RELEASE NOTES

NIMPEE v2.x.x

2.2.5 (12th Jun 2018)

Features - Analytics
  • Added STP pseudolink between routers and switches not to rely on CDP/LLDP
  • HSRP, VRRP, and GLBP are now under FHRP menu.
  • Added preemption and protocol information to FHRP table.
Features - Protocol and technology support
  • Added vendor support for Extreme XOS
  • Added wireless support for HP830/850
  • Added support for CISCO GLBP & VRRP
  • Added support for Cisco ASA contexts
  • Added voice gateway device type
  • Added support for Cisco Nexus environmental parameters
Features - Visualization
  • E2E Path lookup is part of Network graph now and display the path over the network locations
  • The tooltips are replaced with drag & drop windows which enable to display more valuable information directly in the graph
Features - System
  • NIMPEE VM can now be restarted or shut down from System Administration interface
  • System Administration - added option for restarting API
  • New support portal - http://support.ipfabric.io/
Features - Discovery
  • Significantly improved discovery error detection and reporting
  • Detailed communication logs are now available in Connectivity Report / Error reports & in each table with Hostname detail (only for user with Settings privileges)
  • XDP (Discovery Protocols) now consider only neighbors with capabilities “router” or (“switch” or “bridge” but excluding “phone” or “host”)
Improvements and Bug Fixes
  • Juniper/Junos ARP records wasn’t used as discovery targets
  • Juniper/Junos Zone FW is now collected from configuration (fixing 100% cpu BUG)
  • Configuration management no longer attempts to download configuration of Wireless APs
  • Forms with password field shouldn’t prefill a passwords
  • LDAP authentication now supports multiple LDAP servers for a domain
  • Firewalls are now included in the routing domain calculation
  • STP between switch and router for site calculation and graphs
  • Site recalculation - delete STP topology before start
  • Voice GW 224 device type
  • Added Vendor column to /inventory/hosts table
  • Improved Cisco VRRP support
  • Translated Cisco NX-OS routing protocol into standard name
  • DOWNLOAD configuration file in /technology/management/saved-config-consistency can’t be sanitized.
  • Moved Table /reports/end-of-life-milestones to /inventory/end-of-life-milestones
  • Local IP now inserted into ARP table for platform which don’t show local ARP entries
  • AP without CDP/LLDP are now connected to switch with pseudo-STP link
  • Removed duplicate tables that served as dedicated checks, since now each table can have any number of checks using table colors (reports).
    • /dashboard/risk/device-stability (now a color in /inventory/devices)
    • /dashboard/risk/eox (duplicate of /inventory/end-of-life-milestones)
    • /dashboard/risk/err-disabled (duplicate of /technology/interfaces/errdisabled)
    • /dashboard/risk/outbound-balancing (duplicate of /technology/port-channels/outbound-balancing-table)
    • /dashboard/risk/routing-stability (duplicate of /technology/routing/route-stability)
    • /dashboard/risk/stp-stability (now a color in /technology/spanning-tree/stp-instances)
    • /technology/addressing/host-ip (duplicate of /inventory/hosts)
    • /technology/management/config-register (now a color in /inventory/devices)
    • /technology/management/os-version-consistency (duplicate of /inventory/os-versions)
    • /technology/management/unexpected-reloads (now a color in /inventory/devices)
  • Fixed Cisco ASA parsing of empty localL4connections
  • Fixed parsing of 802.1X details for Cisco IOS-XE
  • Fixed patsion of auth sess int <int> detail command for Cisco IOS-XE
  • Fixed parsing of 802.1X client list and sessionId for Cisco IOS
  • Fixed parsing of ARP entries for HP/Comware
  • Fixed processing port security command for HP/Comware when it isn’t configured
  • Fixed updater failing on validation of Zone FW rules
  • Fixed discovery of Juniper/Junos from ARP entries
  • Fixed routing table flags parsing for Juniper/Junos
  • Fixed parsing of non-active routes for Juniper/Junos
  • Fixed ARP parsing of incomplete entries for Palo Alto
  • Fixed parsing of Cisco policy-maps under certain conditions
  • Fixed parsing of Cisco interfaces and IP interfaces under certain conditions
  • Fixed parsing of Juniper/Junos configuration firewall command
  • Disabled sanitization of configuration files for Saved Configuration Consistency checks

2.2.4 (14th May 2018)

Features - Analytics
  • End to End path lookups now enable to lookup any IP or Hostname directly from the source or destination field
  • End to End path lookup now support L4 protocols and ports
  • End to End path lookup now supports Zone Firewall rules
  • Improved routing next hop analysis in the comuluative routing table
  • Improved 802.1x analysis
  • Added DNS resolution to hosts
  • Added voice VLAN for VoIP phones
Features - Protocol and technology support
  • Added support for Juniper SRX clusters (platforms)
  • Added support for Firewall Zones (security)
  • Added support for STP Guards (spanning tree)
Features - Visualization
  • Small sites (less than 5 devices) are now grouped into redundant and non-redundant groups.
  • Individual STP instances can now be hidden through Objects diagram menu
  • L2/L3 boundary is now enhanced through MAC lookup between router and switch using VLAN, ARP, and MAC (now still marked as stp)
Features - System
  • Added LDAP support for user authentication (supported Open LDAP, Microsoft AD)
Features - Discovery
  • Discovery connectivity report now contains vendor column for connection attempts from ARP entries
  • Discovery from XDP protocols now considers only neighbor with capabilities “router”, “switch”, or “bridge”
  • SSH/TELNET authentication credentials can now be limited to a specific subnet
Improvements and Bug Fixes
  • Significant performance boost for historical snapshot comparison

Warning

Migration to this version can take a long time, depending on the amount of history collected

  • Fixed Cisco 6500 OS version detection for certain variants
  • Fixed parsing of LLDP capabilities for Cisco SG
  • Fixed inventory parsing of certain Catalyst 4500 Sup8 IOS-XE variants

2.2.3 (10th April 2018)

Features
  • Tacacs Authentication failure retries settings - SettingsAdvancedSSH-Telnet
  • The sites can be separated from the diagram (requires site detection using Routing & Switching)
  • Site names automatically derived from hostnames when sites detected using Routing & Switching
  • Discovery service windows has download log button
  • Speed improvements for Spanning Tree and QoS information
  • Tables now allow filtering using regex using =~ operator in addition to advanced filters
  • Diagrams - automatic meshing for sites with over 200 meshable edges
  • Diagrams - Spanning Tree tooltips for the failure domain now consider VLANs active on a link
System Features
  • Crypto image option (encrypted disk)
  • OS security updates
  • Service health check and autohealing for failed application services (arangodb, nimpeeAPI, nimpeeUpdate, syslogUpdater, syslogWorker)
  • Short DNS name in web certificate CSR can be removed
BugFixes
  • Routing domains are now separeted by sites
  • Switches with one default route are not calculated into routing domain
  • Portchannel members with stp are not considered network edge
  • Phone and AP ports are considered network edge
  • EOL reports for Juniper had incorrect data
  • IP Phones are now detected using MAC in addition to LLDP/CDP
  • Discovery pages now always displays Connectivity Report button
  • Tables - fixed csv export for colored cells
  • Juniper & HP routing protocol types translation to standard format
  • Calculate affected users - fixed root computation
  • Cisco - cryptoSession command - parsing fix
  • Cisco SG300 - ARP, L2 interface, and Loopback collection fix
  • PaloAlto - enviroment Power & Fan validation fix
  • Juniper - added support for multiple neighbors on a single interface
  • Techsupport decryption was failing when file size was less than 1MB

2.2.2 (26th March 2018)

Features
  • Dashboard - Table colors - the order of assigned color rules can be arranged (use drag&drop)
  • Added more predefined verification checks & updated Dashboard view
  • Diagrams - more information in tooltip for STP edges
  • Tables - Colorize rules - fade out background for results with value ‘0’
BugFixes
  • Predefined Advanced Filters was deleted by next Discovery start
  • Filtering any tables for selected site
  • Diagrams - export png for end2end pathlookup and host2gateway didn’t work
  • Diagrams - the tooltips for ACL/QOS were not showing
  • Fixed an error when manually uploading an update package
  • Fixed API endpoints for TechnologyPlatformsVDC & TechnologyPlatformsVPC
  • Wireless access point impact is calculated now only from errors and drops on wired interfaces
  • Cisco SG300 spanning-tree is now correctly parsed and saved
  • Fortigate hostname saved when no authorization is allowed

2.2.1 (21th March 2018)

BugFixes
  • Report - Site Low Level report - some cases had bug during generation
  • Report - Network Analysis report showed duplicate percentage under radar charts
  • Fortinet hostname not visible
  • Mac self entries not considered as switch
  • TechSupport file - download doesn’t work
  • TechSupport file doesn’t contain discovery and cli logs
  • TechSupport file doesn’t contain the most recent archived cli logs
  • TechSupport file doesn’t contain nimpee system logs

2.2.0 (19th March 2018)

Features
  • Colorizing tables using custom filters rules
  • Dashboard is fully customizable
  • Site separation now allows OR conditions in regex
  • Site recalculation can be now performed without new discovery process
  • Discovery seed - IP networks can now be added as seed (currently limited to /24)
  • Diagrams - performace optimizations
  • Diagrams - Network - added mask separation option for transit networks
  • Diagrams - new UI for protocol menu
  • Diagrams - moved link grouping and layer grouping options to protocol menu
  • Diagrams - Network - multiple items can now be selected using CTRL key
System Features
  • Added system interface accessible using system account
  • Integrated backup & restore (currently local or FTP target)
  • NIMPEE can now be updated over the Internet or by uploading an update package
Vendor Support
  • FortiGate
  • Palo Alto
  • Juniper - Junos OS
  • Cisco wireless - added support for new wireless access point AIR-AP2802I
  • HP 830 Unified Wired-Wlan platform - (Interface parsing, without wireless features)
BugFixes
  • Diagrams - Network - nodes without edges now remains visible in graph
  • Diagrams - Network - sites can now be added/removed in parallel
  • Check Point - Added support for ‘expert’ mode
  • Cisco ASA - routing table parsing issue fixed
  • Cisco - Wireless added support for clients in ‘start’ state
  • Cisco C1900 Routing table parsing issue fixed
  • Cisco Enviroment parsing fix on some IOS platforms
  • HP Comware - fixed parrsing STP in MSTP mode

2.1.2 (19th January 2018)

Features
  • New audit check Technology - Spanning Tree - Incosistencies - Neighbors ports vlan mismatch
  • New audit check Technology - Spanning Tree - Incosistencies - Ports with multiple neighbors
  • New audit check Technology - Spanning Tree - Incosistencies - STP/CDP ports mismatch
  • New audit check Technology - Spanning Tree - Incosistencies - Multiple STP between two devices
  • New audit check Technology - Interfaces - Duplex Half duplex table replaced with Duplex mismatch table.
  • New technology table Technology - Security - 802.1x - Devices displays grouped data about 802.1x per device.
  • New technology table Technology - Platforms - Stacks displays grouped data about stacks per device.
  • Improved overview Technology - Platforms - Stacks - Members new connectionsCount column, popup with information for hostname, link to open site diagram.
  • Improved overview Technology - Platforms - Stacks - Connections new membersCount column, popup with information for hostname and interface.
  • Added support for relayed Syslog messages
  • Improved diagram performance
  • Improved diagrams Diagrams - Network - added “ignore filters” option to allow displaying of a single device with no known connections
  • Improved diagrams Diagrams - Network - added show utilization option
  • Improved diagrams Diagrams - Network - updated site presentation
  • Improved diagrams Diagrams - Network - tunnels between sites are now displayed in network overview
  • Improved diagrams Diagrams - Network - added caching for redrawing which removes device jumping when redrawing
  • Improved Web UI - Enabled searching in quick sites filtering (top left corner)
  • Improved diagrams UI - enabled searching in list of sites, routing domains, and switching domains
  • Settings - Authentication - disable browser popup to save passwords
  • Sites calculation type “Routing & Switching domain” change to sticky. Now using an intersection of previously found serials numbers with new ones. Previously renamed sites before this release will be discarded without a migration script.
BugFixes
  • CLI parsing - Fixed false prompt detection when was used “>” char in interface description
  • CLI parsing - Cisco NXOS - fixed parsing of routing table for local routes
  • CLI parsing - fixed WLC platform AIR-C25xx
  • Updater service - heap out of memory fixed
  • port with cdp AP considered as edge
  • Remove phone capability in CDP/LLDP send from some Nexus platforms
  • Configuration Management - Fixed false positives, which erroneously showed changes in configuration, when in fact none have occured. (Line break n vs rn)
  • Diagrams - Fixed label boxes disappeared after hiding
  • Diagrams - Fixed search
  • Diagrams - Fixed link overlaping in network view
  • Diagrams - Network - removed impact option
  • Diagrams - labels in export image are always visible
  • Table Technology - Interfaces - Switchport Edge column displayed wrong values
  • Table Reports - Site Low Level Design column siteName was wrong after the site renaming
  • Site Low Level Design - Report: siteName was wrong after the site renaming
  • Site Low Level Design - Report: if user arrange a site diagram then the diagram in report also rendered according this positions.
  • Web UI - Fixed generation of TechSupport file, which could fail with large data set
  • Web UI - Some messages of informative character was displayed as critical messages (red color).
  • Routing domains calculation fix - protocols forming domains where not correctly filtered

2.1.1 (5th January 2018)

Features
  • The component for scheduling snapshots and configuration management
  • Technology - Management - Saved config consistency display diff directly in the table, instead on new page
  • Technology - Interfaces - Switchport added columns Access Mode Vlan, Voice Vlan
  • Technology - Wireless - Access points added column Mac, Impact
  • The columns labels & help is now used in search.
  • HP Aruba - more detailed error & drop counters
BugFixes
  • HP Aruba - fixed parsing of wireless clients
  • The discovery process stuck, when DNS resolve was enabled.
  • Telnet client - fixed negotiation for IOS XR
  • Cisco IOS-XE 3.04.06 fixed parsing of environment/stack command
  • Cisco IOS-XR fixed parsing of age for arp command
  • Cisco IOS 870 fixed parsing of cryptoSession command
  • Cisco IOS-XE fixed parsing of OSPF neighbor command
  • Cisco IOS 2500, IOS-XE cat4500e fixed parsing of OSPF interfaces command
  • Cisco IOS - fixed parsing of switchport command, trunk allowed vlan list
  • Cisco IOS 2950 - fixed parsing of serial number
  • HMM protocol removed from CEF

2.1.0 (15th December 2017)

Platforms
  • Checkpoint Gaia
  • HP Aruba (Wireless)
Features
  • NX-OS Routing summary support
  • Technology - Addressing - Managed IP added columns VRF, DNS name, DNS matched, DNS reverse (check if DNS record correspond with hostname of the device, including DNS reverse lookup))
  • Technology - Management - Saved config consistency (check if a device have unsaved configuration)
  • Technology - Security - IPSec
  • Technology - Security - DMVPN
  • Technology - Platforms - Enviroment (Power Supplies & Fans)
  • Technology - Interfaces - Switchport
  • Technology - Spanning Tree - Neighbors
  • Technology - Routing - OSPF - Neighbors & Interfaces
  • Technology - Security - 802.1x
  • Technology - Wireless - Clients add new column SSID
  • Technology - Wireless - Access points add new columns Average Signal Strength, Average Signal to Noise Ratio (Clients with weak signal, Access points with problematic clients)
  • Settings - Advanced - SSH/Telnet (customer can define retries limit for failures)
BugFixes
  • SSH & Telnet clients - fixed false prompts detection (Cisco ASA timeouted on <—More—>)
  • Cisco WLC - show client summary command timeout fix (reply “y” on display more entries? y/n)
  • Cisco WLC - show port detailed-info fixed parsing
  • Cisco show spanning-tree detail STP instances with no interfaces removed
  • IP Phones - fixed lldp & cdp different destination interfaces
  • L2 edge port & user mac address detection improvement
  • NX-OS OTV interface supported
  • IE11 better performance

2.0.0 (9th November 2017)

Platforms
  • Riverbed Steelhead
  • HP Comware 5 and Comware 7
System BugFixes
  • Fex parsing when description includes non-alphanumeric characters
  • OS Versions VDC fix (only chassis are included)
  • STP parsing logic fix
  • Duplicit IP not reported for /30-32 networks
  • Fixed telnet negotiation
Features
  • Combined Discovery & Analysis
  • Network Change Management
  • New diagrams
  • New central API
  • Added IP telephony
  • Added QoS
  • Added PoE
  • Added StackWise
  • Added routing protocols summary table
  • Added Interfaces - Transceivers
  • Added Interfaces Rate (inbound, outbound, biderectional) tables
  • Added Spanning Tree - Incosistencies table
  • Added Wireless controllers, access points, clients tables
  • Added End of life reports for 3COM, HP Enterprise, ProCurve, Riverbed + Cisco reports updated
  • Better TACACS controls
  • FEX-FABRIC portchannel type
  • Export encrypted techsupport file
  • Jumphost support
  • Connectivity matrix based on protocol direction
  • Access List - new filter for source & destination port (searching in port range, filter values can be seperated by “,”)
  • Tables improvements (Automatic calculation of rows per page, Table rows size, Sticky first column, better pagination design)
  • User management including roles
  • Option to create a CSR (Certificate Signing Request)
  • CLI authentication records importance can be changed by drag & drop, the upper record will be use first.
  • Search - user can simply find related page using search
  • User with settings privileges can clear DB

NIMPEE v1.x.x

Version 1.0.6

System BugFixes
  • Added firewall rule for syslog 514/UDP​
  • Debugging tool fixes
  • Added db parameter tuning (THP disabled)

Version 1.0.5

Platforms
  • Cisco SG300
Features
  • ACL table - intelligent port filter
  • Site report - inventory description column added
Fixes
  • IOS route leaking parsing
  • VPC info was not collected
  • Risk graph EoX and reload now based on traffic impact
  • NX-OS ACL matches statement fix
  • /32 routes to discovery
  • NX-OS error disabled parsing
  • Bridge-groups stp parsing
  • C890 wlan interface parsing

Version 1.0.4

System Features
  • added update script
  • Added automatic HTTPS redirect
System BugFixes
  • Debugging tools fixes

Version 1.0.3

Features
  • Added calculation of affected users on L3 paths
  • Dashboard capacity and performance tables improvement
  • Routing graph mesh to cloud
Fixes
  • Affected users calculation in partially discovered network fix
System Features
  • Improved MOTD for “nimpee” troubleshooting user
  • HTTPS access.
  • HTTPS certificate wizard is now part of initial configuration
  • Image hardening
  • network configuration wizard automatically pre-fill current values (for example current hostname or domain name)
  • Remote support SSL VPN
System BugFixes
  • Simplified bandwidth management
  • Added ability to rerun initial boot wizard
  • User configured BW limit is still in place after reboot
  • DNS are now properly configured in case of static IP address
  • NTP configuration was not properly applied

Version 1.0.2

Fixes
  • Continuous analysis log overflow fix
  • Improved systemd process control

Version 1.0.1

Features
  • Periodic run of Analysis
  • L3 affected users on L2 path
  • L3 Uplink calculation
Protocol support
  • Mac address collection now supports static entries
UI improvements
  • Mac table now includes edge port flag, vlan and source (dynamic/static) columns
Fixes
  • Risk radar chart calculation for routing stability fix
  • Cache for analyze API routes
  • L2 affected users network mac addresses removed

Version 1.0.0

UI improvements
  • IP-aware lookups
  • Lookup IP via VLSM prefix
  • Lookup Route via single IP
  • Faster tables, table filtering
  • Case insensitive search
  • Regex filtering support
  • Rearranged menu as L1/L2/L3 items
Diagrams
  • Routing domain diagrams
  • End to End Path lookup diagram
  • added vrf support
  • added RPF
  • added neighboring domains
Analytics
  • Site uplink calculation
  • Table sorting by severity (color)
  • Added human readability
  • Transfer rates: added Mcast/bcast/packets and overall loss impact to trsnsfer rates
Protocols and technology support
  • Routing
  • Routing domain overview
  • ACL
  • Added ACL support
  • Added IP ACL interface table
  • Added Reflexive ACL support
  • FEX support
  • Users connected to FEX are displayed on the diagrams
  • vPC support
  • ARP
  • Added ARP state table
  • Added ARP VRF Support
  • Added Proxy ARP Support
  • MAC
  • Added MAC state table
  • Added CDP/LLDP neighborship tables
Management and technical visibility
  • Added connectivity matrix
  • Added syslog target
  • Lookup and filter by message, mnemonic, system time, sequence number
  • Added Configuration management
  • Sanitization of configurations
  • Configuration comparison
  • Improved Low Level Design document export
  • Added connectivity matrix, OS versions, CDP/LLDP neighbors
Enterprise features
  • Added integtated support
  • Configurable site boundary detection
  • Configurable operational scope
  • Added first boot wizzard
  • Added Automated error reporting
  • Added Licensing