What's New

Cloud

Support for AWS Graviton (ARM) instance type

Starting from Software version 6.8.00, you can deploy GigaVUE V Series Node and Proxy on AWS Graviton (ARM) instances.

SBIPOE and PCAPNG supports Traffic Health Monitoring

Starting from Software version 6.8.00, Traffic Health Monitoring can be configured for SBIPOE and PCAPNG applications.

Support for Enabling SNMP Trap and Operational Health for GigaVUE V Series Nodes

Operational Health

GigaVUE-FM now allows you to monitor and raise events or SNMP trap when an application service in GigaVUE V Series Node is not operational.

SNMP Traps for Cloud Health

GigaVUE-FM now allows you to raise SNMP traps for all cloud health related events.

Support for Selective Precryption

GigaVUE-FM allows you to filter packets during the Precryption in the Data Acquisition at the UCT-V level. This filtering is done based on L3/L4 5 tuple information (5-tuple filtering) and the applications running on the workload virtual machines.

Support for Loopback interface in UCT-V

UCT-V supports the ability to tap and mirror the loopback interface. You can tap the loopback interfaces on the workload which carries application level traffic inside the Virtual Machine itself. The lookback interface is always configured as a bidirectional traffic, regardless of the configurations provided in the configuration file.

Check for Permission Required for Configuring GigaVUE Cloud Suite for Azure

You can check for the IAM permissions that are required to deploy GigaVUE Cloud Suite for Azure by clicking the Check Permissions button.

Adding network metadata enrichment GigaVUE Enriched Metadata (GEM) for Cloud Workloads

Using this feature you can gain comprehensive situational awareness to address security and performance pain points in a timely manner. It enriches application metadata from N/S and lateral traffic with host environment details that can help you reduce mean time to detect (MTTD) and mean time to resolution (MTTR). Supported platforms include AWS, Azure and VMware (ESXi and NSX-T).

Require filter capability in OVS agent

Starting from Software version 6.8.00, if you are running GigaVUE Cloud Suite on OpenStack platform, you can add a subnet to the exclusion map.

Support for UCT-C Usability and Scale

The UCT-C Solution is enhanced to support Usability and Scale:

5G-Cloud Support for Oracle SCP

In the 6.8 release, 5Gb Cloud V Series application supports receiving data from Oracle SCP 5Gb network function and exporting as packets to the probes. The data is received in HTTP2/HTTP2S input format, synthesized into packets and sent to the probe over VXLAN or L2GRE tunnel. Both Model C and Model D control plane transaction processing is supported.

5G-Cloud Support of Nokia SCP modes

In the 6.8 release, the already supported functionality of Nokia SCP control plane transaction processing is enhanced to support the various modes. Both inbound mode and inbound/outbound mode are supported. Control plane transactions received in these modes are processed, packets are synthesized and sent to the probe over VXLAN and L2GRE tunnels.

OpenStack supports AppIntel functionality (AMI / AFI / Viz)

AppIntel functionalities (AMI / AFI / Viz) are supported on OpenStack

GigaVUE-FM Core

UEFI stands for Unified Extensible Firmware Interface. It stores all device initialization and start-up data in a .efi file on a special disk partition called the EFI System Partition (ESP). The ESP also holds the bootloader responsible for booting the operating system.

The primary purpose of creating UEFI is to overcome the limitations of BIOS and shorten system boot time. UEFI uses the GPT partitioning scheme and supports much larger drive sizes.

If you are performing a fresh installation of GigaVUE‑FM on any platform, then it only supports UEFI boot. If you are performing image upgrade deployments, then the boot mode of a GigaVUE-FM remains as follows:

GigaVUE‑FM supports the UEFI boot in the following platforms:

UEFI Secure Boot

Secure Boot is a Unified Extensible Firmware Interface (UEFI) feature that provides a verification mechanism for ensuring the device boots using only authorized firmware and software. It prevents running unauthorized, untrusted code. Without Secure Boot, malicious code can easily be executed, and Gigamon platforms can be easily compromised.

GigaVUE‑FM supports the UEFI secure boot in the following platforms:

Note:  Fresh install of GigaVUE-FM 6.8 does not work on the VMware ESXi 7.0 due to the missing of AVX processor flags. Refer to theTroubleshooting section in the topic Install GigaVUE-FM using OVA file on VMware vCenter in the GigaVUE-FM Installation and Upgrade Guide to make the installation work. Alternatively, you can upgrade the VMware ESXi to 7.0 Update 2 or Update 3.

Dark theme

This theme setting option allows you to choose between light and dark themes. Once the theme is set, the settings remain the same, even when you log out of GigaVUE-FM, close or reopen the browser, or open a new tab for GigaVUE-FM. It is also independent of the browser settings.

Embedded

VLAN Manipulation

You can now add a new VLAN tag to the outgoing traffic with the user-configured VLAN value and deliver it to the tools according to the Flow Mapping® configurations.

Enable configuration of SNMPv3 with Authentication SHA-2 and Privacy AES-256

Along with existing authentication and encryption types, SHA-2 authentication and AES-256 privacy types for SNMPv3 can now be configured from both CLI and GigaVUE-FM.

Resilient Inline Arrangement and Flexible Inline SSL Configuration with a single VLAN Tag

A resilient inline arrangement with single VLAN tag in which a packet received from an inline network is guided to the inline tool using a single VLAN tag, can now be configured in a Flexible Inline TLS/SSL decryption configuration.

GigaSMART

Kyber768 downgrade support in GigaSMART

The Inline TLS/SSL decryption session is now equipped to receive a client hello message with the key exchange X25519Kyber768 and fallback to X25519 cipher.

Configure TCP Wait time for Flexible Inline SSL Solution

A Flexible Inline SSL solution can now specify the TCP TIMEWAIT timeout, before the TCP connection gets deleted.

Configure a Proxy Server in GigaSMART profile

GigaSMART profile can now configure a proxy server profile that can be used for URL category database download, URL look up request or response, and the certificate revocation request or response.

HSM Enhancements

The Hardware Security Modules (HSMs) are specialized systems that logically and physically safeguard cryptographic operations and cryptographic keys. The following enhancements were introduced with 6.8.00 release version such as:

CUPS Architecture support with CPN-UPN communication and RAN, Network Slice traffic filtering

Release 6.8 adds support of the CUPS architecture to enrich UPN with RAN, Network Slice attributes.

Note:  For UPN in Gen3 nodes this is an Early Access feature.

Embedded/ GigaSMART

Orchestrated work-flow support for Tunneling Operations

The Orchestrated work-flow configuration page is now equipped to configure the below Tunneling operations:

Bypass Node (BPS-HC1-D25A60 SX/SR)

The bypass module (BPS-HC1-D25A60 SX/SR) is now supported on GigaVUE-HC1 devices. The BPS-HC1-D25A60 is a multi-mode SR 1Gb/10Gb bypass module. Each bypass module offers six inline network port pairs.

New GigaVUE-TA25EA

A twenty-four (24) GigaVUE-TA25E port version, called the GigaVUE-TA25EA, is now introduced with only the first 24 25Gb/10Gb/1Gb ports active. With the available port license, you can expand the GigaVUE-TA25EA to include all 48 25Gb/10Gb/1Gb (x25..x48) ports and the eight 100Gb/40Gb (c1..c8) ports.

Port Upgrade License (UPG) for GigaVUE-TA200E

On the GigaVUE-TA200E, only the first 32 out of 64 100Gb/40Gb ports (c1..c64 ) are enabled. With the available port license, you can enable an additional 32 ports to expand from 32 ports to 64 ports (c33..c64).