Release Notes
2.12.1.x.x Maintenance Release (TBD - EOL: TBD)
What’s New in this Release
NFO Security Update
This security update includes the following:
TBD
Improved NFO Central Rebalancing
- Distribution Margin control: A new Distribution Margin (%) parameter in the NFO Central Load Balancer tab sets the maximum percentage points a peer can exceed its weighted share before rebalancing is triggered. Defaults to 5%.
Customer Request/Ticket numbers: NFC-12315
NFO Central: Configuration Management
- Configuration Management: A new Configuration Management tab in NFO Central allows importing configurations from peer nodes, managing saved configuration snapshots, and distributing them to peers within a load balancer pool.
- Configuration Preview: Saved configurations can be previewed before being assigned or pushed to peers.
Customer Request/Ticket numbers: NFC-12325, NFC-12350
Network Conversations: Redesigned Enrichment Watch Lists
Enrichment watch lists are now organized into logical groups, improving navigation and configuration clarity for large deployments.
Customer Request/Ticket numbers: NFC-12346
Network Conversations: Application Collector Visible in GUI
The Application Collector is now accessible directly in the NFO interface, allowing administrators to view and inspect collected application data without accessing the underlying files.
Customer Request/Ticket numbers: NFC-12342
Improved Network Conversations Data Quality
Added two new parameters:
- Data quality filter: Drops malformed records, including invalid IP ranges, bad byte/packet counts, and out-of-range flow timestamps (default: disabled).
- Flow start/end time substitution: Backfills missing
flow_start_timeandflow_end_timefields using the record's internal timestamp, useful for protocols like sFlow that do not provide these values natively (default: disabled) .
Customer Request/Ticket numbers: NFC-12298, NFC-12302
Added User Identity Fields Support for Cisco ASA/AVC
NFO now extracts user identity fields (username, idp) from Cisco ASA and AVC flow records and enriches Network Conversations output, enabling user-based visibility without requiring a separate identity integration.
Customer Request/Ticket numbers: NFC-12367
Improved Application Enrichment Configuration
Clarified application name resolution priority and updated GUI labels and tooltips for the Application Enrichment lists. The processing order is now: Custom applications list → app_name in flow → Applications override list → App ID catalog (auto-built from NetFlow Options), with Application names to be ignored suppressing junk values at any stage except custom matches.
No configuration migration required — existing lists are preserved.
Customer Request/Ticket numbers: NFC-12368
Added IPv6 Support in Applications Collector
The Applications Collector now supports IPv6 addresses, enabling application enrichment for IPv6 flow records.
Customer Request/Ticket numbers: NFC-12377
SNMP Pro Licensing
SNMP Pro is now a separately licensed component as of version 2.12.1. The license format has been updated to measure NetFlow and SNMP Pro usage independently:
- New license format:
netflow_blocks=n;snmp_pro_blocks=m. The priorblocks=nformat remains supported. - SNMP Pro block calculation: SNMP Pro blocks are calculated every 5 minutes and apply only when SNMP Pro features are in use — SNMPv3 credentials are configured, or module 10103 (SNMP Polling Rules) or 10701 is enabled. Deployments using only SNMPv2c without these modules are not counted against SNMP Pro blocks.
- Detection alert: NFO logs an alert when SNMP Pro feature usage is detected on a license that does not include SNMP Pro. Existing functionality continues to operate while licensing is arranged.
Customer Request/Ticket numbers: NFC-12337