Versions Compared

Old Version 1

changes.mady.by.user Panna .

Saved on

compared with

New Version Current

changes.mady.by.user Uday Dubey

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The NIOS 8.5 release includes the following new features and enhancements:

...

For information about the command, see the show hardware-type topic topic.

IPv6 Support for Subscriber Services (RFE-10975)

...

You can now configure DHCPv6 option filters using the Data Management > DHCP > Filters > IPv6 Option Filter option. The Filters tab now displays the filter type and you can associate DHCPv6 option filters with these IPv6 objects IPv6 network, IPv6 range, IPv6 network container, IPv6 shared network, IPv6 fixed address, IPv6 network template, IPv6 range template, IPv6 fixed address template, Grid DHCP, Member DHCP properties.
For more information, see the Configuring Option Filters topic.

NAC Authentication Messages in Syslog (RFE-10028)

...

The existing CLI commands have been redesigned and old parameters are changed with new parameters. For more information about the syntax, arguments, and examples of these commands, see the the set subscriber_secure_data bypass and the show subscriber_secure_data bypass topics.

Multi-Grid Master and Sub Grid Synchronization (RFE-7653)

...

For more information about the syntax, arguments, and examples of these commands, see the set allow_query_domain, show allow_query_domain, and and show allow_query_domain_views topics in the NIOS 8.5 online documentation.

...

Grid members including the Grid Master can now function as NTP servers to clients if NTP is enabled on the Grid. You can even configure a stratum value that enables Grid members to continue serving NTP uninterruptedly using the disconnected NTP service in the absence of external NTP servers. This mode is called the orphan mode. When the external NTP servers are reachable again, the Grid connects to the server to serve NTP and derive the NTP stratum values and automatically switches to the connected mode.
For more information about the orphan mode, see the the Configuring the Orphan Mode and the Using NTP for Time Settings topics in the NIOS 8.5 online documentation.

...

vNIOS is now supported on the Red Hat OpenShift platform. For more information, see the Infoblox Installation Guide vNIOS for Red Hat OpenShift at at https://docs.infoblox.com  .

Deploying Multiple NIOS Instances on Microsoft Azure (RFE-8690)

You can now upload and deploy multiple NIOS instances on Microsoft Azure using a single resource group. For more information see the Infoblox Installation Guide vNIOS for Microsoft Azure at at https://docs.infoblox.com  .

Microsoft Server 2019 Support (RFE-10227)

...

For detailed information about the appliances that support DNS over HTTPS, limitations, and configuration, see Configuring DNS over TLS and DNS over HTTPS Services. For information about the commands, see the show doh-status, show doh-config, and and show doh-stats topics topics.

DNS Over TLS (RFE-6979)

NIOS appliances that support vDCA or vADP now include the DNS over TLS capability that helps increase DNS security and privacy. When you enable the DNS over TLS feature, DNS traffic is encrypted through the TLS protocol to prevent eavesdropping and tampering of DNS data. You can enable this feature by selecting the select the Enable DoT Service checkbox . This checkbox is present in the Member DNS Properties editor, Toggle Advanced Mode > Queries tab.

...

For detailed information about the appliances that support DNS over TLS, limitations, and configuration, see Configuring DNS over TLS and DNS over HTTPS Services. For  For information about the commands, see the show dns-over-tls-status, show dns-over-tls-config, and and show dns-over-tls-stats topics topics.

Proxying RPZ Passthru Rules (RFE-9982)

You can now proxy RPZ passthru rules for parental control through a configured the MSP (Multi-Services Proxy) server by selecting the newly introduced Proxy RPZ Passthru checkbox. If you select this checkbox, and a passthru rule from any RPZ zone is hit, then the query resolves to an MSP proxy virtual IP address and NIOS generates a "synthetic resolution”. If you do not select this checkbox, the query resolves normally.
For more information, see see Scaling Using Subscriber Sites.

...

For an AWS standalone member, NIOS now displays the New Password and Retype Password fields when you log in for the first time. You must change the default password. For more information, see see Logging on to the NIOS UI.

...

You can now deploy the NIOS virtual appliance on Oracle Cloud Infrastructure. You can deploy an Infoblox vNIOS for Oracle Cloud Infrastructure instance as a virtual cloud member tied to an on-premise (non-cloud) NIOS Grid. The NIOS virtual appliance for Oracle Cloud Infrastructure functions as a hardware virtual machine guest on the Linux system. For more information about vNIOS for Oracle Cloud Infrastructure, see the Infoblox vNIOS for Oracle Cloud Infrastructure Installation Guide at at https://docs.infoblox.com.

vNIOS for AWS Support for IB-V4025 (RFE-10374)

...

For more information about these checkboxes, see the Scaling Using Subscriber Sites. For more information about the CLI commands, see the show subscriber_secure_data bypass, set subscriber_secure_data bypass, show subscriber_secure_data garbage_collect and  and set subscriber_secure_data garbage_collect topics topics.

Extensible Attribute Support for VLAN and DNS Objects (RFE-10056)

...

You can now enable or disable the FIPS mode in NIOS. You can enable or disable the FIPS mode on a Grid Master, a standalone system, or on the active Grid Master node in a HA setup. In an HA setup, you can set the FIPS mode only on the standalone Grid Master node and then form an HA pair. You cannot change the setting on the HA Grid Master or HA Grid member. For more information see see Enabling/Disabling the FIPS Mode.

New CLI Commands to Set DNS and Anycast Start and Restart (RFE-10176)

...

For more information about these commands, see the the set restart_anycast_with_dns_restart and and show restart_anycast_with_dns_restart topics topics.

Enabling DDNS Updates from IPv6-Only DHCP Members (RFE-5118)

...

You can configure the Cloud Services Portal and schedule the entire threat indicator database download from the Cloud Services Portal. The threat category information is then sent to the reporting server to augment RPZ hits and reports are generated. Caching threat category information from the Cloud Services Portal helps enhance the performance of threat reports as data is fetched from the cache that is stored locally.
You can also download incremental updates from the threat indicators of the Cloud Services Portal. The incremental threat indicator is downloaded only after the whole threat indicator is downloaded from the Cloud Services Portal.
You can configure threat indicator caching by using the Threat Indicator Caching > Basic tab in the Grid Reporting Properties editor. For more information, see see Grid Reporting Properties.

...

NIOS now supports the integration of Cisco ISE versions 2.6 and 2.7. For information about integrating NIOS with Cisco ISE, see Cisco ISE Integration.

Additional Validation on Host Names (RFE-7507)

...

Additional validation is disabled by default. For more information about these commands, see the the set extra_dns_name_validations and and show extra_dns_name_validations topics.

...

For information about configuring high performance query logging, see the Capturing DNS Queries and Responses. For information about the new commands, see the set enable_dnstap, show dnstap-status, and and show dnstap-stats topics topics.

Support for More Intel NICs (RFE-8677)

...

You can now configure the edns-udp-size and max-udp-size attributes by entering byte values in the EDNS0 Buffer Size and UDP Buffer Size fields in the Grid DNS Properties/Member DNS Properties/DNS View > General > Advanced tab. The minimum and maximum values of both these attributes are 512 and 4096 respectively. By default, the buffer size is set to 1220 bytes. For information about configuring these attributes, see the the Using Extension Mechanisms for DNS (EDNS0).

...

You now have the option to configure whether customized root name servers must apply only to the default DNS view or to all DNS views. You can do this using the Applies to default DNS view only and the Applies to all DNS views on this member options in Member DNS Properties > Root Name Servers > Basic tab. For more information, see About Root Name Servers.

Capturing CSV Errors After NetMRI Synchronization (RFE-9097)

...

You can now download Ptop log files that comprise database metrics which you can use to determine the health of the NIOS database and baseline its performance. Based on the database performance, you can ascertain the impact of changes such as adding a Grid member or enabling features such as Grid replication for DNS zones or multi-master DNS, on the database performance. You can download the Ptop log files by using a WAPI call. For more information, see the the Collecting Database Performance Data.

...

You can now add TLSA records in both DNSSEC signed zones or unsigned zones. For more information, see see TLSA Records. 

Infoblox Customer Experience Improvement Program

...

vDCA is now supported on the IB-2215, IB-2225, IB-V2215, IB-V2225, IB-4015, IB-4025, IB-V4015, and IB-V4025 appliances. For more information, see see Configuring DNS Cache Acceleration.

CSV Import for Subscriber Records (RFE-8672)

You can now import subscriber site data by using the CSV Import option and export subscriber site data by using the CSV Export option. However, you cannot perform merge, custom, and replace operations for subscriber records. For information about supported object types for subscriber records and their corresponding fields for CSV import and export, see Subscriber Record.

You can also add, update, and delete subscriber records using NIOS APIs. For more information, see the NIOS WAPI documentation.

...

For more information, see Installing NIOS. For limitations about the scalable installer image, see see Limitations of Using the Scalable Image File.

vNIOS Support on Nutanix AHV (RFE-7970)

vNIOS is now supported on the Nutanix AHV platform. For more information, see the the About Infoblox vNIOS for Nutanix AHV documentation.

Infoblox IPAM Driver for Terraform (RFE-7614)

...

For more information, see DNS Dashboards, IPAMv4 Utilization Dashboards, and and DHCP Dashboards.

Configuring LAN1/LAN2 for Automated Failover (RFE-9114)

LAN1 and LAN2 interfaces both support DNS recursion in such a way that if the default route interface goes down, the route redundancy feature removes the failed interface so that there is automatic failover of recursion traffic. This provides for a seamless flow of recursive traffic movement.
You can configure automated failover by selecting the Enable default route redundancy on LAN1/LAN2 checkbox on the Network tab of the Grid Member Properties editor. For more information, see Using the LAN2 Port.

New Match Rule Filters for Outbound ObjectChange Events

...

You can now add a Cisco ISE endpoint using the Add Cisco ISE Endpoint option. For more information, see see Configuring Cisco ISE Endpoints.

HA Support for Outbound Notifications

...

You need the new ADP ruleset version to use this feature. For information about the GMC Test option, see Managing a Grid. For information about the CLI commands, see the the show test_promote_master and the and the set test_promote_master commands commands.

SSH CLI Access to Non Super Users (RFE-504)

Super users can now give SSH and CLI access to non-super users by selecting the CLI option in the Allowed Interfaces section of Admin Group Wizard. For more information, see see About Admin Groups.

Faster Refresh Rates for DTC Status Updates (RFE-6258)

...

You can now select NOERROR/NODATA or NXDOMAIN as a Destination/Response option when configuring a topology ruleset for destination types other than pools or servers. For more information, see see Configuring Topology Rules and Rulesets.

Increase in the DNS Traffic Control Scale (RFE-8771)

...

DNS Forwarding Proxy is now a NIOS service called DFP and it automatically handles DNS query forwarding. You can start and stop the DFP service just like other NIOS services. You can configure the connection between NIOS and BloxOne Threat Defense Cloud Services Portal by using the new CSP Config tab in Grid Properties Editor or Grid Member Properties Editor. For more information, see see Using Forwarders.

Discovery of SDN and SD-WAN Devices

You can now discover SDN and SD-WAN devices from Cisco ACI and Cisco Meraki using Network Insight. For more information, see Configuring Discovery Properties.

Enabling or Disabling RPZ Logging (RFE-7574)

You can now enable or disable RPZ logging for an RPZ zone by using the RPZ logging checkbox on the Logging tab of the Response Policy Zone editor. For more information, see Managing RPZs.

Inheritance Permissions for Host Objects Not Enabled in DHCP and DNS (RFE-9521)

...

This release of NIOS supports CGNAT (Carrier Grade NAT). Multiple subscribers share the same public IP address. In specific NATing algorithms that use port block (known port range allocation), the IP address and the first usable port (which is a new AVP called Deterministic-NAT-Port ) for the subscriber are provided in a RADIUS accounting AVP. You can select this AVP from the IP Space Discriminator drop-down list. For more information, see see Scaling Using Subscriber Sites.

Searching Host by IP Addresses or Networks (RFE-9231)

...

You can now monitor the CPU utilization of the top number of processes in the System Activity Monitor widget. You can either track the live CPU utilization data or you can view the CPU utilization data for up to a maximum of the past 60 minutes based on the time range you specify. You can also determine the frequency with which the Ptop tool must run and collect data. For more information, see see Status Dashboard.
You can configure the number of top processes and the Ptop interval only for the Grid Master. It is mostly for use by the Infoblox Technical Support team.

...