What's New
What's New contains a list of features and functionalities introduced in recent releases.
New Features in 6.12.00
GigaVUE 6.12.00 Software offers usability improvements, resolved issues, and the new capabilities described below.
Online Documentation
| For the complete online documentation for this release, visit the GigaVUE 6.12 Online Documentation. No login required. |
| View What's New in the online documentation to access quick links to topics for each of the new features. |
| Click the Library button at the top of the page to visit the new Documentation Library for all PDF downloads and access to additional resources. |
| The API Reference Guide is now available online including APIs and sample output and examples for GigaVUE-FM APIs as well as Ansible examples provided using the same accessible reference style. |
|
Product Area |
Feature Summary |
|||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Cloud Suite
|
GEM for Cloud Workloads (Kubernetes Containers) This feature introduces support for Azure Kubernetes Containers. The Application Metadata Exporter (AMX) now enriches metadata with details from managed Kubernetes services, including Service Name, Pod Name, Namespace, Container Name, Tags, and more. This enhancement gives CloudOps, DevOps, and SecOps teams deeper situational awareness for monitoring performance, security, and compliance. Refer to Application Metadata Exporter. |
|||||||||||
|
Support for Traffic Acquisition using Inline V Series Introducing support for a new inline tapping method, enabling GigaVUE V Series Nodes to operate in inline mode, launched and scaled by the platform using Third Party Orchestration. You can deploy the GigaVUE V Series Nodes in single or two-tier setups, with first-tier nodes tapping and load-balancing traffic to second-tier nodes for processing, filtering, and forwarding to tools. Additionally, you can group multiple GigaVUE V Series Nodes into "Node Groups" and configure multiple Monitoring Sessions within a single UI canvas, enhancing efficiency, reliability, and ease of traffic monitoring. Supported Platforms: AWS, Azure. Refer to: |
||||||||||||
|
UCT-C Istio Envoy support Istio Envoy service mesh now supports Kubernetes and OpenShift environments. Clients can send unencrypted mirrored traffic to tools by tapping into mTLS-enabled connections between pods. The Sidecar Envoy methodology using either the LO interface or eBPF precryption facilitates this process. Mirrored traffic reaches the V Series securely through an encrypted tunnel, with GigaVUE‑FM automating the flow, like other UCT-C mirrored traffic setups. Refer to: |
||||||||||||
|
GigaVUE-FM High Availability Support in Cloud Platforms This feature provides high availability support for GigaVUE-FM in cloud environments. It allows GigaVUE-FM nodes to form a cluster, ensuring continuous availability and reliability. The feature supports both public and private cloud platforms, including AWS, Azure, GCP, VMware ESXi, NSX-T, OpenStack, and Nutanix. It requires network connectivity with less than 200ms latency, the same software version across nodes, and an GigaVUE-FM Prime license. The feature also supports external communication using private or public IP addresses, with the ability to update external IP configurations. |
||||||||||||
|
Exclude Tool Instances from Identified List of Targets in AWS VPC Mirroring Tapping This feature addresses the issue of traffic loops caused by tool instances being mistakenly identified as monitoring targets. This feature allows users to exclude tool instances from Automatic Target Selection (ATS) using a tag-based method or an exclusion map, ensuring that only relevant traffic is monitored. This prevents unnecessary resource consumption and enhances monitoring accuracy. Currently, the feature is supported on AWS. Refer to: |
||||||||||||
|
GCB now supports up to 128 policy rules (each with two filters), doubling the previous limit. This enhancement increases capacity to address large scale deployment challenges. The user interface remains unchanged, but both GigaVUE‑FM and API interfaces now support 128 rules, each with two filters. |
||||||||||||
|
Traffic Mirroring Support for Nutanix with V Series 2 GigaVUE‑FM now supports traffic mirroring in Nutanix environments using network function chaining with V Series 2. A V Series node is deployed on each Nutanix host with monitored VMs. This feature operates on the underlay network only and is not supported within Nutanix VPCs. Refer to Upgrade GigaVUE V Series Node in GigaVUE‑FM for Nutanix |
||||||||||||
|
5G Cloud: Nokia HEP3 Support for Non-SBI Traffic The 5G Cloud application now supports Nokia’s HEP3 format, enabling non-SBI traffic processing over mTLS from IMS core functions. Two VMs manage orchestration and handle HEP3 over TCP, ensuring compatibility with VMware ESXi and OpenStack. |
||||||||||||
|
GigaVUE-FM Core
|
Restricted Access to CLI for GigaVUE-FM Access to the Linux shell prompt is now restricted and will be removed in a future release. When you log into the GigaVUE‑FM CLI, you can view the fmctl command prompt instead of a bash shell. To access the bash shell, use the shell command. In the future, access to bash through the shell command needs Gigamon support. |
|||||||||||
|
GigaVUE-FM Session Security Enhancements with Cookie Validation This release introduces session management improvements to strengthen GigaVUE‑FM security:
These enhancements help to prevent stale sessions from persisting, aligning with best practices for secure session handling. |
||||||||||||
|
Rate Limiting on API Endpoints in GigaVUE‑FM
Refer to Preferences Updates |
||||||||||||
|
Disabling Basic authentication in GigaVUE‑FM When you first install GigaVUE‑FM, the Basic Authentication option is disabled by default to enhance security. You can enable it manually if required. However, when you upgrade GigaVUE-FM, Basic Authentication is automatically enabled during an upgrade, only if it was enabled in the previous GigaVUE-FM version. Refer to Authentication Type |
||||||||||||
|
FIPS 140-3 Compliance in GigaVUE-FM GigaVUE‑FM now supports FIPS 140-3, the latest and most rigorous cryptographic standard validated by the National Institute of Standards and Technology (NIST). This update replaces the earlier FIPS 140-2 certification and ensures continued adherence to United States (U.S.) government security requirements for cryptographic modules. Refer to FIPS Compliance in GigaVUE-FM |
||||||||||||
|
GigaSMART
|
Artificial Intelligence (AI) Traffic Insights Application Intelligence includes support for 14 new AI apps. Overall, it allows monitoring usage of 30+ widely used AI apps for Governance, Risk and Compliance (GRC). You can access the Application Protobook from the GigaVUE‑FM in the following ways:
|
|||||||||||
|
GigaSMART Rotational Sampling for Fixed Wireless Access subscribers. GigaSMART Rotational Sampling now offers enhanced network visibility by enabling Dynamic Session Sampling of sessions specifically for Fixed Wireless Access subscribers. A new flag in the map rule allows sampling to be restricted to IMSIs within the current sampling window. This guarantees that only active subscribers during the specified period are included, resulting in more accurate and adaptive sampling of Fixed Wireless Access traffic. This feature is supported in GigaVUE‑HC3 Gen 3 and GigaVUE‑HC1-Plus Front & Rear in Non-CUPS LTE (Non-CUPS GTP application). It is not supported by Control Plane Nodes. Refer to GigaSMART Rotational Sampling |
||||||||||||
|
FIPS 140-3 Certification Support in GigaVUE-H Series Secure Tunnel The FIPS 140-3 H-Series Secure Tunnel feature enables secure tunnel applications on the Gen3 platform to use FIPS-validated SafeLogic cryptographic modules with OpenSSL 3.5, ensuring compliance with government security standards and supporting only the TLS 1.3 protocol with the TLS_AES_128_GCM_SHA256 cipher. Refer to FIPS Compliance in GigaVUE-OS. |
||||||||||||
|
Enhanced TCP Insights in Application Metadata Intelligence. Application Metadata Intelligence provides enriched TCP insights for monitoring and troubleshooting bandwidth usage, buffer utilization and connection liveness. The enriched insights include support for Maximum Segment Size (MSS), Window Size, Zero Window and Zero Window Probe and Acknowledgment. The above attributes can be exported in IPFIX and CEF formats.. This feature is supported on Gen3 GigaSMART and GigaVUE V Series. Refer to:
|
||||||||||||
|
Post-Quantum Cryptography (PQC) and Quantum-Resilient Cryptography (QRC) Support for Inline TLS/SSL Decryption This release adds support for NIST-approved Post-Quantum Cryptography (PQC) algorithms—ML-KEM, ML-DSA to Inline TLS/SSL Decryption solution. The feature enables quantum-safe key exchange and digital signatures, ensuring secure, encrypted traffic inspection against future quantum threats. Refer to:
|
||||||||||||
|
Auto-discover AMI/NetFlow exporter using SNMP The AMI exporter configuration on Gen3 GigaSMARTmodule supports SNMP (Simple Network Management Protocol) on its IP interface, enabling NPM/APM tools to automatically discover and manage it as a data source. It is compatible with SNMP v1, v2c, and v3 on Gen3 platforms. By default, SNMP processing is disabled and must be enabled through the GigaVUE‑FM. The feature is not available on GigaVUE V Series platforms. Refer to:
|
||||||||||||
|
GigaVUE‑OS
|
Configure Password Complexity Settings Secure Passwords mode can now be enabled from the Settings > Global Settings > Security, enforcing strong password requirements for all users. Passwords must contain at least 8 and up to a maximum of 64 characters long and include uppercase, lowercase, numeric, and special characters. Additionally, when resetting a password, the new password must differ from the previous one by at least eight characters. Refer to Configure Secure Password and System (Security Passwords) |
|||||||||||
|
Enhanced Fabric Map Scalability To enhance Fabric Map scalability, the maximum number of supported 3999 circuit IDs is based on the available internal VLAN resources in GigaVUE-OS 6.12 and above. This upgrade enables larger and more complex fabric map deployments. It supports advanced topologies without requiring changes to Fabric Manager. You can create up to 1024 fabric maps between two clusters or standalone nodes. Refer to Circuit-ID Tunnels—Rules and Notes |
||||||||||||
|
Improved System Health Monitoring with Disk Activity Insights You can now view disk activity, which provides visibility into read/write operations and disk utilization patterns. It helps you identify abnormal disk activity early, such as excessive logging or unplanned read/write spikes, allowing you to take preventive actions and maintain overall system stability. Refer to system-health |
||||||||||||
|
Inline Bypass Support for GigaVUE‑HC1-Plus Introducing inline bypass support for the GigaVUE‑HC1-Plus platform, enabling customers to deploy traditional inline network and security architectures seamlessly on GigaVUE‑HC1-Plus. Refer to Inline Bypass Solutions |
||||||||||||
|
Enhanced Visibility into VLAN Resource Utilization Gain deeper insights into how VLAN resources are consumed across different features. You can now view the overall VLAN resource usage and feature-wise allocation through the GigaVUE‑OS CLI and GigaVUE‑FM. With visibility into VLAN usage, you can proactively optimize feature enablement and solution deployments based on available VLAN capacity, ensuring better resource utilization and system performance. Refer to:
|
||||||||||||
|
Hardware
|
DC Cable Specification for Australia/New Zealand Compliance The DC power cable, PCD-00051, complies with the AS/NZS 5000 and AS/NZS 3015 standards applicable in Australia and New Zealand region. This specification supports the following platforms: GigaVUE-TA25, GigaVUE-TA200, GigaVUE‑HC1, and GigaVUE‑HC1-Plus(with D-SUB power connector type). Refer to Regional Compliance (Australia and New Zealand Standards) |
|||||||||||
|
Support for New Bidi Optics We have introduced new 40Gb BiDi optics modules, QSB-504 (full duplex), to expand our high-speed optical connectivity options, supporting 40G BiDi fabric interconnect use case.
|
