JFYI, NNMi_9.23 & 9.22 Updtes (465 Views)
Reply
Respected Contributor
Bharath M R
Posts: 411
Registered: ‎03-10-2010
Message 1 of 1 (465 Views)

JFYI, NNMi_9.23 & 9.22 Updtes

 

JFYI,

 

NNMi 9.23       

                   

                Security - PKI User Authentication         

 

  1. NNMi now supports smart card logons including Common Access Card (CAC) and Personal Identity Verification (PIV) cards.

 

                                You can configure NNMi to restrict certificates used for logons.

                                You can configure NNMi to use the following certificate validation methods for Public Key Infrastructure (PKI) user authentication:

 

* Certificate Revocation Lists (CRLs)

* Online Certificate Status Protocol (OCSP)

                               

2. NNMi now supports the use of subjectAlternativeName (SAN) for principal mapping in PKI user authentication.

                               

3.You can configure NNMi to use Access Control Lists (ACLs) to enable non-root users to run Command Line Interface (CLI) commands. This is useful where CAC is enabled and password credentials are not available for running CLIs.

                                 

 

 Device Extensions          

                               

    NNMi now uses NETCONF (RFC 4741 and 4742) communication with some device vendors and models (for example, Juniper Networks QFabric) to supplement the management information collected by SNMP.

                                 

 SNMP Communication and MIBs             

 

    NNMi now supports the discovery of its EngineID using GetBulk and GetNext operations, in addition to SNMP-GET operations (prevously supported).

                                 

 Integrations      

 

             HP Network Automation (NA)

 

You can configure the integration between NNMi and NA using two new options:

 

1. NNMi-NA Integration Level

The default setting enables full integration functionality. The other settings limit integration

functionality for multi-tenancy environments and for architectures in which two or more NNMi

regional managers connect to one NA core.

 

2. Out Of Service Completion Delay

This delay provides time for a device to recover after NA completes a task that placed that

device out of service

 

                                 

NNMi 9.22                        

 

User Interface  

 

        NNMi permits User Accounts assigned to the NNMi Operator Level 2 User Group to run Status Poll and Configuration Poll on nodes to which they have access.

 

        NNMi permits User Accounts assigned to the NNMi Operator Level 2 User Group to edit maps and node groups.

 

 Events 

 

* The trap server now starts sooner and begins capturing traps earlier after restarting NNMi.

* The Incidents View now includes Tenant and NNMi Management Server Columns.

*  Remote site unreachable incidents (Management Incident Configuration IslandGroupDown) have been updated to include custom incident attributes (CIA) cia.incidentDurationMs, cia.timeIncidentDetectedMs, and cia.timeIncidentResolvedMs.

                                 

                SNMP Communication and MIBs             

                                NNMi now supports the discovery of its EngineID, which is used in processing SNMPv3 traps and informs.

 

Devices can discover NNMi’s EngineID using the standard SNMPv3 EngineID discovery algorithm:                     

a. A device sends an empty SNMP-GET request to NNMi’s configured trap port (typically port 162).

b. NNMi generates and sends an SNMPv3 report PDU response to the device. NNMi's response

contains NNMi’s EngineID.

                                 

                Discovery           

 

 NNMi has been enhanced so it no longer shows a "Subnet connection" in a subnet where there are two or more MPLS Provider Edge (PE) interfaces involved.

 

You can configure NNMi to not consider some firewall and loadbalancer devices as duplicates. Many firewall and loadbalancer devices have duplicated IP addresses, duplicated layer 2 addresses, or both. This is especially true when the device is a virtual instance hosted on a physical device. NNMi often considers such devices to be duplicates of each other when they are not really duplicates. NNMi has a new configuration file in which you can list the sysObjectId values of these nodes. Doing so tells NNMi not to consider such nodes to be duplicates when it finds overlapping IP addresses, layer 2 addresses, or both.

     State Poller and Monitoring Configuration         

                                One common way to test network latency is to adjust the ICMP polling frequency and ICMP echo request packet data payload size for a management address being managed by NNMi. NNMi permits you to experiment with different packet sizes to measure the network latency.

                                 

    Causal Engine   

                                A new tab, called "Causal Engine", has been added to System Information window. This tab will display key statistic for the Causal Engine including how far behind it is processing state messages.

Traps sent by a proxy SNMP gateway might not show the original trap address when using NNMi’s default configuration. An administrator can configure NNMi to determine the original trap address.

                                 

     Security              

                                You can configure NNMi (using PKI) to map certificates to NNMi user accounts.

                                You can configure cipher suites in $NnmDataDir/shared/nnm/conf/props/nms-jboss.properties (Windows) or %NnmDataDir%\shared\nnm\conf\props\nms-jboss.properties

                                 

      Integrations      

                                You can configure HP NNMi to permit NNMi incidents to close automatically after the corresponding alert is acknowledged in HP BSM Operations Management  SiteScope System Metrics

The SiteScope System Metrics Integration Module now supports the use of the SiteScope 11.20 Dynamic

Disk Space monitor. Metrics collected by this SiteScope monitor and sent to NNMi according to   siteScope Data Integration preferences will now be processed correctly in NNMi and made available in NPS just as they had with the older Disk Space Monitor.

                                 

      ArcSight

Out-of-the-box Support for ProCurve syslog messages

Out-of-the-box support for H3C syslog messages

                                 

      Command Line Interface Commands     

 

 * The nnmsetiospeed.ovpl script permits the user to change the input or output speed on an interface either individually or in batch mode. See the nnmsetiospeed.ovpl reference page, or the UNIX manpage, for more information.

 

* The nnmloadinterfacegroups.ovpl script provides a command line interface for creating or replacing interface group configurations. See the nnmloadinterfacegroups.ovpl reference page, or the UNIX manpage, for more information.

 

 

Check Release notes for more info.

Thanks,
Bharath
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.