Updated on: 06 DECEMBER 2018
vRealize Network Insight 3.7 | 22 FEBRUARY 2018 | Build 1519211678
Check regularly for additions and updates to these release notes.
Alert! Apply the vRealize Network Insight Patch for Chrome 71 Support on all the platforms that have vRealize Network Insight 3.7. For more information, see KB 60368.
The release notes cover the following topics:
The new and enhanced features in this release are as follows:
- Increase in Scale for Micro-Segmentation Planning
You can do micro-segmentation in vRealize Network Insight now for 4 million flows.
- Centralized Upgrade (Offline)
vRealize Network Insight supports the single-click offline upgrade from Release 3.7.0 onwards. You can upgrade your system (including clusters)
from Release 3.7 to the subsequent releases using the offline bundle through UI.
- UI Support for Cluster Expansion
vRealize Network Insight now supports the expansion of an existing cluster from the UI. The cluster can have maximum of 10 nodes.
- vRealize Network Insight System Health Dashboards
vRealize Network Insight introduces various dashboards to provide the user with information on the overall health of platforms, collectors, and data
- vRealize Network Insight System Health Events
vRealize Network Insight introduces a new set of events related to the health of the system.
- AWS Overlapping IP/CIDR Support (Enterprise License Only)
vRealize Network Insight supports the following topologies for the flows that involves the overlapping IPs/CDRs:
- Intra VPC Flows
- VPC to VPC Flows (Peering)
- Hybrid Flows between AWS Native VPN and NSX Edge IPSec VPN
- Infoblox DNS Data Source (Enterprise License Only)
vRealize Network Insight adds support for Infoblox DNS as a data source. Infoblox DNS offers an advanced solution to manage and control DNS.
- Support for NSX-V 6.4 and NSX-T 2.1.0
vRealize Network Insight now supports its existing functionality for new versions of NSX (NSX-V 6.4 and NSX-T 2.1.0)
- Introduction of new SKU: ROBO (Remote Office Branch Office)
This is a new SKU that allows purchase of vRealize Network Insight advanced licenses for remote office / branch office deployments.
- Other Enhancements
- The timeout for UI inactivity is now set to 30 minutes from this release. Earlier, the timeout period was 90 minutes.
- vRealize Network Insight supports the
administrator privilege at the LDAP group level.
- An additional health check for the NSX-V “Traceflow” module is introduced.
- Several enhancements are made to manage log files in vRealize Network Insight.
The following documentation is available at vRealize Network Insight Information Center:
- vRealize Network Installation Guide
- vRealize Network Insight User Guide
- vRealize Network Insight Command-Line Interface Reference Guide
- vRealize Network Insight Frequently Asked Questions
- vRealize Network API Documentation
vRealize Network Insight 3.7 supports direct upgrade from the 3.6 and 3.5 versions.
Refer to the Upgrading vRealize Network Insight section to get information on upgrade options.
The resolved issues for vRealize Network Insight 3.7 are as follows:
Cisco N1000 NetFlow is now supported via the generic NetFlow data source collector. Hence the specific data source has been removed from the Add Data Source page.
The LDAP feature now supports restricting group access based on the Active Directory Primary Group.
The Export to CSV feature can now export more than 20,000 rows.
The Export to CSV format has been corrected for the exported flows.
The data source error appears on the Cisco N7000 Switch appears as follows:
Something went wrong. Please contact support.
This issue has now been fixed.
The VM path to Internet can now be drawn if the virtual machines in DVPG are configured with the VLAN ID equal to 1.
The Check Point gateway information is now processed by vRealize Network Insight for analysis.
The security groups, security tags, and IP sets are now mapped to the virtual machines.
The issues regarding addition of Panorama 8.0.1 as a stand-alone data source (not connected with NSX-V) have been resolved.
vRealize Network Insight was not showing the data for HP OneView with non-configured blades in bare metal chassis. This issue has been resolved.
The known issues and limitations for vRealize Network Insight 3.7 are as follows:
- [New] The UI of vRealize Network Insight 3.7 is not accessible from Chrome version 71. Apply the vRealize Network Insight Patch for Chrome 71 Support on all the platforms that have vRealize Network Insight 3.7. For more information, see KB 60368.
appliedTofield of the firewall rule does not support DVPG. It may impact the configured firewall rules that are shown for the VM and the VM-VM path.
- When you click All Security Groups on the Home page, the search page is loaded with the
security groups by translated vm countquery. The error message "
Invalid property in security groups by translated vm count" comes up.
- The Security Group Membership Change and the Firewall Membership Change events do not work.
- Sometimes, the Export to CSV feature fails with the 502 error in the browser. The workaround is to retry the operation.
- vRealize Network Insight does not support rollback or product downgrade. It is recommended that you take a backup.
- The datastore metrics of a VM are not shown on vRealize Network Insight if it is hosted on vSAN Datastore.
- If the vCenter and the associated NSX manager data sources are not attached to the same proxy server, you will not see the denied flows (when NSX IPFIX is enabled) and the
Applied Firewall Rulewill be missing in some flows.
- The NAT rules on the NSX Edge version 5.5 or the previous versions are not supported.
- The firewall rule section of the PCI Compliance dashboard may show incorrect rules if the selected scope is a nested security group in NSX or an application when multiple NSX managers are added as a data source.
- The sub-interfaces on VRF for Cisco Nexus 7000/9000 are not supported.
- In the
Applied To groupingcriteria, the NSX edge is not supported.
- The platform cluster does not support the high availability (HA) configuration. All the platform nodes need to be up and running for the cluster to work at optimal performance levels.
- The recommended firewall rules support only global rules creation. The creation of universal rules is not supported.
- The plan topology widget has options to select all flows, all protected flows, and so on. The flows that are solely captured from VDS and not from NSX IPFIX only show up when the all flows option is selected because their protection status is classified as unknown not as protected or unprotected.
- The Export as CSV option is not supported for advanced searches that use
- Some events such as
Host network control plane mismatchare not raised if the datacenter is not at the top level and is located inside a folder in vCenter.
- You must enable NSX central CLI in the Settings page to get visibility into the NSX NAT settings.
- The product update notifications are supported only for the single-platform node deployment that is connected to Internet.
- There is a known issue in the list view for events search where sometimes facet counts are incorrect upon selection and no events are shown.
- vRealize Network Insight shows the older version after the upgrade. Once the product upgrade is complete, refresh the browser after clearing the browser cache.
- Upon the expiry of the Evaluation license, the data providers are disabled and they stop collecting data. After renewing the license, the data providers must be enabled again from the UI to start data collection.
- To use Gmail® server as the choice of mail server, additional configuration settings as listed on https://support.google.com/accounts/answer/6010255?hl=en are required.
- After you remove a data source from the system, you can add the same data provider back only after two or more hours.
- The support bundle creation on a medium sized system can take in excess of fifteen minutes.
For MIB information, see Determining the MIB module listing, name, and type of an SNMP OID. You can download the SNMP MIB module file from the 1013445 KB article.