets.
  • One-time schedule object has been added to the Fortigate Object Explorer.

Issues fixed

  • Previously, there was an issue in the Virtual IP Object Explorer multiselect grid. This issue has been fixed now.
  • Previously, there was an issue while selecting SD-WAN interface for Fortigate Address objects. This issue has been fixed now.
  • Earlier there was an issue while sending reports based on device group as mail. This is fixed now.

Network Configuration Manager version 12.5 (Build 125325)

Issues fixed

  • Earlier, there was a data problem while generating Device Inventory report for multiple devices that belonged to the same model but different series. This has been fixed now.
  • Imported devices were not shown in the Custom hardware report. This has been fixed now.
  • Earlier, in the Discovery import CSV slide, there was a vulnerability where XSS can be injected. This issue has been fixed now.
  • When a credential name contained a space or a special character in it, the devices were not discovered. This has been fixed now.
  • Earlier there was an issue in Enterprise Edition's probe startup due to Out Of Memory error. This issue has been fixed now.
  • Earlier, there was a sync issue in device template's 2 AM daily update. This has been fixed now.
  • There was an issue while redirecting from the device group summary page to the device snapshot page. This has been fixed now.

Enhancements

  • The credentials UI has been revamped. Support to provide Rest Credentials has been added for Fortigate Firewall and Pan Alto Firewall.
  • Device Templates, Change Notification, Upload Request, Schedules and Configlets sections have been moved from Settings to newly introduced Config Automation tab for improved usability.
  • Minor UI enhancements have been done throughout the product.
  • Configuration changes with annotation are now added as a new report.
  • Additional columns "IPRange" and "Discovery type" have been included in the Discovery report.
  • Users can now export discovery report as PDF or CSV.
  • Filter (Search) based report generation is now available for Discovery report and Configuration change annotation report.
  • Now users can use either Spark gateway or Maverick terminal, based on their preference.
  • Antivirus message content has been changed in NCM Install Shields.
  • User can now download / upload config files of devices to and from NCM Server using configlets via TFTP Client,SCP Client and SFTP Client.

New features

  • Rest Configlets are introduced for Fortigate and Palo Alto firewall devices.
  • REST API based configuration management support is added for Fortigate Firewall and Palo-Alto Firewall devices.

Network Configuration Manager version 12.5 (Build 125323)

Enhancement

  • Users can now backup F5 network device configurations via UCS files.

Issue fixed

  • Earlier, there was an issue in Diff View while trying to compare a configuration draft with the labeled baseline version. This has been fixed now.
  • Earlier, there was an issue with Telnet connections in Spark gateway terminal. This has been fixed now.
  • Earlier, there was an issue while connecting Spark gateway terminal after updating Host Name using SNMP. This issue has been fixed now.
  • Earlier, there was an issue with the NCM database daily updates in OpManager when NCM was not enabled. This has been fixed.
  • Earlier, some SysOIDs were incorrectly mapped to Cisco CatOS device templates. These SysOIDs have now been associated to the corresponding Cisco IOS Switch device template.
  • Previously, there was a Remote Code Execution vulnerability and it is fixed now.
  • Previously, there was a SQL Injection vulnerability and it is fixed now.
  • Previously, there was an issue while discovering the devices without sysoids. This issue is fixed now.

Network Configuration Manager version 12.5 (Build 125234)

Issue fixed

  • Earlier, there was an issue while installing NCM Probes due to an "out of memory" exception. This has been fixed now.

Network Configuration Manager version 12.5 (Build 125233)

Issue fixed

  • Earlier, there were issues in the custom device templates and in the devices on which they were applied to. This has been fixed now.

Network Configuration Manager version 12.5 (Build 125232)

Enhancements

  • The API framework for the ServiceDesk Plus integration has been migrated to version 3.

Network Configuration Manager version 12.5 (Build 125228)

Enhancements

  • CCTV is now available in the Central Dashboard.
  • NCM has a new UI for Confirm Dialog boxes
  • Custom Column can now be distributed to all probes at once.
  • Operations can now be edited in Central Dashboard.
  • Redirection to snapshot is now available from Alarm page in the Central Server.

Issues Fixed

  • A bug related to probe status has been fixed.
  • Minor issues fixed for EOL reports.

Network Configuration Manager version 12.5 (Build 125216)

Enhancements

  • A grid view has been added in the "All Vulnerabilities" page under the Firmware Vulnerabilities tab.
  • The Compliance Policies view in OpManager has been revamped to look identical to the Compliance Policies view in NCM.
  • Users can now establish device terminal connections using Spark gateway terminal.
  • Users can now associate Configlets with their respective network device vendors.
  • Network device vendor names that were recently changed have been updated in the UI.
  • A set of new default Configlets have been added for operations like Cisco firmware upgrade, enabling Cisco SNMP etc.

Issue Fixes

  • Earlier, there was a UI glitch while users tried to apply device credentials. This issue has been fixed now.
  • Earlier, the option to backup configurations before and after Configlet execution had an issue in the Operator login. This issue has been fixed now.
  • Earlier, there was an issue while users tried to use "<" and ">" prompts in the Advanced Script Execution Mode Configlets. This issue has been fixed now.

Network Configuration Manager version 12.5 (Build 125213)

Issue fixed

  • Previously, there was a thread lock issue that sometimes caused the product to not function as intended. This issue has now been fixed.

Network Configuration Manager version 12.5 (Build 125212)

Enhancements

  • jQUERY has been migrated to version 3.5.1 to avoid vulnerabilities.

Network Configuration Manager version 12.5 (Build 125199)

Enhancements

  • Users can now view files in the "tftp_files/UCS" folder from the GUI.
  • Users can now backup configurations of Cisco APIC devices in tar.gz format.

Network Configuration Manager version 12.5 (Build 125195)

Enhancements

  • Previously, users were not able to add new protocols and new commands while cloning Device Templates. Moreover, XML import was not easily readable. All this has been made easy and users can now customize the Device Templates based on their requirements.
  • Vulnerability data dump can be imported to product manually by downloading the file from the website.
  • Vulnerability reports for CVE, DEVICES, and FIRMWARE have been added.
  • Firmware Vulnerability User interface has been updated with enhanced vulnerability status/widgets.
  • Dynamic IP update using traps is now possible.

Issues fixed

  • There was an issue in creating advanced compliance rule criteria. This has been fixed now.
  • The redirection issue in the alarm short summary page for NCM Alarms in OPM EE has been fixed now.
  • Earlier, there was an issue while editing device groups containing subgroups. This has been fixed.
  • NCM EE's invalid license file error while applying the license has now been fixed.

Network Configuration Manager version 12.5 (Build 125180)

Issue fixed:

  • OpManager: Previously, there was a login issue in the mobile app when Passthrough was configured in OpManager. This has now been fixed.

Network Configuration Manager version 12.5 (Build 125149)

Issues fixed:

  • OpManager: An issue while viewing the short summary page of an alarm in the external monitor is fixed.
  • OpManager: Unable to redirect to Device Snapshot Page from the Short Summary page of an alarm. This issue has been fixed.

Network Configuration Manager version 12.5 (Build 125142)

New Feature:

  • Users will now be able to configure Failover in NCM with Virtual IP Address. This helps to detect changes via syslogs and allows usage of a common URL to access the application.

Enhancements:

  • Maverick SSHTools API is Upgraded from Version 1.6 to 1.7.24
  • Users will now be able to configure SCP username and password from application user interface.
  • Database clean up has been provided for change detection syslog data.
  • Users will now be able to stop configlets sync across probes in the Enterprise Edition.

Issues fixed:

  • Personality configuration file corruption issue has been fixed now.
  • There was an issue in updating custom column details while importing devices using text file. This issue has been fixed now.
  • There was an issue in automatic configlet's remedy action. This issue has been fixed now.

Network Configuration Manager version 12.5 (Build 125136)

Enhancement:

  • We have added a message in the Export Configuration page, asking users to check if their network connection is secure. This will help prevent SMB attacks while exporting configurations using UNC paths.

Network Configuration Manager version 12.5 (Build 125129)

Issue fixed:

  • General : After upgrading the product, there was an "Unable to start the product" error. This issue has now been fixed.
  • General: Previously, the backup functionality was not working for non-English installations. This issue has now been fixed.

Network Configuration Manager version 12.5 (Build 125125)

Issue fixed:

  • Path Traversal vulnerability in URLs starting withhas now been fixed. (Refer CVE-2020-12116 )

Network Configuration Manager version 12.5 (Build 125121)

Enhancement:

  • Earlier, parameters of the Discovery API were passed as query strings. The Discovery API has now been upgraded to version 2 and the parameters have been converted to form data

Network Configuration Manager version 12.5 (Build 125120)

Issue Fixed:

  • General: Unauthenticated access to API key disclosure from a servlet call. ZVE-2020-1820 - @kuncho, an independent Security Researcher, has reported this vulnerability to SSD Secure Disclosure program. The issue has been fixed.

Network Configuration Manager version 12.5 (Build 125116)

Enhancements:

  • Option to update interface details for a device using SNMP Profile is now available.
  • Option to update VLAN details for a device using SNMP Profile is now available.
  • Option to export Hardware Inventory report in XLSX format is now available.

Issues Fixed:

  • Earlier we had a redirection issue in alarm short summary pages. This has been fixed now.
  • Earlier, the message "No Internet connection available" used to appear during firmware vulnerability sync. This has been removed now.

Network Configuration Manager version 12.5 (Build 125115)

Enhancement:

  • Network Configuration Manager now automatically updates IP address if an IP address change has been detected by OpManager.

Network Configuration Manager version 12.5 (Build 125112)

Issue fixed:

  • Earlier, there was an issue while trying to upload configurations into devices. This issue has been fixed now.

Network Configuration Manager version 12.5 (Build 125108)

Issue fixed:

  • General : The obsolete code causing Remote Code Execution vulnerability in Mail Server Settings v1 APIs have been removed.

Network Configuration Manager version 12.5 (Build 125000)

Enhancement:

    • General : PostgreSQL has now been migrated to version 10.10.

Issue fixed:

  • General : The PostgreSQL vulnerability issues from version 9.2.4 have now been fixed.

Network Configuration Manager version 12.4 (Build 124196)

Issue fixed

  • Path Traversal vulnerability in URLs starting withhas now been fixed. (Refer CVE-2020-12116 )

Network Configuration Manager version 12.4 (Build 124188)

Issue fixed:

  • General: Unauthenticated access to API key disclosure from a servlet call. ZVE-2020-1820 - @kuncho, an independent Security Researcher, has reported this vulnerability to SSD Secure Disclosure program. The issue has been fixed.
 

Network Configuration Manager version 12.5 (Build 124186)

Issue fixed

  • Earlier, there was an issue while trying to upload configurations into devices. This issue has been fixed now.

Network Configuration Manager version 12.4 (Build 124181)

Issue fixed:

  • OpManager : Previously, the users were able to read the arbitrary file. This file read vulnerability has now been fixed.

Network Configuration Manager version 12.4 (Build 124177)

Enhancements:

  • Users can now update hostnames using SNMP profiles, directly from the inventory.
  • Users can now manually disable centralized database sync for EOL/EOS, firmware vulnerability and device templates updates.

Network Configuration Manager version 12.4 (Build 124176)

Issue fixed:

  • Network Configuration Manager Enterprise Edition's probe installation wizard issue has been fixed.

Network Configuration Manager version 12.4 (Build 124172)

Issue fixed:

  • The obsolete code causing Remote Code Execution (RCE) vulnerability in Mail Server Settings v1 APIs have been removed. (Reported by Jason Nordenstam) (Refer: CVE-2020-10541)

Network Configuration Manager version 12.4 (Build 124168)

Issues fixed:

  • Previously, auto-login was not working when the special character '&' was present in the username or password. This issue has now been fixed.
  • The JCE compatibility issue that occurred during PPM migration has now been fixed.
  • Earlier, there was an issue while trying to change compliance schedule report type from PDF to CSV and vice versa. This has been fixed.
  • Earlier, operators and power users were able to associate rules and rule groups in compliance policies. This has been fixed.
  • Earlier, operators and power users were able to access SDP and PMP API keys via URL. This has been fixed.
  • Earlier, power users were able approve configuration draft upload requests for devices that were not in their scope of access. This has been fixed.

Enhancements:

  • Alarms page has been completely revamped for better user experience.
  • Under Mail Server Settings, the length of the 'User Name' field has now been increased from 50 to 100 characters.
  • Under User Management, the maximum length of the 'Password' field has now been increased from 25 to 100 characters.
  • A slide has been added to Central, in the Enterprise Edition, to prompt users to associate probes immediately after installation.
  • Firmware vulnerability checks can now operate without device OS type. Device firmware versions will now be checked for any reported vulnerabilities.
  • NCM Support page usability has been enhanced with more details.

New feature:

  • Users can now export configlet schedule via TXT files.

Network Configuration Manager version 12.4 (Build 124104)

Issue fixed:

  • Earlier, there was an issue with the Firmware Vulnerability Management page displaying in Japanese and Chinese languages. This has been fixed now with the I18N key property file update.

Network Configuration Manager version 12.4 (Build 124103)

  • Network Configuration Manager Enterprise Edition's probe installation wizard issue has been fixed.

Network Configuration Manager version 12.4 (Build 124099)

Issue fixed:

  • Weaker file permission for Nipper file has been fixed. (CVE-2019-17421, reported by: Guy Levin (va_start))

Network Configuration Manager version 12.4 (Build 124098)

Issues fixed:

  • Alarm has been disabled for Syslocation location and description.
  • The Security xml issue in Compliance check and Compliance rule has been fixed now.
  • Mssql issue in EOL/EOS Updation has been fixed now.
  • Client side validation for TFTP execution mode Configlets has been fixed.

New Feature:

  • Vulnerability assessment can now be done with Network Configuration Manager.

Network Configuration Manager version 12.4 (Build 124095)

Enhancements:

  • Improvements have been made for fetching EOL/EOS data.
  • During device discovery, NCM will automatically map the device with an appropriate SNMP profile.
  • Certificate Content is now excluded from configuration diff in Cisco devices.
  • "Interface Details" header has been changed in the hardware inventory report PDF.
  • Configlet Execution result status in CSV has been changed from "Completed" to "Success" now.

Issues fixed:

  • EOL report had minor bugs in "Series" and "Model". This has been fixed now.
  • Issues while updating a particular custom column via file have been fixed now.

Network Configuration Manager version 12.4 (Build 124094)

New feature:

  • NCM Enterprise Edition has been launched for managing network devices in a geographically distributed environment and for increasing scalability.

Network Configuration Manager version 12.4 (Build 124079)

Issue fixed:

  • Weaker file permission for Nipper file has been fixed. (CVE-2019-17421, reported by: Guy Levin (va_start))

Network Configuration Manager version 12.4 (Build 124073)

Enhancements:

  • Now, you can change the custom header in the Emails while scheduling.
  • When a report is mailed, it will be now saved in the local server in a pdf format automatically.
  • You can now define Configlet variables using velocity templates.

Issues fixed:

  • The issues in color difference while generating a configuration difference report has now been fixed.
  • Earlier, there was an issue in change notification Roll-back. This has been fixed now.

Network Configuration Manager version 12.4 (Build 124057)

Enhancements:

  • Now, you can execute configlets by adding their respective names to the URL.
  • Breadcrumbs have been added to the device snapshot pages for easy navigation.

Network Configuration Manager version 12.4 (Build 124043)

Enhancement:

  • You can now edit, re-arrange and hide the default tabs in the horizontal menu. New custom tabs can also be added, edited, rearranged and deleted from the horizontal menu.

Network Configuration Manager version 12.4 (Build 124041)

New features:

  • Now, you can manage network devices in NCM using IPv6 address.
  • Now, you can enable automatic remedy for compliance rule violation.

Network Configuration Manager version 12.4 (Build 124031)

New features:

  • NCM now supports scheduling for device discovery.
  • An export option is now added in the Terminal Audit History page.

Enhancements:

  • Global search option has been added for Change Notifications and Approval Requests.
  • Icons in the Device Template grid have been replaced with text for better visibility.
  • Users can now select folder name and file format while exporting configurations.
  • Help links have been added in all pages.
  • Anchor tags have been added in the Compliance Report chart for better usability.
  • Earlier you could update Syslocation, description and sysOID by choosing the profile manually every time. Now, these updates can be done with SNMP profile mapping for any particular device.

Bug Fixes:

  • Earlier, there was a redirection issue from the dashboard for approval requests. This has been fixed now.
  • Earlier, there was a URL redirection issue from email for approval requests. This has been fixed now.
  • Earlier, scheduled backups triggered backups for unmanaged devices as well. Now, NCM triggers backup only for managed devices.
  • There was an issue while trying to map SysOID for hostnames without DNS server. This issue has been fixed now.
  • There was an issue with the EOL/EOS data updation for the devices added via discovery. It has been fixed now.
  • Earlier, discovery reports showed duplicate records due to rediscovery using the same profile. The issue has now been fixed.
  • Earlier, the Compliance Report PDF was blank for device group compliance checks. This issue has been fixed now.
  • XSS vulnerability has been fixed in the following pages: SysObjectIDFinder, Custom Terminal, Exclude Criteria, Compliance pages, Clone Device Template, Change Notifications and Configlets.

Network Configuration Manager version 12.4 (Build 124026)

Bug Fix:

  • The SQL injection vulnerability in 'Reports' page has been fixed.

Network Configuration Manager version 12.4 (Build 124024)

Bug Fixes:

  • Previously, when HTTPS was enabled in the WebClient, some unexpected loading issues were observed. This has now been resolved by upgrading the Tomcat version used in the product.
  • Scroll issue while listing custom dashboards has been fixed now.
  • The 'local privilege escalation' vulnerability has now been fixed.

Network Configuration Manager version 12.4 (Build 124022)

New Features:

  • You can now access NCM from the Windows system tray.
  • Users can now export device configuration differences, from Diff View, to a PDF.
  • Configlet variables, specific to each device, can now be imported to NCM using a CSV file.

Enhancements:

  • Earlier, you could only export configurations of device groups to the NCM server. Now, you can also export configurations of individual devices.
  • You can now export all device configurations to the same folder in the NCM server.

Network Configuration Manager version 12.4 (Build 124000)

Enhancement:

  • JRE has been migrated to 1.8 and various vulnerabilities from JRE 1.7 have been eliminated. Highlights of JRE 1.8 migration:
    • General: Cipher algorithms AES-192 and AES-256 are supported in addition to AES-128 algorithm.
    • General: TLSv1.2 protocol is now supported by default.

Network Configuration Manager version 12.3 (Build 123327)

Bug Fixes:

  • Earlier, the NCM server usage went up to 100%, in a few cases, while executing a scheduled backup. This issue has been fixed.
  • Earlier, there was a delay while updating device credentials. This issue has been fixed.
  • There was an issue with the detailed view of Compliance Reports in Custom Reports. It has been fixed.
  • Earlier, there was an issue while trying to view Security Audit and Configuration Analysis report. This issue has been fixed.
  • The backup failure issue while using the SNMP-TFTP protocol has been fixed.
  • Earlier, taking backups of multiple devices, with some of them being unmanaged devices, resulted in an error message. Now, NCM takes backup of the managed devices, ignoring the unmanaged devices.
  • There was an issue with the EOL/EOS data updation while discovering new devices into NCM. This issue has been fixed.

Enhancement:

  • NCM now supports regular expression login prompt, enable prompt and configlet prompt (only for SSH protocol).

Network Configuration Manager version 12.3 (Build 123323)

Bug Fix:

  • The issue which existed while cloning device templates, has been fixed.

Enhancements:

  • In AD authentication, you can now configure scope to be auto-assigned to users logging-in for the first time, when auto-login is enabled.
  • The latest version of PMP REST API URL has been updated.
  • 1000 device models have been newly added to Network Configuration Manager.

Network Configuration Manager version 12.3 (Build 123312)

New Features

  • Discovery reports have been added newly to allow users to see the discovery progress live.
  • A new option has been provided in discovery reports for adding devices which were not reachable during the discovery process.
  • Users can now choose the devices they wish to add to Inventory, from the list of discovered devices, instead of adding all the discovered devices automatically.

Enhancements:

  • How To and FAQ's are provided for all the major settings pages, Devices Tab in Inventory and Device Snapshot page.
  • New Messaging Framework has been implemented for NCM. Users can now see the appropriate messages on all the important pages to help them use NCM better.
  • The discovery tab has been simplified to make device discovery process easier.

Network Configuration Manager version 12.3 (Build 123306)

Bug Fix:

  • Previously, there was an inaccuracy in percentage values in the compliance snapshot piechart. This issue has been fixed now by removing the percentage marker.

Enhancement:

  • Now, Nipper Report filenames include the device hostname or IP address.

Network Configuration Manager version 12.3 (Build 123304)

Vulnerability Fix:

  • Previously, validation of session failed when the URL contained two or more consecutive backslashes. This vulnerability has been fixed now.

Network Configuration Manager version 12.3 (Build 123288)

Enhancement:

  • Now, transfer files from NCM server to the devices using configlets via SCP client.

Network Configuration Manager version 12.3 (Build 123279)

Vulnerability Fix :

  • The XSS Vulnerability in 'addScheduleforConfig', 'addLabel', 'updateLabel', 'addShowCommand', 'addSharedCredentialProfile', 'updateSharedCredentialProfile' API's has been fixed.

Network Configuration Manager version 12.3 (Build 123277)

Vulnerability Fix :

  • The SQL injection vulnerability in 'getDeviceCompleteDetails' and 'getAssociatedCredentials' APIs has been fixed.

Network Configuration Manager version 12.3 (Build 123274)

New Feature:

  • "Grid view" option has been introduced in the Device Group page. Now, users can switch between "Grid View" and "Widget View" as per their need.

Enhancements:

  • Info messages in all the forms have been made more visible.
  • All the reports can be generated in both Widget and Grid View for device groups directly from the Device Group page.
  • Tasks can be scheduled for all the device groups directly from Device Group page.

Network Configuration Manager version 12.3 (Build 123239)

  Vulnerability Fixes :

  • There was an SQL injection vulnerability in the Alarms section. This issue has been fixed.
  • In Alarms, there was an XSS vulnerability in the Notes column. This issue has been fixed.

Network Configuration Manager version 12.3 (Build 123237)

  Vulnerability Fixes :

  • XSS vulnerability issue in domain controller has been fixed.

Network Configuration Manager version 12.3 (Build 123231)

  Vulnerability Fixes :

  • Apache's 'commons-beanutils' jar has been updated to version 1.9.3 due to 'Remote Code Execution' vulnerability in an older version. (Refer: CVE-2018-19403)
  • Access to 'DataMigrationServlet' has been fixed. (Refer: CVE-2018-19403)
  • The 'Browser Cookie theft' vulnerability has been fixed.

Network Configuration Manager version 12.3 (Build 123223)

  Bug Fix:

  • Syslog Change Detection issue has been fixed.
  • In the Inventory Snapshot page, there was a colour mismatch issue with the legend status color in the pie-chart. This issue has been fixed.

 Vulnerability Fix:

  • The XSS vulnerability issue in updateWidget API has now been fixed.

Network Configuration Manager version 12.3 (Build 123222)

  Vulnerability Fix:

  • SQL injection vulnerability in Mail Server settings has been fixed.

Network Configuration Manager version 12.3 (Build 123218)

  Enhancement:

  • Configlet execution results of multiple devices can now be exported as PDF in bulk.

Network Configuration Manager version 12.3 (Build 123217)

Enhancements:

  • Upload request option which was previously in settings tab, can now be easily accessed from the "Change Management" tab in the main menu.
  • While exporting configurations, you can now give the folder name in both text and numeric formats.
  • The product web-client now supports Russian and Chinese(Taiwan) languages.
  • TCP / UDP port unblock rules for NetFlow packets / Syslogs packets have now been added in Windows Firewall.

Bug Fixes:

  • The start date issue of the daily schedule feature has been fixed.
  • Form validations throughout NCM have been revamped.
  • Issue while swapping configuration versions in the Config Diff view has been fixed.
  • The TFTP service had an issue when the central and probe were installed on the same machine, this has been fixed now.
  • SysOID finder's timeout issue has been fixed.

Network Configuration Manager version 12.3 (Build 123215)

  Enhancement:

  • 'How to' and 'FAQ' help links for Device Template, SysOID and Discovery have been added in the UI.

Network Configuration Manager version 12.3 (Build 123214)

  New features:

  • Information regarding the usage of SysOID in the UI has been added.
  • An option to view the password for all password fields in NCM has been added.

 Enhancements:

  • The grid row size adjustments are now made user-specific across all pages. Individual users can now set their preferred size.

Network Configuration Manager version 12.3 (Build 123207)

 Enhancements:

  • Now get faster fixes to your issues using self-support in the ’Support’ section of NCM.

Network Configuration Manager version 12.3 (Build 123206)

 Bug fixes:

  • EOL / EOS data update issue at server startup has been fixed.
  • XSS Vulnerability in Device Group page has been fixed.
  • Multiple audits issue for NCM Terminal action has been fixed.
  • UI glitch in terminal view has been fixed.

  New features:

  • Basic device monitoring tools have been added for NCM in Horizontal tab menu.
  • 'Execute now' option has been added for Schedules.

 Enhancements:

  • Horizontal Tab Menu has been introduced for NCM.
  • Default schedule samples have been added.
  • Enhanced 'Getting started' GUI has been added for NCM.
  • Selected time period has been made visible in Configuration Changes Reports now.
  • Support option can now be found in the horizontal tab menu.
  • Global 'Config Diff view' option can now be accessed from all the tabs under inventory.

Network Configuration Manager version 12.3 (Build 123194)

 Enhancement:

  • NCM now extends customization options to the login page. You can now choose to show/hide the copyrights and also change the background to an image of your choice.

Network Configuration Manager version 12.3 (Build 123191)

 Enhancements:

  • Comparing any two configuration files from anywhere within NCM is now through the 'diff view' page.
  • The diff view page is now enhanced to show details like 'Annotation', 'Last Modified By' and 'Timestamp of configuration backup'
  • Now, you can access 'select' boxes in the UI using focus, and also toggle them directly with the keyboard.
  • While setting email for any notification/schedule in NCM, if the mail server settings is not pre-configured, a warning message will be displayed.
  • Now, NCM supports 700 new models and we have updated the series and model data for a few existing devices.

Network Configuration Manager version 12.3 (Build 123179)

 Bug fix:

  • Previously, the upgradation to build 123158 and above caused network interruptions in Windows 7 & 2008 R2. The issue is fixed now.

Network Configuration Manager version 12.3 (Build 123177)

 Enhancements:

  • EOL/EOS data is now updated from the local database. 
  • Now you can discover devices in a single step.
  • XML External Entity vulnerability security patch is released.
  • SNMP profile is now unified and it can be accessed from a single place.
  • Now you can request for the latest EOL/EOS data from the NCM support of the product.
  • Now you can update SysOID for multiple devices at one shot.

Network Configuration Manager version 12.3 (Build 123169)

 Vulnerability Fixes:

  •  Security Patch to remove Zip Slip Attack.
  •  Security Patch to handle Local File Inclusion Attack.
  •  Cross site scripting(XSS) and arbitary file read vulnerability in Fail Over has been fixed. [CVE - 2018 -12997, CVE - 2018-12998]

 Network Configuration Manager version 12.3 (Build 123159)

  • NCM: Export the devices listed in device inventory page as PDF.
  • NCM: A device group that is listed as a sub group in another device group cannot be deleted.
  • NCM: Issue of database backup and restore failure after importing new device template is now fixed.
  • NCM: Issue of upgrade failure due to ncm personality-configuration is now fixed.

Network Configuration Manager version 12.3 (Build 123156)

  • License Agreement has been updated.
  • Promotions related to ITOM Events will be displayed in the UI header after login.

Network Configuration Manager version 12.3 (Build 123151)

Bug fixes
  • In Group Chat Module, "Operator" user was not restricted from viewing the list of users, their User ID and Email addresses. This issue has been fixed.
  • EncryptPassword.bat has been removed due to DOS attack.
  • Path Traversal vulnerability in uploadMib API has been fixed (Reported by Pulse Security) 

Network Configuration Manager version 12.3 (Build 123137)

Enhancements

  • Network Configuration Manager is now GDPR compliant with the privacy messages and consent requests displayed in the UI.
  • Dashboards are now user-specific and allows users to create their own private dashboards. Apart from this, users with administrator privilege can associate dashboards that are created by them with select users.
  • Increased privacy & security through product enhancements.
  • More user-friendly with editable Configlet names.

Bug fixes

  • Custom column names now populate uniformly throughout the UI after a change.

Network Configuration Manager version 12.3 (Build 123129)

  • Path Traversal vulnerability in upload Mib API has been fixed.
  • The RemodeCodeExecution(RCE) vulnerability occurring while testing scripts has been fixed.
  • The SQL injection vulnerability in "FailOverHelperServlet" for the operation 'standbyprobestatus' has been fixed.
  • The SQL injection vulnerability in "FailOverHelperServlet" for the operation 'getprobenetworkshare' has been fixed.
  • In Group Chat Module, "Operator" user was not restricted from viewing the list of users, their User ID and Email addresses. This issue has been fixed
  • Previously, "Operator" user was not restricted from viewing the URL monitors in the Inventory Page. This issue has been fixed.
  • Previously, "Operator" user was not restricted from being able to modify the background color and the tile color in the 3D floor view page. This issue has been fixed.

Network Configuration Manager version 12.3 (Build 123123)

Bug fixes

  • 'Should contain exact set' in Compliance rule criteria is now fixed and executes properly.
  • The Rule Compliance page under MSSQL now displays the necessary data.
  • The '%' symbol in labels of configlet parameters from 'Execute Configlet' page has been removed.

Enhancements

  • Compliance page has been added in left menu bar for quick access. All compliance-related functionalities are now available under this page.
  • Now, you can share Custom Device Templates to NCM Administrators worldwide in 'Device template >> Custom >> Share'.
  • Additional hardware information for Cisco devices is now displayed in the Device Snapshot page under 'Inventory' tab. We will support other vendors also in the near future.
  • You can now search devices by providing their hardware details, in 'Inventory >> Search by hardware details' (Filter icon on top-right corner).
  • Device selection list is sorted in 'Configlets Execution' and 'Schedules' pages with the IP addresses of the devices.

Network Configuration Manager version 12.3 (Build 123106)

Bug fixes

  • 4439431 - Know which config version is baseline in config diff view. (The Config version that is baseline is mentioned as 'Baseline').
  • 4550432 - Layout of NCM Nipper reports has been revamped.
  • 4571167 - Issue while finding SysOID has been fixed.

Enhancements

  • View SNMP profiles from System Location and Description pages.
  • Select specific SNMP profiles to be used while updating location and description details for devices.
  • Add devices as unmanaged if the total number of devices exceeds the license limit.
  • More devices are supported by default with the additional SysOIDs.
  • I18N keys are now available.
  • Minor UI enhancements.

New Feature - Terminal :

  • Terminal page can be used to open a terminal to any device in the network.
  • Terminal connection to the inventoried devices can be opened under ‘Settings >> NCM >> Inventoried’.
  • For devices that support terminal function but are not included in Inventory, the session can be initiated by ‘Settings >> NCM >> Terminal >> Custom’.
  • All the terminal sessions will be logged and can be viewed in ‘Settings >> NCM >> Terminal >> Audit History’.

Network Configuration Manager version 12.3 (Build 123105)

Enhancements

  • Network Configuration Manager now scales more. A single server supports 10000 devices. If you need to manage more than 2000 devices, configure the number of parallel job count to a minimum of 50 in 'Settings >> NCM >> Server settings' and restart the server.
  • You can trigger a configuration backup operation for any number of devices in a single schedule in 'Settings >> NCM >> Schedule'.
  • You can now apply the credentials for any number of devices successfully from 'Device Group' page under Inventory section.

Network Configuration Manager version 12.3 (Build 123091)

Bug fixes

  • 100% CPU Utilization issue due to Syslog flooding has been fixed.
  • 100% CPU Utilization issue due to Fortigate Firewall backup has been fixed.

Network Configuration Manager version 12.3 (Build 123083)

Enhancements

  • Dashboard loading has been revamped and optimized for better performance.
  • In the Login page, iPhone/Android and iPad application download links have been included.
  • License expiry information in header had a few alignment issues. This has now been fixed.
  • User Icon with product details and about information has been moved to right top corner.
  • In the Inventory page, product based tabs have been moved horizontally.
  • Sign out option has been moved from Quick links to User details menu.
  • Support icon has been added for (Mail, Apply license, phone number, SIF, User guide, Videos, Service pack, ThreadDump, DB Query & view Logs) links.
  • In support page, the Query page under DB Query will be opened in a new window without ember.

Network Configuration Manager version 12.3 (Build 123070)

Vulnerability fix

  • SQL injection vulnerabilities in Servlet's API has been fixed.

Network Configuration Manager version 12.3 (Build 123069)

Bug Fixes

  • Backup operation fails for the following device type in builds 12300 to 123064 due to Maverick upgrade. Device backup command response stops in the middle of an execution and expects an enter key (LineFeed) to send the remaining response. This issue has been fixed in this release and now you are able to backup this device type without any issues.
    • Device type: Cisco IOS Software, IOS-XE Software, Catalyst L3 Switch Software (CAT3K_CAA-UNIVERSALK9-M),Version 03.07.03E RELEASE SOFTWARE

Network Configuration Manager version 12.3 (Build 123064)

Enhancements & fixes

  1. Alert message for existing device while adding non SNMP devices.
  2. Time based report for configuration change.
  3. 4318485: Schedule Security Audit Report is now added
  4. Now you can view compliance policy violation widget in dashboard
  5. View configuration file while uploading labeled configuration.
  6. Help document now available on how to execute Configlet.

Network Configuration Manager version 12.3 (Build 123057)

Vulnerability fixed

  1. DDI-VRT-2018-02 – Unauthenticated Blind SQL Injection via /servlets/RegisterAgent
  2. DDI-VRT-2018-03 – Unauthenticated Blind SQL Injection via /servlets/StatusUpdateServlet and /servlets/AgentActionServlet
  3. DDI-VRT-2018-04 – Multiple Unauthenticated Blind SQL Injections via /embedWidget
  4. DDI-VRT-2018-05 – Unauthenticated XML External Entity Injection via /SNMPDiscoveryURL
  5. DDI-VRT-2018-06 – Unauthenticated Blind SQL Injection via /unauthenticatedservlets/ELARequestHandler and /unauthenticatedservlets/NPMRequestHandler
  6. DDI-VRT-2018-07 – User Enumeration via /servlets/ConfServlet.

Network Configuration Manager version 12.3 (Build 123055)

Enhancements & bug fixes

  1. Advanced Configuration Search in Inventory page with multiple search conditions.
  2. Shared Device Template and Request New Device Templates options are provided.
  3. 4224773: List view of devices associated to each credential profile.
  4. Credential profile is now moved under NCM Tab in settings.
  5. Now access & edit system properties from NCM GUI.
  6. Device Group widgets with status of Backup, Compliance and Conflict status bar charts now available in inventory.
  7. Execute Configlets option is provided in the select menu in Devices Inventory at the top right corner.
  8. Snapshot Configlets without parameters will be executed directly without prompting for parameters.
  9. SSH Settings: Allow/block Ciphers, Key Exchange and HMACs in product settings page.
  10. 'User audit clean up' option is now available in Database Administration settings.

Network Configuration Manager version 12.3 (Build 123052)

Bug fixes / Changes

  1. The possibility to fetch user details through ConfServlet has been fixed and is secured now.

Network Configuration Manager version 12.3 (Build 123035)

Bug fixes / Changes

  1. Fixed the reporting options (violated rules only, compliant rules only or all rules) in scheduling compliance report for CSV format.
  2. Error message for expired time in 'Once' option for add schedule page.
  3. 4025368 - Fixed the EOL Report with no data in OpManager Probe server.
  4. 4244879 - Compliance validation issue in exact set criteria rule is fixed.
  5. Admin has to give annotation while authorizing/unauthorizing configchanges.
  6. System settings page is enabled for NCM.
  7. Filter by time option is provided in changes page.
  8. Aruba Controller backup failure issue is fixed.
  9. Now configure the number of parallel threads for SSH connection.

Network Configuration Manager version 12.3 (Build 123023)

Bug fixes / Changes

  1. Option to clone a device template is provided in GUI.
  2. Provided an option to delete existing sysOID in GUI.
  3. Schedule actions are removed from device Inventory multi-select actions list and is now added under a new group 'Schedule'.
  4. Option to schedule configlets is provided in Configlets list page.
  5. 3942442 - Option to retry backup for backup failed devices.
  6. 4101225 - Option to add DNS name in reports for application URL instead of IP Address.
  7. 4150507 - Search option is provided to select device in the multi-select box in GUI.
  8. Uniform color coding for authorization & unauthorization across the product.
  9. Option to edit import devices and values option is provided in the "Configlet Schedule" page.
  10. Configuration Change Trend, Compliance Report, Device Audit Report are now provided in the device snapshot page.

Network Configuration Manager version 12.3 (Build 123008)

Bug fixes / Changes

  1. 4094309 -- SSH Vulnerability #1 : The SSH server is configured to support Cipher Block Chaining (CBC) encryption, which may allow an attacker to recover plain text message from the ciphertext. We've now fixed this by providing an option to disable the CBC mode encryption using system property.
  2. 4094309 -- SSH Vulnerability #2 : The remote server is configured to allow MD5 and 96-bit MAC algorithms, both of which are weak algorithms. We have now fixed this by providing the option to disable these algorithms using system property.
  3. 1584237 -- Configuration Analysis and Security Audit Reports are now supported for device templates which were not supported in earlier versions.
  4. 4255506 -- SCP wasn't working in the 12300 upgrade. It is now fixed with this release.

Network Configuration Manager Version 12.3 (Build 12300)

New features:

  • Global search - Search features, devices and also texts within configuration files with the results-retainable search bar.
  • Add/edit device templates - Add/edit any number of device templates as .xml files based on your need.
    Note: If the .xml files are complex, contact support with your requirements and we'll help you
  • Schedule configuration upload - Schedule configuration upload to a later date and time from the device snapshot.
  • Real time notification approval request - Be notified in real-time when there is a change request for approval. The requester also gets notified upon approval/rejection of the request.

New device models supported:

  • InsysMoros
  • Sonicwall Firewall
  • Trapeze WLAN Controller
  • Ubiquiti Air Os
  • Garderos Router
  • Juniper Fabric Switch
  • F5 Netcon
  • F5 Big IP114
  • Edgecore L2 Switch
  • Huawei S 5300 Switch
  • Hitachi GR 2000 Router
  • Juniper MX Series Router
  • Mimomax

Enhancements:

  • Real time GUI - Be notified in real-time when there is a change request for approval. The requester also gets notified upon approval/rejection of the request.
  • Dynamic device groups - Create device groups based on Backup Status / Config Conflict status / Compliance Status.
  • User specific Retainable filters and column choosers - Show/hide columns in list views. Save the selected filters in Inventory and apply the same filters when you come back to Inventory page.
  • List view of configlets associated to a Template - Add / associate / delete flow export configlets in a Template. Also, add new Device Identifiers (Device SysObjectId) in a Template manually.
  • Authorization for changes done from outside NCM - Categorize the configuration change as authorized even when the change is done from outside NCM. Add the authorized user names separated by comma in System_Properties.conf under <NCM-HOME>/conf directory.
  • Find Sysobject using SNMPv3.

Network Configuration Manager Version 12.2 (Build 12200)

Enhancements

  • Export flow: Exporting flows from your device to Netflow Analyzer or any flow processing tool involves a string of commands and tasks. With Export flow in Network Configuration Manager, get it done in 3 simple steps
  • Edit SysObjectIDs: Did you make an error while adding a SysObjectID? You can correct it easily as Network Configuration Manager allows you edit the Device Type, Model, and Series number even after adding SysObjectID into the application.
  • Configlet promote: Some configlets are more often used than the others. Keep these configlets handy at the inventory page using the Configlet Promote feature
  • Sync password: Keep the network device passwords updated and secure by integrating with Password Manager Pro. This feature periodically updates the latest network device credentials from Password Manager Pro
  • Custom reports: Reports come in all shapes and sizes. With the Custom Report feature, you can create fully customized reports that meet your specific needs
  • CSV reports: Do you have to upload a report into another tool as a CSV file? Network Configuration Manager allows you to get reports as CSV files.
  • Configuration change trend report: Get the trend of the configuration changes over a specific period of time. The trend is shown graphically for easy understanding.
  • Reports: You can now get 3 different reports for within a device from the snapshot page.
    1. Recent Configuration Change Report: Get a quick report of the 5 recent configuration changes in a device.
    2. Configuration Analysis Report: A nipper-based report that analyses the configuration and suggests best practices.
    3. Security Audit Report: A nipper-based report that drills down to each line of the configuration and checks the same against the configuration rules. This report carries line by line information about violation of the configuration rules.

Network Configuration Manager Release 12.1 (Build 12100)

Enhancements

  • Option to save & upload the configuration drafts in one click
  • Users can now select multiple rules from rules list view and associate them with rulegroup(s). Similarly selecting multiple rulegroups and associating them with policy(s) is also possible

PCI Review

  • Option to enable multiple PCI reviews at one go
  • Option to configure email notifications for PCI reviews

Excluding Change Notifications:

Add EXCLUDE_CONFIG_CHANGE_ALARM_USERS=user1,user2 in system_properties.conf file. This will exclude change notification if configuration is changed by user1 or user2

Bug Fixes / Changes

  • Issue in sending Syslog notifications on Configuration change is now resolved
  • Issues with generating PDF and sending Email over Reports are fixed

Note: Database Maintenance, Data Migration, Add-on/Products Integration are removed from the client

Network Configuration Manager Release 12.0 (Build 12000)

New Features & Enhancements

  • New User Interface - NCM gets a new stylish makeover with a better user experience.
  • Workflow Automation - The new workflow automation in NCM lets you to automate time-consuming manual tasks with ease
  • Heat Map - HeatMap helps you to visualize the configuration backup status in real-time from a single page. It uses different color codes to communicate the status of the backup operation.
  • Group Chat - NCM offers a multi-threaded cascading wall for IT teams to collaborate in real-time. You can like or comment on any discussion you have access to. And get notified instantly when someone tags your name in any of the discussions.
  • Popup notifications - Now with the help of new popup notification, you get to know what’s happening in your network in real-time. These notifications appear at the bottom of the screen instantly alerting you about the alarms raised.

Network Configuration Manager Release 11.0 (Build 11000)

New Features & Enhancements

  • Name Change - DeviceExpert has been renamed as 'Network Configuration Manager'
  • PCI Review - Option to schedule & review all the firewall configuration & policies regularly.
  • New Fluidic Webclient - Ultra-fast, API driven Fluidic user interface is ready to use. The new Fluidic webclient will become the default user interface for all new installations. However, users can switch to old UI at anytime in a single click.

DeviceExpert Release 5.9 (Build 5990)

New Features & Enhancements

  • Option to import Device Group has been included
  • List of devices can now be imported from a file to execute Custom Template

New Device Models Supported

  • Brocade Router
  • DLink DES 3200 Switch
  • Huawei NE40E-X3 Routers

Bug Fixes / Changes

  • User Audit for DeviceGroup update has been added
  • User Audit for User Details modification added
  • Multiple entries can be provided for single HostName/IPAddress in CustomTemplate file upload option.

DeviceExpert Release 5.9 (Build 5981)

Bug Fixes / Changes

  • Servlet based security issue fix.

DeviceExpert Release 5.9 (Build 5980)

New Features & Enhancements

  • Six more REST APIs introduced:
    1. MANAGE - To manage a network device in DeviceExpert
    2. UNMANAGE - To unmanage a network device
    3. GET_DEVICE_COUNT - Returns the total number of managed devices count
    4. GET_BACKUP_FAILED_COUNT - Returns the total number of backup failed devices at present
    5. GET_BACKUP_SUCCESS_COUNT - Returns the count of successful backup operations
    6. UPDATE_IPADDRESS - Updates the IP address of the given device with the latest
  • Administrators can now view the list of all SystemObject Identifiers in table view from 'Admin' tab.
  • Option to save configurations for backup before and after custom template execution
  • SSH and TELNET protocol support for Force10 E-Series switches

New Device Models Support

  • HP 5500 series Switch
  • PaloAlto Panorama Centralized Management console

Bug Fixes / Changes

  • In v5970, compliance pie-chart navigation from the home page dashboard threw errors. This has now been fixed.
  • Earlier, there were issues in populating the hardware properties of PaloAlto devices. This has now been fixed.
  • Earlier, there were issues in backing up the configurations of Cisco WLAN Controllers. This has now been fixed.
  • In v5970, reports exported as pdf did not cover all applicable devices. It was restricted to the number of devices in current page view. This has now been fixed.

DeviceExpert Release 5.9 (Build 5970)

New Features & Enhancements

  • Option to view the list of devices associated with any compliance rule. Reports can also be generated based on policies.
  • Option to synchronize system description and sysLocation details from the network device to DeviceExpert.
  • Custom templates can now automatically append hostname and timestamp ( <hostname_timestamp> for the files downloaded from the devices. This will help in pulling multiple context stack switch configuration information and store them as flat files under <deviceexpert_home>/tftp_files directory.</deviceexpert_home> </hostname_timestamp>
  • New REST API to add users
  • Option to send email notifications only on failure of database backup and export configuration operations.
  • Option to include information on who invoked backup of device configuration in the config change notification emails. This can be configured as part of defining configuration change management rule.
  • Real-time change detection is now supported for HP Switch & Juniper SRX devices.
  • Telnet & SSH protocols can now be used for managing the configurations of Fortigate Version 3.x and VDOM 3.x

New Device Models Support:

  • Avocent ACS
  • Juniper WLAN controller
  • Pravail APS
  • Avocent Terminal
  • Cisco ASR Mobile Gateway

Bug Fixes & Changes:

  • Earlier, when generating a compliance report out of the custom reports, latest configuration data was not taken into account. This has now been fixed.
  • Earlier, database backup failure status was not properly updated in audit records. This has now been fixed.
  • When there were multiple SNMP profiles, devices discovery failed often. This has been fixed.
  • Earlier, in certain specific conditions, EOL report generation threw an error. This has been fixed.
  • Operators will henceforth not have the privilege to view/edit credentials and credential profiles.
  • Earlier, there were issues in populating the hardware properties of Cisco WLC, Cisco Nexus and Nortel Switches. This has been fixed.
  • Earlier, there were issues in backing up the configurations of Cisco WLAN controllers. This has been fixed.

DeviceExpert Release 5.9 (Build 5960)

New Features & Enhancements

  • SIEM Integration: Provision for sending Syslog messages to SIEM tools upon detecting a configuration change event. SIEM tools can then thoroughly analyze these events, correlate them with other network events and provide informative, holistic insights on the overall network activity.
  • REST APIs to get all supported device types and to add devices.
  • Option to exclude configuration difference in configuration backup notification emails triggered after executing scheduled tasks for config backup
  • Option to include custom columns in configuration change management email notifications (as part of Send Email action)
  • Telnet & SSH protocols can now be used for managing the configurations of HP Switches.
  • CLI commands and command output can be copied and pasted on the TELNET / SSH terminals in the DeviceExpert GUI

New Device Models Support

  • Aruba Controller
  • Tippingpoint IPS
  • MobileIron Sentry
  • Juniper LoadBalancer
  • Ciena Switch
  • H3C Device
  • Check Point GAiA Firewall

Bug Fixes / Changes

  • Earlier, in Advanced Script Execution, there were issues in identifying the prompt due to which the next command was getting executed.This has been fixed.
  • Issues in populating hardware properties of Fujitsu & Layer 3 Cisco Switch have been fixed.
  • Earlier, there were issues in enabling change detection in Huawei Switches. This has been fixed.
  • Earlier, the Ping option in Add Device GUI was not working. This has been fixed.
  • Earlier, there were issues with formatting the output of Show commands of HP Switches. This has been fixed.

DeviceExpert Release 5.9 (Build 5950)

New Features & Enhancements

  • Session Recording: TELNET & SSH connections launched to the devices from DeviceExpert GUI can now be recorded, archived and played back to support forensic audits and let enterprises monitor all actions performed by users. Session recording caters to the audit and compliance requirements of organizations that mandate proactive monitoring of activities. Administrators can readily answer questions regarding the ‘who,’ ‘what’ and ‘when’ of access to device configurations.
  • Custom Templates: To enhance the usability of templates, DeviceExpert allows you to define 'Template Variables' while creating templates. A template variable is a placeholder for a value, which can be specified when the template is uploaded to the device. Hitherto, there was provision to assign only a single value for the variable. So, when users wanted to apply the template on multiple devices with a different value for each device, the template had to be executed many times. This has now been enhanced with the provision to assign a different value for each device. The values for the template variable for each device can be specified through a text file.
  • Device Groups: Provision to filter devices in the inventory and create a new device group out of the filtered devices
  • Export Configuration: Provision to export configurations of devices belonging to specific device groups
  • Real-time Change Detection: Real-time change detection is now supported for Juniper switches and routers

New Device Models Support:

  • FiberHome Switch
  • ZXR Router ZSR Version 2.x
  • Fujitsu IPCOM EX1100
  • FortiGate Firewall VDOM V3

Bug Fixes/Changes:

  • Earlier, there were issues in synchronizing configurations of Cisco Nexus devices. This has been fixed.
  • Issues in populating hardware properties of H3C devices have been fixed.
  • Earlier, there were issues in enabling change detection in Huawei S series and H3C S series switches. This has been fixed.
  • The issues in executing 'show' commands on Juniper Switches from DeviceExpert GUI have been fixed.
  • Earlier, sorting of device list in "Diff with any" report did not work. This has been fixed.
  • When choosing devices to apply remediation templates, the list was containing duplicate entries. This has been fixed.

DeviceExpert Release 5.9 (Build 5910)

New Features & Enhancements

  • Remediation option for compliance rule violation: Custom templates can now be associated with compliance rules. The templates can be executed in the event of rule violation as a remedial measure.
  • User Audit Report: A new report capturing almost all the activities done by the users in DeviceExpert.
  • Option to export configuration diff as PDF
  • Option to export SQL query results from database console to CSV
  • Option to update IPAddresses of devices in bulk
  • Option to create device groups based on the device criteria - Managed/Unmanaged
  • Option to configure email notification mail (for scheduled backup) only when there is a change
  • New Device Models Support:
    • FortiGate Firewall VERSION 4
    • 3Com Switch 5500 series
    • Citrix NetScaler MPX

Bug Fixes / Changes

  • Hardware properties population issue with Cisco MDS has been fixed.
  • Earlier, the device groups that were created with Custom Column values (as criteria) were not being properly shared to Power Users. This has been fixed.
  • Earlier, there were issues in validating the IP addresses entered in additional credentials GUI. This has been fixed.
  • Javascript issues with localized version of DeviceExpert have been fixed
  • Earlier, searching configurations (with PostgreSQL as backend database) was not working properly. This has been fixed.

DeviceExpert Release 5.9 (Build 5900)

New Features & Enhancements

  • Password Management with ManageEngine Password Manager Pro
  • Credential Update using Rest API
  • SSH & Telnet protocol option added for Enterasys
  • New Device Models Support:
    • RuggedCom Switch
    • Ruijie Switch
    • Fujitsu Firewall
    • F5Bigip 11X
    • EdgeCore Switch
    • Telco Switch
    • Occam Switch
    • Adtran Router
    • Cisco 300 Series Switch
    • Nokia IPSO Firewall
    • HP 1910 Series Switch

Bug Fixes / Changes

  • Disabled Devices shown in the backup failed devices has been fixed.
  • Custom Column 3 label issue while creating device groups has been fixed.
  • Javascript warning messages in Internet Explorer with localized versions have been fixed.

DeviceExpert Release 5.8 (Build 5850)

New Features & Enhancements

  • Support for PostgreSQL as backend database. From this version onwards, the product comes bundled with PostgreSQL 9.2.1.
  • Provision to enter credentials for multiple devices of a device group that work on a common protocol
  • Option to duplicate existing compliance rules and save then with a different name
  • Provision to add one more custom column to depict any desired additional information about devices in device properties.
  • New Device Models Support:
    • Crescendo Load Balancers
    • Welotec Routers
    • Mikro Tik Routers
    • Adava ADVA FSP

Bug Fixes / Changes

  • With MSSQL server as backend database, there were issues in persisting sorting of columns in 'Change Tab'. This has been fixed.
  • Earlier, there were issues in displaying data in custom reports while navigating between pages with using MSSQL server as the backend database. This has been fixed.
  • Earlier, editing of host names did not work properly in Chrome and Firefox browsers. This has been fixed.
  • Earlier, when reports were exported as CSV (with MSSQL server as backend database), duplicate entries were found. This has been fixed.
  • If Active Directory synchronization is enabled, when users get deleted in AD, the same did not get reflected in DeviceExpert. Now, the users will be disabled in DeviceExpert.
  • Earlier, there were issues in displaying device configuration content, if it contained HTML tags. This has been fixed.
  • Earlier, there were issues in taking backup of ACME devices. This has been fixed.

DeviceExpert Release 5.8 (Build 5800)

New Features & Enhancements

REST APIs for integration with third-party applications

  • A set of 10 APIs to enable any third-party application or software integrate with DeviceExpert directly and add, access and extract data. The REST APIs also facilitate integrating DeviceExpert with enterprise Configuration Management Database (CMDB) for centralized, integrated, holistic and consolidated change control and management.
  • APIs made available now help perform various tasks, including inventory management (device addition and deletion); configuration backup; compliance status; executing show commands on devices; fetch device properties and executing templates and scripts in DeviceExpert that automate repetitive configuration tasks.

Change Management

  • Option to include configuration change type (authorized or unauthorized) as one of the change management conditions while defining rules. The introduction of this option now makes it possible to get notifications during specific conditions like an unauthorized change happening on the running configuration of a device.

Message Board

  • Provision for communicating various messages from DeviceExpert team to users. Information about product updates and various other notifications will now reach the users directly. Messages can be accessed by clicking the 'Mail icon' on the top-band.

Saving output of commands on DeviceExpert client machines

  • The outputs of various 'Show' Commands and 'Export' configuration can now be saved on machine from which DeviceExpert web-interface is launched

Compliance Management

  • Enhancements in compliance rule definition to check for the presence or absence of specific strings in device configurations as part of 'Advanced Criteria' and 'Advanced Custom Criteria'. Presence or absence of strings can now be checked for specific or unlimited number of occurrences.

Navigation from Home Page

  • Option to navigate to corresponding pages when viewing various reports in the 'Home' page

New Device Models Support

  • NEC
  • Juniper SR
  • Vyatta
  • Radware-Alteon Switch
  • Brocade VDX Switch
  • Support for Managing Acme Packet devices through SSH

Changes & Bug Fixes

  • Earlier, DeviceExpert (v5700) web-interface session in Internet Explorer was logging out suddenly. This has been fixed.
  • Earlier, there were issues in generating EOL/EOS reports when the connection was going through a proxy. This has been fixed.
  • Earlier, due to an issue with mail server settings, the from address got truncated when using with MS SQL Server as backend database. This has been fixed.
  • Earlier, there were issues in populating the hardware properties of Juniper Ex4200 devices. This has been fixed.
  • The RegEx pattern that was being used for checking the status of Brocade fast iron switch has been changed.

DeviceExpert Release 5.7 (Build 5700)

New Features and Enhancements

  • A new tab named 'Change' has been introduced to serve as a quick view of the 'big picture' related to configuration changes in entirety. This comes with convenient date-based filtering options
  • Provision to view all configuration versions of any particular device on a single click from the device details page
  • 'Configuration Diff' GUI has been enhanced with options to select the version numbers and view changes
  • Option to launch direct TELNET/SSH connection to the remote devices from DeviceExpert web interface. This web-based implementation does not require any tools to be present on local machines and will be highly useful to access remote devices when one is away from office. It does not require VPN too
  • Device details page has been enhanced with additional tools including ping, traceroute and option to launch HTTP/HTTPS connection to the device. These utilities will come in handy while debugging from remote locations even from tablet devices like ipad

New Device Models Support

  • F5 BIG-IP 10.x
  • Cisco IronPort
  • Blue Coat Proxy with SGOS and AVOS

Bug Fixes / Changes

  • The number of 'UnManaged devices' will henceforth be excluded from the total number of devices in the system for licensing purpose
  • Earlier, in certain scenarios, when the product version of DeviceExpert in the application and the backend database was different, errors were thrown while working with the product. This has now been fixed in such a way that when the DeviceExpert version differs (between application and the backend database), DeviceExpert server will not start until the versions are same.
  • Earlier, there were issues in DeviceExpert web-interface when launching FireFox 11/12. This issue has been fixed
  • EOL home page widget color coding has been revised for logical representation of EOL and other devices through proper colors
  • Earlier, the link to Device Details page from the 'last 5 configuration changes view' of home page widget did not work. This has been fixed
  • Earlier, when setting up High Availability, in email settings, if the 'cc' field had been left blank, it resulted in mails not being sent. This has been fixed

DeviceExpert Build 5650

New Features and Enhancements

  1. High Availability Architecture: Support for high availability architecture through redundant server instances. This helps ensure uninterrupted access to device configurations and network configuration management activities.
  2. Dashboard Enhancement: End-of-Life (EOL) details of devices are now depicted in the 'Home' page with intuitive graphics
  3. EOL details have been made available in Hardware Inventory Report

New Device Models Support

  1. ZTE
  2. Foundry FastIron
  3. Dell PowerConnect
  4. Brocade 3850 Switch
  5. Cisco ASR Router

Bug Fixes / Changes

  1. When DeviceExpert was running with MS SQL server as backend database, configuration changes report could not be generated as PDF. This has been fixed.
  2. Earlier, there were issues with executing enable command for CheckPointFirewall and Brocade devices. This has been fixed.
  3. Earlier, there were issues in showing the configuration difference of Cisco IDS devices. This has been fixed.
  4. Earlier, for some devices, Switch-Port Mapper scan was not showing port and MAC address details properly. This has been fixed

DeviceExpert Build 5601

Enhancements

  1. Option to choose IPADDRESS part of the Hardware Inventory Custom Report has been added

Bug Fixes

  1. Earlier, there were issues in generating EOL report while direct internet connection is set in the proxy settings. This has been fixed.
  2. Earlier, there were problems in Navigating between pages in the Schedule Result Audit page view while using MSSQL database . This has been fixed.

DeviceExpert Build 5600

New Features and Enhancements

  1. New report depicting the End-of-Sale and End-of-Life status of devices
  2. Enhancements in compliance rule definition for checking the presence or absence of a specific strings in device configurations
  3. Option to schedule custom reports and export the report as CSV. Default reports under custom reports category now include two compliance custom reports.

New Device Models Support

  1. AlliedTelesis CenterCom Switch
  2. AlliedTelesis Ethernet Switch

Bug Fixes / Changes

  1. Earlier, there were issues in backing up the configurations of Brocade FastIron and Brocade Fibre Switches. This has been fixed
  2. Paging command has been updated for Cisco ASA devices
  3. When DeviceExpert was rebranded, the browser title-bar still contained DeviceExpert reference. This has been fixed
  4. Earlier, there were problems in deleting SNMP v3 based devices. This has been fixed
  5. Earlier, in Switch Port Mapper, there were issues in fetching ports. This has been fixed
  6. Earlier, in Switch Port Mapper, there were issues in generating PDF reports when MACADDRESS column had not been selected. This has been fixed.

DeviceExpert Build 5580

New features and enhancements

  1. Option to temporarily disable devices which are in maintenance and enable them again whenever needed
  2. Support for exporting any specific version of the device configuration
  3. Provision for analyzing syslog messages flow and notify message flooding in the GUI to enable administrators initiate corrective action
  4. Change management rule name can now be added as part of the change notifications

New Device Models Support

  1. Arista Switches
  2. DCN Router
  3. IBM
  4. A10 Networks

Bug Fixes

  1. Earlier, when IP addrsss of the device that underwent configuration change, was not present in the syslog message, DeviceExpert initiated recursive configuration backup. This issue has been fixed.
  2. When a user with the role 'Operator' created a change management rule, it got assigned to 'All Devices Group' of administrators. This issue has been fixed.
  3. Issue related to populating hardware properties of Bluecoat - Packetshaper devices has been fixed.
  4. Issue related to backing up configuration of Juniper EX4200 has been fixed.
  5. Earlier, the Configuration Changes Report, when Emailed, had formatting issues. This has been fixed.

DeviceExpert Build 5570

New Features and Enhancements

  • Compliance Reports: Compliance Reports under 'Custom Reports' have been enhanced with the option to generate reports for specific rule, rule group or policy. Option for scheduling the reports is also available
  • NTLM v2 Support: Earlier, Single SignOn worked only with NTLM-v1. Now, it has been enhanced to work with NTLM-v2 through integration with a third party library, which provides advanced integration between Microsoft Active Directory and Java applications. NTLM v2 is considered more secure as the protocol has been hardened against many spoofing attacks. Refer to this section of our help documentation for details on enabling NTLM v2. For some reason, if you still want to use NTLMv1, contact support to enable it.
  • Support for configuration backup through SSH protocol in Hirschmann Switch

New Device Models Support

  • Brocade FastIron Switch and Fiber Switch
  • Siemens Redback Router
  • DIGI-Router

Changes/Bug Fixes

  • In the "Home" page configuration change snapshot, when the changes were marked as Authorized/UnAuthorized repeatedly, an error page was thrown. This has been fixed.
  • The issues in populating the hardware properties of Alaxala devices have been fixed.
  • Earlier, Configuration backup of Palo Alto firewall devices did not work. This has been fixed.
  • When depicting configuration difference between two versions, the content pertaining to the SSL certificates was excluded. This has been enhanced now.
  • Access to Security Audit Report and Configuration Analysis Report has been restricted to Administrators alone.

DeviceExpert Build 5560

New Features & Enhancements

  • Out-of-the-box policies to check configurations for compliance to SOX and HIPAA regulations
  • Home Page Dashboard Enhancements:
    • Dashboard now depicts the top five configuration changes in summary view
    • Summary of the devices whose configurations were backed up and the ones not backed up now depicted in pie-chart
    • Compliance policy violations shown in summary view
  • Option to save the custom reports for future reference and also to create scheduled tasks for automatic execution of the custom reports at desired interval
  • Custom reports can now be created for a specific device or a device group
  • Support for configuration backup through Telnet & SSH protocols in Cisco Aironet and Cisco Wireless LAN Controllers
  • Option for enabling real-time change detection in Cisco MDS devices

New Device Models Support

  • Palo Alto Firewall
  • ADVA Optical Networking
  • Meru WLAN Controller
  • Ciena Switch
  • ALAXALA Switch 5400
  • Allied Telesis GS900M Switch
  • H3C S Series Switch
  • Huawei Switch
  • Huawei S Series Switch
  • Hirschmann Switch

Bug Fixes & Changes

  • Issue related to backing up the configurations of Canoga Perkins devices has been fixed
  • Issue related to enabling real-time change detection in Cisco Nexus devices has been fixed
  • Earlier, there were issues in backing up the configurations of Netgear Switches. This has been fixed
  • The issue related to associating Cisco switches with the default 'CiscoSwitchGroup' has been fixed
  • Earlier, in non-English OS, there were problems in initiating Device Discovery / Ping. This has been fixed
  • The issue related to backing up the configurations of Foundry devices using SSH protocol combination has been fixed

DeviceExpert Build 5550

New Features & Enhancements

  • Provision to add custom columns to depict any desired additional information about devices in device properties. Custom columns can be added from Admin ---> Custom Column tab
  • Provision to pick desired attributes alone from the hardware inventory and create custom reports. This can be done from Reports ---> Custom Reports
  • Option for enabling real-time change detection in Dell and Cisco Nexus devices
  • Support for configuration backup through SSH protocol in Brocade devices
  • Provision for effective management of historical data through enhanced options in database administration. This can be done from Admin ---> Database Administration
  • Option to associate change management rules with required devices from Admin --> Change Management

New Device Models

  • Acme Packet Firewall
  • WatchGuard
  • Canoga Perkins

Bug Fixes & Changes

  • As part of real-time change detection, when a configuration change is done outside of DeviceExpert, there was an issue in printing the the IP address of the user (who changed the configuration) in the annotation column of the backedup configuration information. This has been fixed now.
  • Earlier, when depicting configuration difference between two versions, the content pertaining to the self-signed SSL certificates was also included. This has been excluded from the diff now
  • Earlier, there were issues in backing up the configurations of Fujitsu devices. This has been fixed
  • The configuration diff viewer has been enhanced with provision for viewing long lines through horizontal scroll bars
  • By default, DeviceExpert collects details pertaining to the usage of the product, including frequency and usage statistics of the various features. This can be disabled or enabled anytime from Support ---> Usage Statistics Collection tab

DeviceExpert Build 5520

New Features & Enhancements

  • Option to specify a particular IP or all IP addresses of an interface to bind TFTP, SSH and SCP servers when DeviceExpert is running in multi-homed machines. Same option is provided for transferring configuration files also.
  • Provision to generate filtered reports out of the Compliance Report to get specific information on compliant rules or violated rules or all rules separately
  • Enhancements in taking configuration difference for BlueCoat and FortiGate device types wherein the difference pertaining to changes in certificate information are now not taken into account
  • Provision for executing 'show commands' on Cisco Nexus devices from DeviceExpert GUI
  • Support for creating custom templates and scripts to automate configuration tasks pertaining to Cisco Nexus devices

New Device Models Support

  • Nortel PWR Switch 2526T

Bug Fixes/Changes

  • Earlier, due to an issue with identifying certificate changes in the configuration, startup and running configurations were marked as having conflict. This issue has been fixed
  • Earlier, when compliance rules contained certain special characters , the 'edit rule' option did not work properly. This has been fixed
  • Earlier, there were issues in populating the hardware properties of Cisco Nexus and Alcatel devices. This has been fixed
  • Earlier, there were issues in backing up the configurations of Cisco Firewall 4.x devices. This issue has been fixed

DeviceExpert Build 5510

New Features & Enhancements

  • Provision to start and stop TFTP server
  • While starting the TFTP server, provision to choose a specific IP or all IP addresses to bind
  • Export configuration feature enhanced with option to maintain all versions
  • Support for launching DeviceExpert web-interface in Google Chrome
  • Support for installing DeviceExpert in Windows 64-bit machines

New Device Models Support

  • Cisco ASA with WAN support
  • Cisco FWSM 4.x
  • FortiNet FortiAnalyzer
  • Alcatel Service Router

Bug Fixes / Changes

  • Earlier, there were issues in bulk execution of Switch-Port Mapper in DeviceExpert. This has been fixed.
  • Earlier, there were issues in depicting the summary view of custom template execution result. This has been fixed.
  • The issue related to depicting the configuration difference when multiple certificates were involved in the configuration file, has been fixed.
  • Earlier, there were issues in generating reports for the time period "last 7 days". This has been issue fixed.

DeviceExpert Build 5500

New Features & Enhancements

  • Support for MSSQL back-end
  • Provision for creating scheduled tasks for Device Discovery
  • Support for additional Syslog message formats for real time change detection for Cisco and Enterasys devices

New Device Models

  • Sphereon 4500 Fibre Channel Switch
  • Juniper EX4200 Switch
  • Allied Telesis AT-8000S Switch

Bug Fixes & Changes

  • Earlier, when audit trails cleanup operation was in progress, performance issues cropped. This has been fixed
  • Earlier, there were issues in deleting devices having a large number of configuration versions in DeviceExpert. This has been fixed
  • Issues related to backing up the configurations of Radware devices fixed
  • User prompt mismatch issues in Cisco Nexus devices fixed
  • SysLocation population issue for Radware LinkProof switches fixed
  • Earlier, there were issues in backing up the configuration of Citrix NetScaler devices using SCP protocol. This has been fixed

DeviceExpert Build 5450

New Features & Enhancements

  • Provision for viewing the configuration versions of all/any device(s) by specifying a custom date range
  • Provision to mark configuration changes as authorized/unauthorized in bulk

New Device Models:

  • Cisco Nexus 7000 10-Slot Switch (N7K-C7010)
  • Cisco Nexus 5010 Switch (N5K-C5010P-BF)
  • Motorola Wireless Switch
  • Blue Coat PacketShaper
  • HP P series Switch
  • Radware Link Proof Switch
  • Alcatel 6200
  • Fujitsu Switch

Changes & Bug Fixes

  • Full-fledged population of hardware properties of Nortel Passport 8600 series is now done
  • Earlier, there were some issues in populating the hardware properties of Radware devices. This issue has been fixed.
  • Earlier, there were issues in populating the SSH-based hardware properties of Aruba devices. This has now been fixed.
  • Earlier, there were issues in specifying the Additional credential for HP devices. This has now been fixed.

DeviceExpert Build 5420

Bug Fixes / Changes

  • Issues related to discovering devices in Vista & Windows 2008 have been fixed
  • Earlier, there were issues in backingup the configurations of Citrix devices. This has been fixed
  • Earlier, there were issues in handling Exit prompt in Citrix Hardware population. This has been fixed
  • Earlier, there were issues in populating MACAddress & SERIALNUMBER for Aruba devices. This has been fixed

DeviceExpert Build 5410

New Features / Enhancements

  • Enhanced configuration changes report with version number details
  • One more option has been provided for editing the host names of devices in DeviceExpert inventory. Users can now update DNS server values and resolve names
  • Option to specify custom criteria to ignore certain specific lines or text while generating configuration difference between any two versions
  • Enhancements in Switch-Port Mapper with provision to view all interfaces and their associated interfaces

New Vendors/Models Support:

  • Alcatel
  • Netgear (Startup configuraiton included)

Changes/Bug Fixes

  • Earlier, in Switch-Port Mapper, there were issues in populating ports and MAC Address of Cisco devices. This has now been fixed.
  • Earlier, there were issues in populating the hardware properties of Alcatel and Citrix devices. This has been fixed.
  • Issues related to configuration backup of Hitachi Apresia devices have been fixed.
  • Earlier, there were issues in handling Exit prompt in Citrix configuration backup. This has bee fixed.

DeviceExpert Build 5400

New Features / Enhancements

  • Configuration Changes PDF Report has been enhanced to provide information about the authorized and unauthorized changes
  • For discovering SNMP-enabled devices, DeviceExpert requires the SysObject ID of the devices. For certain devices, discovery alone is not supported for want of SysObject ID. Now, provision has been made to enable the users to find and add the SysObject ID of devices from the GUI itself and get discovery support in quick time.
  • Support for creating scheduled tasks for automatically synchronizing startup and running configurations at specified intervals.
  • 'Power Users' have now been empowered to mark specific configuration changes (pertaining to the devices that are allotted to them) as 'Authorized' or 'UnAuthorized'.
  • Provision for editing the 'System Description' and 'System Location' details as part of editing device properties

New Vendors/Device Models Support:

  • Citrix Netscalar
  • Asperia (Hitachi )
  • D-Link DES 3052 Switch

Bug Fixes & Changes

  • Earlier, when scheduled task for configuration backup involving a large number of devices was triggered, 'No Managed connection' issue occurred. This has been fixed now.
  • Earlier, the time at which interfaces were last scanned by Switch-Port Mapper was wrongly displayed. This has been fixed now.
  • Earlier, upon performing actions such as 'compliance check' on a device, the time at which configuration backup was triggered on a device, also got changed. This issue has been fixed now
  • Previously, in the case of Cisco VPN Concentrators, Hardware Inventory Report was not properly generated. This has been fixed now.
  • In the TFTP sever that comes in-built with DeviceExpert, resending of lost or unackowledged packets have now been handled to comply with the TFTP protocol standards

DeviceExpert Build 5330

Enhancements, Changes, Bug Fixes

  • Server side performance improvements to handle concurrent backup of more number of devices
  • New Device Models Support: Support for Cisco IDS devices and Cisco 1900 series CatOS Switch
  • Earlier, there were issues in Active Directory based authentication in build 5320. This has been fixed
  • Earlier, the configuration change reports showed Device Names in the place of Device Type. This has been fixed
  • In 5320, there were issues in backing up the configuration of H3C devices. This has been fixed

DeviceExpert - Build 5320

Enhancements, Changes & Bug Fixes

Configuration Management

  • While taking configuration difference for Cisco IOS Routers and Aruba Switches, configuration lines containing Cryptochecksum information will henceforth be ignored.
  • For all devices, while taking configuration difference, speed token will henceforth be ignored.
  • While taking configuration difference for Cisco Voice Gateway devices, NTP clock-period entries will henceforth be ignored
  • When device configurations are backedup through scheduled tasks, in the case of task failure, the result of the scheduled task will now include the reason
  • For F5 and Riverbed devices, device model information is now populated in the Device Details page.

Compliance Management

  • Option to exclude any configuration block for compliance check while defining compliance rule through Advanced Custom Criteria

Reports

  • When reports are emailed as a part of reports schedules, if the size of the mail content exceeds 1 MB, only the link for the report will be provided in the email. Actual mail content will be available on the server. This is avoid issues related to email delivery failure due to size restrictions.
  • Output of switch-port mapping operations (depicting details about the devices connected to each port of the managed switch) is now presented as a report in the "Reports" tab.

Performance Enhancements

  • Performance tuning has been done to enhance the responsiveness of the DeviceExpert GUI for various actions and operations.

New Device Models

  • Support for D-Link -DGS 3100

Bug Fixes & Changes

  • Earlier, while populating the hardware details of Cisco WAAS devices, device model information was not populated properly. This is now fixed.
  • Earlier, there were issues in populating the hardware properties of Dell PowerConnect 6248 devices. This has been fixed.
  • Earlier, there were issues in backing up the configurations of F5 Big IP devices. This has now been fixed.
  • Earlier, uploading the draft configurations of Nortel Baystack devices did not work. This has been fixed now.
  • Earlier, there were issues in generating the security audit reports of Netscreen devices. This is now fixed.
  • The presentation of data in the 'User Access Report' has been changed to depict the details pertaining to the users first and then the details about the devices.

DeviceExpert Build 5310

Enhancements, Changes, Bug Fixes

Configuration Management

  • SSH-based configuration retrieval support is now extended to Nortel Baystack devices.
  • Configuration upload is now supported for Alaxala devices.
  • Earlier, there were issues in creating a device group specifying more than one criteria. This has been fixed.
  • While taking configuration difference for Cisco ASA devices, configuration lines containing Cryptochecksum information will henceforth be ignored.
  • Earlier, information on 'who changed' the configuration was not depicted in the configuration difference screen. Now, it is included.
  • In Riverbed devices, when paging is enabled, only partial configuration was backedup. This is now fixed.
  • DeviceExpert executes configuration operations such as backup, upload etc as parallel jobs. The number parallel tasks is configurable. When the number was set to 100, server failed to process the operations. This has been fixed.

Compliance Management

  • Support for testing the validity of a compliance rule created using 'Advanced Custom Criteria'.
  • Earlier, in 'Advanced Custom Criteria' for compliance rule creation, if the string specified to indicate the starting and ending of the block contained certain special characters, only a part of the configuration was shown in the GUI. This has been fixed now

New Vendors & Device Models

  • Support for F5 devices, Enterasys SecureStack A2, Enterasys Matrix N7 Platinum, Adtran Netvanta Router, Nortel Ethernet Routing Switch 5510-24T, Nortel - Ethernet Switch 3510-24T and 3Com 4200g

Miscellaneous

  • When DeviceExpert contained a huge volume of data pertaining to devices and configuration, the home tab took a long time to load. This has been fixed through performance enhancements.
  • Switch-Port Mapper Enhancements: Switch-Port mapper now displays more details on MAC-IP matching. Also, the tool has been pruned to ignore non-port details while depicting the mapping.
  • Earlier, in IE 7, when Single SignOn was enabled and if DeviceExpert login failed, it was not possible to login to DeviceExpert with any other user name or any other authentication mode. This issue has been fixed now.

DeviceExpert Build 5300

New Features / Enhancements

Compliance Policies

  • In compliance rule definition, option to specify the beginning and the end of the required configuration blocks for selective compliance check. This new feature will help check the required configuration blocks for compliance to the defined criteria. Compliance results for every single interface block will be reported individually, in addition to a unified compliance report for the entire configuration by doing 'AND' of all the individual results.
  • Support for filtered view of compliance check results. The result view can be filtered based on all compliant rules or all violations.

Switch Port Mapping

  • Option to create scheduled tasks to periodically scan the switches being managed by DeviceExpert and report the the list of devices connected to each port of the managed switch.
  • Option to generate PDF reports out of the switch port mapping results

Re-branding Support

  • Support for rebranding DeviceExpert web-interface. You can replace the product-specific names and logos with your own details

New Device Models & Vendors

  • Fortinet Virtual Domain
  • Vanguard devices
  • Alaxala 3600, Alaxala 1230
  • Allied Telesis

Hardware Interface Population

  • The hardware interface details of Alaxala devices are now populated in the device details page

Changes / Bug Fixes

  • Earlier, when the time gap between two successive configuration changes was less than two minutes, backup through real-time change detection was not triggered for the second time within that two minute. This is now relaxed and DeviceExpert will trigger backups successively.
  • Earlier, configuration backup through SSH was not working for Cisco VPN Concentrators, Cisco Content Switches & Dell PowerConnect switches. This is now fixed
  • During every configuration backup, the header of Extreme devices undergo a change. DeviceExpert wrongly considered the header change as configuration change and kept backing up and incrementing versions. This is now fixed by ignoring header information while identifying configuration difference.
  • Earlier, Power Users had the privilege to review and approve the configuration changes made by Operators on any device, if the administrator had designated the Power User as an 'Approving Authority'. Now, even if the Power Users had been designated as 'Approving Authorities', they will be able to approve the changes pertaining to the devices that are already allotted to them only and not of other devices.
  • Power Users will not have the privilege to associate compliance policies to devices and vice-versa.
  • Earlier, backup & upload of startup configuration for D-Link DGS 3600 series was not supported, which is supported now.

DeviceExpert Build 5210

New Features / Enhancements

  • Earlier, information on 'who changed' the configuration was captured only when real-time change detection was enabled. Now, the information is captured from 'configuration header' for Cisco devices.
  • Earlier, Power Users had the privilege to review and approve the configuration changes made by any Operator on any device. Now, 'Administrator' will assign 'Approving Authorities' for every Operator. Only those Power Users who have been designated as approving authorities, will have the privilege to approve the changes made by the respective Operators. However, all users with the role 'Administrator' will have the permission to approve the changes whether they are designated as approving authorities or not. But, they will receive email notification only if they are designated as approving authorities.
  • Real-time change detection support is extended to Bluecoat devices.
  • Earlier, backup and upload of startup configuration was not supported for D-Link DGS devices. This is now supported

New Device Models Support

  • Cisco IOS - XR
  • Cisco Wide Area Application Service (WAAS)
  • Cisco Integrated Services Router (ISR) and
  • Juniper M-Series Devices

New Vendors Support

  • H3C
  • Yamaha Devices ( RT and RTX series)

Changes / Bug Fixes

  • Earlier, there were issues in connecting to devices via SSH v1. This has been fixed.
  • Earlier, when a scheduled task for configuration backup was created for a device whose configuration was not backedup at least once prior to creating the schedule, there were issues in executing the schedule. This has been fixed.
  • Earlier, there was no provision to directly delete synchronization schedule created for synchronizing Activity Directory user database with DeviceExpert. Now, separate provision has been made for deleting it.
  • Earlier, when the DNS name of the host where DeviceExpert is running was improper, a blank page appeared when connecting the web-interface. This has been fixed.
  • During the device discovery or device addition process, device names might not get recorded correctly due to DNS issues. To correct the names, provision was given to edit and update the host names in bulk. Earlier, there were some issues in editing the host names. This has been fixed.
  • The default inactivity timeout for DeviceExpert web-interface has been changed from 30 minutes to four hours. Timeout value is configurable.

DeviceExpert Build 5200

New Features / Enhancements

  • SNMP v3 Support: DeviceExpert now supports SNMP v3 for device discovery, configuration retrieval for Cisco devices and for switch-port mapping functionality.This allows leveraging the additional security measures of SNMP v3.
  • Enhancements have been made to the forwarded syslog messages listening feature with provision to specify the list of IP addresses from where syslog messages would be forwarded to DeviceExpert for real-time change detection. Previously, DeviceExpert expected the syslog message to come directly from the devices that undergo configuration change. With this new feature, syslog messages which get forwarded from a common syslog server (complying to RFC 3164 ) can also be used to detect configuration changes in real-time.
  • For Netscreen devices, real-time change detection is now done based on more conditions. For example, earlier, cases like forced telnet logout were not considered for change detection. Now, more such conditions are considered.
  • SSH-based configuration retrieval support is now extended to Cisco ASA and Nortel Passport devices.
  • New OS Support: DeviceExpert now runs on Windows XP 64 bit, Windows 2008 Server, CentOS and Suse Linux
  • Support for New Device Vendors & Models: Avaya, UTM-1 Edge X version 7.5.55x, Lambda Driver 800, Dax Devices, Cisco ACE Module, Cisco Wide Area Application Services Software (WAAS), Cisco IOS XR

Changes

  • For real-time change detection, when syslog messages were sent from devices, DeviceExpert identified the changes only when the exact IP of the device was present. This made real-time change detection not working in devices having multiple interfaces where the message came randomly from one of the interfaces. Now, DeviceExpert will look into the interface table of the device and consider all the interfaces.
  • A few models of Enterasys devices expect carriage return (Ctrl+Y) for logging in. Those type of devices are supported now.

Bug Fixes

  • Earlier, SSH-based configuration retrieval was not working with Foundry, Extreme and Enterasys devices. It is now fixed.
  • Earlier, when the entries in Configuration Changes report and Configuration Change Trend report spanned over more than one page, the entries after the first page were not visible. This issue has now been fixed.
  • In Nortel Baystack devices, configuration retrieval failed due to an issue in populating the hardware properties of the device. This issue has been fixed.
  • In scheduled configuration backup, the hardware properties of the devices were not updated. This issue has now been fixed.
  • Earlier, for Aruba devices, there were issues in populating the hardware details. This has been fixed.
  • In Cisco WLAN controller, configuration backup through TELNET-TFTP did not work. This has been fixed.
  • Earlier, when generating Configuration Change report as PDF, some entries were missing. This issue has been fixed.
  • In Widows 2003 and Vista, DeviceExpert port check tool showed wrong port status for Syslog service. This has now been fixed.

DeviceExpert Build 5110

New Features / Enhancements

  • Support for retrieving the configurations of Netscreen firewalls through SSH or TELNET without using TFTP
  • Switch Port Mapper: New functionality, which identifies the list of devices connected to each port of the managed switch. This eliminates the need for manually maintaining a record on port details and connected devices.
  • Provision for editing and updating host names of devices in bulk. During the device discovery or device addition process, device names might not get recorded correctly due to DNS issues. This can be corrected later by updating hostnames in bulk by providing the list of host names in a standard flat file
  • Provision to listen for syslog messages from a central syslog server for use in real-time change detection. Previously, DeviceExpert expected the syslog message to come directly from the devices that undergo configuration change. With this new feature, syslog messages which get forwarded from a common syslog server (complying to RFC 3164 ) can also be used to detect configuration changes in real-time
  • Support for new device vendors & models - Cisco WLAN controller, Nortel Networks Layer 2-3 GbE Switch Module, Brocade 200E, Radware Web Server Director Pro AS, many Enterasys models
  • Support for Nortel Baystack Switch which can login to command line mode directly

Changes

  • Earlier, the execution output of custom templates were visible to all users. As this feature is widely used to carryout critical configuration changes like password rotation, firewall rule configuration etc. DeviceExpert now provides the option for removing the execution output. In addition, execution output will be visible only to the administrator and the user who executes the custom template
  • Configuration retrieval/upload over SCP is now supported for Cisco switches and Brocade devices also.

Bug Fixes

  • When a DeviceExpert user was deleted, both public and private groups created by the user got deleted. Now, the issue has been fixed and only the private groups held by the user willget deleted.
  • The issue related to sending notification on scheduled backup failure, has been fixed
  • After enabling Single SignOn, when an administrator/power user logged into DeviceExpert, the user role was taken as 'Operator' for all. This issue has now been fixed to reflect the exact role of the user
  • While retrieving configuration over SCP in Cisco routers, startup configuration was displayed as running. This issue has been fixed
  • The issue related to real-time change detection in Netscreen firewalls, has been fixed

DeviceExpert Release 5.1

New Features / Enhancements

Configuration files transfer

  • SCP protocol is now supported for Cisco devices to securely transfer configuration files from and to DeviceExpert
  • Support for SSH-based configuration backup for Cisco devices without the use of TFTP. DeviceExpert will establish communication with the device via SSH and execute respective 'show config' commands to retrieve configuration

Third-party identity stores & authentication mechanism

  • DeviceExpert now integrates with third-party identity stores Active Directory and LDAP
  • The authentication mechanism provided by AD, LDAP and RADIUS can be leveraged in DeviceExpert for user authentication

Advanced script execution for automation

  • Advanced scripts execution for automatically executing a series of inter-connected commands on a device in command line.
  • Support for firmware upgrade/OS image upload & many other complex command executions through advanced script execution
  • Option to skip pre and post configuration backup operations while executing custom templates. This will be useful to execute commands which make the device to go out of network

Schedules

  • Custom template execution can now be scheduled to be executed at any time. This will be useful for achieving better automation of configuration tasks

Database Backup

  • The destination directory for storing the backed up contents of DeviceExpert database is now configurable
  • The destination directory where exported configuration files are stored, is now configurable

Configuration Upload Approval

  • When administrators have configuration upload requests pending for their approval, alerts would be displayed in the Home page of the DeviceExpert GUI

Support for New Devices/Models

  • Alaxala devices

Bug Fixes / Changes

  • When DeviceExpert GUI is left unattended for 30 minutes, the client session will be logged out. This default timeout value (30 mins) is configurable. Earlier, timeout was infinite and hence session did not end automatically
  • Change Management notification emails will henceforth include the annotation information also. So the reason for change will also be found
  • It is now possible to label the 'configuration change authorization status' of any configuration as 'authorized' or 'unauthorized'. It can be done from 'Change Trend Report' from 'Home' tab or from the respective configuration details page
  • DeviceExpert users with the roles PowerUser and Operator will not be able to view the scheduled tasks created by others users. Also, they will not be able to view the audit records pertaining to the schedules created by others
  • Support for synchronizing the running and startup configurations in bulk for many devices. Ealier, the bulk operation was not possible
  • Earlier, the custom templates could not be used for changing the passwords of Extreme Summit and HP devices. Now, the password change could be done in bulk using the advanced script execution feature
  • Earlier, the custom templates could not be used for executing the command for configuring the banner message of Cisco devices. This is now possible through the advanced script execution feature

DeviceExpert Build 5020

New Features / Enhancements

  • Configuration Diff reports have been enhanced to display more lines along with diff lines to better understand the "context" of the configuration change.
  • Detailed DeviceConfiguration and SecurityAudit report is now provided for each device. DeviceConfiguration Report gives details about configuration settings and SecurityAudit Report identifies security related issues and recommendations to resolve it.
  • Navigation improvements in "Device Details" and "Device Group" pages.
  • Report generation time will be displayed for reports sent via email for Scheduled Configuration Backup and Configuration Change notifications.

New Devices Support

Support for the following new device types:

  • Riverbed Steelhead
  • Alcatel switch
  • Huawei Quidway AR 18xx

More HP Switch and DLink Switch models are now supported.

Bug Fixes

  • Build 5010 had issues in scheduled configuration backup with larger number of devices. This has been fixed.
  • Fortigate device addition issue in build 5010 has been fixed.
  • Issues in updating certain hardware properties of Cisco ASA, AccessPoint, CatOS devices has been fixed.
  • Device addition and schedule creation issues with IE 6 have been fixed (But we recommend using IE 7.x or Firefox 2.x)

New Features

Network Compliance

  • Provision for examining device configurations for compliance to a defined set of standards/criteria/rules and monitoring and reporting the compliance status
  • Automated Compliance Check: Support for associating compliance policies to devices, thereby automating the compliance check for each change in configuration
  • Option to define your own compliance policies to cater to the standards of your organization

Reports

  • 12 new intuitive reports on Network Inventory, Firmware Inventory, Network Health Status, Configuration Changes, User Permissions, Network Compliance etc
  • Hardware details such as Serial Number, IOS Version, OS Image Name are depicted in reports
  • Support for scheduling report generation at periodic interval and emailing the same to required recipients
  • Provision to export reports in CSV format

Integration with ManageEngine OpManager

  • DeviceExpert can be integrated with ManageEngine OpManager (Network Monitoring Software). Device configurations can now be managed from the 'Device Details' page of OpManager

Device Groups

  • Provision for creating 'Public Groups', which are visible to all users
  • Provision for creating Device Groups based on more fine-grained criteria

Change Management

  • Option to receive Change Management Notification emails in a text format to facilitate better viewing in hand-held devices such as mobile phones.

User Management

  • Provision to assign public device groups to users (belonging to the roles PowerUser, Operator)

Backup Schedules

  • Option to receive emails only for error conditions in backup schedules.

TFTP interface configuration in multi-homed machines

  • DeviceExpert uses TFTP server to transfer the configuration files to-and-fro the devices. Provision for specifying the interface to be used for transferring the configuration files from/to the devices, if DeviceExpert is running in multi-homed machines.

Syslog interface configuration in multi-homed machines

  • Syslog server is used for real-time change detection. It binds its syslog listener at port 514. In multi-homed machines, if you want to run some other application with a syslog server in the same machine, you can bind the DeviceExpert syslog server to a specific interface leaving the other interface(s) for use by other application(s).

Specifying the count for parallel jobs

  • DeviceExpert executes configuration operations such as backup, upload, scheduled task execution, report generation etc as parallel jobs. The number of threads available for such parallel tasks are limited. Provision for specifying the number of parallel jobs depending on the hardware configuration of the machine in which DeviceExpert is running.

Performance Tuning

  • Performance tuning has been done to improve client responsiveness for various configuration operations & scheduled tasks.

Automatic Device Model Support

  • Automatic support for device models that are similar to the already supported models. This is due to the removal of model-specific device support.

Support for New Vendors

  • Support for four new device vendors - Juniper, NETGEAR & Dell. DeviceExpert already supports devices of 16 vendors - Cisco, HP, Nortel, D-Link, Juniper-NetScreen, Force10, 3Com, Foundry, Fortinet, ADTRAN, Enterasys, Huawei, Extreme, Proxim, Aruba and Blue Coat
  • New Device Type: Support for Cisco VPN Concentrators, Extreme Summit, 3Com 4500, Nortel Contivity Router, Enterasys XSR Router

Changes

  • Simplified procedure for manual addition of devices and importing devices from text file
  • Schedules creation procedure simplified
  • Provision for giving credentials to multiple devices from discovery status page.
  • Option for switching off email intimation upon DeviceExpert application user creation
  • Option to stop any device operation mid-way from inventory page

Bug Fixes

  • Backup operation of Cisco PIX 7.x models consumed considerable CPU process. This has now been fixed
  • Issue related to accessing Netscreen firewall devices via SSH fixed
  • If banner was set for HP switches, configuration backup failed. This is now fixed
  • In configuration change management notifications, email content formatted with newlines were not taken. This is now fixed
  • While displaying configuration difference for cisco devices, entries related to self-signed certificate were shown as a difference. This is now fixed
  • In the case of Extreme Black Diamond switches and Netscreen Firewalls, the status of "Real-time Change detection" was incorrectly depicted. This has now been fixed
  • For some cisco devices, hardware property population did not work. This has now been fixed.

DeviceExpert Build 4300

New Features

Configuration Rollback

  • Provision for rolling back device configuration to any of the available versions

Configuration Enforcement & Change Management Enhancements

  • Support for automatically reverting to the previous or BASELINE version on detecting unauthorized changes

Scripting Support

  • Support for CLI command execution on devices in user-defined sequence. Useful in automating repetitive and time-consuming operations on devices

Hardware Properties Retrieval

  • Provision for fetching hardware properties of devices on demand and in periodic intervals

Show Commands

  • Support for executing various commands for fetching device details on demand. Useful in executing various 'show' commands

Recent 5 Configuration Changes

  • Provision for quick view of five most recent configuration changes of any device

Disaster Recovery Tools

  • Tools for exporting latest device configuration files to a flat file on the disk for transferring to any secondary storage medium.
  • Provision for automated backup of entire DeviceExpert database. Helpful in rapid restoration of DeviceExpert server, in the event of any disaster

Database Administration

  • Provision for purging older audit trails and device configuration versions

Detailed Audit Trails

  • Detailed information depicting the reason for operation failure as part of device audit trail display

New OS Support

  • DeviceExpert now runs on Windows Vista

Device Models Support

  • Support for more than 300 device models including many Force10 models
  • Support for a total of 16 vendors - Cisco, HP, Nortel, D-Link, Juniper-NetScreen, Force10, 3Com, Foundry, Fortinet, ADTRAN, Enterasys, Huawei, Extreme, Proxim, Aruba and Blue Coat

Enhancements

  • Support for pushing the configuration of HP & Nortel devices
  • Simplified procedure for manual device addition
  • Device details page enhanced with provision for carrying out various actions on device

Bug Fixes

  • Earlier, rescheduling time for periodic schedules was calculated based on the completion time of previous execution. This has been fixed.

Changes

  • JRE containing DST fix is bundled with DeviceExpert now
  • For DeviceExpert GUI, blue theme has been standardized and green theme removed
  • Ready-to-use custom templates (Syslog configuration, SNMP Configuration & Password configuration) will be removed in the next major upgrade as more powerful scripting functionality has been added

DeviceExpert Build 4210

Feature Enhancements

  • Device Discovery

    1. Nmap based Discovery: Device Discovery has been enhanced with Nmap-based discovery, which offers a host of advantages over the existing process. Earlier, when running DeviceExpert in non-English OS, ping for device would fail during discovery, resulting in disruption of discovery process. Now, with Nmap-based discovery, all such issues have been addressed.

    2. Stopping Discovery: Provision to stop device discovery, at any point of time during the discovery process.

    3. DNS Name in Discovery status: While viewing the discovery status of specific devices, the DNS Name of the device is also displayed.

    4. Discovery support for most of the models: Most of the device models that are supported by DeviceExpert could now be discovered and added to the inventory. Refer supported device models page for more details.

  • Configuration Diff

    In the contextual, side-by-side comparison of configuration versions, option has been provided to view only the lines in which there is a difference. Navigation buttons have also been provided to move from one diff line to the next easily.

  • Syslog-based change detection

    Syslog-based change detection is now supported for more device types including Cisco ASA, NetScreen firewall, Fortinet FortiGate firewall, ADTRAN LAN Switch, Nortel Baystack 5510 & 5520.

  • Device Model Support

    1. Support for more than 280 device models

    2. Nortel Business Policy Switches running an older version of OS software (v3.0.6.08) are also supported

    3. Support for a total of 15 vendors - Cisco, HP, Nortel, D-Link, Juniper-NetScreen, 3Com, Foundry, Fortinet, ADTRAN, Enterasys, Huawei, Extreme, Proxim, Aruba and Blue Coat

Changes

  • Terminologies

    The term 'Download' which was being used to denote the transfer of configuration from DeviceExpert to the device, has been changed to 'Upload' to adhere to industry standard terms. Henceforth, the following terminologies would be consistently used:

    * Backup denoting retrieval of current configuration from device and transfer of the same to DeviceExpert

    * Upload denoting the transfer of the configuration from DeviceExpert to the device

  • ResultHandler

    The 'ResultHandler' feature has been removed. A more powerful Change Management feature was added in the previous release (4200) itself.

For more information/clarification, please contact us at deviceexpert-support@manageengine.com.

DeviceExpert Release 4.2 - Build 4200

Feature Enhancements

  • New Device Models Support

    Support for over 275 device models that include routers, switches, firewalls, access points, access servers, integrated access devices, adaptive security appliances and others from multi-vendors.

  • New Vendor Support

    Support for a total of 15 vendors - Cisco, HP, Nortel, D-Link, Juniper-NetScreen, 3Com, Foundry, Fortinet, ADTRAN, Enterasys, Huawei, Extreme, Proxim, Aruba and Blue Coat.

  • Device Discovery

    (1) Earlier, for device discovery only two options were available - discovering specific devices or the devices falling under a specific IP range in bulk. Now, option is provided to discover multiple devices by importing hostnames or ip addresses from a file at one go.

    (2) Provision to specify multiple SNMP community for device discovery (to enable discovery of multiple devices in bulk)

  • Configuration Change Management

    (1) Support for sending email notifications or SNMP V2 traps upon detecting configuration changes

    (2) Option to generate trouble tickets to Help Desk upon change detection

  • Device Inventory

    IP address of device is displayed in the inventory table for easy reference. It is added as an additional column in inventory table, not listed by default. (Go to the column chooser to list this as a column in the table)

  • Reports

    Network inventory report has been enhanced with display of more hardware details

Changes

  • Configuration Diff

    While taking configuration diff, difference due to comments will be ignored henceforth

  • GUI Enhancements

    The default theme of DeviceExpert GUI has been changed to blue from green. The previous green theme has been made optional. Minor changes in GUI have been made for ease of navigation and improved usability

  • Editing Device Details

    Option is provided for changing model number and series of a device from the Device Details page

  • SSH Support for additional models

    SSH support for Cisco ASA models

  • ResultHandler

    Since a more powerful Change Management feature has been added in this release, the "Result Handler" feature will be removed in the next release

DeviceExpert Release 4.1 - Build 4101

Feature Enhancements

  • New Device Models Support

    Support for over 240 device models that include routers, switches, firewalls, access points, access servers, integrated access devices, adaptive security appliances and others from multi-vendors.

  • New Vendor Support

    Support for a total of 12 vendors - Cisco, HP, Nortel, 3com, Foundry, D-Link, ADTRAN, Fortinet, NetScreen, Enterasys, Blue Coat and Huawei.

  • Approval Mechanism for Configuration Update

    All device configuration changes initiated by an operator require approval from a privileged user before the actual update in device.

  • Search in Device Configuration

    Search utility to look for specific words, strings, phrases or a combination of these in device configuration files.

  • Fine-grained User Access Control

    Support for imposing role-based access restrictions for accessing devices and carrying out various operations

  • Managing Devices outside private networks

    Devices present outside the private network/firewalls can now be managed by DeviceExpert

  • Disaster Recovery Tools

    Utilities provided to backup/restore DeviceExpert database. Script for backing up latest stored configuration, is also provide

Bug Fixes

  • Previously, Device Groups could not be deleted even if not referred in other places. This is now fixed.
  • The issue with regard Telneting to a PIX device from Device Properties page of DeviceExpert has now been fixed.
  • Hitherto, daily schedules were not getting rescheduled at the end of every month. This is now fixed.
  • Previously, in the case of cisco devices going into enable login mode directly, there was a restriction that host name needed to be given in prompt, enable password prompt and enable prompt. This restriction has been removed now.

For more information/clarification, please contact us at deviceexpert-support@manageengine.com.

DeviceExpert Build 4030

Feature Enhancements

  • New Device Model Support

    Support for 10 more device models that include routers, switches, firewalls, access points, access servers, integrated access devices and others from multi-vendors. DeviceExpert supports a total of 160 device models at present.

  • Complete SSH Support

    Configuration operations through SSH for all supported models of Cisco & D-link. Already, DeviceExpert supports SSH for Cisco PIX, Foundry and Fortinet models.

DeviceExpert Build 4020

Feature Enhancements

  • New Device Model Support

    Support for 50 more device models that include routers, switches, firewalls, access points, access servers, integrated access devices and others from multi-vendors. DeviceExpert supports a total of 150 device models at present.

  • New Vendor Support

    Support for four more vendors such as Nortel, D-Link, ADTRAN and Enterasys. DeviceExpert already supports Cisco, HP, 3COM, Juniper NetScreen, Foundry and Fortinet.

  • SSH Support

    Configuration operations through SSH for all cisco pix models and FortiGate models.

  • Discovery Status Tracking

    Support for tracking the status of device discovery. Progress of discovery in terms of percentage of completion and finally the result can now be tracked.

  • Option to test the validity of Credentials

    Testing option is provided to find the correctness of device credential details. After entering the credentials, when test option is invoked, DeviceExpert will pinpoint the valid and invalid values.

Bug Fixes

  • Earlier, when a device discovery attempt failed, manual addition of the device to the inventory also failed due to incomplete cleanup of residual data pertaining to the discovery of unsupported models. This issue has now been fixed.
  • Previously if the IP address of the machine got changed in subsequent restart of the server, DeviceExpert had to be reinitialized and started afresh. It is not required now.

DeviceExpert Build 4010

Features

  • Support for more than 100 device models that include routers, switches, firewalls, access points, integrated access devices and others from vendors like Cisco, HP, 3COM, Foundry, NetScreen, FortiGate etc.,
  • Support for Cisco devices with CatOS
  • Capturing username and IP address when someone opens a telnet console and directly carries out a configuration change to Cisco IOS switches and routers, as part of enhancements in real-time change detection
  • Provision for copying running configuration as startup in bulk

Bug Fixes

  • Residual data from the discovery of unsupported models are now cleaned up properly
  • Hitherto, copying running configuration to startup did not work in SNMP-TFTP protocol mode. This issue has now been fixed
  • While using credential profiles, when independent update of the profile values was carried out, sometimes, the changes did not reflect in the credentials used for the device. This issue has now been fixed