The release notes cover the following topics:

Product Description

VMware Smart Assurance Network Configuration Manager (NCM) is:

  • An automated compliance, change and configuration management solution that delivers industry-recognized best practices.
  • A collaborative network infrastructure design that controls change processes, provides network device and service configuration transparency, and ensures compliance with corporate and regulatory requirements — to enable you to ensure the security, availability, and operational efficiency of your network.
  • An automated support for all facets of the network infrastructure lifecycle, seamlessly integrating critical design, change, and compliance management requirements.

What's New in this Release

Smart Assurance Network Configuration Manager 10.1.6 introduces the following enhancements:

  • Support for SELinux enforcing mode

          NCM is enhanced to install and run on machines with SELinux configured in enforcing mode. As part of this enhancement, STIGs V-71989, and V-71991 are addressed.

  • Support for FIPS enabled mode

           NCM is enhanced to install and run on machines with FIPS mode enabled. As part of this enhancement, STIGs V-72067, V-72989, V-72993, and V-73071 are addressed.

           Note: When NCM is installed on a FIPS-enabled machine, SNMPv3 discovery does not support MD5 Authentication protocol. And, DES Privacy protocol as these two protocols are not FIPS compliant.

  • Notification for the devices for Update OS Image: 

          The Update OS Image dialog window has been enhanced to provide a notification for devices that are not added to the Selected Devices while  updating the OS Image. This feature improves the overall user experience.

  • Enhanced Compliance Test Preview: 

           The Compliance Test Preview window now allows user to choose the device configuration unit from a list of available configuration units.

          For example, in the case of the Cisco IOS devices, users can choose from running, startup, etc..

  • Versioning for NCM libraries: 

           The name of NCM libraries is suffixed with the NCM version, that is - 10.1.6.0.

  • Maven BOM(Bill of Materials) XML file creation: 

​           The Maven BOM XML file is created which has information about all third-party libraries including group ID, artifact ID, and version.

For Security vulnerabilities addressed in NCM, see Network Configuration Manager Security Update for Multiple Vulnerabilities, and security enhancements section in NCM Security Configuration Guide.

Third-party software component upgrades:

Following third-party software components are upgraded in Smart Assurance Network Configuration Manager 10.1.6:

  • Log4j is upgraded to 2.14.1.
  • Zebedee is upgraded to 2.5.3.
  • Bzip2 is upgraded to 1.0.8.
  • Zlib is upgraded to 1.2.11.
  • Plexus-utils is upgraded to 3.2.1.
  • Micronaut is upgraded to 1.3.7.
  • Restlet is upgraded to 2.4.0.
  • Tomcat is upgraded to 9.0.50.
  • Quartz is upgraded to 2.3.2.
  • Slf4j-api is upgraded to 1.7.32 (except in NCMSmartsAdapter).
  • Gsoap is upgraded to 2.8.114.
  • Openssl is upgraded to 1.1.1g FIPS.
  • OpenJDK is upgraded to OpenJDK 11.0.12
  • Java is upgraded to OpenJDK 1.8.0_302 for local RA

For Open Source License(OSL) file open_source_licenses.txt, navigate to <VOYENCE_HOME>/osl directory.

Platform Support

The VMware Smart Assurance Network Configure Manager Support Matrix available from the VMware Support website provides the latest platform and interoperability information. For detailed information about platform support and interoperability, refer support matrix for your release.

Note: In NCM 10.1.6 release, some of the document(s) do not require modification. The older version document(s) are released as it is.    
 

Resolved Issues

  • SMARTA-1298 / SR 21222035205

    Auto-refreshing of Job/task status is not working in Schedule Manager in NCM 10.1.4.

  • SMARTA-1174 / SR 21193145202

    NCM has stopped running/generating the Audit Trails on new configuration revisions.

  • SMARTA-1318 / SR 21225809706 , SMARTA-1321 / SR 21230245806 and SMARTA-1408 / SR 21246533108

    The commmgrd crashes whenever there is push/pull job in NCM 10.1.4.

  • SMARTA-956 / SR 20154869109

    By intercepting NCM client application requests it's possible to bypass the authentication process, and access the application as any user.

  • SMARTA-1169 / SR 21190138401

    In NCM v9.6, multiple authentication failures are observed when TACACS+ is set to 2FA/RSA.

  • SMARTA-1350 / SR 21236960707

    NCM LDAP user login issue occurred due to cipher mismatch. 

  • SMARTA-1352 / SR 21233391506

    The ssh.log file under $VOYENCE_HOME/logs does not rotate.

  • SMARTA-1216 / SR 21203774403

    Cross-Site Scripting security issue with Sysadmin console in localPath parameter.

  • SMARTA-1316 / SR 21208699503

    NCM is not able to remove devices from database, despite transformer logs report removal completed.

  • SMARTA-1344

    Vulnerability reported in the Java version used by 9.6 Report Advisor.

  • SMARTA-1240

    NCM 9.6 to 10.1.4 install guide needs update in Upgrade/Migration to new host section.

  • SMARTA-1405 / SR 21246050108

    NCM 9.6.0.10 Pull after device discovery on 3-4 devices (only SSH creds) causes DS restart.

  • SASS-15800

    Increase the length of the interface_name to 256 in cm_interface table.

  • SMARTA-1310 / SR 21224058805

    NCM fails to start after direct upgrade from v9.6 to v10.1.4.

  • SMARTA-286 / SR 19320944805

    NCM installer stops firewalld and iptables but does not restart them on completion.

Known Issues

  • SA1-824/[ER-979]

    NCM 10.1.0 application launch is breaking on Google Chrome.

    Chrome has deprecated the NPAPI support which causes Java plugins to be disabled.
    If you have problems accessing Java applications using Chrome, Oracle recommends using Firefox, Internet Explorer, or Safari instead.
    https://blogs.oracle.com/java-platform-group/entry/java_web_start_in_or 

    Users that need to run Web Start application may launch that application through a web browser such as Internet Explorer, Mozilla Firefox, Apple Safari, or Pale Moon.

    The link, https://<ipaddress>:8880/voyence/powerup.jnlp, provides a .jnlp file download you can use to enable the launch of the NCM application.

  • VSAC-531 

    After upgrading from 10.1.3 to 10.1.4 on RHEL8, vcmaster service status command displays failed message for ncm-as service. 

    Workaround: There is no functionality impact and workaround is to restart the vcmaster service.

  • SMAR-1855

    User is not able to launch NCM MSA on the Firefox version 58 or later.

    Use the older version of Firefox (version older than 58), or use Internet Explorer to launch the NCM MSA.

  • VSACAPRI-919

    NCM MSA login screen should have a standard login screen with VMware logo.

    No workaround.

  • VSACAPRI-833

    MSA login page display Grails as the logo, instead of VMWare Network Configuration manager.

    No workaround.

  • VSACAPRI-945

    Device Server health check log has some warnings.

    No workaround.

  • VSACAPRI-950

    When UI is launched with the new UI Linux client, Schedule Manager sorting is not happening properly and device properties are not seen.

    Workaround: You can use filters to check the details of required job.

  • VSAC-985 / VSAC-989

    Sometimes, vcmaster service status is not shown correctly, there is no functionality impact.

    Workaround: You can check the status of vcmaster service by executing the following command:

    $VOYENCE_HOME/bin/vcmaster status

    You can also restart vcmaster service, to see the correct status next time.

  • VSAC-1068

    When either of commmgrd or autodiscd crashes, stacktrace and core is not generated.

    Workaround: To generate core and stacktrace, modify the /etc/rc.d/init.d/voyence file as shown below:

    • Comment out this line : su -p -s /bin/bash $VOYENCE_USER -c "$VOYENCE_HOME/bin/voyenced -r start" >/dev/null
    • And add this line : su -p -s /bin/bash root -c "$VOYENCE_HOME/bin/voyenced -r start" >/dev/null
    • Restart vcmaster service using, service vcmaster restart.
  • VSAC-1125

    Excessive logging in /var/log/messages & $VOYENCE_HOME/cm/Syslog is observed after restoring backup from previous versions of NCM

    Workaround: Follow the below given procedure after restoring the database backup:

    1. Login to Database Server.
    2. Execute the below queries: 
      ALTER TABLE voyence.cm_interface ADD COLUMN speed varchar(64);
ALTER TABLE voyence.cm_interface ADD COLUMN mode varchar(16);
    3. Restart vcmaster service.
check-circle-line exclamation-circle-line close-line
Scroll to top icon