Release Notes

2.12.0.0.x Major Release (TBD - EOL: TBD + 24 months)

What’s New in this Release

info

NFO Security Update

This security update includes the following:

Feature Highlight: Zero-Touch SNMP Automation

Ditch the manual configuration. Get instant visibility.

This release introduces the Zero-Touch Discovery Engine, turning hours of setup into seconds of automated discovery. Simply define your network ranges—NFO does the rest.

The Power of Automation:

• Instant Inventory: Watch your device list populate in real-time as NFO probes your subnets.
• Smart Classification: NFO automatically recognizes the difference between a core switch, a firewall, and a wireless controller, applying surgical-grade polling the moment they’re found.
• Self-Healing Dashboards: If your hardware changes, NFO auto-updates your metrics and groups. Your visibility stays current, even when your network doesn't.

This release includes:

• Improved Device Classification: Automated device classification via a new Device Type field to accurately categorize hardware like routers, firewalls, and switches across major vendors. You can now customize this identification logic through enhanced GUI mapping tabs or YAML-based rule sets for granular infrastructure visibility.

Customer Request/Ticket numbers: NFC-12181

• SNMP Polling Rules: We've added a powerful new feature that allows you to create custom rules for filtering SNMP polling data. You can now define conditions using logical and comparison operators to report on only the most critical interfaces or devices, significantly reducing the load in large-scale environments.

Customer Request/Ticket numbers: NFC-11995

• Improved Auto-discovery: When credentials are not specified for a subnet, devices will be polled using all configured credentials.

Customer Request/Ticket numbers: NFC-12079

• Added SNMP sysObjectID to Default OIDs: The default SNMP polling OIDs now include sysObjectID, providing enhanced device identification and compatibility.

Customer Request/Ticket numbers: NFC-11996

Implement NFO Central feature (Preview)

NFO Central utilizes a custom, dynamic load balancing algorithm to distribute incoming traffic. The system continuously monitors real-time data, such as flow rate by exporter, to determine the least loaded NFO peer and automatically rebalance traffic distribution. This rebalancing is also triggered instantly when nodes join or leave the cluster.

Customer Request/Ticket numbers: NFC-12131

Improved Device NetFlow Statistics

The system now collects and displays Input Packets (Total and Rate) per device under the Status -> Statistics -> Devices screen. This new, granular metric provides deeper visibility into network flow activity and is a foundational step for implementing rate-based load balancing

Customer Request/Ticket numbers: NFC-12122

Added support for AES-256C in SNMPv3

This release introduces support for AES-256C encryption, providing "military-grade" security for sensitive telemetry. This specific symmetric cipher implementation leverages 256-bit keys with Cipher Feedback (CFB) mode to deliver enhanced privacy and data protection for SNMPv3 communication. It is specifically designed for compatibility with high-security Cisco and OpenSSL-based systems.

Customer Request/Ticket numbers: NFC-12174

Improved MDT Input Configuration

Enhanced validation for MDT input settings and watch lists, including checks for MDT TLS configuration ID uniqueness, valid certificate/key file access, and correct network interface address/port settings.

Customer Request/Ticket numbers: NFC-12134

Splunk HEC output: added channel identifier

Added a channel identifier for Splunk HEC outputs, now with support for indexer acknowledgment.

Customer Request/Ticket numbers: NFC-11915

Unified HEC Output for Splunk and CrowdStrike Falcon LogScale

NFO has expanded its HTTP Event Collector (HEC) output capabilities to provide seamless, native support for both Splunk and CrowdStrike Falcon LogScale. This update allows organizations to utilize a single, high-performance ingestion protocol for their preferred analytics and SIEM platforms.

Customer Request/Ticket numbers: NFC-12208

Enhanced NFO stability

Improved Quality of Service (QoS) mechanisms to prevent out-of-memory (OOM) situations and ensure more stable performance under heavy load.

Customer Request/Ticket numbers: NFC-12105

2.11.3.0.49 Maintenance Release (July 31, 2025 - EOL: July 31, 2027)

What’s New in this Release

info

NFO Security Update

This security update includes the following:

• Upgrade OpenSSL and crypto libraries to version 3.x

Customer Request/Ticket numbers: NFC-11919

Added support for Model Driven Telemetry (MDT) input (Preview)

Introduced support for Model Driven Telemetry (MDT) input, enabling more granular and real-time network visibility.

Customer Request/Ticket numbers: NFC-11922, NFC-12008

Improved Auto-discovery feature

We have significantly enhanced our Auto-discovery feature to include an automatic and rule-based device classification system. Previously, the feature could discover devices and their basic properties. Now, it can also automatically classify them, allowing you to create and manage device groups more efficiently. This new functionality streamlines the onboarding of new devices and ensures consistent policy application across your network.

Key Features:

• Automatic Device Classification: Auto-discovery now automatically assigns devices to a default group based on SNMP SysObjectID and other identifying attributes.
• Rule-Based Device Grouping: Create your own custom rules to automatically classify and assign discovered devices to specific groups based on criteria you define. This allows for tailored configurations and reporting for different segments of your network.
• Enhanced Usability: This improvement reduces manual effort and simplifies the management of large-scale network environments.

Customer Request/Ticket numbers: NFC-11979, NFC-12012, NFC-12050

Splunk HEC output: add channel identifier

Customer Request/Ticket numbers: NFC-11915

Added support for Cisco SD-WAN IPFIX fields (including options)

Added support for Cisco SD-WAN IPFIX fields (including options), providing deeper visibility into SD-WAN traffic.

Customer Request/Ticket numbers: NFC-11169

Add Archive and Restore Configuration

Introduced Archive and Restore Configuration, allowing you to easily back up and restore your NFO settings.

Customer Request/Ticket numbers: NFC-11997

Improved Splunk HEC output

• Introduced support for multiple Splunk HEC outputs to a single IP/port, facilitating the routing of various NFO data types to distinct Splunk indexes.
• NFO now supports Splunk HEC output in JSON format, for improved data ingestion.

Customer Request/Ticket numbers: NFC-11933, NFC-11978

Improved SNMP v3 Trap Handling

We've made SNMP v3 trap handling much simpler. Now, NFO automatically handles device EngineIDs when encrypted SNMP v3 traps are received. This means you no longer need to create separate credentials for each device, significantly streamlining your setup.

Customer Request/Ticket numbers: NFC-12011

NFO License Manager to report SNMP polling blocks

The NFO License Manager now includes reporting on SNMP polling blocks, helping you manage your licensed capacity more effectively.

Customer Request/Ticket numbers: NFC-12000

Usability improvments

• Explanations for Auto-discovery steps
• External Data Feeder for NFO page - EDFN selection in case of multiple EDFNs are configured
• Added upload button to EDFN Agent configuration lists
• Added Clear and reset buttons to EDFN agent settings

Customer Request/Ticket numbers: NFC-12050, NFC-11989, NFC-12013, NFC-12042

What’s Been Fixed in this Release

Auto-discovery: SNMP v3 is Not Processed Correctly (Intermittent)

Customer Request/Ticket numbers: NFC-12076

Upload yaml OID Set with New Device Group Name is not Allowed

Now when yaml OID set is uploaded with a new Device Group name, this Group is automatically added.

Customer Request/Ticket numbers: NFC-11992

2.11.2.0.32 Maintenance Release (April 30, 2025 - EOL: April 30, 2027)

What’s New in this Release

info

NFO Security Update

This security update includes the following:

• JRE 11.0.27 (CVE-2025-21587)
• Json-smart 2.5.2 (CVE-2024-57699)

Customer Request/Ticket numbers: NFC-11919

Added support for Open Telemetry (OTel) output

Customer Request/Ticket numbers: NFC-11811

Redesigned SNMP device group assigments

Customer Request/Ticket numbers: NFC-11941

Sending NFO/EDFN internal logs to syslog server or Splunk HEC

Customer Request/Ticket numbers: NFC-11926

Improved NFO Output Preview

Customer Request/Ticket numbers: NFC-11929

Option to fix out of sequence timestamps in NFv5 and IPFIX

Customer Request/Ticket numbers: NFC-11948

Usability improvments

• GUI for installations with multiple EDFNs

Customer Request/Ticket numbers: NFC-11972

2.11.1.1.1 Hotfix Release (March 9, 2025)

What’s New in this Release

SNMP Custom OID Sets Monitor bug fix

Download the Module set:

Utilities

Instructions how yo apply the fix

2.11.1.0.70 Maintenence Release (February 10, 2025 - EOL: February 10, 2027)

What’s New in this Release

info

NFO Security Update

This security update includes the following:

• Apache Tomcat 9.0.98
• JRE 11.0.25
• Implemented Cross-Site Request Forgery (CSRF) protection

Customer Request/Ticket numbers: NFC-10410

Improved performance for Linux 9

Customer Request/Ticket numbers: NFC-11837

Added support of IPv6 exp_ip sampling

Customer Request/Ticket numbers: NFC-11264

Improved performance for AWS S3 output

Customer Request/Ticket numbers: NFC-11337

Implement Preview output feature

Customer Request/Ticket numbers: NFC-11840, NFC-11805

Added support for post-NAT IP addresses in Network Conversations Module

Customer Request/Ticket numbers: NFC-11863

Changed default in Network Conversations Module

Changed default to report bi-directional conversations

Customer Request/Ticket numbers: NFC-11830

Improve Auto-discovery feature

• Added connections based on next_hop
• Added connections IEEE 802.1D devices
• Allow to enable/disable auto-disovery

Customer Request/Ticket numbers: NFC-11871, NFC-11838, NFC-11855

Implement exclusion list for port consolidation

In the list of known server destination port numbers, allow marking which server application ports should be processed with client ports reported.

Customer Request/Ticket numbers: NFC-11285

Added Azure VNet flow logs support

Customer Request/Ticket numbers: NFC-11648

Improve NFO license manager

Allow to exclude peer nodes from production usage count

Customer Request/Ticket numbers: NFC-11696

Improve SNMP service and Auto-discovery

Customer Request/Ticket numbers: NFC-11786

Improve NFO Status page and troubleshooting

Customer Request/Ticket numbers: NFC-11809, NFC-11810, NFC-11828, NFC-11833, NFC-11882,

Improve NFO upgrade procedure

Restore server.cfg file after upgrade

Customer Request/Ticket numbers: NFC-11786

What’s Been Fixed in this Release

TFS registration error occurs intermittently in NFO server for sFlow data

Customer Request/Ticket numbers: NFC-11308

The server drops TFS due to duplicate template registration within 10-second interval

Customer Request/Ticket numbers: NFC-11820

Modified NFO server.cfg file incorrectly synchronized with config DB

Customer Request/Ticket numbers: NFC-11850

Missing VNet exporter names for Microsoft Azure Flow Logs input

Customer Request/Ticket numbers: NFC-11867

2.11.0.0.95 Major Release (September 30, 2024 - EOL: September 30, 2026)

What’s New in this Release

Implemented automatic device discovery using SNMP polling, streamlining network monitoring setup

Customer Request/Ticket numbers: NFC-11588

Implemented NFO output filtering based on Module id (nfc_id)

Customer Request/Ticket numbers: NFC-11703

Okta SSO

Customer Request/Ticket numbers: NFC-11700

Implement EDFN agent for OpenCTI

Customer Request/Ticket numbers: NFC-10641

Implement EDFN agent for Cisco ACI Bridge Domain enrichment

Customer Request/Ticket numbers: NFC-10434

Added support for username reported by Palo Alto Networks, Cisco AVC, and IPFIX element 371

Customer Request/Ticket numbers: NFC-11707

Added Support for nexthop, allowing for detailed visualization of network traffic routing paths

Customer Request/Ticket numbers: NFC-11630

Added Support for NetScaler IPFIX elements: AppName, RTT, and TCP retransmits

Customer Request/Ticket numbers: NFC-11167

Implemented "Catch all" in Repeater filters

Customer Request/Ticket numbers: NFC-11391

Performance improvement

Customer Request/Ticket numbers: NFC-11668

What’s Been Fixed in this Release

vCenter agent generates records with duplicate MAC addresses and zero IP addresses

Customer Request/Ticket numbers: NFC-11780

AWS S3 output: Some Syslog generated files missing the header row

Customer Request/Ticket numbers: NFC-11725

2.10.2.0.88 Maintenance Release (April 24, 2024 - EOL: April 24, 2026)

What’s New in this Release

info

NFO Security Update

This security update includes the following:

• Apache Tomcat 9.0.88
• JRE 11.0.23

Added Support for Oracle Cloud Infrastructure (OCI)

Customer Request/Ticket numbers: NFC-11422, NFC-11449

Added support for IPv6 in Security Threat Lists in Network Conversations Module

Customer Request/Ticket numbers: NFC-11296

Implemented Azure Logs Ingestion API (as Data Collector API will be deprecated)

Customer Request/Ticket numbers: NFC-11448

Added support for Original Flow Data and NetFlow Recorder to AWS S3 output

Customer Request/Ticket numbers: NFC-11197

Improved EDFN Agento to support AWS/Azure/GCP/OCI public IP ranges

Customer Request/Ticket numbers: NFC-11461

Added support for IPv6 in SNMP Polling and Traps

Customer Request/Ticket numbers: NFC-11481

Added support of SNMP Polling Configuration via YAML Packages

Customer Request/Ticket numbers: NFC-11554

Added ifHighSpeed OID to SNMP Polling

Customer Request/Ticket numbers: NFC-11486

Added new SNMP OIDs to interface_mon Set

Customer Request/Ticket numbers: NFC-11491

Performance Improvements

Customer Request/Ticket numbers: NFC-11318, NFC-11543

Various Usability Improvments

Customer Request/Ticket numbers: NFC-11469, NFC-11478, NFC-11480, NFC-11544, NFC-11575, NFC-11611