Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

Trending KB Articles

containerblogpic.jpg

NetMRI 7.5.3 Released 31 Aug 2022

samanna
Adviser
Posts: 321
samanna

NetMRI 7.5.3 Released 31 Aug 2022

Adviser ‎09-15-2022 02:58 PM - edited ‎09-15-2022 03:01 PM

Introduction

All existing customers have the option to upgrade their deployments to the auto-failover configuration for standalone, operations center, and collector appliances.
The following sections describe new features, supported devices, guidelines for upgrading devices, resolved issues, and known issues for the current release.

NOTE: Active penetration and vulnerability scans are conducted as part of the security testing. We have fixed all reported and discovered vulnerabilities related to SQL injections, and we have found and fixed a number of high-severity vulnerabilities. We will fix lower-severity vulnerabilities in the upcoming releases. To be exploited, all vulnerabilities require an authenticated user to initiate the action. Based on our knowledge and testing capabilities, we are unaware of exploits conducted by unauthenticated users. 

 

New Features and Improvements

The following new features and improvements are included in this release of NetMRI:
  • You can now generate and review IPAM sync data before sending it to NIOS IPAM. 
  • We added an advanced setting for excluding devices with unmapped VRFs from IPAM Sync.
  • We added a new user role: Polling Admin. Polling Admins can configure device polling and have full access to the following features: Collection and Groups, Discovery Settings, SDN/SD-WAN Polling, Proxy Settings, Credentials, Device Support Bundles, MIB Management, and Device Collection Status.
  • We added the View: System Health Banner privilege to all roles except FindIT. To hide system health alerts for specific roles, remove the roles’ privilege.
  • You can now disable database archiving during weekly maintenance.
  • To avoid overloading SDN controllers, we disabled the Discover Now and Discover Next buttons for SDN elements on the following pages: Network Explorer > Discovery and Device Viewer > Settings & Status > Management Status.
  • You can now use the Device Viewer > Settings & Status > Management Status page to enable or disable debugging for SDN devices. 
  • You can now use periods (.) in usernames. 
  • NetMRI_Easy.pm can now connect to the NetMRI API over port 443.
  • We added details to the import-related error messages shown on the Config Management > Job Management > Config Templates page. 
  • The debug show-active command now lists devices with enabled SNMP debug.
  • The Inventory page now displays the serial numbers of the discovered fabric extenders.
  • POST is now the only method that the NetMRI API allows for user authentication.
  • We improved NetMRI’s performance and stability.

 

Deprecated and Obsolete Features

This section describes the features no longer supported in this release or planned for removal in future releases. These are the features that have not been adopted by customers or have been used only for specific cases in the past. NetMRI contains a rich set of features; to ensure that the focus remains on improving the features that are in use, we have trimmed many existing features and added new ones in areas where the number of use cases is growing.

 

Deprecated Features

Deprecated features are features skipped during release qualification. The code for them has not changed but might be removed in future releases.
In NetMRI 7.5.3, the CDS tool has been deprecated. As a replacement, please use NetMRI Advisor by Empowered.

 

Obsolete Features

Because the SSH client has been upgraded, NetMRI 7.4.4 has dropped support for the following:
  • SSH protocol version 1, associated configuration options, and documentation ● hmac-ripemd160 MAC
  • ARCFOUR, Blowfish, and CAST ciphers
  • RSA keys shorter than 1024 bits
Compatibility support for some very old SSH implementations, including ssh.com <= 2 and OpenSSH <= 3

These versions were released in or before 2001 and predate the final SSH RFCs. The support for them is not necessary for RFC-compliant implementations of SSH.

If you get the “no matching cipher” error when attempting to connect to devices from NetMRI over SSH, use the configure ssh command to adjust the list of ciphers.

 

Planning for Deprecated and Obsolete Features

This release does not contain features that are candidates for becoming deprecated or obsolete in future releases.

 

Guidelines for Performing Upgrades

The file with the upgrade image is ib_network_automation-7.5.3.XXXXX.gpg.
The following table provides guidelines and use cases for upgrading previous versions of NetMRI to 7.5.3.
Version Guidelines
6.9.x or earlier Follow this upgrade path: 7.0.5 > 7.1.4 > 7.4.5 > 7.5.3.
7.0.x
7.1.x		 Upgrade to 7.1.4, then to 7.4.5, and then to 7.5.3.
7.2.x Upgrade to 7.4.5 and then to 7.5.3.
7.3.x
7.4.x
7.5.x		 Upgrade directly to 7.5.3.
HA system running
7.1.[2-4]		 Before performing the upgrade, apply one of the v7.1.[2-4]-NETMRI-30000.gpg hotfixes available on the AutoUpdate server.
When applying a hotfix, ignore the reference to 7.1.4-NETMRI-30000.
HA system running
7.3.2, 7.3.3, or
7.4.[1-4]		 Before performing the upgrade, apply the NETMRI-33842.gpg hotfix for the appropriate NetMRI. These hotfixes are available on the AutoUpdate server.
When applying the hotfix, ignore the reference to NETMRI-33842.
In communications between an operations center controller and a collector, all collected network data passes from the collector to the controller through a tunnel. Because the tunnel is shut down during the upgrade, data collection is shut down in operations centers.

 

A Note on External Authentication and Authorization Services

If you are using external authentication over SSL, ensure it supports TLS 1.2 before upgrading NetMRI.

 

Upgrading Sandbox Instances

Before starting an upgrade, ensure that all local and remote sandboxes are fully and properly upgraded or reinstalled on the starting release version. If a sandbox is in an incorrect state prior to a follow-on upgrade, issues that are difficult to diagnose might arise.
Local sandbox instances for NetMRI are upgraded automatically.
Remote sandbox instances (for example, those on a VM server) must be manually reinstalled in the following cases:
  • You are upgrading between major versions, for example, from 7.3.3 to 7.4.1.
  • You are upgrading to 7.4.5, which is a minor version.
  • You are updating from 7.5.0 or 7.5.1 to 7.5.2 or later.
When upgrading between minor versions, for example, from 7.4.1 to 7.4.2, you do not need to redeploy the remote sandbox.

To reinstall a remote sandbox instance:
  1. Download a new Sandbox VM file from Infoblox.
  2. In the administrative shell, run the sandbox deregister command for the previous remote sandbox.
  3. After the NetMRI upgrade is complete, deploy a new instance of the sandbox image.
  4. In the administrative shell, register the new instance with the sandbox register command.
For more information, refer to the topics Using the NetMRI Sandbox and Setting Up a Remote Sandbox in the online Help.

To extend the size of an image and of an internal swap partition for the local sandbox, manually execute the sandbox reset command after the upgrade. Any changes made to the sandbox (for example, additional libraries installed) will be lost during this process.

 

Other Requirements

Tested Versions of Web Browsers

NetMRI 7.5.3 has been tested with the following web browsers:
OS Browser
Microsoft Windows 7® Microsoft Internet Explorer® 11.x
Mozilla Firefox 63.x
Latest version of Google Chrome
Microsoft Windows 8.1® Microsoft Internet Explorer 11.x, Edge
Mozilla Firefox 63.x 
Latest version of Google Chrome
Microsoft Windows 10 Microsoft Internet Explorer 11.x, Edge
Mozilla Firefox 63.x 
Latest version of Google Chrome
Apple® Mac OS X 10.13.6 Safari 13.0.5
NOTE: Internet Explorer 11 does not render Topology Viewer well. Topology Viewer requires a browser that supports the ES6 standard (ECMAScript 2015 and later), but IE11 does not support this and later standards.

We have removed the “The browser you are using is not supported” warning. Occasional issues with display might occur because these browsers go through rapid release cycles. We expect that the coding of browsers is compatible with NetMRI and that highlighting the version difference in red during every login is no longer necessary.

When viewing NetMRI, set the following screen resolution on your monitor:
  • Minimum: 1024x768
  • Recommended: 1280x800 or better

Supported Hypervisors

Infoblox offers NetMRI in a VM version. The following hypervisors support NetMRI 7.5.3 on VMs:
●    VMware ESXi 5.5, ESXi 6.5, ESXi 6.7, and ESXi 7.0 ●       OpenStack Victoria and OpenStack Wallaby
 

 

Technical Support

Product Support

Telephone: 
  • Toll-free number for the US and Canada: 1-888-463-6259 
  • EMEA: +32 3 2590440
  • US: +1-408-986-4000, ext. 1  Email: support@infoblox.com
Web: https://support.infoblox.com

 

Documentation

The latest documentation is available on docs.infoblox.com.

 

Training

Training information is available on https://training.infoblox.com.
 

Labels:
0 Kudos
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Recommended Discussions

Re: NetMRI 7.6.0 has no in-place upgrade?

Re: Trinzik 1415 EoL question

Re: When do I need Match Clients for DNS Views

Re: Trinzik 1415 EoL question

Re: New ISC bind security issues for Bind 9, NIOS affected?