What's New
What's New contains a list of features and functionalities introduced in recent releases.
GigaVUE 6.4.xx Software offers usability improvements, resolved issues, and the new capabilities described below.
Online Documentation
|
Product Area |
Feature Summary |
Documentation ( |
||||||||
---|---|---|---|---|---|---|---|---|---|---|
Cloud |
Precryption™ Precryption1 allows Gigamon components to acquire plain text traffic on a node prior to encryption or after decryption. Precryption supports applications using OpenSSL version 1.0.2, version 1.1.0, version 1.1.1, and version 3.x. The feature is currently available in both Universal Cloud Tap - Virtual Machine (UCT-V) and Universal Cloud Tap - Container (UCT-C). Both UCT-V or UCT-C can capture the encrypted traffic and tunnel it to a remote GigaVUE V Series node or a tool node. For more information, refer to the GigaVUE Cloud Suite guides. |
GigaVUE Cloud Suite Deployment Guide - AWS
GigaVUE Cloud Suite Deployment Guide - Azure GigaVUE Cloud Suite Deployment Guide - OpenStack Universal Cloud Tap - Container Deployment Guide GigaVUE Cloud Suite Deployment Guide - Third Party Orchestration
|
||||||||
Renaming G-vTAP Agent, G-vTAP Controller, UCT The following GigaVUE Fabric components are renamed as follows:
|
|
|||||||||
Secure tunnel on UCT-C/UCT-V UCT-V and UCT-C capture the packets based on the prefiltering criteria or as per the configured criteria in the map.
Secure Tunnel securely transfers packets on UCT-V and UCT-C to a GigaVUE V Series Node. The data from UCT-V and UCT-C are encapsulated in PCAPng format and then sent securely over a TLS connection to a GigaVUE V Series Node.
Secure tunnel support on GigaVUE V Series Node Secure Tunnel can also transfer the packets from a GigaVUE V Series node to another GigaVUE V Series node. In the transfer of packets from GigaVUE V Series node 1 to the GigaVUE V Series node, 2 the traffic from the GigaVUE V Series node 1 is encapsulated using PCAPNG format and transported to GigaVUE V Series node 2, where the traffic is decapsulated. The GigaVUE V Series Node decapsulates and processes the packet per configuration and also sends the decapsulated packet to the application such as De-duplication, Application Intelligence, and then to the tool. The Load Balancer on this node can send the packets to multiple V series Nodes in case the packets should be encapsulated again and sent over a secure tunnel. For more information, refer to the GigaVUE Cloud Suite guides. |
GigaVUE Cloud Suite Deployment Guide - AWS
GigaVUE Cloud Suite Deployment Guide - Azure GigaVUE Cloud Suite Deployment Guide - OpenStack Universal Cloud Tap - Container Deployment Guide GigaVUE Cloud Suite Deployment Guide - Third Party Orchestration
|
|||||||||
Support for Resource Tagging in Public Cloud GigaVUE-FM now tags all the resources connected to the GigaVUE fabric components. The Key and Value provided during the fabric launch in GigaVUE-FM are tagged to all the resources associated with the respective fabric. This helps in identifying all the resources that are created in your public cloud platform during the fabric launch. |
||||||||||
Support for Traffic Acquisition using UCT-V in VMware NSX-T Federated Environment through third party orchestration VMware NSX-T typically uses service insertion as the traffic acquisition method. However, service insertion is not supported for VMware NSX-T federated environment. The traffic from the workload virtual machines can be acquired using UCT-V and sent to the GigaVUE V Series Nodes for processing. UCT-V and GigaVUE V Series Nodes can be deployed using third party orchestration (Generic Mode). |
GigaVUE Cloud Suite for Third Party Orchestration Configure GigaVUE Fabric Components using Third Party Orchestration on NSX-T Federation Environment GigaVUE Cloud Suite Deployment Guide - Third Party Orchestration |
|||||||||
Support to Upgrade an individual or multiple GigaVUE V Series Nodes for VMware ESXi |
GigaVUE Cloud Suite for VMware Upgrade GigaVUE V Series Node in GigaVUE-FM for ESXi GigaVUE Cloud Suite Deployment Guide - VMware |
|||||||||
GCB to consume Diameter traffic from F5 service mesh This feature allows Gigamon Containerized Broker (GCB) to process Service Based Interface Application (SBI) and Diameter traffic from Pcapper. GigaVUE-FM also supports a new traffic type parameter with SBI or Diameter values. With the introduction of Diameter Traffic, there are independent traffic policies for SBI Traffic and Diameter Traffic. Each monitoring domain now supports two traffic policies. You can configure one traffic policy with metadata filter rules for SBI traffic and another with metadata filter rules for Diameter Traffic. For more information refer to Gigamon Containerized Broker Guide |
Configuration of GCB Diameter Traffic Processing Gigamon Containerized Broker Deployment Guide |
|||||||||
Rediscover for VMware vCenter in GigaVUE-FM When modifying the configurations of the GigaVUE V Series Node deployed in VMware vCenter, it may lead to configuration mismatch between the GigaVUE V Series Node and the virtual machine configuration present in GigaVUE-FM. Use the Rediscover button in the GigaVUE-FM GUI to overcome this. |
GigaVUE Cloud Suite for VMware GigaVUE Cloud Suite Deployment Guide - VMware |
|||||||||
Embedded |
PTP Domain 0 IEEE Default Profile Support This feature extends PTP support to Domain 0 IEEE default profile on GigaVUE-TA200 devices. |
Fabric Management Enabling PTP on a Network Port GigaVUE Fabric Management Guide |
||||||||
Clear IP Interface statistics You can now clear the IP Interface statistics using the CLI command and the Clear button on the IP interface statistics screen. |
Fabric Management IP Interfaces Statistics Definitions GigaVUE Fabric Management Guide |
|||||||||
Allow to use Ingress-vlan-tag and FlexInline OOB Vlan Tagging Features on the same Egress Port This feature enables the use of the tool/hybrid port part of a regular byRule or passall map with ingress VLAN tag enabled on the network port as an OOB-copy port of flexible inline maps as well. |
Fabric Management GRIP Supported by Flexible Inline Arrangements GigaVUE Fabric Management Guide |
|||||||||
GigaVUE FM Core |
Improved Data Retention with Data Rollup The Data Rollup is now enabled for Map Rule statistics and Map statistics. With the Data Rollup feature, GigaVUE-FM allows you to collect, summarize and display historical data for 120 days with hourly granularity. Rollup is enabled by default. |
Fabric Management GigaVUE Fabric Management Guide |
||||||||
View Attempted and Successful Sync Time of Physical Nodes You can see the Attempted and Successful sync times of the physical node with GigaVUE-FM on the Physical Nodes page. |
Fabric Management GigaVUE Fabric Management Guide |
|||||||||
GigaSMART |
Application Intelligence The Application Intelligence session will now generate reports for application monitoring at a fixed export interval of 5 minutes. All existing sessions will be migrated to follow the same.
|
Fabric Management Application Intelligence Session |
||||||||
ICAP Protocol Application The ICAP protocol serves as a communication interface for security tools like Data Loss Prevention (DLP) systems. The ICAP Client app enables integration with the DLP ICAP server by functioning as an inline tool within the GigaSMART engine. Decrypted traffic from inline TLS/SSL is sent to the ICAP client and then forwarded to the ICAP server for inspection, providing enhanced security and visibility. |
Fabric Management Configure Internet Content Adaptation Protocol (ICAP) GigaVUE Fabric Management Guide |
|||||||||
iSSL HSM Thales/Luna Hardware Security Modules (HSMs) are specialized systems that logically and physically safeguard cryptographic operations and cryptographic keys. HSMs protect sensitive data from being stolen by providing a highly secure operation structure. HSMs are comprehensive, self-contained solutions for cryptographic processing, key generation, and key storage. The hardware and firmware (i.e., software) required for these functions are automatically included in these appliances. Supported Modules: HC1 Gen3, HC3 Gen3, SMT-HC1-S Some enterprises where security is paramount use nTrust-nCipher HSM to keep sensitive information such as private keys safe. Starting in software version 6.4, current inline SSL is enhanced to include Thales-Luna HSM support in addition to the current already supported nTrust-nCipher HSM solution. For software version 6.4, Thales-Luna HSM support is only early access. |
Fabric Management Configure Hardware Security Model (HSM) GigaVUE Fabric Management Guide |
|||||||||
Hardware
|
QSF-508 (40G SWDM4) Optics Qualification QSF-508 (40G SWDM4) optics is now supported in all GigaVUE H Series and GigaVUE TA Series platforms. |
GigaVUE-OS Compatibility and Interoperability Matrix | ||||||||
Inline Support for 4x10G and 4x25G Breakout Breakout ports can be used as inline network and inline tool ports when using 4x10Gb and 4x25Gb breakout on the PRT-HC3-C08Q08, PRT-HC3-C16, SMT-HC3-C05, and SMT-HC3-C08 modules. |
Hardware GigaVUE-HC1-Plus Hardware Installation Guide |
|||||||||
TAP-HC1-G10040 The TAP-HC1-G10040 module is now supported on GigaVUE‑HC1-Plus. It provides four 1Gb Copper TAP connections to be used as network ports. This module has eight ports, enabling 4 TAPs. Each port pair is arranged with one port above the other, providing bidirectional traffic flow between two nodes. |
Hardware GigaVUE-HC1-Plus Hardware Installation Guide |
|||||||||
Mobility |
5G Standalone UPN – PFCP Load Balancing and Sampling The PFCP packets received by the mobility application are load balanced based on the IMSI present in the PFCP interface packets. Once sessions or tunnels are created, map lookup is performed for the PFCP packets. If there is a match in the IMSI, the packet is sent to only one port from the configured Load Balancing application based on the IMSI hashing. If there is no match, the packets are discarded. |
Fabric Management GigaVUE Fabric Management Guide |
||||||||
4G/5G Control Plane Metadata This feature is used to support the metadata export in JSON format for each transaction occurring in the 3/4/5G network. The mobility network core control traffic is tapped and mirrored to GTP/HTTP2 GigaSMART engines for correlation. The GTP/HTTP2 correlation engine generates metadata once a response is received for a transaction. It can either be a GTP response message for 3/4G control traffic or an HTTP2 response message for 5G control traffic. |
Fabric Management GigaVUE Fabric Management Guide |
|||||||||
Standalone UPN – APN/DNN, Interface Filtering The Standalone UPN now supports APN/DNN and interface-based flow sampling and forward listing filtering methods. Interface Filtering In the interface based filtering, the traffic is filtered based on the interface from which it originates. APN/DNN Filtering In APN/DNN filtering, the traffic is filtered based on the APN pattern matching. |
Fabric Management GigaVUE Fabric Management Guide |
|||||||||
Licenses |
Notification Banners for Excessive Volume Usage GigaVUE-FM GUI now displays a notification banner to notify and alert the users in case of excessive volume usage. GigaVUE-FM calculates the average volume usage (in Terabytes per day), every day, starting from the 15th day after license is installed, for the previous 14-day period. If license usage is higher than twice the allowed licensed volume, then notification banners are displayed and events are triggered. On upgrading the license, the licensed volume changes accordingly. The average daily volume usage (in Terabytes per day) is recalculated to determine if it is still over the 2x threshold. If it is less than the threshold ratio (2x), then the banner will no longer be displayed in the GUI.
|
Licensing Notification Banners for Licenses GigaVUE Licensing Guide |
||||||||
Enhanced Reporting for License Types GigaVUE-FM automatically identifies and displays the license types in the License Type field for Floating, Node-locked, and Volume-Based Licenses. From now on, whenever licenses enter grace period or near expiry, deployed monitoring sessions will not get undeployed. |
Licensing
GigaVUE Licensing Guide |
|||||||||