Update for: m25, m35, r45, v35

Release notes for Enterprise Monitoring Point version 10.2.0.x.

Enhancements and new features

  • LDAP authentication— We have added the ability to authenticate monitoring point administrators from an LDAP directory server. They can now log in to the monitoring point or the API using their own user credentials rather than the monitoring point admin credentials. This improves security and audit as they are not using shared credentials. The monitoring point admin credentials are still available for instances where LDAP authentication is configured but the LDAP server is unavailable. It is also possible to restrict the use of monitoring point admin credentials to the console port for an additional level of security.
  • 10Gbps Ethernet support on KVM-based v35—We have added support for 10Gbps Ethernet NICs on KVM-based v35 monitoring points. 10Gbps interfaces can be used for Delivery and Experience monitoring - not for Usage monitoring.
  • Four Ethernet interfaces supported on KVM-based v35—We have added support for up to four Ethernet interfaces on KVM-based v35 monitoring points. Eth0, eth2, and eth3 can be used for Delivery and Experience monitoring. Eth1 can be used for Usage monitoring.
  • Multiple static IP addresses—We have updated the Web Admin interface to support the addition/deletion of multiple static IP addresses on an interface. This replaces the virtual interface feature. Multiple static IP addresses is available on Ethernet, VLAN, and Wireless interfaces.
  • CA-signed certificate/key support—We have updated the Web Admin interface to support the loading of Certificate Authority-signed certificate/key pairs (previously this was only available on the Admin API). Once loaded, users that log into the monitoring point do not receive security warning messages. The certificate/key pair is used by the internal web server that supports the Web Admin interface. By default the Web Admin interface uses self-signed certificates.
  • Spectre mitigation—We have added kernel upgrades that mitigate the Spectre vulnerability. These are included in the 4.9.87 Linux kernel.
  • New applications supported—The Usage Monitoring classification library has been updated with new applications including:
    • Session Announcement Protocol
    • VPN applications (Hoxx VPN, ZenVPN, Hide.me VPN, and HideMyIp VPN)
    • H.245 audio
    • Google ZIP
    • Sophos
    • uTorrent
  • Application improvements—Application classification improvements have also been made to applications including:
    • Citrix Online (Go To Meeting)
    • Facebook voice traffic
    • Skype
    • Google Video
    • Hotspot Shield
    • Zero VPN
    • XVPN
    • Instagram
    • YouTube
    • Apple

Resolved issues

ID Keyword Description
PV-3735 PathTest We fixed an issue where bytes received and bytes sent seen during a PathTest may not match as expected under certain conditions.
PV-3718 PathTest We fixed an issue where InBound Transmission Metrics showed 0 when targeting a secondary interface.
PV-3676 PathTest We fixed an issue where PathTest reported 100% packet loss when targeting a secondary interface.
CS-8871 CPA3 We fixed an issue where Continuous Path Analysis 3 (CPA3) tests would drop when utilization moved above the alert threshold.
PV-3725 Wireless We fixed an issue where wireless monitoring points may not reconnect to their WiFi network on restart.
CS-9137 Wireless We fixed an issue where a monitoring point could lose its wireless connection and not reconnect until it was rebooted.
PV-3421 Diagnostics We fixed an issue where diagnostics run on two paths reported different capacities on the same mid-path hops.
PRO-46 Security We fixed a Cross-Site Request Forgery (CSRF) exploit vulnerability in the Web Admin interface.
CS-9293 Connectivity We fixed an issue where the monitoring point could drop its connection to APM and not reset it until rebooted.
CS-9167 Usage We fixed an issue where Usage traffic classified using a custom application definition was reclassified as “-“ (meaning unknown) when the monitoring point was moved to a different organization. Also, the custom application definition was not removed as expected. Now, if the organization changes, the custom application definition is removed from the device and the System Defined classification is used.
CS-9141 Usage We fixed an issue where custom application definitions and local subnets configured on a monitoring point would not be removed when the device was decommissioned.
CS-8914 ARP We fixed an issue where a monitoring point’s virtual Ethernet interface would respond to an APR request and cause network problems.
CS-8668 Server reachability We fixed an issue where the Server Reachability page would ignore proxy settings when determining whether it had access to an upgrade server.
CS-8608 Proxy We fixed an issue where Proxy settings configured in the Web Admin interface would be deleted when certain AppNeta Connect settings were changed.

Work arounds

v35 on KVM - Under certain conditions, when a v35 (on KVM) monitoring points reboots, Usage monitoring can stop working. The reason is that the v35 Usage interface gets removed from the mirror configuration on the host after a reboot. To work around this issue you need to restart the v35 virtual machine:

  1. Login to the host
  2. Shutdown the v35:

    virsh destroy V35_NAME
    
  3. Start the v35:

    virsh start V35_NAME
    

Update for: m20, m22, m30, r40, r400, s35

Release notes for Enterprise Monitoring Point version 8.4.18.x.

Enhancements and new features

  • New applications supported—The Usage Monitoring classification library has been updated with new applications including:
    • Session Announcement Protocol
    • VPN applications (Hoxx VPN, ZenVPN, Hide.me VPN, and HideMyIp VPN)
    • H.245 audio
    • Google ZIP
    • Sophos
    • uTorrent
  • Application improvements—Applicaton classification improvements have also been made to applications including:
    • Citrix Online (Go To Meeting)
    • Facebook voice traffic
    • Skype
    • Google Video
    • Hotspot Shield
    • Zero VPN
    • XVPN
    • Instagram
    • YouTube
    • Apple

Resolved issues

ID Keyword Description
CS-9141 Decommissioning We fixed an issue where custom applications and local subnets configured on a monitoring point would not be removed when the device was decommissioned.
Call Support: 800-664-4401
Contact Us