ManageEngine NetFlow Analyzer v12.8 | ReadMe
12.8.401 (Build 128401)- October 25, 2024
Issues Fixed:
- General : Previously, in versions 128399 and later, there was an issue while restoring backup data. This issue has now been fixed.
New Features & Enhancements:
- General: Failover support is now extended to Linux environment as well with MSSQL and Remote PgSQL databases.
- General: Failover now allows configuration across multiple subnets, with new connection type: Virtual Hostname (usable for both the same and different subnets).
12.8.400 (Build 128400)- October 17, 2024
New Features & Enhancements:
- Dynamic updates for new device vendors and models are now supported in Export Flow.
- Support ID: 9711851 : A "Top 10 Overall" graph has been introduced for conversations in the Device, Interface, Interface Group, IP Group, NFG Interface snapshots.
Issues Fixed:
- Support ID: 9984329 : When a device with an incorrect timestamp and large flow data was received, a RawData table split issue occurred. This issue has now been fixed.
- Support ID: 10410831 : Fixed an issue where selecting the Internal Collector from the drop-down displayed all collector devices and interface counts. Additionally, the probe name was not updating in the Probe GUI, and this has been resolved.
- Support ID: 10456017 : The issue with disabling weak TLS and weak ciphers in the NetFlow Central Server has been fixed.
- Upgraded dnsjava.jar from version 3.5.3 to 3.6.1.
- Support ID: 9990352 : Previously, there was an issue displaying the network diagram on the device snapshot page when management IPs were used. This has now been fixed.
12.8.333 (Build 128333)- August 30, 2024
New Features & Enhancements:
- Support ID : 9690957, 9693960, 7687699 : For Specific device based widgets,
i. Support for Source and Destination widgets has now been added the Device as resource type.
ii. Conversation, Application, Protocol, Autonomous System and QOS widgets can be now configured based on specific device.
- The Autonomous System Database has been updated with the most recent data.
Issues Fixed:
- Support ID : 10052709 : The issue with generating billing reports across different time zones has been fixed.
12.8.319 (Build 128319)- July 30, 2024
New Features & Enhancements:
- Support ID : 6795227, 7338354 , 7372914, 7685054 Support for dynamic update of IP in Cloud Services Mapping has now been introduced.
- Support ID : 9458165, 10018362 NetFlow Generator now supports a 10 Gigabit line rate.
Issues Fixed:
- SupportID : 10020667: RAM spike issue in NetFlow Generator has been fixed..
12.8.262 (Build 128262)- June 19, 2024
New Features & Enhancements:
- Support ID: 9763397: Usability Enhancement: Improved the loading functionality of Autonomous Systems to address GUI slowness.
Issues Fixed:
- Support ID: 9637726, 9640814, 9641374, 9690341: NetFlow Analyzer now supports an additional 25 new devices and vendors, enhancing compatibility for Flow Export Configuration.
- Support ID: 9711851: The issue of data not being available when selecting the 'Overall Graph' option from the 'Resolve IP' tab has been resolved.
- Support ID: 9918778: The error message that appeared in the Inventory search filter when using a "/" in the dropdown filter has now been fixed.
12.8.104 (Build 128104)- June 13, 2024
Issues Fixed:
- OpManager: A stored XSS vulnerability was discovered in Schedule reports. This has now been fixed.(Reported by Muhammed Mekkawy. Refer:ZVE-2024-4386).
12.8.236 (Build 128236)- April 26, 2024
New Features & Enhancements:
- Introducing Network Map in Device Snapshot Summary Tab.
- Support for 22 new devices have now been added in Flow Export Configuration.
- Support ID : 7084949 : The Application tab in WLC now features a top 10 application graph for Controller, Access Point, Access Point Group, and SSID Group.
Issues Fixed:
- Support ID : 9755975, 9726676 : Resolved the issue of trailing stray characters in NBAR2 (Layer 7) App Name.
- Support ID : 9749171 : The issue with Collector Status in NFA DE with Internal Collector Environment has been resolved.
12.8.181 (Build 128181)- March 15, 2024
New Features & Enhancements:
- SupportID : 9198895, 9198239, 8505752, 5899731 : The option to configure "Add" and "Delete" in Autonomous System has been newly introduced. The Edit action in Autonomous System has been enhanced.
Issues Fixed:
- The smart upgrade for the Network Packet sensor had a certificate verification issue, which has now been resolved.
- SupportIDs: 9382046 : The problem with loading Source and Destination criteria in Report Profiles' Edit and Copy actions has been fixed.
- SupportIDs: 9647671 : The issue with the manual Raw Data Cleanup file has been fixed.
- SupportIDs: 9641374 : Listing loopback interface as source in Export Flow had an issue and it has been fixed now.
- SupportIDs: 9469290 : Speed test commands related to GDPR has been handled.
- SupportIDs: 9458165: In the Inventory snapshot, the Show Ports mapping, which was not working for NFG interfaces, has now been fixed.
12.8.151(Build 128151) - January 24, 2024
New Features & Enhancements:
- Export Flow page is revamped for simplifying device configuration.
- Introducing Simulate NetFlow feature to ease the evaluation process with sample NetFlow data.
- Users can now drill down to source, destination, application, and QoS level traffic insights right from the Inventory tab's Device Snapshot page.
Issues Fixed:
- SupportIDs: 8674355, 9055909: Users will now be notified in the UI with details for troubleshooting when there is a flow parsing issue.
- SupportID: 9385805: The issue with average traffic value calculation in the Conversations tab under the Interface snapshot is now resolved.
- SupportID: 9457398: The embedded space in the custom report criteria field under the Search report has been removed to fix the report generation error.
- SupportID: 9338309: There was a traffic information mismatch between the Interface summary utilization shown under the Inventory tab and the Top N interface by utilization widget. This has been fixed now.
12.8.100(Build 128100) - January 17, 2024
Bug Fixes & Enhancements:
- General: Accessing the RestAPI via the Api key in the request parameter, is currently being deprecated and will be removed in a future release. Users with existing integrations using apiKey in the request parameter are advised to migrate the apiKey in the request headers to avoid any future impact.
12.7.261(Build 127261) - December 22, 2023
Vulnerabilities Fixed:
- NCM: Now, the Maverick package has been updated to version 1.7.56 in response to CVE-2023-48795.
12.7.260(Build 127260) - December 11, 2023
Issues Fixed:
- General: Previously, path traversal vulnerability(CVE-2023-47211) was detected for MIB browser. This issue has now been fixed by implementing path sanitization, ensuring a new MIB is stored exclusively under the "OpManager/mibs" directory.
12.7.257(Build 127257) - October 24, 2023
Issues Fixed:
- The issue in displaying NetFlow table data in slides has been fixed now.
12.7.255(Build 127255) - October 06, 2023
Issues Fixed:
- The issue that occurred while drilling down on specifics in the traffic reports in NetFlow Analyzer Alarms has now been fixed.
12.7.244(Build 127244) - September 28, 2023
New Features & Enhancements:
- ML based Pattern Analysis for interface IN/OUT Traffic has been introduced.
- Support ID: 7304606, 7647532, 5774239, 8443081 - Alert profiles based on the new ML based Pattern Analysis have been introduced.
- Support ID: 8907374 - The option to suppress alarm for NetFlow Analyzer’s Real Time Alert profiles has been introduced.
- Notification Templates now offers support for new message variables - Source IP, Source Description, IN speed, and OUT speed.
- Introduced the option to configure AS Number criteria in IP Group.
- Support ID: 7721856, 5909245 - Introduced Include and Exclude options for Port/Protocol in IP Group.
- Applications Mapping have been updated with the latest applications for fresh installations.
- Introduced a new "Report Settings" page where the existing "Data Unit" and "Report Filters" have been moved as individual new tabs.
- Support ID: 6181103 - The option to configure Business hour filter and Exclude weekend filter under the "Report Filters" tab has been introduced as a common setting for reports.
- Support ID: 8689837, 6491492 - Customers can now choose to view the "Bandwidth Capacity" line or disable the Percentile line in Traffic graphs.
- "IfIndex" value is now displayed in the Interface Inventory snapshot summary table.
- The speed unit set by the customer is now applied for all Traffic Reports.
- Informative pages related to NetFlow Analyzer’s add-on trial is now displayed in the OPM and OPM EE Flow Analysis modules.
Issues Fixed:
- Support ID: 9074923 - The corruption issue in the NPS Communication key has now been fixed.
- Support ID: 8885938 - The error that occurred due to security xml validation while generating Compare reports has been fixed now.
Build 12.7.198 - September 11, 2024
- General: After migrating to JRE 1.8.0_362, from version 12.7 and above there were issues with response data compression, if SSL was enabled. This has been fixed now.
- General: In Proxy Server Settings, input validation has been implemented for the "Server name or IP" field to prevent security vulnerabilities.
- General: Previously, some mail servers didn't recognize the "NOOP" command used during communication. To fix this, an option has been provided to ignore the command for smooth communication.
- General: Since Microsoft continues to support basic authentication for SMTP mail communication, the "OAuth Support Available" suggestion pop-up has been removed.
- General: Previously, there were issues with trusting the certificate of external service URLs when Proxy Settings were configured, which affected functionalities which require access to external URLs, like Storage device discovery, Third party integrations, etc. This issue has now been fixed.
- General: When scrolling through the dashboard, few widget's tooltip was not displayed properly.This has been fixed now.NetFlow: Support ID : 9895903 - The default IP groups in Japanese builds have been deleted.
- General: Previously, CSRF vulnerability (ZVE-2024-1132) was detected where the external users were able to utilize the network tools without authentication to perform ping or SNMP ping on network devices. This has now been fixed. (Reported by Jayateertha Guruprasad).
- General: Previously, there was a translation issue with "Add Role" on the Roles page. It has now been fixed.
- General: Previously, there was an issue with displaying error messages while creating a workflow. This has now been fixed.
- NetFlow: Support ID : 9683403 - Previously, users faced issues in updating Geo location. This has now been fixed.
- NetFlow: The issue with adding aggregated alert profiles with custom time frames has been fixed.
- NetFlow: The issue in loading application data for alarms generated from Interface group alert profiles has been fixed.
- NetFlow: The issue in exporting CSV for Percentile report and Consolidated report has been fixed.
- NetFlow: Export PDF for AS to AS Individual graph has been fixed.
- NetFlow: The issue with mail attachments in the Search Report for IP group has been fixed.
- NetFlow: Previously in some cases, upgrades failed due to the presence of special characters in schedule file names. This issue has now been fixed.
- NetFlow: The default rebranding name has been corrected from "Netflow Analyzer" to "NetFlow Analyzer."
12.7.193(Build 127193) - January 24, 2024
New Features & Enhancements:
- General: Live Database backup (General Settings -> Live Backup) has been introduced for bundled PGSQL setups. The database backup can be scheduled, and can be backed up while the product is running.
12.7.187(Build 127187) - August 18, 2023
New Features & Enhancements:
- Data Migration support is now available when transitioning from NFA installation to NFA/OPM Installation. This includes migrating data from PGSQL to PGSQL databases and from MSSQL to MSSQL databases, while also offering cross-platform OS compatibility.
- Support ID : 8885938 - Client IP and SSID details are added in WLC conversation widget in the dashboard.
- Introducing a GUI Option to Regenerate NFA DE Communication Key when Communication Key is corrupted.
- "Port, Port Range, DSCP, Source AS and Destination AS" criteria options are now added for Schedule - Custom Report.
- Criteria can be now applied in Schedule - Forensics Report.
Issues Fixed:
- Support ID: 8897954 - The issue with accessing the Central Server GUI, which occurred only when the DPI Engine was active and no flows were sent to Collector, has now been resolved.
- Support ID: 8828940 - The problem of the Last visited location in Maps not loading in the NFA DE Central Server GUI has been fixed.
12.7.142(Build 127142) - January 04, 2024
- General : Now, the Maverick package has been updated to version 1.7.56 in response to CVE-2023-48795.
- General: Previously, path traversal vulnerability (CVE-2023-47211) was detected for MIB browser. This issue has now been fixed by implementing path sanitization, ensuring that a new MIB is stored exclusively under the "OpManager/mibs" directory.
12.7.131(Build 127131) - July 18, 2023
New Features & Enhancements:
- Optional FIPS compliance mode can be enabled for fresh installations from version 12.7.131.
12.7.130(Build 127130) - July 05, 2023
New Features & Enhancements:
- NetFlow Analyzer’s Standard Edition has been launched for basic traffic analysis and bandwidth monitoring requirements.
- Support IDs: 6094965, 6101062: Introducing multiple-level alerting option for volume-based Billing Profiles.
Issues Fixed:
- Support IDs: 8700886, 8914372: In H3C & HP Routers variable length field parsing for v9 packet has been handled.
- Support ID: 8788402: In the Device Group View, the issue where devices were not mapped or devices that were unmanaged have been fixed.
- Support ID: 8683108: In sFlow parsing, the issue where sample pool field was marked zero has been handled with system property.
- Support IDs: 8851611, 8642825: In the Interface Group view, the last 20 minutes Traffic data was not being displayed. This issue has been fixed now.
- Support ID: 8816896: In the Device Snapshot view, the issue in Traffic Volume data displayed in the Interface tab has been fixed.
12.7.124(Build 127124) - January 04, 2024
Bug Fixes & Enhancements:
- General : Previously, path traversal vulnerability (CVE-2023-47211) was detected for MIB browser. This issue has now been fixed by implementing path sanitization, ensuring that a new MIB is stored exclusively under the "OpManager/mibs" directory.
- General: To enhance security for Linux installations, User permission for the product folders has been modified and can be accessed only by the installed user. (Reported by Tenable. Refer : CVE-2023-6105)
- General: Previously, there was an issue where the "Filters & Export" option was unclickable when navigating to Audit Reports via Report -> System -> Audit Reports. This issue has now been fixed.
- General: We have improved the truststore handling flow, which may help avoid frequent truststore corruption.
- General: Previously, an error occurred when refreshing specific dashboard pages, or while navigating between dashboards in products other than OpManager. This issue has been fixed now.
- General: The space character is now allowed in the username in OpManager, so AD users with spaces in their usernames can log in.
- General: There was an issue while generating Certificate Signing Request (CSR) with wildcard DNS records (Ex: *.sample.com). This has been fixed now.
- General: The time taken to generate a Support information file has been optimized. General: If the product was installed in Linux devices with non-english OS, attempting to download System Info under the System Performance page resulted in a download failure. This issue has now been fixed.
- General: Previously, due to an uncleared cookie, there was an URL redirection issue while accessing server URL in a new browser window. This issue has been fixed now.
- General: Previously, when there were more number of tabs, the navigation buttons under the main tab, was not working properly. This issue has been fixed now.
- General : Now, the Maverick package has been updated to version 1.7.56 in response to CVE-2023-48795.
12.7.101(Build 127101) - May 11, 2023
New Features & Enhancements:
- Support ID: 6733457, 6804409, 7068087, 8129650, 8590586: Webhook integration has now been made available in Notification Templates.
- Users can now choose to raise a self-monitoring alarm when NetFlow unprocessed udp packet count goes above the threshold value.
- Users can now raise self-monitoring alarms when NetFlow Raw to table copying file count goes above a threshold value.
- Probe Overview Widgets in the OPM-Enterprise Edition "Scalability & Unified-Console" modes has been made available with NFA add-on data.
- Security Report Enhancements - ASAM engine will be enabled by default and automatically disabled based on flow-count and system performance threshold settings.
- Schedule Report Enhancements -
- Option to select reports while scheduling Consolidated Report.
- Option to select reports in One click schedule.
- Support ID : 8508949: Supporting 15 and 30 minutes time-frames in the Inventory and snapshot pages.
- Support ID : 8508949: Auto refresh will now start by default for interface traffic widget.
- The time-frames names in dashboard, inventory, and reports pages have been synced.
Issues Fixed:
- Support ID: 8653742: NPS start as service failure that occured during Linux server reboot has been fixed.
- Previously, multibyte characters were not supported in a few fields. This issue has been fixed now.
- User device association issues in Local/AD authentication after 12.6.275 upgrade has been fixed.
- Support ID: 8590827, 860965: Central Server mail IDs will be handled in collectors to avoid duplication.
12.7.006(Build 127006) - March 18, 2024
Issues Fixed:
- General: Previously, there was a delay in file access verification during upgrade. This has been resolved now.
- General: Previously, in certain Central setups, there were issues with applying the PPM due to a stale table entry in the database. This has now been fixed.
12.7.003(Build 127003) - August 04, 2023
Bug Fixes & Enhancements:
- General: HighPerf(CStore) data migration support has been made available for customers with builds 12.6 to 12.7 builds.
- General: Previously, in Failover Settings if email address had been configured, the secondary server would not take over, incase of primary server failure. This issue is applicable for the customers upgraded to versions 12.6.306 or above, and has been fixed now.
- NetFlow: Support ID - 8665195, 8807013: Upgrade failure that occurred when NetFlow Tables in MSSQL DB were not defined properly has now been fixed.
12.7.000(Build 127000) - April 26, 2023
Enhancements & Issues Fixed:
- General: PostgreSQL has been upgraded to version 14.7. The PostgreSQL vulnerability issues from version 10.21 have been fixed now.
- General: JRE version 1.8.0_362 will be used in fresh installations(exe/bin).
- General: The "Remember Me" check box in versions 12.5.415 and above had an issue. This has now been fixed.
- General: Tomcat, Wrapper, and various other product-specific components have been updated.
- NetFlow: One-click enable option has been provided for HighPerf(CStore).
- NetFlow: HighPerf has been upgraded to the latest version with CStore 4.0.7.
12.6.309(Build 126309) - March 21, 2023
Issues Fixed:
- General: Initially, there was an issue where the browser crashed while accessing demo video urls from https-enabled Netflow Analyzer. This issue has been fixed now.
12.6.307(Build 126307) - March 14, 2023
New Features & Enhancements:
- Introduced Threshold based alerting for NetSpeed Tracker reports with Notification Profile.
- A new "On-Demand Speed Test" report from Web-client for the selected NetSpeed Tracker server has been introduced and displayed under ITOM Agent.
- NetFlow Analyzer now allows you to create a Schedule Report profiles for the NetSpeed tracker Report.
- Introduced the option to schedule hourly reports.
- Now, the Probe Admin will be notified via e-mail whenever the Probe-Central communication is lost for more than 5 days. If the connection is not re-established, the corresponding probe server will be shutdown on the 15th day.
- SupportID: 8469128: License info display customization for selected user roles has been handled with system property.
- SupportID: 7732977: In NFA Enterprise Edition, Collector name details are displayed in Devices and WLC Controllers tabs in All Collectors view.
- Favorite report option has been provided for Consolidated report, Capacity planning report,Protocol distribution report & Inventory report.
- Network Packet Sensor : JRE has been upgraded to Zulu JRE(OpenJDK 8.0.362).
Issues Fixed:
- SupportID: 8453061: Graph usability issues that occured when there were no data points available from received flows for the selected time-period has been fixed.
- SupportID: 8376994: Issue in scheduling Consolidated Report for the "Monthly" time period has been fixed.
- SupportID: 8430585: In the Recent alarms widget, only the alerts generated in the last hour were listed. This has been fixed.
- SupportID: 8380036: Temp table creation issue while loading AS data based on IP Address has been fixed in MSSQL DB.
- SupportID: 8337600: Data was not being dumped in the MSSQL DB when the name contained special characters. This has been fixed now.
12.6.292(Build 126292) - February 17, 2023
Issues Fixed:
- Support ID: 8337600, 7070148,8508984, 8487743: The upgrade failure issue that occured due to the existence of unwanted constraints in database has been fixed.
- Support ID: 8529961: Previously, percentile values were not loaded in Graph and Table data. This issue has now been fixed.
12.6.290(Build 126290) - February 10, 2023
Issues Fixed:
- Support ID: 8458370: The issue in the Device & Interface Snapshot Traffic graphs that occured on selecting legend has been fixed.
12.6.288(Build 126288) - June 09, 2023
Issues Fixed:
- NetFlow: There was an issue in displaying the devices associated with non-admin users after upgrading to version 126275. This has been fixed.
- NetFlow: Previously there were failed attempts while upgrading PPM due to improperly updated NetFlow tables not being updated. This issue has now been resolved.
12.6.275(Build 126275) - January 12, 2023
New Features & Enhancements:
- The ASAM module has been revamped and renamed as 'Security'.
Issues Fixed:
- SupportID: 8097780: The NetFlow spike issue that occurred once a day in Palo Alto devices has been fixed.
- SupportID: 8104412: BCP issue due to unavailability of QoS Metatable during startup has been fixed.
12.6.262(Build 126262) - January 04, 2023
New Features & Enhancements:
- SupportID : 6257468,6743710,6725776,5994958,5966101,4732364,6521291,6590967,6264525,8232478 : Introducing NetSpeed Tracker to track historical internet speed.
Issues Fixed:
- SupportID : 8232478 : There was an issue where unmanaged interfaces were also listed under Inventory > AS view. This has been fixed now.
- SupportID: 7997107 : File integrity issue in the PGSQL folder in HighPerf(CStore) installation has been fixed.
- SupportID: 8133711 : An option has been provided to support all sFlow routers when negative traffic graph occurs due to mismatched interface indexes.
- NetFlow Generator will henceforth not be supported in NetFlow Analyzer Free Add-on in OpManager Plus and OpManager Enterprise edition.
- The issue in fetching SNMP values for new and unmanaged interfaces has been fixed.
- The SNMP memory update issue that occurred when Write community was empty for SNMP v2 credentials has been fixed.
12.6.167(Build 126167) - October 21, 2022
New Features & Enhancements:
- DPI functionality has been enabled for Operator and Custom users.
- The option to Enable/Disable the DPI Module has been provided in the NetFlow Analyzer UI.
12.6.165(Build 126165) - October 14, 2022
New Features & Enhancements:
- To enhance security, changes have been done in the Installshield for Linux builds.
12.6.162(Build 126162) - October 07, 2022
New Features & Enhancements:
- Network Packet Sensor: SupportID: 4948580, 7217728: IPv6 support has been provided for NetFlow Generator(NFG) & Deep Packet Inspection(DPI).
- Network Packet Sensor: Template based flow generation(IPFIX) has been introduced in NetFlow Generator(NFG).
12.6.150(Build 126150) - September 28, 2022
Issues Fixed:
- Support ID: 7552171, 7829674: The wrong managed licenses count was displayed due to the ifindex0 interfaces that appeared on startup. This issue has been handled.
- Support ID: 7653563, 7654105: Geo Location Database has been updated with the latest data.
- Support ID: 7757156, 7752932, 7900619, 7718539: Support to skip Parsing SAMPLING_INTERVAL field from V9 and IPFIX flows, is now handled with system property.
12.6.147(Build 126147) - September 08, 2022
New Features & Enhancements:
- HighPerf has been upgraded to the latest version with Postgres 11.16 & CStore 3.11.23.
12.6.133(Build 126133) - August 19, 2022
Issues Fixed:
- SupportID: 7925079, 7955266: PDF export issue in OPM Plus for NetFlow reports has been fixed.
- SupportID : 7654754: Delete option has been provided for NetFlow Interfaces in OPM Plus module's Element based license.
- SupportID : 7977077, 7906028, 7927406, 7839865, 7653265, 7689362: In the NFA-DE non-English environment, the GUI displayed garbled characters. This issue has been fixed now.
- SupportID : 8035686, 8035919, 8036822: The issue in displaying the Register tab to apply license has been fixed. Full Access Admin users can now apply NetFlow Analyzer license.
12.6.120(Build 126120) - July 29, 2022
Vulnerabilities Fixed:
- General: Earlier, there was a Remote Code Execution (RCE) vulnerability in IPv6 address management (CVE-2022-37024) and IPv4 address management (CVE-2022-38772) reported by an anonymous working with Trend Micro Zero Day Initiative. This has been fixed now.
12.6.118(Build 126118) - July 27, 2022
Vulnerabilities Fixed:
- General: A vulnerability resulted in unauthenticated access of the user API key. This issue has been fixed now. (Reported by Anonymous working with Trend Micro Zero Day Initiative. Refer: CVE-2022-36923)
12.6.115(Build 126115) - July 13, 2022
New Features & Enhancements:
- Support ID: 7166526 - Interface Speed change alerting and tracking via SNMP Scheduler has been introduced.
- Support ID: 7728925 - Flow filtered interfaces have now been highlighted in the Inventory view.
- Flow Filter settings page has been revamped for better user experience.
- Support ID: 7814367 : SNMP bulk update operation has been enhanced for better user experience.
- SupportID : 6451738, 6583504, 7506836 : NetMask values will now be auto-calculated when network packets don't have NetMask values based on
- NetMask values from LAN-IP Network
- Netmask values from Existing IP's in the device
Issues Fixed:
- Support ID: 7653265 - NFA DE Internal Collector discovered routers with same interfaces multiple times. This issue has been fixed.
- Support ID: 7770642 - The complete names of SNMP devices will now be displayed.
- Support ID: 7866765 : In OPM Plus, the Interface drill down in the device summary widget did not work. This has now been fixed.
- Support ID: 7890196 : Limitations in the OpUtils module license in NFA DE's trial and evaluation versions have been fixed. Users will now be able to configure unlimited ports and IPs in SPM and IPAM.
- Support ID: 7765898 , 7813771 : Interface widgets were incorrectly displayed in the Device Snapshot View. This has been fixed.
- Support ID: 7965080 - There was an issue in loading IN traffic data in the Schedule CBQoS report. This has been fixed now.
12.6.108(Build 126108) - December 13, 2022
Bug Fixes:
- General: An unwanted popup was displayed with Top N problems in dashboard. This issue has been resolved.
- Support ID: 8035686, 8035919, 8036822: There was an issue in displaying the Register tab when Full Access Admin users applied for NetFlow Analyzer license. This has been fixed.
- Support ID : 7927406 : The PDF export issue faced in executing the NBAR report from Inventory > Interfaces tab has been handled.
- Support ID : 8232478 : There was an issue where unmanaged interfaces were also listed under Inventory > AS view. This has been fixed now.
12.6.101(Build 126101) - June 23, 2022
Vulnerabilities Fixed:
- General: Unauthorized creation of files lead to high resource consumption. This has been fixed now. (Reported by Tenable. Refer: CVE-2022-35404)
12.6.000(Build 126000) - June 14, 2022
New Features & Enhancements:
- General: Antisamy has been upgraded to version 1.6.4.
Build No: 125000 to 125659
12.5.659(Build 125659) - August 11, 2022
New Features & Enhancements:
- General: There was an issue with loading the NOC page in Embed view. This issue has been fixed now.
12.5.656(Build 125656) - July 25, 2022
New Features & Enhancements:
- General: Users have the option to skip TFA now. Option to disable Two Factor Authentication is now available.
12.5.647(Build 125647) - May 12, 2022
New Features & Enhancements:
- HighPerf has been upgraded to the latest version with Postgres 11.15 & CStore 3.10.11.
- Vectorwise to CStore data migration support is made available for DPI customers.
- DPI with HighPerf(CStore) add-on is now available in NetFlow Analyzer, NFA-DE, OpManager, OpManager Enterprise Edition, and OpManager Plus.
- Network Packet Sensor tool has been introduced under ITOM Agents. Network Packet Sensor provides the combined benefits of NetFlow Generator and DPI Engine.
12.5.615(Build 125615) - March 24, 2022
New Features & Enhancements:
- Capacity Planning reports page has been revamped for better user experience.
- Alert Profiles email PDF report has been revamped, and now includes DSCP IN and OUT report.
- Support ID : 5853024 : Alert Profiles Email PDF report will now display applied alert criteria.
- Support ID :7276134 : Search input boxes in Inventory’s WLC tab have been aligned with the table data columns.
- Introduced the option to enable IP-based Autonomous System Number(ASN) . This update will reflect in the Inventory, Reports, and Dashboard widgets.
- General: Log4j upgraded to version 2.17.2.
Issues Fixed:
- Support ID : 7472047 : Scheduled Historic Data Cleanup issue in the ASAM module has been fixed.
- Support ID :7525131 : The interface discovery issue in Distributed edition when more than 10 collectors were installed has been fixed.
- Support ID :7637746 : The duplicate interface discovery in internal collectors when new interfaces were added in different routers in external collectors has now been fixed.
12.5.606(Build 125606) - August 04, 2022
Vulnerabilities Fixed:
- General: Earlier, there was a Remote Code Execution (RCE) vulnerability in IPv6 address management (CVE-2022-37024) and IPv4 address management (CVE-2022-38772) reported by an anonymous working with Trend Micro Zero Day Initiative. This has been fixed now.
- General: A vulnerability resulted in unauthenticated access of the user API key. This issue has been fixed now. (Reported by Anonymous working with Trend Micro Zero Day Initiative. Refer: CVE-2022-36923)
12.5.585(Build 125585) - February 03, 2022
Issues Fixed:
- Support ID: 7515779 - The issue in updating TimeStamp Index in FileMetatable has been fixed.
12.5.584(Build 125584) - February 01, 2022
Vulnerabilities Fixed:
- NCM: Earlier, there was a stored XSS vulnerability in the Schedule name field of Schedule page, reported by Hazem Osama. This has been fixed. (Refer CVE-2022-24703)
- NCM: Earlier, there was a stored XSS vulnerability in the Change rule name field of Change Notification page. This has been fixed.
12.5.582(Build 125582) - January 17, 2022
Features & Enhancements:
- Table data in Forensics Report has been synced with the zoomed-in graph time period.
- The option to select user-specific column has been provided for the Forensics Conversation Report.
- Support ID - 7031196,7317970,7311545,736133 - Parsing SAMPLING_INTERVAL field has been included in the optional template for V9 and IPFIX Flows.
Issues Fixed:
- Support ID -7334658 - NFA collector count update issue in the NFA central server’s About tab has been fixed.
- Support ID - 6242236 - Schedule conversation/conversationNetwork report displayed Incorrect destination and hidden port details while fetching report from Aggregated Tables. This issue has been fixed.
- Support ID -6337024 - Support to suppress second alert for the given time period has been handled with system property.
- Support ID -5911404, 5963439, 5996838,6003052, 6017482, 6019009, 6062107, 6291212, 6320005, 6027535, 5725112, 5644128 - Support to disable ‘No template received’ error has been handled with system property.
- Support ID - 6685125 - The issue in scheduling capacity planning monthly report for months with 31 days has been fixed.
- Support ID - 6960555 - The issue in adding CBQoS device for devices that are not present has been fixed.
- Support ID - 6244685 - Support for sflow duplicate mpls processing has been has been handled with system property.
- Support ID - 6538238 - Support to skip dst_tos if tos is already present in the template of v9 and IPFIX flows has been handled with system property.
- Support ID - 6557590, 6134171 - Inventory report data overflow due to cutoff has been fixed.
- Support ID - 6557590 - Inventory report data overflowing from file-reader, for data generated in previous 20 minutes has been fixed.
- Support ID - 7370085 - Log information maintained for all flows in Palo Alto Device has been handled with system property.
- Support ID - 7439692 - Regenerate Bill option in Billing reports was missing. This has been fixed.
12.5.568(Build 125568) - February 24, 2022
Issues Fixed:
- General : The upgrade process failed in secondary failover setup due to an issue. This issue occurs when upgrading from builds below 125561. This issue has been fixed.
12.5.566(Build 125566) - January 21, 2022
Vulnerabilities Fixed:
- Authentication bypass vulnerability in a few file import APIs in the NetFlow EE Central Server has been fixed.
12.5.557(Build 125557) - November 26, 2021
Features & Enhancements:
- Support ticket 6972531 - In the time series graph, horizontal and vertical lines as well as a tick mark for each data labels in x-axis have been added for better data visibility.
12.5.490(Build 125490) - November 26, 2021
Vulnerabilities Fixed:
- OpUtils: The authentication issue in very few of OpUtils modules' audit directories has been fixed. (Refer CVE-2021-44514)
12.5.488(Build 125488) - October 29, 2021
Vulnerabilities Fixed:
- There was a Remote Code Execution (RCE) vulnerability in the Ping functionality of the NCM module (Reported by Ma3i). This issue has now been fixed.
12.5.485(Build 125485) - October 21, 2021
New Features & Enhancements:
- We have introduced a password reset policy for default SCP password.
12.5.484(Build 125484) - October 13, 2021
Issues Fixed:
- Non-admin users of central server were able to access some admin APIs of collector servers. This issue has now been fixed.
12.5.483(Build 125483) - October 12, 2021
Vulnerabilities Fixed:
- General : Low privileged users were able to access Audit reports and mail server details(Reported by Ranjit Pahan). This issue has been fixed.
12.5.482(Build 125482) - October 08, 2021
Features & Enhancements:
- HighPerf add-on is now supported in the NetFlow Analyzer Enterprise Edition.
- Counter samples-based traffic is now displayed for SFlow in Inventory Snapshot page.
- Forensics report has been revamped with a new design.
- Support Ticket : 5026116,6900843 : The option to edit existing IPGroups using bulk IPGroup XML file has been introduced.
Issues Fixed:
- Support Ticket : 7160638 : Multiple duplicate interfaces were displayed when the same device was added to two collectors with an internal collector. This issue has been fixed.
- Support Ticket : 6972531 : Fortigate device packets processed based on flowend reason with active timeout has been fixed.
- Support Ticket : 7168731 : Search Report generation for IP group when it has high volume (GB, TB, etc.,) has been fixed.
- Support Ticket : 7135949 : AS View Report issue that occured when 24 hours time period was selected has been fixed.
- Support Ticket : 7237844,7160638 : Issue in deleting Interfaces with index zero has been fixed.
12.5.476(Build 125476) - January 13, 2022
Vulnerabilities Fixed:
- Authentication bypass vulnerability in a few file import APIs in the NetFlow EE Central Server has been fixed.
12.5.471(Build 125471) - October 01, 2021
Vulnerabilities and Issues Fixed:
- Low privileged users had access to multiple modules when it was disabled. This has now been fixed. (Reported by Ranjit Pahan)
- CSRF vulnerability in multiple pages has been fixed. (Reported by Ranjit Pahan)
- Stored XSS vulnerability while adding SNMP credential has been fixed. (Reported by Ranjit Pahan)
12.5.469(Build 125469) - September 24, 2021
Vulnerabilities Fixed:
- General: The XSS vulnerability issue in Task Name of Workflow has now been fixed. (Reported by Ranjit Pahan.)
12.5.467(Build 125467) - September 17, 2021
Vulnerabilities Fixed:
- CSRF vulnerability in the Cloud Repository page reported by Ranjit Pahan has been fixed.
12.5.464(Build 125464) - September 07, 2021
New Features:
- HighPerf (Vectorwise) add-on data migration to HighPerf(CStore) add-on is now supported.
- Introducing Percentile Report with 90th/95th/99th percentile-based traffic data.
Enhancements:
- Support Ticket: 5993846: NetFlow Analyzer now allows you to create a Schedule Report profiles for the Forensics Report.
- Percentile-based Report can be configured to create a Schedule Report profile.
- In NetFlow Settings, the option to configure percentile values has been provided.
Issues Fixed:
- Support Ticket : 7118987: TOS displaying wrong value for COST has now been fixed.
- SQL Injection in Attacks Module API has now been fixed. (Reported by Hồng Dương Trần. Refer CVE-2021-41075)
12.5.459(Build 125459) - December 24, 2021
Vulnerabilities Fixed:
- General: Low privileged users were able to access Support Module (Reported by Ranjit Pahan). This issue has been fixed.
12.5.447(Build 125447) - August 17, 2021
New Features & Enhancements:
- Introducing HighPerf add-on, a highly scalable database for raw data storage.
- Support ID : 6677447, 5444410, 5443803, 6355086, 5568161 : Introducing Autonomous System Number Report based on IP Address Mapping.
- Support ID : 7050048 : Collector name will now be displayed in the Collector UI.
- Support ID : 6784447, 6785960, 7033058, 7033052 : "Others" data has been removed from Dashboard widgets.
- Support ID : 6179050 : Device group filter selection will now be retained in the Devices list page until it's cleared by the user.
Issues Fixed:
- Support ID : 7124152 : Issue in loading client after login on Chrome, Firefox and Internet Explorer browsers has been Fixed.
- Support ID : 7124696 : Issue in filtering Email notification templates in Alert Profile for other languages has now been fixed.
- Support ID : 7037437 : IP Group Name configuration issue has now been handled, allowing 50 characters for Group Name in the XML for bulk loading and 255 characters for User Client in IP Groups.
- Support ID : 7085799 : Issue in TimeZone Update while creating new users when the username with upper case or lower case of same characters were used in User Management has now been fixed.
- Support ID : 7070148 : Fixed the redirection issue in Traffic widgets where data was displayed in terms of speed when utilization was selected.
- Support ID : 6951682 : In OPM Enterprise Edition, NetFlow Device snapshot displayed sample data instead of the actual data when NFA router ID is stored as zero in the Config Table. This issue has been fixed now.
12.5.429(Build 125429) - July 13, 2021
New Features & Enhancements:
- Introduced DHCP-based User Name - IP Address Mapping. Traffic reports will include Source, Destination and Conversation details with Hostname based on imported DHCP logs.
- PDF and CSV Reports of Schedule Report have been revamped.
- VPC Flow log support has been provided for the NetFlow Analyzer Enterprise Edition.
- One click schedule option has been provided for the following reports
- Consolidated Report
- Capacity planning Report
- Protocol Distribution Report
- Inventory Report
- Geolocation Report
- SNMP operation has been made synchronous during with the Edit device details request made from device drill down.
- Introduced the option to prioritize User-IP Mapping.
- Introduced individual Enable and Disable options in the IP Resolution page.
Issues Fixed:
- Support ID : 6995922, 6976373, 6755903, 7018811: Central server Upgrade Failure due to Router IP address duplicates have been fixed.
- Support ID : 7031196: In NFADE central (Essential to Enterprise Edition) FlowCount was shown as 'Zero' though it had data. This has been fixed.
- Support ID : 6793372: Paste action in Set Speed page has been disabled to avoid UI crashing.
- Support ID : 6936072: Sorting issue in Inventory Report is now fixed.
- Paste action in Billing Add/Edit page has been disabled to avoid UI crashing.
- Sorting issue in reporting pages when data unit calculation is modified as 1024, has been fixed now.
- Huawei SNMP ifIndex mapping issue has been fixed.
12.5.412(Build 125412) - June 14, 2021
New Features & Enhancements:
- NetFlow : NetFlow Analyzer now offers support for AWS VPC Flow logs.
- NetFlow : Introduced the option to enable V6/V4 while creating Report Profiles.
- NetFlow : Support ID : 6139913 : Introduced the option to select multiple interfaces from different devices in Report Profiles.
- NetFlow : Support ID : 5707385 : Introduced the option to select top devices based on 95th percentile values in Compare Report.
Bug Fixes:
- NetFlow : Support ID : 6947524 : "Others" data being displayed on fetching data from the raw data table has been fixed.
- NetFlow : Support ID : 6963234: Forensics report displaying duplicate rows in adjacent pages has been fixed.
- NetFlow : Support ID : 6965297 : Unknown_App Application, Source and destination IP address details were not displayed on Next page navigation in the Forensic report. This has been fixed.
- NetFlow : Support ID : 6881257 : sFlow traffic double count issue has been fixed.
- NetFlow : Support ID : 6806564, 6871104 , 6905561 , 6955167 , 6969519 , 6990128 : BCP Alert triggers when DroppedFlow data was dumped has now been fixed.
12.5.399(Build 125399) - June 1, 2021
New Features & Enhancements:
- General : User Management now supports custom role creation.
- General : Previously, Add-On Modules were enabled/disabled globally.
- Enabling/disabling Add-On Modules is now user specific.
- General : Users can now choose to show/hide Add-On Modules for which they have been authorized.
Issues Fixed:
- General : There was an issue when restoring backup during MSSQL installation after the 125301 upgrade. This has now been fixed.
12.5.393(Build 125393) - May 11, 2021
New Features & Enhancements:
- The NetFlow Analyzer Essential Edition has been renamed as the NetFlow Analyzer Professional Edition.
- WLC access points will henceforth be considered as interfaces for licensing(Build 125393 and above).
12.5.381(Build 125381) - April 30, 2021
New Features & Enhancements:
- NetFlow Analyzer now offers flow support for Aruba Wireless Controller Model 7024 version 8.6.0.4.
- Introducing V4/V6 View in Inventory, Dashboard, Search, and Forensics Reports.
- NetFlow Analyzer integrates with JIRA Service Desk for Notification Template.
- Inventory report will now include the IN and OUT 95th percentile values.
- Selecting the threshold for 95th Percentile has now been provided as an option for Inventory report generation.
Issues Fixed:
- WLC Access Point tab displaying OUT traffic as 0 has now been fixed.
- Support ID : 6795227: Temp table creation issue in Capacity Planning Report has been fixed.
12.5.376(Build 125376) - April 12, 2021
New Features & Enhancements:
- Support ID : 6630291: Criteria-based 'Favorite Report' has been introduced for Forensics report.
- Support ID : 6713522, 6765483 : NetFlow Analyzer integrates with ManageEngine ServiceDeskPlus Cloud for Notification Templates.
- Support ID : 6665423: Introducing support for NBAR2 Application data in IPGroup Report in Dashboard widgets.
- Business hour, Exclude weekends, and Time Frame options have been provided for Forensics report for interface, WLC Device, Multicast, Medianet, Appflow Reports, and Drill down graphs.
- Application group and Geolocation widgets have been introduced for the NFG Interface.
- Geolocation status info will now be displayed in the Geolocation reports page.
- Usability Enhancements:
- Collector specific IP groups can now be created along in addition to the All collector view in CS.
- Inventory User and Cloud list will be first sorted based on names and then IPs.
- Support ID : 6763573 : One Offender and Target IP address will be displayed in place of count place in the main attacks list.
Issues Fixed:
- Support ID : 6772844 : Issue in configuring 10.0.0.0 IP Network during IPGroup configuration has been fixed.
- Support ID : 6722060 : sFlow negative graph issue has been fixed now.
- Support ID : 6802123 : Issue in sorting Device groups in the Inventory has been fixed.
- Support ID : 6779940 : 'No traffic data shown' was displayed for PFSense firewall device. This issue has been fixed.
- Support ID : 6806564, 6847133 : BCP error due to 'dropped flows file not found' has been fixed.
- Support ID : 6667292, 6665820, 6585682, 6470811 : Deleting interface/device handling for license management and rediscovery.
- NetFlow Generator tool crashing when started in command prompt while was already running as service has been fixed.
- Non English characters in NetFlow Alert Profile email subject got garbled while applying ppm. This issue is now fixed.
- NFA DE alarms from Collector were not pushed to Central server post the recent upgrade. This issue is now fixed.
12.5.362(Build 125362) - March 26, 2021
Issues Fixed:
- OpManager:The SparkGateway package has been upgraded to the latest version (SparkGateway 5.9.0) due to a path traversal vulnerability reported by David. (Refer CVE-2021-20078)
12.5.357(Build 125357) - March 04, 2021
New Features and Enhancements:
- Support ID : 6339457 : NetFlow Analyzer now offers support for IPv6 for WLC reporting.
- Support ID : 5550823 : Option to edit 'Group Name' for IP Groups has been introduced.
- Support ID : 6665379 : NBAR2 Apps widget has been introduced for interface and interface group in the dashboard.
- Support ID : 6501447 : Retry and Time out options for DNS lookup are now available on upgrading DNSjava jar.
- Support ID : 6270157, 5494015, 5515873 : Introduced MAC address support for v9, IPFIX, and sFlow flows, and MAC address reporting in the Forensics report.
- Bulk delete option for GroupSettings has been introduced under Settings -> NetFlow configuration page.
Issues Fixed:
- Support ID : 6642095 : Access Point Name will be displayed in WLC Reports in the place of Access Point MAC Address.
- Support ID : 6717054 : The issue in SNMPv3 Authentication when SNMPv3 credential is created with AES-192 and AES-256 algorithms has been fixed.
- Support ID : 602764, 6659279, 6487138, 6493901, 6603837, 6603824, 6669408, 6650418 : Fixed NetFlow Analyzer—OpManager devices sync issue.
- Support ID : 6684574 : Device snapshots were not loading because of invalid value for param[Name]. This issue has been fixed.
- Support ID : 6628955 : Issue in Traffic Report widget's Graph Type has been fixed.
- IPSLA data collection issue has been fixed.
- Issue in Source Report drill-down for ASA Devices has been fixed.
- In the Enterprise Edition, fixed the missed option of 'bulk uploaded IP Group' in Probe.
- Support ID : 6652243 : Traffic spikes displayed for Palo Alto Devices based on firewall events has been fixed.
- The following Dropped Flow report issues have been fixed,
- Timeframe Selection option has been provided for Device Flow count in Central Server's Inventory.
- Flow count was not displayed for the selected Timeframe in the WLC Inventory index page.
12.5.329(Build 125329) - February 04, 2021
New Features:
- Support ID : 6448494, 6470564, 6658718 : Introducing Cloud Services reports to classify internet services based on IPs.
- Support ID : 6226512 : User-bandwidth reports based on Active Directory.
- Support ID : 6226512 :Dropped Flows reporting based on Flow Sequence Number(FSN).
Enhancements:
- NetFlow Generator tool has been enhanced to handle more number of network packets processed per minute.
- Support ID : 3271616, 5612670, 6052216, 4884857, 4374517 : Customers can now manually generate missed Billing reports from UI.
- Support ID : 6229308 : Billing reports can be generated with 95th percentile based on IN+OUT summation.
- Option to resend Billing reports from UI.
Issues Fixed:
- Support ID : 6411252 : Memory leak issue in the NetFlow Generator tool has been fixed.
- Support ID : 6501447 : DNS data dump when DNS name length > 255 has been handled.
- Installation issue in Linux machines with Virtual IPs has been fixed.
- Issues in individual graphs in the Forensics report of NFG devices have been fixed.
- Issue in displaying ’Show All Conversations' under Forensics reports has now been fixed.
- General : There was an unauthenticated Remote Code Execution (RCE) vulnerability due to general bypass for the deserialization class, as reported by Johannes Mortiz. This has now been fixed. (Refer CVE-2021-3287)
12.5.323(Build 125323) - January 05, 2021
New Features & Enhancements:
- Application Forecast Report has been introduced.
- NetFlow Analyzer now allows you to create Schedule Profiles for Geo Location Report.
- Inventory Report types such as Layer4 , Layer7 and ASView can now be added in Schedule Reports separately.
- Support Ticket : 5685326, 5995751 : Conversation reports will now include average traffic speed value.
- Support Ticket : 6280722 : Introducing Management IP Mapping for SNMP parameter updates.
- Introduced the option to select interface-name type in bulk SNMP configuration.
- Alarm-Profiles notification has been enhanced. With the new 'Notification Templates' feature, users can
- Raise new incident-tickets in ManageEngine ServiceDesk Plus (or) ServiceNow
- Support Ticket : 6151588 : Get notified via Slack
- Support Ticket : 4291780, 4564710, 809679 : Get notified with sound alerts(Web-Alarm) in webUI
- Support Ticket : 5799336, 5641700 : Send 'Syslog' messages with event details
- Send 'SNMP traps' alerts with criteria and event details
- Support Ticket: 5566780, 6056880 : Run a system command when an alarm is triggered
- Support Ticket : 6232664 : Configure notifications with preset Email and SMS templates
Issues Fixed:
- Support Ticket : 6377319 : Traffic report did not display any data from the One-min file for Interface Group. This issue has been fixed.
- Support Ticket : 6414066 : Users were unable to generate Consolidated report for IPGroup. This issue has been fixed now.
- Support Ticket : 6425427, 6362464 : Introduced the option to change CBQoS graph y-axis in the readable format.
- Internal Ticket : 36310 : Introduced the option to change the data order in CBQoS widget.
- Internal Ticket : 36477 : Conversation network data did not load when raw data was enabled. This issue has been fixed.
- Internal Ticket : 36368 : Compare Report & AS view snapshot did now display data. This issue has been fixed now.
12.5.232(Build 125232) - October 23, 2020
Updates:
- Users can now enable 30-day free trial for add-ons (NCM / Oputils) from webclient.
- The API framework for the ServiceDesk Plus integration has been migrated to version 3.
12.5.217(Build 125217) - September 30, 2020
Features & Enhancements:
- NetFlow Generator Tool: A standalone tool that captures network packets from devices that don’t support flow, and convert them into NetFlow packets to analyze traffic with ManageEngine NetFlow Analyzer.
- Introducing 'LAN-WAN Reports' for interfaces and devices.
- Option to customize, enable, and disable NCM and IPAM modules in WebUI.
- Multi-select delete option has been provided for Applications, Services, DSCP and Top Sites in Mappings settings.
- Users can now establish device terminal connections using Spark Gateway in 'Custom Flow Export' configuration.
- Support Ticket Id : 6155449 : 'Geo Location Reports' for source, destination, and conversation reports for the interfaces.
- Support Ticket Id : 6039827 : 'Export to XML' option is now available for 'Show ports' drill down reports.
- Support Ticket ID : 6135502 : More than 1000 records can be configured in schedule reports now.
- Support Ticket ID : 6143610 : Device ‘Added-time’ is shown under 'Device Summary' reports.
Issue Fixes:
- Enabling 'Resolve DNS' was ON in Forensic Report while displaying 'All Conversations'.
- The pagination issue in the number of rows displayed per page in the Inventory is fixed now.
- The issue in displaying report profile data for the application tab has been fixed.
- The 'Disabled Collector' selection combo was not enabled when users leave the snapshot page. This issue has been fixed.
- Protocol Distribution report - More granular information has been added to the report page and exported PDF documents.
- Protocol Distribution report - Custom time selection changes were not reflected on updating the second time. This issue is now fixed.
- Protocol Distribution report - Selected custom time was not validated in UI. This issue is now fixed.
12.5.213(Build 125213) - September 14, 2020
Issue Fixes:
- General: Previously, there was a thread lock issue that sometimes caused the product to not function as intended. This issue has now been fixed.
12.5.212(Build 125212) - September 9, 2020
Enhancement:
- jQUERY has been migrated to version 3.5.1 to avoid vulnerabilities.
12.5.200(Build 125200) - August 28, 2020
Features & Enhancements:
- Failover : With the Failover Add-on, users will now be able to configure a secondary server in NFA with a Virtual IP Address. This helps you achieve 24x7 monitoring of your standalone and distributed networks.
- Support Ticket : 6061425 : Billing report can now be generated for 75th , 80th , 85th , 90th data points in addition to 95th percentile.
- Support Ticket : 6205506 - SDWAN device is now supported. - DSCP/TOS data can now be exported as different fields.
- IP Network based grouping under "Device Groups”.
- Zoho Maps has been upgraded to latest version for a more granular view.
- Support Ticket : 5632738 : NFA Enterprise Edition: Live communication status of Central and Collector server details will be displayed in the WebUI now.
- NFA Enterprise Edition: Listener port(s) can be configured for internal collector now.
Issue Fixes:
- Support Ticket : 6094965 : Billing reports were not in sorted order. This issue is fixed now.
- Support Ticket : 6095066 : Alert messages were not displayed in Billing Reports when they were edit. This issue is fixed now.
- Support Ticket : 5867675 : Users were unable to delete devices from Maps. This issue is fixed.
- Support Ticket : 6198818 : Issues faced while exporting Inventory report as a PDF file in Japanese has been fixed now.
- Support Ticket : 6198362 : Issues faced while exporting Report profiles as CSV files in Japanese is fixed now.
- Support Ticket : 6159845 : NO data was displayed for interface group when the time period was set > 3 days. This has been fixed.
- Support Ticket : 6119830, 6197625 : Between Sites classified IPAddresses other than the configured ones. This issue has been fixed.
- Support Ticket : 6143593, 6183076 : ZERO values were included in Traffic graphs when there is no data for a given time period. This issue has been fixed.
- Support Ticket : 5899731,6198558 , 6184671 : The issue where more than 90% of data was displayed as Others in Interface snapshot report is been fixed now.
- Support Ticket : 33343 : Wrong Octets were displayed in the Search report. This issue has been fixed.
- Support Ticket : 33347 : Removed the AS(-1) from Forensics AS View Report.
- Support Ticket : 30316 : Removed the PING dashboard from CCTV listing.
- SNMP PDU timeout issue is fixed now.
12.5.180(Build 125180) - July 24, 2020
Issue Fixes:
- General: Previously, there was a login issue in the mobile app when Passthrough was configured in OpManager. This has now been fixed.
12.5.179(Build 125179) - July 22, 2020
Features & Enhancements:
- ManageEngine OpUtils integrates with NetFlow Analyzer. It can now be enabled as an add-on to help network/system administrators manage,
- IPAM (IP Address Management)
- SPM (Switch Port Management)
- The following enhancements have been made for AS(Autonomous Systems) monitoring,
- A new inventory snapshot for AS
- AS widget added to dashboard
- AS Grouping has been introduced
- Settings page to add/modify/delete AS Group under 'Settings' tab.
- AS Group based data has been made available for Interface, Interface Group, Device snapshots.
- Added a new 'AS View Report' under Inventory report
- SRC AS, DST AS can now be selected as criteria for Forensics report and search report.
- In the NFA Enterprise Edition, rebranding option specific to Collector and Collector-specific views have now been made available .
- Bulk SNMP progress status messages have been added for better user experience.
- 'Review Us' option has been added in the ‘Support' page. Users can now review us directly from the UI and claim a gift card.
- Support Ticket : 6006387 : 95th percentile calculation using only non-zero values has been enabled in the Billing report.
- Support Ticket : 6039238 : Latency information will now be included in the Forensics report.
- Support Ticket : 5995751 : Source and Destination network options are now available in the Forensic reports.
Issue Fixes:
- SNMP v3 session issue has been fixed.
- 'Skip Now' was not accessible to NFA Enterprise Edition Operator and Guest users. This has now been fixed.
- The issue in displaying 'Device summary widget' in the 'Embed widget" view has been fixed.
- Inventory breakage issue that occurred while redirecting from short summary to Settings and back, has now been fixed.
- The issue where the Settings tab list was not updated for Collector-specific view when redirected from Inventory (All Collector view) to Settings (Collector Specific view), has been fixed.
- The issue where users were not being redirected to the selected collector on drilling-down to Settings (Collector Specific view) from Inventory (All Collector view), has been fixed now.
- Console error in IP Groups snapshot has been fixed now.
- The issue where selected dashboards had incomplete active classes has been fixed.
- The extra green line appearing when Mappings and Groups tabs are selected has been fixed.
- Previously users were able to create application groups and DSCP groups in Collector-specific view from the inventory. This has now been fixed to ensure application and DSCP groups can now be created only from the All Collectors view in the Enterprise Edition.
- Support Ticket : 6003204 - While updating the sampling rate for single interfaces, wrong sampling rate values were being displayed for all interfaces of the device. This has been fixed.
- Support Ticket : 6033649 - The error in sorting based on Interface name in 'Compare report' is fixed now.
- Support Ticket : 6059975 - Data difference in table and chart views of Billing reports has now been fixed.
12.5.160(Build 125160) - June 19, 2020
Features and Enhancements:
- Aggregated alert profile feature has been introduced for interfaces, interface groups, ipgroups, access points, access point groups and SSID groups.
- Support Ticket ID: 6064841: Introduced the option to export Inventory list as CSV and Excel files.
- ManageEngine Applications Manager integrates with NetFlow Analyzer to monitor bandwidth for,
- Servers
- Applications
- Services
- Client enhancements include,
- Grid custom pager changed to JQGrid grid pager format with options to export as CSV and XLS files.
- Custom pager added for most of the reports in Interfaces and WLC Forensic reports.
Issues Fixed:
- Support Ticket ID: 6082615 : SNMP thread lock issue in NFA due to bulk set SNMP operation is fixed now.
- Support Ticket ID: 6097274, 6091956 : Issues in SNMP speed update for 64bit routers has now been fixed.
- Support Ticket ID: 5844571, 5884426 : Alarm popups were being displayed to users of all scopes. This issue has now been fixed to notify users only for devices associated with them based on scope.
- Support Ticket ID: 6057092 : Schedule report listing issue that occurred when Compare reports are scheduled with special characters in the report name has been fixed.
- Support Ticket ID: 5867675 : Issues faced while deleting devices from Maps have been fixed now.
- Support Ticket ID: 6021783 : Issues faced while exporting Inventory reports as XLS files have been fixed.
- Support Ticket ID: 6059975 : Time format mismatch between Billing graphs in the UI and eported PDF files have been fixed.
- Support Ticket ID: 6021783 : Issues faced while exporting Inventory reports as XLS file have been fixed.
- Support Ticket ID: 6048328 : Unused JBoss files have been removed.
- The issue where users were unable to edit WLC Controller name has been fixed.
- Users were unable to deselect the selected SSIDs in SSID groups. This has been fixed.
- Selected groups were getting emptied on report generation. This issue has been fixed.
- The issue due to which ART applications drill down loaded a blank report has been fixed.
- Storage issues that occurred in Schedule reports with special characters in their name has been fixed.
- Authentication and communication between 'Central' and 'Collector' server in Enterprise edition is tightened for more security.
12.5.149(Build 125149) - July 21, 2020
Issues Fixed:
- OpManager: An issue while viewing the short summary page of an alarm in the external monitor is fixed.
- OpManager: Unable to redirect to Device Snapshot Page from the Short Summary page of an alarm. This issue has been fixed.
12.5.141(Build 125141) - May 21, 2020
Enhancements:
- Support ticket ID : 5997081 - Flow processing error alarm messages have been enhanced for better user understanding.
Issues Fixed:
- Support ticket ID : 5934127 - Incorrect granularity was obtained when the time period was selected as 'Yesterday'. This issue has been fixed now.
- Support ticket ID : 5899731 - The issue with displaying AS data has now been fixed.
- Support ticket ID : 5998043 - Issue where wrong y-axis data was displayed for devices with multiple interfaces and a large difference in traffic, has been fixed now.
- Support ticket ID : 6006381 - Enabled row counts 50 and 100 in Consolidated report.
12.5.129(Build 125129) - July 6, 2020
- General: After upgrading the product, there was an "Unable to start the product" error. This issue has now been fixed.
- General: Previously, the backup functionality was not working for non-English installations. This issue has now been fixed.
12.5.125(Build 125125) - April 29, 2020
Vulnerability Fix:
- General : Path Traversal vulnerability in URLs starting with <cachestart> has now been fixed. (Refer CVE-2020-12116)
12.5.122(Build 125122) - April 21, 2020
Bug Fixes:
- Support ticket ID: 5848281 - In Forensics report, pagination has been introduced to list all source and destination IPs.
- APMac IN/OUT , ClientMAC IN/OUT, Client IP IN/OUT widgets have been added in scheduled Consolidated report.
- Support ticket ID: 5728200, 5865520 - IPFIX flow processing issues where multiple templates were sent in a single packet have now been fixed.
- Support ticket ID: 5851174 - Business hours and timezone can now be modified in Alert Profile edit view.
- Support ticket ID: 5927359 - In Schedule Report, the utilization range in graph showed 0-100% though the utilization was more than 100%, . This issue has been fixed.
- Support ticket ID: 5838218 - sFlow processing issue that occurred when the sequence ID is not in order has been fixed.
- Support ticket ID: 5872844 - In some instances, IPFIX flow from VeloCloud device was not processed. This issue has been fixed now.
- Support ticket ID: 5911728 - The exact threshold violation value can now be viewed in the alarm message raised from alert profile.
- Support ticket ID: 5746410, 5721866, 5940176 - In Export Flow page, there was an issue in the ping option when software was installed in Windows PC (traditional Chinese). This has been resolved now.
- For Operator and Guest users, the alarms raised by associated Access Points or SSID groups were not listed in the Alarms list page. This issue has been fixed.
Enhancements:
- Support ticket ID: 5826617 - Exclude criteria option has been introduced in Search report.
- Support ticket ID: 5594417 - Exclude weekend and Business hour options can now be enabled in compare report and consolidated report.
- Support ticket ID: 5825185 - Enabled CSV export for Schedule Consolidated report.
12.5.120(Build 125120) - April 16, 2020
Vulnerability Fix:
- General: Unauthenticated access to API key disclosure from a servlet call - @kuncho, an independent Security Researcher, has reported this vulnerability to SSD Secure Disclosure program. The issue has been fixed. (Refer CVE-2020-11946)
12.5.115(Build 125115) - March 31, 2020
Enhancements:
- Introduced Autonomous System field widget in interface snapshot view.
Issues Fixed:
- Support Ticket ID: 5695599, 5928043 - PDF export failure in Enterprise Edition with upgraded central server and new collector server has been fixed.
12.5.109(Build 125109) - March 5, 2020
Device/Flow format support:
- NetFlow Analyzer now supports Layer 7 for Palo Alto devices.
Features:
- In DNS settings, Custom DNS server option has been introduced.
Enhancements:
- Schedule reports page has been revamped for better user experience.
- Support Ticket ID: 2358639, 5652049 - Users can now customize settings like Resolve DNS, Traffic graph, QoS options, ZIP (or) PDF/CSV format to export files for specific schedules.
- Support Ticket ID: 475787 - In Schedule Reports, the mail subject and message can now be customized.
- General UI issues have been fixed for a smoother user experience.
- In Inventory, Filter icon has been introduced to show/hide the left side Inventory filters for devices and interfaces tabs.
- Information on utilization and speed has been added in the global search for interfaces and IP groups.
- In Inventory, WLC and DPI tabs, graph icon has been introduced to view the short summary. Hence, users can now easily access the Snapshot page in a single click.
- The tooltip has been modified in all the time-series graph to enhance user experience.
- Support Ticket ID: 5672483 - In Inventory, the grid record will be maintained the same even while switching the tabs.
- Support Ticket ID: 5672483 - Search criteria values will be maintained the same for all tabs until it's cleared by the user.
- Support Ticket ID: 5672483 - While adding device, application, DSCP and SSID groups, users can now have an expanded view of the available list which provides better usability.
- In the Interface tab of Inventory, received time of the last flow is now displayed in the status tooltip for each interface.
- In WLC, received time of the last flow and the status icon of access points have now been introduced.
- Layer 4 and Layer 7 application reports have been included in Inventory report.
- Total IN and OUT traffic values can now be viewed in Search report.
Bug fixes:
- The overlapping of data in Japanese language which was persistent in Schedule Report and Alert Profile PDF has now been fixed.
- Support Ticket ID: 5375916 - The issue with maintaining margin uniformity in the first and second page of Schedule Reports has been fixed.
- Support Ticket ID: 5572538, 5566463 - While scheduling Reports, enabling Exclude Weekends and Business Hour options was not functioning properly for WLC consolidated, compare report for multiple devices and compare report for a single device. This issue has been resolved now.
- Support Ticket ID: 5804812 - There was an issue with data sorting in traffic snapshots. It has been resolved now.
- Support Ticket ID: 5592817 - When reports with charts were generated, there were some page alignment issues. This has been fixed now.
- Support Ticket ID: 5789707 - Issue with SNMP timeout and retries has been fixed.
12.5.108(Build 125108) - March 4, 2020
Vulnerability fixes:
- General : The obsolete code causing Remote Code Execution vulnerability in Mail Server Settings v1 APIs have been removed.
12.5.000(Build 125000) - February 19, 2020
Vulnerability fix:
- General : PostgreSQL has now been migrated to version 10.10.
- General : The PostgreSQL vulnerability issues from version 9.2.4 have now been fixed.
Build No: 124000 to 124196
12.4.196(Build 124196) - April 29, 2020
Vulnerability Fix:
- General : Path Traversal vulnerability in URLs starting with <cachestart> has now been fixed. (Refer CVE-2020-12116)
12.4.188(Build 124188) - April 20, 2020
Vulnerability fix:
- General: Unauthenticated access to API key disclosure from a servlet call - @kuncho, an independent Security Researcher, has reported this vulnerability to SSD Secure Disclosure program. The issue has been fixed. (Refer CVE-2020-11946)
12.4.181(Build 124181) - January 28, 2020
Vulnerability fix:
- OpManager : Previously, the users were able to read the Arbitrary file. This file read vulnerability has now been fixed.
12.4.180(Build 124180) - January 24, 2020
Enhancements:
- The Alert Profile report exported via mail now includes the top IN and OUT conversations.
- Devices can now be added using SNMP for NBAR and CBQoS monitoring.
- Introduced option to acknowledge, ignore and clear alarm.
Bug fixes:
- In Internet explorer, the application tab in interface snapshot view had loading issues.This has been fixed.
- Previously, the Alert Profile remained uneditable when the threshold is entered in decimal value. This issue has been fixed now.
- Support Ticket ID : 5707380 - Invalid IP address (0.0.0.0) was included in Between Sites IP group. This issue has been resolved now.
- Free Enterprise Edition's license upgrade issue has been fixed.
12.4.172 (Build 124172) - March 11, 2020
Vulnerability fix:
- General: The obsolete code causing Remote Code Execution (RCE) vulnerability in Mail Server Settings v1 APIs have been removed. (Reported by Jason Nordenstam. Refer CVE-2020-10541)
12.4.168(Build 124168) - December 31, 2019
Bug fixes:
- Previously, auto-login was not working when the special character '&' was present in the username or password. This issue has now been fixed.
- The JCE compatibility issue that occurred during PPM migration has now been fixed.
- The issue in device configuration which led to performance issues while adding interfaces in lakhs has been fixed now.
- In Inventory updater, SNMP scan failed when interface with index -1 was selected. This issue has now been fixed.
- Support Ticket ID : 5712951 - Issue in fetching WLC Access Points name via SNMP has been resolved.
Vulnerability fixes:
- XML injection vulnerability in IPGroup bulk load has been fixed now.
Enhancements:
- Alarms page has been completely revamped for better user experience.
- Under Mail Server Settings, the length of the 'User Name' field has now been increased from 50 to 100 characters.
- Under User Management, the maximum length of the 'Password' field has now been increased from 25 to 100 characters.
- First communication/registration between the central server and collector will now be authenticated while adding the collector.
- Support Ticket ID : 5664509 - NBAR2 Criteria has been introduced in Forensics and Search reports.
- Support Ticket ID : 5674050 - SNMP details are now fetched for unmanaged interfaces as well.
- Support Ticket ID : 5680798 - Alert Profile has been enhanced for better performance.
- NetFlow Analyzer Support page usability has been enhanced with more details.
Features:
- Support Ticket ID : 5590650 - NetFlow Analyzer now offers support for Aruba 7205 series devices.
- Forecast report has been introduced for interfaces, IP groups, interface groups, access points, access point groups, SSID groups.
12.4.099(Build 124099) - October 30, 2019
Bug fix:
- Support Ticket ID : 5647817 - Flow collection issue while processing unsupported versions of flows has been fixed.
Vulnerability fix:
- Weaker file permission for Nipper file has been fixed. (Reported by: Guy Levin (va_start). Refer CVE-2019-17421)
12.4.096(Build 124096) - October 16, 2019
Enhancements:
- Introduced Inventory reports with the option to demarcate In/Out data based on traffic type.
- Support Ticket ID : 5454602 - Search reports will now display interface details for Interfaces and Interface groups.
- XML export option has been introduced for IP Group and Application mapping.
- Access Point status can now be fetched via SNMP.
- Introduced new setting page to edit Autonomous System details.
- Layer 7 NBAR Application data is now generated based on aggregated data.
Bug Fixes:
- MIB Browser APIs have been enabled for NetFlow.
- Support Ticket ID : 5259557 - Traffic growth percentage has been removed from Dashboard overview band.
- Support Ticket ID : 5075220 - Upgrade failure issue is now fixed.
- Support Ticket ID : 5375916 - The PDF alignment issue in Schedule reports has been fixed.
- Support Ticket ID : 5566463, 5572538 - Business hour and Exclude weekends filters have been added for the following Schedule reports :
i. WLC Consolidated report
ii. Compare report multi device
iii. Compare report single device
- Support Ticket ID :5597769 - Device and speed details are now added in the CSV file of capacity planning schedule report.
12.4.084(Build 124084) - September 16, 2019
Features:
- DPI now supports UDP Protocol.
Enhancements:
- The following enhancements have been made in WLC Device and Routers/Switch in the forensics report.
- Displaying timestamp for all conversations.
- Detailed conversation report with timestamp for every grouped conversation.
- Option to view individual graphs has been introduced for Application, Source , Destination, DSCP, Next Hop in Forensics report.
- Option to view individual graphs has been introduced for Access points.
- Users can now configure no flows and link down time intervals from the GUI.
- Protocol Distribution Report has been revamped.
- Support Ticket ID : 5434910 - Introduced the option to view IN/Out data for AS View Conversation.
- Export Flow page has been enhanced with a new CLI based "Custom Export Flow" option and other device specific configuration options.
- Data rate units in speed configuration pages is now available in readable format.
Bug Fixes:
- Support Ticket ID 5438556 - sFlow traffic double count issue in Cisco Nexus93180YC-EX - 7.0(3)I7(1) device has been fixed.
- Earlier, the Protocol distribution report did not generate data for time periods lesser than 6 hours. This has now been fixed.
- WLC Search Report Pagination issue in MSSQL has been fixed.
- Search Filter in the Inventory is now case-insensitive.
- The headers in Client IP and Client MAC schedule reports for AccessPoint Group and SSID Group were interchanged. This issue has now been fixed.
- In some cases, the link down alert could not be enabled. This is fixed now.
- Support Ticket ID 5463432 - Unique color code for IN and OUT data has been introduced.
- Support Ticket ID 5528624 - BCP Error handling fix for Chinese version of MSSQL.
- Support Ticket 5525960 - The NBAR based widgets under NBAR Tab in Interface Snapshot page have been grouped and renamed as NBAR (Flow) | NBAR (SNMP).
12.4.079(Build 124079) - November 28, 2019
Vulnerability Fix:
- Weaker file permission for Nipper file has been fixed. (Reported by: Guy Levin (va_start). Refer CVE-2019-17421)
12.4.072(Build 124072)
Enhancements & Bug Fixes:
- Forensics Report can now be generated for Next Hop IP Address based traffic details.
- Introduced Exclude option for devices and WLC devices criteria in Forensics Report.
- Introduced option to the following Schedule following reports
i. NBAR2 Application
ii. Http host
iii. Qos Stats
iv. ART
- Forensics report can now be generated for Protocol,Source NAT, Destination NAT.
- NFA SQL injection(internal) has been fixed.
12.4.068(Build 124068) - August 14, 2019
Bug Fixes:
- Support ID - 5494343, 5495086 : API request parameter type and value-related issues have been fixed.
12.4.059(Build 124059) - August 1, 2019
Features, enhancements and bug fixes:
- Support ID - 5285783 : NFA now supports AireOS 8.2 WLC flow format.
- Support ID - 5389072 : NFA now supports option template for SSID information in WLC flow.
- The usability of Inventory snapshot pages has been enhanced.
- Option to view individual graphs has been provided under all WLC snapshots.
- Capacity Planning Report has been added for Interface Groups.
- A new trend-graph for QoS widget has been provided in the interface snapshot.
- Geo-Location option has been added for Device snapshot widgets.
- Graph granularity info has been included in the graph title for inventory snapshot widgets.
- Actian Vector 5.1 DataBase Engine has been upgrade to its latest version.
- Widget headers will be displayed as sub menu links when the tab has more than one widget.
- Messaging framework notification has been enhanced for snapshot sub-tabs, IP group snapshot, Interface group snapshot and Meraki devices.
- Users can now configure threshold-based alerts for access points and SSID groups.
- Login banner message is now pushed from the Central Server to every individual Collectors in the distributed setup.
- Support ID - 4775460 : Scheduled report now includes Interface group based Capacity planning report and Protocol distribution report.
- Support ID - 5264766 , 5171076 : Second level drill-down option has been provided in the Snapshot tab view.
- Support ID - 4583845 , 4527168 , 4980712 , 4432560 , 4764521 : Link Down and No-Flows alert time reduced to 5 mins from 15 mins.
- Support-Id : 5375916 : Schedule - IPGroup Inventory (Overall) Report -> Traffic data will now be displayed with 2 decimal places instead of 3.
- Support-Id : 5375916 : Schedule - IPGroup Inventory (Overall) Report - alignment issue has been fixed.
- Support ID - 5326239 : Traffic data crunching in the Billing Report has been fixed.
- The issue with DPI snapshots tab view had been fixed.
- PDF logo mismatch has been fixed.
- Earlier the Inventory back button was displayed in the in snapshot page header. This has been removed.
- Individual graph will not be available for Meraki Snapshot conversation widget when DNS is resolved.
- 'Show Application' option has been added for QoS widget in interface snapshot.
- Earlier, alerts were not generated when 'ALL' option was selected for Interface/Interface Group unless the the product was restarted. This issue has been fixed now.
- Earlier, there was an issue while creating alert profiles in the Distributed Edition when 'ALL' Sources option was selected. This has been fixed now.
- The issue where sensitive data was printed as plain text in log files has been fixed now for more security.
- The issue where sensitive data was printed as Community string in the log files has been fixed.
- SQL injection Vulnerability has been fixed.
12.4.050(Build 124050) - July 8, 2019
Enhancements & Bug Fixes:
- Inventory Reports have been added to Schedule Report. User can now generate and schedule Inventory Reports for Interface, Interface Group, IP Group, Access Point, AccessPoint Group, SSID Group.
- New flow export templates have been added to the Export Flow database.
- SQL Injection vulnerability that occurred while listing TopSites & WAAS Application has been fixed now.
- The possibility of injecting vulnerability, while deserialising untrusted data using ObjectInputStream has been fixed now.
- Each API request's parameter type and value will now be verified before processing across product, to avoid any vulnerabilities.
12.4.043(Build 124043) - July 2, 2019
Enhancement:
- You can now edit, re-arrange and hide the default tabs in the horizontal menu. New custom tabs can also be added, edited, rearranged and deleted from the horizontal menu.
12.4.038(Build 124038) - June 12, 2019
Features & Bug Fixes:
- Option to upgrade to Enterprise Edition from StandAlone Server, on a single click, has been introduced.
- IPAddresses will be resolved to DNS Names based on the 'Resolve DNS' setting for the Alert PDF report.
- BCP will be checked during every startup in OPMPlus for the NetFlow module.
- Help tips have been added in the NFA settings pages.
- NFA related alignment and usability issues have been fixed.
- Option to add SNMP credentials has been added in the Set SNMP page (device snapshot).
- NFA Widget will now be hidden in OPM when NFA license is not available.
- Unified colour support has been added to NFA Reports
- All interfaces / interface groups / IPGroups have been listed under the Dashboard widgets.
- Global page for configuring CBQoS for multiple devices has been provided under Settings.
- Global page for configuring NBAR for multiple devices has been provided under Settings.
12.4.033(Build 124033) - July 22, 2019
Vulnerability Fix:
- General: HTML Injection vulnerability issue in Google maps has now been fixed.(Refer CVE-2017-11560)
12.4.031(Build 124031) - June 4, 2019
Bug Fixes:
- NCM module breakage in the NFA Enterprise edition has been fixed now.
12.4.029(Build 124029) - May 29, 2019
Vulnerability Fixes:
- XSS vulnerability raised in APIs of NFA DashBoard, Reports and Settings Module has been fixed now.
- SQL Injection vulnerability in Compare reports has been fixed now. (Refer CVE-2019-12196)
- SQL Injection vulnerability while listing applications in the Application Mapping tab has been fixed now.
12.4.024(Build 124024) - May 16, 2019
Features & Bug Fixes:
- General : Previously, when HTTPS was enabled in the WebClient, some unexpected loading issues were observed. This has now been resolved by upgrading the Tomcat version used in the product.
- General : Scroll issue while listing custom dashboards has been fixed now.
- General : Shift key support has been added for device associations.
- General : The 'local privilege escalation' vulnerability has now been fixed.
12.4.016(Build 124016) - May 2, 2019
Features & Bug Fixes:
- There was an issue in HighPerf Reporting Engine, where raw table split occurred frequently when more routers were added. This issue has been fixed.
- The issue where Security Settings was not visible in the Central Server, has been fixed.
- New flow export templates have been added to the Export Flow database.
12.4.014(Build 124014) - April 26, 2019
Features:
- Total Volume consumption details have been added in Schedule Consolidated Report.
12.4.000(Build 124000) - April 9, 2019
Vulnerability Fixes :
- JRE has been migrated to 1.8 and various vulnerabilities from JRE 1.7 have been eliminated. Highlights of JRE 1.8 migration:
- General: Cipher algorithms AES-192 and AES-256 are supported in addition to AES-128 algorithm.
- General: TLSv1.2 protocol is now supported by default.
Build No: 123000 to 123327
12.3.327(Build 123327)
Features & Bug Fixes:
- Custom time selection option has been added for multiple-device compare report.
- Previously, FlowRate in forensics was calculated for Bytes/sec. It can now be calculated for bits/sec.
- Geo Location has been updated with the latest details.
- NetFlow database has been updated with the latest Application names.
- Each API request's parameter type and value in the settings module will now be verified before processing, to avoid any vulnerabilities.
- NFA now supports user defined data units.
- Binary / Decimal notation for data units has been introduced.
- 0.0.0.0 invalid IP address validation has been added to Applications Names creation.
- The issue with scheduling Compare Reports for custom time period has now been fixed.
- Dashboard graph issue has been fixed.
- XSS vulnerability in the Attacks settings page has been fixed now.
12.3.324(Build 123324)
Bug Fixes:
- Previously, negative sFlow graphs were generated when the sample pool was not in sequence, and when multiple devices had the same agent address. This has now been fixed.
- The issue where NAT information was missing in forensics reports for ASA Flow has been fixed now.
12.3.323(Build 123323)
Features & Vulnerability Fixes:
- XSS vulnerability in older version NFA 7.0 has been fixed now. (Refer CVE-2019-8925, CVE-2019-8926, CVE-2019-8927, CVE-2019-8928, CVE-2019-8929)
- XSS vulnerability in input text boxes in the Reports and Settings page, have been fixed now. (Refer CVE-2019-7422, CVE-2019-7423, CVE-2019-7424, CVE-2019-7425, CVE-2019-7426, CVE-2019-7427)
- General: In AD authentication, you can now configure scope to be auto-assigned to users logging-in for the first time, when auto-login is enabled.
12.3.312(Build 123312)
Features & Bug Fixes:
- The option to log SDP/ SDP-MSP tickets has now been added for LinkDown alerts.
- Previously, there was an issue with sflow negative graphs and no flows were generated when there were mismatches in the interface indexes. This has now been fixed.
12.3.308(Build 123308)
Bug Fixes & Features:
- HighPerf installation error in the Japan language server has been fixed.
- Users can now configure tax or additional fees in Billing.
- Notification messages for product assistance have been included to help users. They can be enabled or disabled under general settings.
12.3.304(Build 123304)
Bug Fixes :
- General: Previously, validation of session failed when the URL contained two or more consecutive backslashes. This vulnerability has been fixed now.
12.3.294(Build 123294)
Features :
- Users can now generate search reports for Interface Groups & IP Groups.
- Nexus 7k IOS Series flow parsing issue has been fixed.
- NetFlow Analyzer now allows you to log SDP and SDP-MSP ticket for alerts.
12.3.288(Build 123288)
Features & Bug Fixes :
- Introduced an option to view raw data storage information.
- Introduced multiple combinations of IP address for "From" and "To" in Between Sites IP Grouping bulk load.
- The bulk load feature in IP group and application mapping has been enhanced with options to download and upload sample .xml files.
- This issue with wrong Maximum value displayed in the Compare Report Graph Table has been fixed.
- The issue with schedule deletion, update and audit in Schedule Report has been fixed.
12.3.277(Build 123277)
Vulnerability Fixes :
- The SQL injection vulnerability in 'getDeviceCompleteDetails' and 'getAssociatedCredentials' APIs have been fixed.
12.3.274(Build 123274)
Features & Bug Fixes :
- Inventory updater feature that fetches device details on scheduled time, has been introduced.
- WLC widgets now support SSID Group resource type.
- Schedule reports have been added for Access Point Group and SSID Group.
- Autonomous System details have been updated.
- Added options to Create, Modify, and Delete SSID groups.
- In the Inventory, Snapshot reports have been added for SSID groups.
- SSID groups now support Capacity planning and Consolidated reports.
- An option to assign SSID Groups for Operator, and Guest users has been provided.
- The currency list for billing feature is updated.
- Introduced an option to select multiple combinations of IP address for "From" and "To" in Between Sites IP Grouping.
- Bulk load option to upload multiple unmapped applications is introduced in Application Mapping.
- General : During API calls, there was an 'APIKey' exposure vulnerability. This issue has been fixed now.
- General : There was an issue with the timezone displayed in the graph of an embedded NFA widget. This has now been fixed.
- General : SMS notifications via the SMS gateway was not working properly when the proxy settings were configured. This issue has now been fixed.
- General : Password length of Mail Server Settings and Proxy Server Settings have been increased.
- General : Quicklinks and info messages have been added to help the user with 'How-To' and 'FAQ' in the Notification Profile, User Management, Mail Server Settings, Proxy Settings and Rebranding pages.
- General : When a CCTV view was deleted from the CCTV list, the Dashboard kept loading for a long time. This issue has been fixed.
- General : In CCTV view, the seconds timer sometimes displayed a negative value. This issue has been fixed.
- General : In some cases, there was an out of memory (OOM) issue during product startup. This has now been fixed.
- General : SQL injection vulnerabilities in unauthenticated servlets has been fixed.
- General : Unauthenticated access to 'DataMigrationServlet' has been fixed. (Refer CVE-2018-19403)
- General : The XSS vulnerability in alarm escalation has been fixed.
12.3.240(Build 123240)
Vulnerability Fixes :
- The SQL injection vulnerability in 'getDeviceCompleteDetails' and 'getAssociatedCredentials' API's have been fixed.
12.3.239(Build 123239)
Bug Fixes :
- General : There was an SQL injection vulnerability in the Alarms section. This issue has been fixed.
- General : In Alarms, there was an XSS vulnerability in the Notes column. This issue has been fixed.
12.3.237(Build 123237)
Bug Fixes :
- General : XSS vulnerability issue in domain controller has been fixed.
12.3.231(Build 123231)
Bug Fixes :
- General : Apache's 'commons-beanutils' jar has been updated to version 1.9.3 due to 'Remote Code Execution' vulnerability in an older version. (Refer CVE-2018-19403)
- General : Unauthenticated access to 'DataMigrationServlet' has been fixed. (Refer CVE-2018-19403)
- General : The 'Browser Cookie theft' vulnerability has been fixed.
12.3.230(Build 123230)
Bug Fixes :
- The issue with NBAR application data in Wireless Controllers has been fixed.
- Missing I18N keys have been added for Chinese language.
12.3.223(Build 123223)
Bug Fixes :
- In the Inventory Snapshot page, the pie chart had a legend status color mismatch. This issue has been fixed.
- The XSS vulnerability issue in updateWidget API has now been fixed.
12.3.222(Build 123222)
Vulnerability Fixes :
- SQL injection vulnerability in Mail Server settings has been fixed.
12.3.217(Build 123217)
Features :
- Export Flow option has been added for NetFlow, and Flows can now be exported from the GUI.
- How-To's and FAQ's have been added for Settings and Report pages.
- An option has been added to view the Menu tab horizontally with mouseover links.
- Added summary pages for Reports and Settings to list all menus in a single page.
- WLC widgets now support Access Point and Access Point groups resource types.
- The product web-client now supports Russian and Chinese(Taiwan) languages.
- TCP / UDP port unblock rules for NetFlow packets / Syslogs packets have now been added in Windows Firewall.
12.3.206(Build 123206)
Bug Fixes :
- The issue with adding Cisco devices via SNMP V3 credential has been fixed.
- The issue while adding users in Japanese, or with special characters in IPGroup Name has been fixed.
- Tooltip information added in the Settings page.
- Search report with multiple criteria has been fixed.
- The issue with severity level (Attention, Trouble, Critical) mismatch in email alerts has been fixed.
Features :
- Default SNMP feature has been added.
- Provision to 'Test & Associate' an SNMP credential with multiple devices has been added.
- SNMP support for Huawei devices has been provided.
- NetFlow now supports Fortigate's NBAR2.
- Capacity planning and Consolidated reports have been added for access point groups.
- An option to assign Access Point Groups for Operator, and Guest users has been provided.
- In Interface snapshot, Auto Refresh has been added to Traffic widget.
- Monitoring feature has been added for MS SQL transaction log. Alerts will be displayed when log size is full.
- Monitoring feature has been added for MS SQL bulk load. Alerts will be displayed in case of BCP failure.
- Monitoring feature has been added for Vectorwise . Alerts will be displayed in case of connection failure.
12.3.194(Build 123194)
Bug Fixes :
- NetFlow Analyzer now extends customization options to the login page. You can now choose to show/hide the copyrights and also change the background to an image of your choice.
12.3.193(Build 123193)
Bug Fixes :
- Added options to Create, Modify, Delete access point groups.
- In Inventory, Snapshot reports have been added for access point groups.
- Tooltip information added in the Settings page.
- In the dashboard, Inventory list, Inventory snapshot, Heat maps and license pages, the Interface status color code mismatch has been fixed and the status names have been changed.
- The 95th percentile line has been added to the Traffic graphs in the Snapshot page, Reports and exported PDF.
- The issue with enabling polling for NBAR configuration, when the first interface is disabled, has been fixed.
12.3.183(Build 123183)
Bug Fixes :
- New widgets for Top N Device by Speed (as table, line graph, pie chart), has been added.
- The issue with Interface Traffic Graph in Custom Schedule Report has been fixed.
- SQL injection vulnerabilities in java APIs has been fixed.
- In End User tab, user data was vulnerable to XSS. This issue has been fixed.
12.3.179(Build 123179)
Features :
- Previously, the upgradation to build 123159 and above caused network interruptions in Windows 7 & 2008 R2. The issue is fixed now.
12.3.169(Build 123169)
Features :
- Data encryption has been provided for attachments in 'Schedule Report Mail'.
Vulnerability Fixes :
- Under DNS Settings, the issue with Cross-site Scripting (XSS) on DNS Name has been fixed.
- Cross site scripting(XSS) and arbitrary file read vulnerability in Fail Over has been fixed. (Refer https://nvd.nist.gov/vuln/detail/CVE-2018-12997CVE-2018-12997, https://nvd.nist.gov/vuln/detail/CVE-2018-12998CVE-2018-12998)
12.3.163(Build 123163)
Bug Fixes :
- Option for IP group bulk-upload between sites is added.
- NetFlow supports Resovle DNS option in Report profile.
- NetFlow now provides detailed report for AS View.
- The issue with data mismatch for devices in Inventory and Map module has been fixed.
- The issue with the interface count mismatch has been fixed.
12.3.159(Build 123159)
Features :
- NetFlow now supports remote PostgreSQL database.
12.3.156(Build 123156)
Features :
- License Agreement has been updated.
- Promotions related to ITOM Events will be displayed in the UI header after login.
12.3.151(Build 123151)
Bug Fixes:
- In Group Chat Module, "Operator" user was not restricted from viewing the list of users, their User ID and Email addresses. This issue has been fixed.
- EncryptPassword.bat has been removed due to DOS attack.
- Path Traversal vulnerability in uploadMib API has been fixed (Reported by Pulse Security).
12.3.137(Build 123137)
Features :
- Distributed Edition for the latest version has been released.
- NetFlow Analyzer is now GDPR compliant with consent requests displayed across various modules in the UI.
- Under Privacy settings, Personally Identifiable Information(PII) search and update options have been added. (PII Search helps identify the PII Details given by the user across various modules. The PII data can also be updated as anonymous to maintain privacy)
- Audit logging has now been enabled to record all user activities.
- A step by step guide on how to use NetFlow Analyzer has been added.
- Resolve DNS handled for Conversation widget in Device snapshot.
- The issue with the wrong granularity values being displayed in Device snapshot page has been fixed.
- Search report and Global search report options have been combined together under Search Report.
- IN and OUT traffic for Search report can now be seen in a single view.
- Dashboards are now user-specific and allows users to create their own private dashboards. Apart from this, users with administrator privilege can associate dashboards that are created by them with select users.
12.3.129(Build 123129)
Bug Fixes :
- Path Traversal vulnerability in upload Mib API has been fixed.
- The RemodeCodeExecution(RCE) vulnerability occurring while testing scripts has been fixed.
- The SQL injection vulnerability in "FailOverHelperServlet" for the operation 'standbyprobestatus' has been fixed.
- The SQL injection vulnerability in "FailOverHelperServlet" for the operation 'getprobenetworkshare' has been fixed.
- In Group Chat Module, "Operator" user was not restricted from viewing the list of users, their User ID and Email addresses. This issue has been fixed.
- Previously, "Operator" user was not restricted from viewing the URL monitors in the Inventory Page. This issue has been fixed.
- Previously, "Operator" user was not restricted from being able to modify the background color and the tile color in the 3D floor view page. This issue has been fixed.
12.3.125(Build 123125)
Bug Fixes :
-
In Credential module, Stored Cross-site Scripting (XSS) vulnerability has been fixed. (Refer CVE-2018-10803).
Release Features
12.3.107 (Build 123107)
Bug Fixes :
- 'Guest' user privilege has been added for NetFlow installation.
- The issue with the wrong bandwidth value appearing in the "Overview" tab in Interface/Interface Group/IP Group snapshot when custom time period is selected has now been fixed.
- Enhanced raw data dump to avoid increase in tmp/flow_log.txt file size.
12.3.083 (Build 123083)
Bug Fixes :
- Dashboard loading has been revamped and optimized for better performance.
- In the Login page, Iphone/Android and Ipad application download links have been included.
- License expiry information in header had a few alignment issues. This has now been fixed.
- User Icon with product details and about information has been moved to right top corner.
- In the Inventory page, product based tabs have been moved horizontally.
- Sign out option has been moved from Quick links to User details menu.
- Support icon has been added for (Mail, Apply license, phone number, SIF, User guide, Videos, Service pack, ThreadDump, DB Query & view Logs) links.
- In support page, the Query page under DB Query will be opened in a new window without ember.
12.3.081 (Build 123081)
Bug Fixes :
- The issue related to export to PDF and mail has now been fixed and enhanced.
- Added an option to export to PDF and mail for Individual graph reports.
- Added an option to export to PDF and mail for DPI snapshot widgets and widget drill down reports in the inventory.
- Added an option to change the graph type for time series graphs in the inventory.
- Inventory page related bugs have been fixed.
- Added an option to select Business hours in the Last Quarter time period while scheduling reports
- SFlow flow format for multiple MPLS can be added now.
- Added an option to configure billing with base cost as zero.
- The loading issue in the Dashboard with NBAR App widget has now been
12.3.070 (Build 123070)
Vulnerability Fixes :
- SQL injection vulnerabilities in Servlet's API has been fixed.
12.3.62 (Build 123062)
Bug Fixes :
- Now supports Meraki's latest firmware upgrade.
- Removed product version number in the subject line of alert mail.
- Added an option to select number of records as "30" for consolidated report.
- Issue with showing the incorrect cost unit while editing billing profile has been fixed.
- Added the value for MIN and MAX traffic in AS View.
- Issue with generating CSV Report for WLC under Schedule Profile has been fixed.
- Issue with deleting WLC device from inventory page has been fixed now.
- Issue with listing interfaces in Qos drill down view has been fixed.
- Removed the Free Version from the installation shield.
- Issue with listing of interfaces in the Interface widget under Device snapshot has been fixed now and changed to a maximum of 10 interfaces.
12.3.57 (Build 123057)
Vulnerability Fixes :
- DDI-VRT-2018-02 – Unauthenticated Blind SQL Injection via /servlets/RegisterAgent has been fixed.
- DDI-VRT-2018-03 – Unauthenticated Blind SQL Injection via /servlets/StatusUpdateServlet and /servlets/AgentActionServlet has been fixed.
- DDI-VRT-2018-04 – Multiple Unauthenticated Blind SQL Injections via /embedWidget has been fixed.
- DDI-VRT-2018-05 – Unauthenticated XML External Entity Injection via /SNMPDiscoveryURL has been fixed.
- DDI-VRT-2018-06 – Unauthenticated Blind SQL Injection via /unauthenticatedservlets/ELARequestHandler and /unauthenticatedservlets/NPMRequestHandler has been fixed.
- DDI-VRT-2018-07 – User Enumeration via /servlets/ConfServlet has been fixed.
12.3.52 (Build 123052)
Bug Fixes :
- The possibility to fetch user details through ConfServlet has been fixed and is secured now.
- Schedule reports for report period as "Previous Week" shows data for current week. This issue has been fixed now.
12.3.47 (Build 123047)
Bug Fixes :
- The framework for mail generation in NetFlow Analyzer has been revamped.
- The issue with licensing in attacks has been fixed.
- In Attacks module, time zone has been added in message for SMS alert.
- Language translation issue in Attacks snapshot has been fixed now.
12.3.33 (Build 123033)
Bug Fixes :
- Added SNMP support for Wireless LAN Controllers to fetch names of Access Points.
- Client MAC based filter is added newly in Inventory and Snapshot under WLC.
- Widget for Client MAC traffic is added in snapshot view of Client IP.
- Overall Report for IP Groups is added in schedule reports.
- Edit option in Alert profile has been fixed.
- Unwanted vectorwise DB operation is removed to avoid loss of raw data.
- Attacks information is now can be viewed for selected device and interface.
- Issue in attacks search filter has been fixed.
- Option to select Ethernet card name is available in DPI settings.
- Promiscuous mode of ethernet cards has been enabled by default for DPI.
12.3.29 (Build 123029)
Bug Fixes :
- Resource type and resource category are set by default to Top N Problems widget in dashboard.
- Default name will get changed based on the category for Top N problem widget in dashboard.
- The mismatch in Row Count for top source, destination, conversation, application ( L4,L7 ) has been fixed now.
- Redirection issue in Dashboard from network based (Source network, Destination network) widget has been fixed.
- A new column for DSCP has been added to top conversation widget in dashboard.
- Added an option to redirect from meraki device in device summary widget.
- Redirecting to particular snapshot with the configured timeframe is proper now and has been fixed.
- Redirecting to snapshot from WLC widgets is proper now and has been fixed.
- Enabling CBQoS policies for more than 2 interfaces has been fixed now.
- Listing interfaces with the index -1 has been fixed now.
- WAAS Total Volume graph plotting and time zone is proper now and has benn fixed.
- TimeZone issue for Line graph has been fixed now.
- Updating interface name when the speed is 0 is possible now.
- Individual Graph feature across product is proper now and has been fixed.
- Device traffic graph data in device Snapshot page showing incorrect value has been fixed now.
- Error in displaying time across product when user and browser timezone differs has been fixed.
- Drill down conversation in QoS shows only 50 records (pagination) has been fixed now.
- "Invalid Device selected" displayed in Raw Data Settings while clicking on Save button has been fixed now.
- Raw data was getting duplicated in the database. Now it has been fixed.
12.3.14 (Build 123014)
Bug Fixes :
- The issue with export to CSV in inventory has been fixed and enhanced.
- Added an option to export to CSV for NetFlow Group Configurations. This option is added under "Group Settings".
12.3.9 (Build 123009)
Bug Fixes :
- The issue with IPv4 address based criteria in Alert Profiles has been fixed for V9/IPFIX/SFlow flow format.
- The issue with Raw Data memory storage when toggle between raw ON and OFF for has been fixed for all databases i.e HighPerf, PGSQL and MS SQL.
- Interface group name was missing in the PDF generated through Schedule Reports. Now, this has been fixed.
- Application drill down & conversation reports from Inventory>>Interface has now mapped required Sr and Dst port for application mapping when data fetched from raw data. This issue with port and application mapping has been fixed.
- Now there is an option to send an SMS alert to multiple mobile numbers from "Alert Profiles" tab in Settings.
12.3.2 (Build 123002)
Bug Fixes :
- Router display name was not updated while fetching from Router via SNMP has been fixed.
- Search Filter not working in NetFlow inventory has been fixed.
12.3.0 (Build 123000)
Features :
- Deep Packet Inspection add-on captures and analyzes packets to monitor network and application response times for all critical applications and URLs accessed.
- Support for Cisco Meraki Firewall to monitor real-time network traffic and provide bandwidth usage reports by applications, APs, users and protocols.
- Out-of-the-box support for sFlow monitoring on Huawei routers.
Build No: 12000 to 12201
Build No 126000 - June 14, 2022
12.2.1 (Build 12201)
Bug Fixes:
- The possibility to fetch user details through ConfServlet has been fixed and is secured now.
12.2.0 (Build 12200)
Features:
- Improved user interface to make navigation easier and faster.
- Added "Report profiles" for NetFlow reports to add bulk filters and manage the most important reports at once location.
- Option to export to PDF for reports is available for more reports.
- Auto-refresh for zoomed traffic graphs gives all the graphs respective to selective time interval.
- Improved SNMP v3 support is provided.
- New tree view for CBQoS policies gives policy hierarchy in tree structure for better classification.
- Option to export PDF is also available from device snapshot page for faster reporting.
- Telnet/SSH access to devices is now made available from web UI itself.
- Complete support for Wireless LAN controller is provided.
- Cisco IP SLA monitors is improved in this version.
- Night mode CCTV view brings low contrast screens to monitor critical items that needs constant monitoring.
- One click schedule option is available from snapshot page.
- One click flow export makes exporting flows simpler.
- SSID based reporting is made available for WLC monitoring.
- Added AD integration for user management.
12.0.0 (Build 12000)
Features:
- New easy-to-use web client: 12 has made navigation between tabs even more easier with greater visibility and control over network data and thus, makes it more reliable and user friendly.
- Tight integration with network management solution: This enhancement has brought bigger benefits by managing your entire network infrastructure with single exe for all the available softwares by availing very tight integration with ManageEngine OpManager.
- Wireless LAN Controller monitoring: This feature is now available as add-on to take control of your wireless APs and LANs for better management of enterprise bandwidth.
- End User Bandwidth monitoring: Introducing this feature as BETA to monitor end-users bandwidth usage which has enhanced the way of troubleshooting excessive bandwidth usage better.
- Collaboration tool added: Group chat is now available at free of cost to interact within teams to resolve/assign the issues in more simplified way. Alerts can be discussed with the help of this tool.
- Newly added settings for Network Mapping: Now you can create visual view of network maps with the help of this setting and add network devices and priority links to get live status of your network links.
Build No: 11000 to 11001
11.0.0 (Build 11001)
Features:
- sFlow Parsing for IPV6 Flow Export : IPV6 Flow Export is supported now for sFlow for both NetFlow and ASAM addon.
Bug Fixes:
- Out Interface Value issue fixed for sFlow
- ASAM Land Attack for IPV6 Flows issue fixed
11.0.0 (Build 11000)
Features
- Application-level traffic shaping capabilities: NetFlow Analyzer can now reconfigure its QoS policies with traffic shaping techniques, to ensure critical business apps are served on priority. It allows to shape traffic via ACL or class-based policies(Service Policy) to gain control over the applications consuming unwanted bandwidth. Shaping bandwidth is also done at interface and router level.
- ACL configuration for CISCO IOS device: Access control list can be viewed at device, interface and Layer 4 apps page to filter IP packets based on source & destination address rule. If there is a match in one of the access list statements, the ACL either permits/deny the traffic.
- CBQoS configuration for CISCO IOS device: This feature allows to create new class with "match statement" and "match criteria" and apply policy to the created class from the web GUI itself. It also allows to delete or modify the existing policy. Service Policy can be viewed from Devices, Interface, Layer4 apps & Layer7 apps and QoS page along with Preview option.
- One click flow export: "Add devices" facility from the NetFlow Analyzer, lets users to discover routers and switches and configure them to export flows from the web console itself— in just a single click. This reduces the energy to export it manually from devices and saves time.
- Alert profile configuration for attacks: Now it is possible to create email and SMS notifications for DoS attacks. Add alert configuration from settings and generate alerts which satisfy defined criteria, thus notifying users about attacks in real time.
- QoS level configuration: DSCP value can be configured to classify the traffic and shape it to ensure high priority for business critical apps.
Build No: 10200 to 10250
10.2.5 (Build 10250)
Features
- Heat Maps: Heat maps in NetFlow Analyzer helps to visualize the health status of all the interfaces in a single page. It uses color codes to depict the severity of the monitored devices.
- QoS graphs: QoS graphs displays the real-time information of interface traffic in graphical format. This helps to get a better view of your interfaces and applications performance.
- API Client Enhancements:
- Add & Edit options included in IP Groups, Interface Groups & Alert Profiles.
- Add option included in DSCP & App Groups.
- Option to Add, Edit & Delete User Management.
- New segment named "Attacks" added inside Settings. It comprises of three settings,
- ASAM Setting:- Start/ Stop the flow processing for Advanced Security Analytics Module.
- Manage Config:- Enable/ disable the Problems, Resources and Algorithms involved in ASAM.
- Threshold Setting:- Basic and advance settings to update the threshold values in ASAM.
Note: All the above mentioned features are available in Essential and Large Enterprise Editions. For Distributed Edition, this release is just includes the scalability enhancements that got released in 10.2.
10.2 (Build 10201)
Features
- Manual raw data collection option for a Router
- Option to clean up aggregated data
- Exclude weekends for alert profile
- Performance enhancement and bug fixes
- API support
10.2 (Build 10200)
Features
- 100K flows/second(with raw data storage) - Scalability increase
- New high-performance Fluidic UI powered by Ember js
Build No: 9000 to 9900
NetFlow Analyzer 9.9.0 (Build 9900)
Features
- Cisco AVC monitoring reports
- NBAR2 support through AVC reports
NetFlow Analyzer 9.8.7 (Build 9870)
Features
- 'All Collectors' option on Central Server
- Across top stats ft. showing stats from across all the collectors in the Central Server dashboard
- Interfaces & Interface groups across collectors can be added as a dashboard widget
- 'Across Top Stats' - 18 new parameters have been added
- Viewing all devices in the Central Server in one single view along with the drill down options
- Create device groups from across collectors
- Consolidated utilization based reports for IP groups
NetFlow Analyzer 9.8.6 (Build 9862)
Features
- Flow rate graph - View in the UI
NetFlow Analyzer 9.8.6 (Build 9860)
Features
- Service Pack Release
- IPv6 support is extended to more reports
NetFlow Analyzer 9.8.5 (Build 9850)
Features
- Localization of reports based on time-zone
- New themes
NetFlow Analyzer 9.8 (Build 9800)
Features
- Introduction of HighPerf Reporting Engine
- NetFlow Configurator
- Support for IP SLA SNMP v3
- IPv6 support is extended to Historical data(aggregated data) reports, Application mapping, Top sites mapping, Schedule reports and Report profiles
NetFlow Analyzer 9.7 (Build 9700)
Features
- Support for IP SLA Video Operations
- Google maps visualization v3
- Interface groups support in Billing module
Bug Fixes
- Mail Authentication issues have been fixed
- Issues with incorrect speed graphs in the Dashboard have been fixed
- Cisco recommended QoS base line - PDF broken link has been fixed
- Service start-up issues in Windows 2008 have been fixed
- URL Related Security bug fixes
NetFlow Analyzer 9.6 (Build 9600)
Features
- Source Network and Destination Network based Anamoly detection in ASAM module
- Option to ignore events for all resources in ASAM module
- IPv6 support in ASAM
- Facility to shut down ASAM module from admin settings page
- Support for Multicast Reporting
- Alert clone copy
- IPGroup clone copy
- AS Report with Src/Dst port
Bug Fixes:
- Issues in Ams Expiry message has been message
- Issues in Auto login has been fixed
- index page sorting has been fixed
- MySQLl IPv6 issue has been fixed
- MS SQl and empty page issue in WAAS has been fixed
- Application mapping duplication has been fixed
- Individual graph fix in non-English environment
NetFlow Analyzer 9.5 (Build 9500)
Features:
- User interface has been re-vamped to suit Customer needs
- Support for Cisco's Medianet and Mediatrace technology
- Support for App-flow
- Create and Monitor IP groups using WAN RTT Monitor
- Edit Threshold Settings in WAN RTT monitor
- Generate on-demand bills in capacity planning reports.
- Option to schedule Capacity Planning reports and Medianet reports
- Customizable e-mail subject
- Performance tuning of product through user interface
- Option to Add, Modify, and Delete Top sites
- AS Number added in AS Report
- Option to Exclude week-end and Business Hour in capacity planing PDF and CSV
- Export reports in CSV format for Device and interface based Consolidated Report.
- Option to load DNS Names from CSV file
- View Top 20 interfaces in consolidated report view per page
- Option to Export reports in CSV format for IP Group consolidated report
- View IPSLA Collector name in GUI
- Global Search - Report Based sorting.
- New application names has been added
NetFlow Analyzer 9.1 (Build 9100)
Features:
The new features of Advanced Security Analytics Module are listed below:
- Anomaly detection based on Source IP and Destination IP
- Heuristics based event classification that includes Denial of Service Attack,Host Scan, Port Scan, Diagonal Scan and Grid Scan
- Enrichment of events with location details(Geographical and Topological) for Offender IPs and Target IPs
- Customized user interface for white listing problem specific Flows and Events(Ignore Events and Discard Flows)
- Customized User Interface that includes
-- Enable/Disable specific Problem
-- Enable/Disable specific Algorithm
-- Enable/Disable Resources
- Algorithm Settings
-- Customized Algorithm specific Threshold configuration
-- Algorithm specific Offender/Target Field configuration
- Location(EventList report)
-- Customized Topological configuration for Offender IPs and Target IPs
-- Offender/Target Location Mode settings
- Security Posture dashboard - Problems & Time Lines
- Listing all the Problems with the Events(with Pie Chart) and
Resources(with Bar chart) for each Class
- Multi-line graph of Time showing occurences of Events, Resources and Problems
- Offenders & Targets dashboard - Resources & Time Lines
- Lists all the Resources along with the Events(Pie-Chart) and problems (with Bar chart) for each Algorithm Type
- Multi-line graph of Time showing occurences of Events, Resources and Problems
- Problem Analysis dashboard
- Lists all Resources along with the Events(with pie chart) for the specific Problem
- Multi-line graph of Time showing occurences of Events and Resources
- Resource Analysis dashboard
- Lists all problems along with the events(with pie chart) for the specific Resource
- Multi-line graph of Time showing occurences of Events and Problems
Bug Fixes:
- Enhancements in WAAS Reporting to support all CM versions
- Issue related to parsing IPSLA Monitor OID has been fixed
- Handled Request time out error in QoS polling
- CBQoS temp table split fixed
- Handled AS Number field in a different position and not in usual position of V9 Flow
- Report profile - report display issue on non-english environment
- Bill plan config script error in French language
- License management script error in Spanish language fixed
NetFlow Analyzer 9.0 (Build 9000)
Features:
- Wide Area Application Services (WAAS)
- Support IPV6 Address Format
- Wan RTT
- Enhanced Capacity Planning Report
- Creating Alert Profile with IP Address as Criteria
- Report Filter Enhancements
- Option to map IP addresses to site names
- Scheduling Options for Compare Reports and Report Profiles
- Support for Radius server Authentication in MSSQL
- Enhancements to Consolidated Reports
- Network Snapshot Improved with Widget for Top N Alerts
- String Search Option for IP groups
- Custom Selection Option in Device Reports
Bug Fixes:
- Dashboard related issues have been fixed.
- Tomcat Vulnerability issues have been fixed
a.Fix for Apache Tomcat SingleSignOn HTTP Cookie exposure Vulnerability. (Refer CVE-2008-0128)
b.Hidden the webserver details (say Apache/Tomcat 5.0.28) and return a blank information for the sake of security.
c.Fix for the multi-content-length vulnerability issue in Tomcat
d.Fix for HTTP Cookie (jsessionid) Exposure Vulnerability
- Voip related issues have been fixed
- Temp raw table growing issue has been fixed
- Index page sorting has been fixed
- SNMP V3 related issue has been fixed
Build No: 8000 to 8600
NetFlow Analyzer 8.6 (Build 8600)
Features:
- Capacity Planning Report
- Report Profiles
- Top Sites
- Selection box for list of application
- Compare report include 95th percetile
- Compare report should include 1,5,15 min reports
- Resolve NATED Addresses in ASA reports
- Resizeable columns
- Configures CBQoS automatically for first 20 routers
- Schedule Reports CSV option
- Geo location PDF and CSV
- Schedule Business hours for last month and week
- Standard Deviation calculation in Traffic Report
- Interface performance dashboard
- Add custom URL widget in Dashboard
Bug Fixes:
- The average for 5 / 15 Min Data point Average in traffic page has been fixed
- The junk characters in Non-english property file have been removed
- Sampling in Adtran Devices has been added
- Dashboard related issues have been fixed
- Consolidated Device based Report - (graph color related issue) fixed
- Schedule Report file names with "null" has been fixed
- IPSLA fix
- Billing "Alert" issue has been fixed
- User Defined DNS added for Schedule reports
- Geolocation - "unaccounted" removed
- Dashboard - Topstat - Last 15 Min Report - time period wrong
NetFlow Analyzer 8.5 (Build 8500)
Feature:
Advanced Security Analytics Module. More information.
Bug Fixes:
- The average for 5 / 15 Min Data point Average in traffic page has been fixed
- The junk characters in Non-english property file have been removed
- Sampling in Adtran Devices has been added
- Dashboard related issues have been fixed
- Consolidated Device based Report - (graph color related issue) fixed
- Schedule Report file names with "null" has been fixed
- IPSLA fix
NetFlow Analyzer 8.0 (Build 8000 ) includes the following:
Features:
- IPSLA (VoIP)
- SNMP V3 support
- Flexible NetFlow - NBAR integration
- V9 Sampling
- Cisco ASA
- CBQoS Child Policy and Match Statements reports
- PDF Option in CBQoS
- Geo Locations reports of IP Addresses
- Single Click Scheduling Option
- Network Layout using google maps and Google map widgets
- More Graphical Widgets and some new Widgets added in Dashboard
- Sampling rate accounted during the flow calculation
- Global search for IP Address link
- Operator specific Dashboard permissions
- Top N AS reports
- Last 15, 30 Min reports
- 1, 5, 15 Min averages in traffic report
- Consolidated report for a device
- Localization
Bug Fixes
- In the build 7501, any report in "Compare same device for different time period" cannot be displayed in Non-english installation. This has been resolved
- The issue in displaying problem on the sevirities of SNMP traps has been resolved
- MSSQL Table split process is fixed now.
- Issue in device group display has been fixed.
- Pdf issue fixed for: (1) Application Group (2)Source Network (3)Destination Network (4)Tos (5)Dscp Group
Build No: 7000 to 7600
NetFlow Analyzer 7.5.0 (Build 7600) (SP 4.0) includes the following:
Feature
- Supports Microsoft SQL server 2000/2005
NetFlow Analyzer 7.5.0 (Build 7501) (SP 1.0) includes the following:
Features:
- Interfaces without an IP address and without NetFlow exporting capability can be monitored for QoS policies if those interfaces are CBQoS enabled.
- IP groups can be viewed in the network snapshot page.
Bug Fixes
- The interfaces were not listed in the traffic page if the router name had special characters. That's been fixed.
- A compatibility issue during patch installation has been fixed.
- The patch CAN be applied in linux OS, even if the file system name is too long.
- When having more than 100 IP groups, the IP groups page went blank. This has been fixed.
- All the localization issues resolved.
NetFlow Analyzer 7.5.0 (Build 7500) includes the following:
Major Features:
- Customizable dashboard
- Site to site traffic monitoring
- GRE application filter
- Email option for sending reports with single click.
- Policy enabled (CBQoS) routers need not export NetFlow for CBQoS monitoring
- DSCP names in alerts and IP groups
- Volume based billing
- Secondary DNS server lookup
- Raw data storage - Can be stored for as less as one hour
- Report based on nexthop values.
- Localization available in 8 languages.
Minor Features:
- Password strength is displayed
- "Compare reports" can also be exported as PDF now.
- UAE Dirhams added in billing.
- Option to modify interface groups.
- Users can switch off raw data reports and generate reports from aggregated data, in case of time constraints
- Look and feel changed
- Subminute visibility available
Bug Fixes:
- Issues related to sFlow fixed.
- Day light saving time brought into effect. Product will automatically sync to the day light saving time change.
- AS view related bug fixed
- CBQoS related issues fixed
- Automatic deletion of older raw data in non-English-OS issue fixed.
- Issue with the "scheduled custom report" fixed
NetFlow Analyzer 7.0.0 (Build 7002) (SP 2.0) includes the following:
Bug Fixes
- Issue related with "seeing data point only for the last ten minutes in the graphs" has been fixed.
- Inablility to start as a service in Linux has been fixed.
- Issue related to mysql crashing every 24 hours (typically at 2:00 am every day - while loading DNS entries) has been fixed.
- Issue related to mail receiving and mail attachment in scheduled reports has been fixed.
- NetFlow Analyzer temporary images stored in the OS tmp folder will be periodically cleaned up.
NetFlow Analyzer 7.0.0 (Build 7001) (SP 1.0) includes the following:
Major Features
- Usage based billing
- Localization supported
- Reporting on source network and destination network
- Look and feel changed
Minor Features
- Option to resolve DNS for single IP addresses.
- Quick view graph from the dashboard view for IP groups.
Bug Fixes
- Application mapping with IP addresses will be categorized in the order in which they were created.
- Ordering of interface list in the browsing of older scheduled reports.
- Average calculation bug in scheduled custom report has been fixed.
NetFlow Analyzer 7.0.0 (Build 7000) (Beta) includes the following:
Major Features
- Reporting on Cisco CBQoS - Useful for monitoring class based pre and post policy traffic usage, class based drops and queuing.
- Authentication using radius server
- Ability to create IP groups with exclude IP address option
- Ability to add application mapping from the Show Ports page for enhanced usability
- DNS resolving enhancement of source and destination addresses
- Support for user configurable DNS names for IP addresses
- Different IN and OUT speed can be configured for interfaces
- Support for exporting reports to CSV
- Sorting on the Autonomous Systems view for easier tracking and for peering arrangement
- Option to exclude ESP_App on user defined interfaces - Ensures that traffic is not double counted in case of ESP tunnels.
- Option to suppress output interface accounting on user defined interfaces - Useful when working with WAN accelarators
- Option to suppress ACL(Access Control List) related drops (based on destination interface being null) on user defined interfaces
- Quick view traffic graph in Dashboard view for enhanced usability
- Graphs enhanced to one min granularity and also to real-time in Network Snapshot
- Ability to set snmp parameters globally for all routers
- Support for sorting of interfaces based on usage in Dashboard View
- User management enhanced to provide last login time and current login status for all users
- The LHS view can be re-arranged for convenience
- Support for configuring alerts on interface groups. Interface groups can be used for checking the router traffic by combining all the interfaces into a single group.
- User permission can be granted at a interface group level. This feature would enable providing permission at an interface level while creating a user
- Option to view older schedules reports from the UI
Minor Features
- Login page enhanced with a "keep me signed in" option
- Alerting can be disabled for non-business hours
- Ability to Backup.bat just the aggregated data
- Option to bulk-load IP groups from flat file
- Distribution graph for troubleshooting, custom reports and drill down reports
- Configurable deletion of older alerts
Bug Fixes
- Bug related to scheduled report attachment resolved
- Today report to have only values from 00:00 to current time
Build No: 6001 to 6100
NetFlow Analyzer 6.1.0 (Build 6100) includes the following:
Major Features
- Network Snapshot View brought in
- Global Comparison Report feature added
- QoS reporting brought in
- Alerting for IP group added
Minor Features
- DSCP Group brought in
- Distribution Graph for Conversation added
- Support for mail in HTML format
Bug Fixes
- Issue in average calculation and monthly report drilldown to 1 min code addition fixed
- TCP FLAGS is not reported correctly - fixed
- Issues related to google map fixed
NetFlow Analyzer 6.0.0 (Build 6001) includes the following:
Major Features
- Real time reports with graphs updates immediately as the data is received
- Support for sFlow data capture and reporting
- Option to click and drag on the graph for easier drilldown
- IN and OUT traffic (in bytes and packets) for each interface maintained with 1 minute granularity for upto 1 year
- Performance improvement in IP group classification engine
- Integration with Google Maps for a better view of the network
- Ability to report on DSCP mapping
- Alerting feature enhanced to send an alert when link goes down or when no flows are received for 15 minutes
- Ability to group together applications into a single logical entity
Minor Features
- Exporting pages to PDF
- More options in the scheduled reports (Modify reports, speed / utilization, IP / DNS and option to zip or not zip the reports)
- Option to back up configuration data
- Source and Destination dissemination (to see how many unique destination that a source talked to and vice versa).
- Individual graph for each source, destination and application
- NBAR storage period extended to 1 year
- Option to disable an IP Group
Bug Fixes
- Bug related to random interfaces appearing with NetFlow V9 has been fixed
- Bug in alert mail classification has been fixed
- Ambiguity in Min and Max points with respect to the graph has been resolved
Build No: 5001 to 5505
NetFlow Analyzer 5.0.0(Build 5505) (SP 1.2)included the following:
Major Features
- Full i18N compliant
- Localized setup in Chinese, Croatian, Dutch, French, German, Japanese, Spanish languages
Bug Fixes
- Exporting V9 flows will report large number of interfaces than the actual number. This issue has been fixed
NetFlow Analyzer 5.5.0 (Build 5502) (SP 1.1)includes the following:
Major Features
- Reporting on NBAR statistics
- Support for netflow V9
- Automatic Scheduling and emailing of reports
- Associating IP address in application mapping (in addition to the port and protocol available now)
- Ability to create interface group - ability to group interfaces together and monitor traffic
- Reporting on ToS and TCP_Flag
- Ability to listen on multiple UDP ports for incoming NetFlow datagram packets
- Option to retain raw data for upto 30 days.( earlier limit was 2 weeks)
Minor Features
- 95-th percentile added in traffic graph.
- Configurable from address for emails - both in alert emails and scheduled reports
- logZipUtil.bat to include .err file in mysql\data folder
- Back-Up DB will have the backup location as configurable and also have option to overwrite the old backup
- IP Groups list sorted by name
- Values for the first few minutes were not plotted in the last traffic graph. This issue has been fixed.
- Ability to enable/disable collection of AS information based on user's needs.
Bug Fixes
- Alert will not be generated for interfaces whose interface index is 0.
- Bug in NetFlowAnalyzer MIB for SNMP trap (Variables do not correspond to trap varbind order) has been fixed.
- When reports are scheduled and automatically emailed, the files and the folders have been appropriately named for easier identification.
NetFlow Analyzer 5.0 Beta (Build 5001) (SP 3) includes the following:
Major Features
- Threshold-based alerting - option to send e-mail notifications and SNMP traps based on alerts
- Increased granularity - option to configure maximum time period for retaining raw data (upto 2 weeks)
- Enhanced IP group management - option to modify IP groups and associate interfaces to IP groups
- Internationalization - option to support local languages (French, German, Spanish, Japanese, and Chinese are available out-of-the-box)
Minor Features
- Option to view IfName and If Alias values for an interface in addition to IfDesc value.
- Dashboard filters - option to set filters on interfaces displayed on the Dashboard, based on the percentage of incoming and outgoing traffic received.
- Enhanced Traffic Filter - option to view hour-based traffic data in daily and weekly traffic graphs.
- Support link - Separate link with several options to contact NetFlow Analyzer Technical Support in case of any problems
Build No: 4000 to 4020
NetFlow Analyzer 4.0.2(Build 4020) (SP 2)included the following:
Major Features
- Support for NetFlow version 7
- Reporting based on AS information
- Localized setup in Chinese, and Japanese languages
Minor Features
- Reporting based on packet count
- Port range in mapping applications
Bug Fixes
- Fixed PDF loading issue in Acrobat Reader 6.0
- Fixed color bug in Dashboard percentage values
- Fixed bug in IP address range when incorrect values were entered
NetFlow Analyzer 4.0.1 (Build 4010) (SP 1)included the following:
Major Features
- Address Grouping - Create monitoring and reporting groups based on IP addresses or applications
- Custom reports across multiple interfaces and devices
Minor Features
- Criteria to define ports and port ranges in custom reports
- Database archiving - Utility that makes a backup of the database.
- Support file creation - Utility that zips the log files and database information to send to the NetFlow Analyzer Support Team.
- Traffic graphs made as non-stacked graphs, and shown as a combination of line and area graphs
- Interface Traffic graphs shown in one-minute intervals
Bug Fixes
- Both In and Out traffic of managed interfaces are maintained - Previously traffic was accounted for flows whose source interface was managed. Now traffic is accounted for flows whose source or destination interface is managed.
- Fixed mismatch in total number of interfaces marked as managed in DB and memory
- Fixed PDF loading bug - Error when exporting to PDF when server was installed in non-"C" drive.
- Fixed Applications graph bug - graph was hidden when more than 100 applications were listed.
- runQuery.jsp file works fine on Linux platforms
NetFlow Analyzer 4.0.0 (Build 4002) included the following:
Bug Fixes
- Fixed threading issues in updating database while handling more than 250 interfaces
- Fixed issue in determining number of managed interfaces in License Management
- Fixed application port bug - minimum value of ports was assigned to an application. Now whichever source or destination port maps to the application is used. Apart from this, source and destination ports are now displayed for unknown applications.
- Fixed Delete Router bug - when all interfaces of a disabled router were deleted, new flows from any interface on that router were not processed. Now fixed to enable the router when all its interfaces are deleted. This ensures that if this router starts sending flows again, these incoming flows are processed.
- Fixed percentage utilization bug in traffic reports - value was exceeding 100% in some cases.
- Fixed Update Router Settings bug - device is now scanned again even if no changes have been made to Router Settings.
- SNMP requests to routers sent in batches to ensure better response
Minor Features
- NetFlow Analyzer can be run as a service on Linux
- Update Manager tool included - tool to apply, manage, and remove service packs and patches
- Option to edit Device Settings is available only for Administrator and Operator users
- Application Mapping list is sorted on Application name for easy access
- More enterprise applications added to the list of applications supported
- NetFlow Analyzer can be run as root/non-root user
- Server can be started in non-X-windows (headless) environment in Linux/Solaris
ManageEngine NetFlow Analyzer 4.0.0 (Build 4001) included the following:
Bug Fixes
- Fixed time zone-related bug causing problems in setting Start and End time in graphs
- About and Feedback links made to open in separate windows
NetFlow Analyzer 4.0.0 (Build 4000) (GA) General Release included the following:
General Features
- Support for NetFlow version 5 exports
- Web-based interface for viewing the network as well as performing administrative tasks
- Configurable applications and application ports
- Support for logical grouping of routers
- Three user levels with different privileges, to enable managing of groups
Graphs & Reports
- Instant graphs of network utilization per network interface
- Daily, weekly, and monthly reports showing current, average, and peak traffic patterns on an interface, as well as percentage utilization
- Reports on Top Applications, Top Sources & Destinations, and Top Conversations
- Resolvable source & destination addresses
- Reports include protocol & bandwidth utilization information
- Subnet-based and IP range-based reports
- Consolidated reports to show Top Application, Top Source, and Top Destination for an interface in one report