OmniVista Cirrus Production Notes 4.9.1

OmniVista Cirrus Production Notes 4.9.1

OmniVista® Cirrus Production Notes detail new features and functions, network/device configuration prerequisites, supported devices, and known issues/workarounds in OmniVista Cirrus. Please read the Production Notes in their entirety as they contain important operational information that may impact successful use of the application.

New Features and Functions

An overview of new features and functions is provided below.

Devices

AOS Switches

The following new switch models are now supported:

• OS6560E-P48Z16
• OS6560E-P24Z8

Stellar APs

The following OmniAccess Stellar APs (Enterprise Mode) are now supported:

• OAW-AP1511
• OAW-AP1521 (future availability)

Software

OmniVista Cirrus now supports the following OS Software Versions:

• AOS 5.2R5 – OmniVista 2500 NMS now supports AOS 5.2R5 for the OS2260 and OS2360 Series Switches.
• AOS 5.2R6 – OmniVista 2500 NMS now supports AOS 5.2R6 for the OS2260 and OS2360 Series Switches.
• AOS 8.9R4 – OmniVista 2500 NMS now supports AOS 8.9R4 on all previously supported AOS Switches.
• AOS 8.10R1 – OmniVista 2500 NMS now supports AOS 8.10R1 on all previously supported AOS Switches.
• AOS 8.10R1 MR1 – OmniVista 2500 NMS now supports AOS 8.10R1 MR1 on all previously supported AOS Switches.
• AWOS 5.0.1 – OmniVista 2500 NMS now supports AWOS 5.0.1 on all previously supported Stellar APs.

New Features

The following section details new applications introduced in this release.

Wi-Fi 7 on OAW-AP1511 and OAW-AP1521

Wi-Fi 7 is available with the OAW-AP1511 and OAW-AP1521 . The following features are provided to support Wi-Fi 7:

• Extremely High Throughput feature and 320MHz Channel Width configured through RF Profiles.
• Multi-Link Operation (MLO) to support simultaneous sending and receiving of data between different frequency bands and channels.
• MLO is configured through SSID profiles. An MLO option is available when creating/editing an SSID profile. MLO bands are initially set to the same Allowed Bands specified for the SSID; however, you can change the MLO bands as necessary without changing the Allowed Bands.
• MESH MLO is configured through the Edit Mesh Configuration screen. An MLO option is available on this screen. When selected (enabled), you can set the MLO bands to apply to the Mesh configuration, instead of the previously selected bands.
• The Wireless Client List and Wireless Client Sessions screens indicate if a client is working in the MLO mode and provided statistics based on the Master link the client is using. The connection rate (Tx and Rx) is presented as a cumulative total of all links.

Option to Schedule Upgrade for Newly Registered AP on a Defined Schedule

AP Group is now an available option when defining Scheduled Upgrades.

OmniVista Login via RedHat Identity Manager (IDM)

In addition to Microsoft LDAP Active Directory (certified with version 10.0.20348.1), you can now authenticate OmniVista users via LDAP Active Directory Server using RedHat IDM.

• RedHat IDM LDAP Active Directory (certified with 2.4.6 B2024.212.0000) is used as the Authentication Server for OmniVista user login.

Application Updates/Enhancements

The following section details updates and enhancements to existing OmniVista Cirrus applications.

• Stellar BLE Enhancements
• You can now select the “iBeacon & Raw Data” option for the Scanning Type Allowlist setting when configuring a Stellar BLE (Asset Tracking) Location Service.
• BLE configuration through AP Groups or for an individual AP now provides a new “Discover All Devices” scanning option is now available to discover custom iBeacon BLE Tags/Beacons.

• AP Mesh Configuration Enhancement
  • New option to enable MultiLink Operation (MLO) for the AP Mesh configuration.

• New SMS Gateway Services
  • Aliyun (China - https://dysmsapi.aliyuncs.com)
  • Vodafone (https://smsmassivi.vodafone.it)

• Hotspot 2.0 Enhancement to Support Ameriband
  New “NAI Realm” and “MCC/MNCs” parameters available to configure SSID support for Hotspot 2.0 access to Ameriband.
  

• NAI Realm - The Network Access Identifier (NAI) realm that provides client access through the AP to the operator providing the Hotspot service. Creating an NAI Realm profile is required to use the Ameriband (American Bandwidth) Hotspot service provider.
• MCC/MNCs - The 3GPP Mobile Country Codes/Mobile Network Codes combination to assist with selecting an AP to access 3GPP cellular networks. Click here to locate the MCC/MNC values for a specific Hotspot service provider. You can add up to 16 MCC/MNC values, which are entered with a comma separating each code. For example, if MCC = 310 and MNC = 260, you would enter "310,260".

OmniVista Cirrus Framework Improvements

Linux Distribution Update

• OmniVista Cirrus - kernel 5.15.0-1068-aws

Framework Enhancements

The following CVEs were fixed in this release:

OmniVista Cirrus Production Notes 4.8.2

OmniVista Cirrus Production Notes 4.8.2

OmniVista® Cirrus Production Notes detail new features and functions, network/device configuration prerequisites, supported devices, and known issues/workarounds in OmniVista Cirrus. Please read the Production Notes in their entirety as they contain important operational information that may impact successful use of the application.

New Features and Functions

An overview of new features and functions is provided below.

Devices

No new devices introduced with this release.

Software

OmniVista Cirrus now supports the following OS Software Versions:

• AOS 5.2R4 – OmniVista Cirrus now supports AOS 5.2R4 for the OS2260 and OS2360 Series Switches.
• AOS 8.9R3 – OmniVista 2500 NMS now supports AOS 8.9R3 on all previously supported AOS Switches.
• AWOS 4.0.7 MR3 – OmniVista 2500 NMS now supports AWOS 4.0.7 MR3 on all supported Stellar APs.

New Features

The following section details new applications introduced in this release.

OmniVista Cirrus Integration with OmniVista Network Advisor

OmniVista Network Advisor is an important troubleshooting tool that you can use to monitor the network and take action to correct detected network problems. When Network Advisor monitoring is enabled for a device(s), the device begins to send Syslog messages to the specified OmniVista Network Advisor instance. Network Advisor analyzes Syslog messages received from monitored devices to identify anomalies in the network. When an anomaly is detected, Network Advisor notifies system administrators and other authorized persons through Rainbow. Anomaly notifications can alert those receiving notifications that something, potentially serious, has taken place and even suggest steps to immediately remediate the problem.

OmniVista Cirrus integration with OmniVista Network Advisor allows you to configure Network Advisor monitoring for one or more managed devices. This process involves declaring Network Advisor instances that you can select and assign to managed devices.

• To declare Network Advisor instances to access in OmniVista Cirrus, a Network Advisor application widget is available to add to the Global Dashboard of the OmniVista Cirrus Home page. This widget displays a list of Network Advisor instances that are available to assign to managed devices. You can also open the website for a specific instance by clicking on Launch next to the list entry. To add or remove a Network Advisor instance, click the "More" link on the widget.
• After you have added the OmniVista Network Advisor widget to the Global Dashboard and declared Network Advisor instances, you can assign one or more managed devices to an instance. Once assigned to an instance, Network Advisor will begin monitoring that device to detect any anomalies defined in the Network Advisor application.
• For each Network Advisor instance, there is only one association configured with an OmniVista installation. A single OmniVista installation can support declaring multiple Network Advisor instances, but a single Network Advisor instance only supports synchronization with one OmniVista installation. As a result, there is no duplication of monitored devices across multiple Network Advisor instances; each instance monitors specific devices not monitored by other instances.

OmniVista Login via Active Directory (LDAP)

You can now authenticate OmniVista users via Active Directory (LDAP).

• Microsoft LDAP Active Directory (certified with version 10.0.20348.1) is used as the Authentication Server for OmniVista user login.
• When OmniVista is set up for user authentication via a remote LDAP/AD server, OmniVista acts as a client when communicating with the remote LDAP/AD server. SSL can be enabled for the server connection and an LDAPS certificate uploaded for client authentication.

RAP VPN VA Hypervisor Support

• RAP VPN VA deployment on KVM/Ubuntu 22.04 Long-Term Support (LTS) is now supported.

Application Updates/Enhancements

The following section details updates and enhancements to existing OmniVista Cirrus applications.

The following section details updates and enhancements to existing OmniVista Cirrus applications.

• Stellar BLE (Asset Tracking) Raw Data Sharing with Third-Party Application
  • You can now push BLE scan information with raw data from a Stellar AP to application server.
  •  Support added for “Unknown RSSI” and “Unknown RSSI & rawData” BLE scanning types.
• AP Mesh Configuration Enhancement
  • Support added for WPA3 encryption between APs in a mesh/bridge network configuration.
• New Guest Access Strategy Login Method
  • Simple Persona login method now configurable for Guest Access Strategy.

OmniVista Cirrus Framework Improvements

Linux Distribution Update

• RAP VPN VA - VPN VA for KVM/Ubuntu 22.04 LTS

OmniVista Cirrus Production Notes 4.8.1

OmniVista Cirrus Production Notes 4.8.1

OmniVista® Cirrus Production Notes detail new features and functions, network/device configuration prerequisites, supported devices, and known issues/workarounds in OmniVista Cirrus. Please read the Production Notes in their entirety as they contain important operational information that may impact successful use of the application.

New Features and Functions

An overview of new features and functions is provided below.

Devices

OmniVista Cirrus now supports the following devices:

• AOS Switches
  • OS6570M-12
  • OS6570M-12D
  • OS6570M-U28
  • OS6570M-U28D
  • OS2360-P24M
• Stellar APs
  • OAW-AP1411
  • OAW-AP1431

Software

OmniVista Cirrus now supports the following OS Software Versions:

• AOS 5.2R3 – OmniVista Cirrus now supports AOS 5.2R3 for the OS2260 and OS2360 Series Switches.
• AOS 8.9R2 – OmniVista 2500 NMS now supports AOS 8.9R2 on all previously supported AOS Switches.
• AWOS 4.0.7 – OmniVista 2500 NMS now supports AWOS 4.0.7 on Stellar AP OAW-AP1411 and OAW-AP1431

New Features

The following section details new applications introduced in this release.

OAW-AP1411 Dual Radio, Tri-Band Options

The OAW-AP1411 is a dual-radio, tri-band (2.4G, 5G, 6G) Access Point with configurable radio options. A “Radio Setting” attribute in the RF Profile allows you to select one of the following radio band options for the AP:

• 2.4G, 5G Full (default)
• 2.4G, 6G
• 5G Full, 6G

NaaS 3.1 - OmniVista Cirrus NaaS

NaaS 3.1 introduces NaaS OmniVista Cirrus (NaaS OVC) services as an optional, licensed addition to the NaaS Connectivity Right-To-Use (RTU). NaaS OVC services can now be billed with the same frequency over the same duration as the NaaS Connectivity RTU: Upfront costs are reduced; Subscription management has been simplified.
This release of OmniVista Cirrus can operate in one of the following licensing modes:

• OmniVista Cirrus Standard Subscription (OVC Subscription Mode)
• OmniVista Cirrus NaaS (OVC NaaS Mode)

The licensing mode is selected when a customer upgrades from a Trial Account to a Paid Account.

No Co-Termination Add-On Licensing

Co-Termination is the default licensing mode for OmniVista Cirrus. With this release, a No Co-Termination licensing mode is now available as an alternative licensing mode for add-ons. The option to use the No Co-Termination licensing mode is selected through the Alcatel-Lucent Enterprise Subscription Manager when you add licenses to the subscription. Note that once you select the No Co-Termination licensing mode, you cannot revert back to the Co-Termination licensing mode. The OmniVista Cirrus License Management screen reflects the new licensing mode.

AP RadSec Client with Local RADIUS Server

An AP can now communicate as a RadSec client with a local RADIUS Server that uses RadSec (RADIUS-over-TLS).
To establish a secure connection between an AP RadSec client and the local RADIUS Server:

• Upload a RadSec Certificate to the AP.
• Enable TLS on the local RADIUS Server.

Note:

• AP RadSec Client is not supported on AP1201H, AP1201L, AP1201HL, and AP1261-RW-B models.
• AP supports one, and only one, TLS-enabled RADIUS server. As a consequence, you cannot have one TLS-enabled RADIUS server as Primary and another TLS-enabled RADIUS server as Secondary.
• RadSec communication is not supported for wired clients of the AP.

Stellar AP Syslog Over TLS

An option to enable the use of the TLS encryption method for logging of AP events to a remote Syslog server is now available. When this option is enabled, a Syslog Over TLS Certificate is selected to upload to the AP. Configuring up to four remote Syslog Servers is supported.

Private Group PSK

When a PSK-enabled SSID network is created, you can either create a static PSK or enforce Device Specific PSK. This provides a common Passphrase key, which is suitable for networks requiring network wide common PSK. Enabling the Private Group PSK (PPSK) allows you to create private groups of client devices on the same SSID network based on a PPSK Entry. Each client device specifies a Passphrase when connecting to an SSID. If the passphrase matches any of the PPSK Entry, the client is placed in the specified Access Role Profile.

Configuring the Private Group PSK option for an SSID network is only available when the Device Specific PSK option is disabled or set to “Prefer Device Specific PSK”. However, if the Device Specific PSK option is set to “Force Device Specific PSK”, OmniVista will not display the Private Group PSK option because the Passphrase specified in Company Property is used instead.

A Private Group PSK Entry that is used to define a group of devices, consists of the following configurable parameters:

• Name - Enter a unique name to identify the PPSK Entry. No two Entries can have the same Name.
• Passphrase - Enter a unique PSK Passphrase for authentication. No two Entries can have the same Passphrase.
• Access Role Profile - Select the name of an Access Role Profile.

Note: Each SSID can have up to 16 PPSK Entries. The total number of entries across all SSIDs that exist on an AP cannot exceed 64 on any AP.

UPAM

• Company Property Check – An add-on Network Enforcement Policy is now a configurable Authentication Strategy option. When enabled, OmniVista will check to see if the device MAC address is listed in the Company Property database. You can also specify an Access Role Profile, Policy List, or other attributes to apply to the device if the MAC address check is successful (found in Company Property) or unsuccessful (not found in Company Property).
• Create Guest Device – A new Guest Account function allows you to manually add a Guest device to the Remembered Device List. This is particularly useful for Guest devices that are not able to manage portal redirection. The Guest Account Administrator can manually add up to five devices (or whatever the configured limit is) to the Remembered Device List.

Application Updates/Enhancements

The following section details updates and enhancements to existing OmniVista Cirrus applications.

AP Mesh Configuration Enhancements

• 6G Band option is now available on OAW-AP1451, OAW-AP1431, and OAW-AP1411 in a specific number of countries.
• Configurable Multicast rate control option (default is 24 Mbit/s). The Multicast rate is applied to "Multicast Video Stream" to help reduce jitters in a Mesh environment.

RF Profile Enhancements

• DRM Scheduling -The DRM auto-channel selection algorithm defaults to an interval of every six hours starting when the device boots up. The following DRM scheduling options are now configurable to allow changing the time interval and/or start time of channel selection:

  • DRM Time Control – When enabled, allows you to specify a DRM start time.
  • DRM Start Time – Applies when DRM Time Control is enabled. You can specify any hour of the day between 0 and 23 hours.
  • DRM Interval – When DRM Time Control is disabled, you can adjust the time interval up or down (0.5 hour to 12 hours). By default, the interval time is set to every six hours.
• Channel Switch Announcement (CSA) – 6G Band now supported.

GRE Tunnel Profile TCP Maximum Segment Size (TCP MSS) Setting

• Configuring a TCP MSS value for a GRE tunnel is now available. The value used can vary across different network segments, which helps to simplify tunnel provisioning.
• The MTU tunnel setting is applicable to both UDP and TCP packets. The TCPMSS setting applies only to TCP packets and defaults to a 1250 value. The MTU value should be greater than the TCPMSS value, considering the difference of the IP header length as well as TCP header length.

Certificates

The following additional Certificates are now available to upload to APs:

• Local RadSec Certificate – Used for AP RadSec client communication.
• Syslog Over TLS Certificate – Used for AP remote logging over TLS.
• Stellar BLE Certificate – Custom device certificate used for sending BLE data to third-party Asset Tracking applications.
• Stellar WiFi RTLS Certificate – Custom device certificate used for sending WiFi RTLS data to third-party RTLS applications.

Access Role Profile VLAN-Mapping Enhancement

We have expanded the ability to bind up to 256 VLANs to a WLAN/SSID on the AP13xx/AP14xx models. However, not every AP model can accommodate 256 VLANs for all the configured SSIDs. The limitations are outlined below:

• AP1301H can support 256 VLANs on a maximum of 2 SSIDs, with a total of 512.
• AP1311/AP1301/AP1431/AP1411 can support 256 VLANs on a maximum of 4 WLANs/SSIDs, with a total of 1024.
• AP1320/AP1331/AP1351/AP1451 can accommodate 256 VLANs on a maximum of 7 WLANs/SSIDs, with a total of 1792.

SSID Enancements

• Extended SSID Scale - The number of SSIDs that can be assigned to the AP Group has been extended to 14. A new option “Extended SSID Scale” is now available when configuring an SSID. Note that when this attribute is enabled, only AP models that support up to 14 SSIDs can join the AP Group. When this attribute is disabled, any AP model can join the group, but the limit is 7 SSIDs per AP Group.
  Note: The status of the Extended SSID Scale attribute does not apply to 6GHz networks, which have a limit of 4 SSIDs per AP Group.
  
• Automatic WPA/WPA2 Encryption - The Automatic WPA/WPA2, or mixed mode Encryption with dynamic keys support, option is now available while creating a new SSID for the following user networks:
• Enterprise Network Employees using the 802.1X Authentication method,
• Protected Network for Guest Users using pre-shared key and an optional Captive Portal Authentication method.
• Protected Network for Enterprise Employees using pre-shared key and the BYOD Registration Portal Authentication method.

Password Security

Password Strength Enforcement - The System Settings screen provides a new Enforce Strong Password option that is enabled/disabled at the Administrator level to enforce password rules. When Enforce Strong Password is enabled (the default), the following guidelines apply when configuring or editing the password for an OmniVista user profile:

• Password length: 12 – 30 characters
• Min number of upper-case letters: 1
• Min number of lower-case letters: 1
• Min number of digits: 1
• Min number of special characters: 1 in the list of ~ ! @ # $ % ^ & * ( ) _ . +
• Password should not contain username
• Password is treated as case-sensitive

In addition, a visual evaluation of password strength and a random password generator is provided for the “Password” field on the Create User screen.
Note that strong password restrictions are not applied to existing users unless they attempt to change their user profile when password enforcement is enabled.

Guest Account and BYOD License Increase

• Default Guest Account licenses per AP device increased to 100.
• Default BYOD licenses per AP device increased to 100.

G Suite Rebranded to Google Workspace

Google Workspace is an evolved version of G Suite designed for seamless integration between Google applications for productivity, team collaboration, and communication. The OmniVista IoT Inventory screen (Network - IoT) under the Chrome Devices option provides integration with Google Workspace. The OmniVista UI and error messages now reflect “Google Workspace”.

APAC Cluster Removed from IoT/Location/Advanced Analytics Server Options

The Asia Pacific (APAC) cluster option is no longer offered on the “Server IP/Host” drop-down menu when configuring an OmniVista Cirrus Advances Analytics engine type. Note that you can delete old engine profiles containing the APAC cluster only if the profile was not configured for an AP Group. If the profile is configured for an AP Group, edit the AP Group configuration to select a different engine profile.

OmniVista Cirrus Framework Improvements

RAP Enhancements

• RAP VPN VA updated to 4.8.1.1 running Oracle Linux 8.7.

Framework Enhancements

• Ubuntu 20.04 from 16.04
• Docker updated to 23.0.4
• OpenSSL updated from 1.0.2g to 1.1.1f
• OpenVPN updated from 2.3.10 to 2.5.9
• Activation Server log usage re-designed to improve performance when viewing the Activation log for a device from the Device Catalog.

OmniVista Cirrus Production Notes 4.7.1

OmniVista Cirrus Production Notes 4.7.1

OmniVista® Cirrus Production Notes detail new features and functions, network/device configuration prerequisites, supported devices, and known issues/workarounds in OmniVista Cirrus. Please read the Production Notes in their entirety as they contain important operational information that may impact successful use of the application.

New Features and Functions

An overview of new features and functions is provided below.

Devices

OmniVista Cirrus now supports the following devices:

• AOS Switches
  • OS6360-PH48
  • OS6360-P10A
  • OS6900-T24
  • OS6900-X24
  • OS2360-U24X
  • OS2360-U48X
• Stellar APs
  • OAW-AP1451
  • OAW-AP1261-RW-B (additional countries)

Software

OmniVista Cirrus now supports the following OS Software Versions:

• AOS 5.2R1 – OmniVista Cirrus now supports AOS 5.2R1 for the OS2360 Series Switches.
• AOS 8.8R2 – OmniVista 2500 NMS now supports AOS 8.8R2 on all previously supported AOS Switches.
• AOS 8.8R3 – OmniVista 2500 NMS now supports AOS 8.8R3 only on the OS6360-P10A AOS Switch.
• AOS 8.9R1 – OmniVista 2500 NMS now supports AOS 8.9R1 on all previously supported AOS Switches.
• AWOS 4.0.4 MR – OmniVista 2500 NMS now supports AWOS 4.0.4 MR on all supported Stellar APs, except OAW-AP1451.
• AWOS 4.0.5 – OmniVista 2500 NMS now supports AWOS 4.0.5 on Stellar AP OAW-AP1451 and OAW-AP1261-RW-B (except in India, where the minimum for OAW-AP1261-RW-B is 4.0.4 MR).

New Features

The following section details new applications introduced in this release.

Client Isolation – Allowed Contacts List

Client isolation blocks traffic between clients on the same AP in the SSID from communicating with each other; client traffic can only go toward the default gateway. However, you can create a list of device MAC addresses that a client can still access when client isolation is enabled. Each MAC address can be manually entered, or you can copy and paste MAC addresses into the list.

GRE Tunnel Resiliency (Stellar AP to OmniSwitch)

GRE tunnel redundancy provided through the ability to configure a primary and secondary tunnel server endpoint. This allows an AP to move from one server endpoint to a backup server endpoint in case the primary server fails.

• Priority of tunnel servers is based on the order in which the servers were specified. When one tunnel server fails, the next server inline based on priority
• Keepalive interval for APs to check the status of the tunnel server endpoint (Far-end-IP).
• Response timeout to specify how long to wait for a response to keepalive requests.
• A specified number of retries after a failed Keepalive request. A failover to the backup GRE Tunnel Server IP address occurs after the last retry has failed.
• A preemption countdown timer to specify how long to wait after a failover to a backup tunnel server before attempting to go back to the primary server.

OmniVista HA Scalability Increased for AP and Switch Combination

It is now possible to support up to 4000 Stellar APs plus 1500 managed OmniSwitches in an OmniVista High Availability deployment.

OmniVista Support for NaaS Extended to Stellar APs

Alcatel-Lucent Enterprise has released Network as a Service (NaaS) support on Stellar APs. OmniVista now includes NaaS APs when monitoring and reporting the status of NaaS devices.

• Stellar APs ordered through the NaaS offer model can retrieve a Device License through interaction with an Alcatel-Lucent License Activation Server. OmniVista learns the Device License information for the AP when OmniVista discovers/rediscovers the AP.
• The following Device License information obtained by OmniVista is reported on the NaaS Device Licenses screen under Network – Discovery.
• Device License mode of operation (NaaS, CAPEX, or CAPEX Undecided)
• The licensed features (Management, Upgrade, Essentials, Advanced).
• The status of the license for each feature (Licensed, Not Licensed, Grace Period, Expired).

SNMPv3 Support for Stellar APs

AP Group configuration now includes an SNMPv3 option for the SNMP Settings options (SNMP Agent and Trap).

Wi-Fi 6E Support on OAW-AP1451 (AWOS 4.0.5)

The OAW-AP1451 model introduced with this release supports Wi-Fi 6E.

Wi-Fi Enhanced Open™ for Open SSID

Wi-FI Enhanced Open™ is a new security standard based on Opportunistic Wireless Encryption (OWE). OWE ensures that the communication between each pair of endpoints is protected from other endpoints. Unlike conventional Wi-Fi, it provides "Individualized Data Protection" such that data traffic between a client and access point is "individualized". Wi-Fi Enhanced Open™ offers improved data privacy while maintaining convenience and ease-of-use. Administrators can now provision an open SSID that is secure. This functionality is particularly useful in public spaces, where open, non-protected network access (particularly to guests) is provided. The administrator can enable Wi-Fi Enhanced Open™ on the open SSID to provide encryption and privacy using OmniAccess Stellar.

Application Updates/Enhancements

The following section details updates and enhancements to existing OmniVista Cirrus applications.

Export IoT Inventory Records to CSV File

• There are now two choices for exporting IoT Inventory records to a single CSV file:
• Current Page – exports only IoT device records shown in the current list display.
• All Records – exports all IoT device records.

Improved Reporting Functionality

• Report generation is more user-friendly in accordance with user-configured filter criteria.
• Automatic emailing of a report and report scheduling can now be done if admin user is authenticated through RADIUS.

DHCP Option 82 String Enhancements

• A delimiter character can now be specified to use between values specified in the Circuit ID sub-option.
• A “Format of Circuit ID” field that displays the format of the selected Circuit ID sub-option information with the specified delimiter character. For example, "AP Name - AP MAC - SSID - AP Location" if a dash is the specified delimiter.

AP Mesh Configuration Enhancements

• When editing the AP Mesh configuration from OmniVista, you can now configure the SSID name, a passphrase, the band, and AP mode (bridge or mesh).
• The management system knows the MESH APs and the connectivity chain. It should apply the configuration to all the nodes in the right order.

AP Downlink Port VLAN Tag Support

• An AP1301H downlink port can be configured with the trust tag and bypass VLAN options through an Access Authentication Profile configuration.

AP Name Broadcast in Beacon Frame

• The SSID/WLAN Service configuration provides an “Advertise AP Name” option. When enabled, the AP name is advertised as part of the standard 802.11 beacon frame with a vendor-specific tag.

RF Profile Support for Israel Country Code

• The country code for Israel (IL) is now supported when configuring an RF Profile. The country code for Palestine (PL) is not yet supported.

OmniVista Cirrus Framework Improvements

RAP Enhancements

• A remote access point (RAP) AP1201 and RAP AP1301H support VLAN tagged traffic on downlink ports.

Framework Enhancements

• CentOS changed to Oracle Linux 7
• Third-party software libraries updated:
• MongoDB from 3.4.24 to 3.6.23
• Mongodb java driver from 2.14.3 to 3.12.10
• Tomcat from 7.0.109 to 9.0.65
• ActiveMQ from 5.16.1 to 5.16.4
• nginx from 1.21.4 to 1.23.1
• Redis from 3.0.7 to latest stable 6.2.6
• openssh updated to 7.4p1-22.0.1.el7_9
• openjdk upgrade from 1.8.0.112 to 1.8.0.332
• Open JDK Zulu from 8.19.0.1 to 8.62.0.19syslog4j from 0.9.30 to 0.9.46
• snmp4j from 2.8.7 to 2.8.12
• log4j-api version is updated to 2.17.2
• openldap from 2.4.58 to 2.6.1

OmniVista Cirrus Production Notes 4.6.2

OmniVista Cirrus Production Notes 4.6.2

OmniVista® Cirrus Production Notes detail new features and functions, network/device configuration prerequisites, supported devices, and known issues/workarounds in OmniVista Cirrus. Please read the Production Notes in their entirety as they contain important operational information that may impact successful use of the application.

New Features and Functions

An overview of new features and functions is provided below.

Devices

OmniVista Cirrus now supports the following devices:

• AOS Switches
  • OS6900-C32E
• OS6860N-P24Z
• OS6860N-P24M
• OS6465H-P12
• Stellar APs
  • OAW-AP1301H
  • OAW-AP1331

Software

OmniVista Cirrus now supports the following OS Software Versions:

• AOS 5.1R2 - OmniVista Cirrus now supports AOS 5.1R2 for the new OS2260 and OS2360 Series Switches.
• AOS 6.7.2.R08 MR - OmniVista Cirrus now supports AOS 6.7.2.R08 MR on all previously supported AOS Switches
• AOS 8.8R1 - OmniVista Cirrus now supports AOS 8.8R1 on all previously supported AOS Switches.
• AWOS 4.0.4 MR1 and MR2 - OmniVista Cirrus now supports AWOS 4.0.4 MR1 and 4.0.4 MR2 on all supported APs.

New Applications

The following section details new applications introduced in this release.

OmniVista Monitoring and Reporting Status of NaaS 2.0 Devices

Alcatel-Lucent has released Network as a Service (NaaS) 2.0 support on AOS switches running release 8.8R1. The NaaS offering introduces a flexible hybrid model for customers to purchase network infrastructure solutions through subscriptions. OmniVista plays a key role in the NaaS offering.

• AOS switches obtain a Device License through interaction with an Alcatel-Lucent License Activation Server. The Device License information for the switch is obtained when OmniVista polls the switch via SNMP or the switch is rediscovered.
• The following Device License information obtained by OmniVista is reported on the new NaaS Device Licenses screen under Network – Discovery.
• Device License mode of operation (NaaS, CAPEX, or CAPEX Undecided)
• The licensed features (Management, Upgrade, Essentials, Advanced).
• The status of the license for each feature (Licensed, Not Licensed, Grace Period, Expired).
• New NaaS 2.0 traps supported.

Stellar AP 802.1x Client

A Stellar AP device can now be configured to operate as an 802.1x (supplicant) device. When a Stellar AP is connected to an OmniSwitch UNP port on which the AP Mode and 802.1X authentication is enabled, the switch starts to send EAP frames to the AP device. If the AP device does not respond to the EAP frames, the switch will identify the AP as a non-802.1x (non-supplicant) device and will attempt to authenticate the AP with other methods. To ensure that the switch will identify the AP device as a supplicant (802.1X client), 802.1X functionality can now be enabled for the AP Group to which the AP belongs.

• All AP client traffic (wired/wireless) is VLAN-tagged on uplink to the OmniSwitch.
• If the AP secure mode is enabled on the switch UNP port (disabled by default), the VLAN tag of the client traffic is trusted after successful AP authentication. See note below.
• A classification policy on the OmniSwitch can be configured to catch any untagged traffic.
• Third-party switches with 802.1X authentication functionality are also supported.

Note: The AP Mode is enabled on an OmniSwitch UNP port by default. However, the AP mode is not secured by default. This means that the VLAN-tagged client traffic is trusted and forwarded on the UNP port even if the AP device fails 802.1x authentication. When the AP mode is secured, VLAN-tagged client traffic is not trusted and forwarded until the AP device passes 802.1x authentication. The AP mode is secured by enabling the “Secure” option for the AP Mode in the OmniVista Access Authentication Profile to which an AP device is assigned.

Application Updates/Enhancements

The following section details updates and enhancements to existing OmniVista Cirrus applications.

AOS 5.1R2

• OmniVista 2500 NMS supports the following features for the OS2260 and OS2360 that were added with the AOS 5.1R2 release:
  • Cloud Agent
  • PolicyView QoS
  • Troubleshooting
  • Unified Policies (including LDAP)
  • UNP (Universal Network Profile)
  • Virtual Chassis
  • VLAN Manager - MVRP

Notification Bell

• The Notification Bell on the Main Menu lists devices where the configuration is not saved.

Golden Configuration Trap Notification

• When a Golden Configuration audit detects changes in a switch configuration, OmniVista sends the “alaOvProvisioningSwitchGCDiffers” Trap notification.

OmniVista Cirrus Framework Improvements

Performance

• REST API Polling for AOS Switches Expanded to Include Additional SNMP Tables
• To further improve performance, OmniVista REST API polling has been expanded to include additional SNMP tables. The following configuration pre-requisites are required to enable OmniVista to use the HTTP interface on the switch for REST API polling:
• OmniVista REST API polling must be enabled (the default); navigate to Managed Devices Settings to configure.
• The switch CLI user must be specified in device properties with read permissions to access the configuration and statistical data of the features. To update device properties, navigate to Managed Devices (Network - Discovery), select one or more switch(es) and Edit.
• Configure HTTP AAA authentication on the switch using the following CLI command:
  • aaa authentication http <server name>
• Enable HTTP and WebView services on the switch using the following CLI commands:
  • webview server enable
  • ip service http admin-state enable

RAP Enhancements

• RAP is supported over DS-Lite router
• RAP is supported on Wi-Fi 6 APs

Framework Enhancements

• Apache Log4j Security Vulnerabilities Addressed
  The vulnerable Log4j components were not used by OmniVista; however, they were removed to avoid any potential security risk.

• OpenSSL Version Upgrade
  Open SSL version was upgraded from 1.0.2k to 1.1.1l ("L") to address security vulnerabilities.
  
  
• Niginx Upgrade
  Nginx was upgraded from 1.16.1 to 1.21.4 to address a High-Risk vulnerability.

OmniVista Cirrus Production Notes 4.6.1

OmniVista Cirrus Production Notes 4.6.1

OmniVista® Cirrus Production Notes detail new features and functions, network/device configuration prerequisites, supported devices, and known issues/workarounds in OmniVista Cirrus. Please read the Production Notes in their entirety as they contain important operational information that may impact successful use of the application.

New Features and Functions

An overview of new features and functions is provided below.

Devices

OmniVista Cirrus now supports the following devices:

• AOS Devices
  • OS2260 Series Switches - The new OS2260 Series Switch is now supported. The following models are available: OS2260-10, OS2260-P10, OS2260-24, OS2260-P24, OS2260-48, and OS2260-P48.
  • OS2360 Series Switches -The new OS2260 Series Switch is now supported. The following models are supported: OS2360-24, OS2360-48, OS2360-P24, OS2360-P48, OS2360-P24X, and OS2360-P48X.
  • New OS6900 Switch Model - OS6900-V48C8 switches are now supported.
• APs
  • OAW-AP1351 - OAW-AP1351 is now supported in OmniVista.

Note: On the OS2260 and OS2360 switches, the Cloud Agent is disabled by default. This means that an out-of-the-box switch will not automatically call home to OmniVista Cirrus. To restart the Cloud Agent on the switch, telnet to the switch and enter the “cloud-agent admin-state disable force” CLI command and then “y” at the confirmation prompt. Next, enter the “cloud-agent admin-state enable” CLI Command to trigger the call home to OmniVista Cirrus.

Software

OmniVista Cirrus now supports the following OS Software Versions:

• AOS 5.1R1 - OmniVista Cirrus now supports AOS 5.1R1 for the new OS2260 and OS2360 Series Switches.
• AOS 8.7R3 - OmniVista Cirrus now supports AOS 8.7R3 on all previously supported AOS Switches.
• AWOS 4.0.3 - OmniVista Cirrus now supports AWOS 4.0.3 on all supported APs.

New Applications

Introducing OmniVista Cirrus 10.1

A “teaser” version of OmniVista 10.1 is now available. OmniVista Cirrus 10.1 is a cloud-based Network Management System (NMS) that simplifies monitoring and troubleshooting of Stellar Access Points through detailed QoE Measurements and WiFi Analytics in an easy-to-read dashboard display. An existing installation of OmniVista 2500 or OmniVista Cirrus 4.6 is required to initially discover, register, and manage Stellar Access Points. Once discovered, the Access Points are then configured to send events to OmniVista Cirrus 10.1, where the data is gathered and can be analyzed by a Network Administrator. For more information see Getting-Started with OmniVista Cirrus 10.1.

To access OmniVista Cirrus 10.1, use the following URL:
https://manage.ovcirrus.com

Application Updates/Enhancements

The following section details updates and enhancements to existing OmniVista Cirrus applications.

Audit

• User Activity Report Purge Settings Can Now Be Controlled from the UI.
  • User can control how long they want to retain the user activity history. Range: 7 days to 365 days, Default = 90 days.

CLI Scripting

• Tabs Added to the CLI Terminal Screen
  • If you open multiple CLI Terminal sessions, the IP address of each device is displayed in a tab at the top of the Terminal Screen for easy access.

Discovery

• When you get a warning status for a device, the word “warning” now provides a link to the SNMP Traps for that device.

Resource Manager

• Restoring an RMA Switch from a Golden Config or Resource Manager Backup
  • OmniVista now supports RMA use case via Golden Config and Resource Manager Backup features.

SSID

• Option to Enable/Disable UAPSD
  • You can now enable Unscheduled Automatic Power Save Delivery (UAPSD) on an SSID. The UAPSD field is located in the “Advanced WLAN Service Configuration” section when configuring an SSID. The field is also available on the WLAN (Expert) page. (Default = Enabled).
  • SSID UI is now enhanced to differentiate AP groups that advertise SSIDs according to a configured schedule versus those that advertise SSIDs all the time.

UPAM

• You can now disable multiple accounts at the same time.

WLAN

• RF Profile Support for 160 Mhz Channel Width
• Kick-off Client is Now Allowed from the Wireless Client List Page.
• AP Support Roaming RSSI Threshold for non-802.11K/V Clients

OmniVista Cirrus Framework Improvements

• Performance
• OmniVista now supports polling of large SNMP tables using REST API for switches running greater or equal to AOS 8.7R3. Enabled by default; go to Managed Devices settings to disable polling.
• Topology improved to handle large number of devices and links in the network.

OmniVista Cirrus Production Notes 4.5.3

OmniVista Cirrus Production Notes 4.5.3

OmniVista® Cirrus Production Notes detail new features and functions, network/device configuration prerequisites, supported devices, and known issues/workarounds in OmniVista Cirrus. Please read the Production Notes in their entirety as they contain important operational information that may impact successful use of the application.

New Features and Functions

An overview of new features and functions is provided below.

Devices

OmniVista Cirrus now supports the following devices:

• AOS Devices
  • OS6360 Series Switches - The new OS6360 Series Switch is now available. OS6360-10, OS6360-P10, OS6360-24, OS6360-P24, OS6360-PH24, OS6360-P24X, OS6360-P48X, OS6360-48, and OS6360-P48, Switches are now supported in all OmniVista applications, except for Application Visibility.
  • New OS6900 Switch Models - OS6900-V48C8 and OS6900-X48C4E Switches are now supported in all OmniVista applications.
• APs
  • OAW-AP1301 - OAW-AP1301 is now supported in OmniVista.
  • OAW-AP1311 - OAW-AP1311 is now supported in OmniVista.

Software

OmniVista Cirrus now supports the following OS Software Versions:

• AWOS 4.0.2 - OmniVista Cirrus now supports AWOS 4.0.2 on all supported APs.
• AOS 8.7R2 - OmniVista 2500 NMS now supports AOS 8.7R2 on all previously supported AOS Switches, as well as the new OS6360 Series Switches. Application Visibility is now supported on OS6860N Switches running AOS 8.7R2 using a 6860N Signature Kit.

Application Updates/Enhancements

The following section details updates and enhancements to existing OmniVista Cirrus applications.

Analytics

• Filter Analytics Reports by Profile
  • You can now filter and display Top N Ports, Top N Poe Ports, and Top N PoE Switches. Reports by Analytics Profiles. A user can set up different profiles for groups of switches and use the Profile Filter option of the Report Screen to display specific switches based on Profile.

AP Registration

• Group Description Column Added to the Access Points List
  • A Group Description column had been added to the Access Points List. The column contains the optional AP Group Description configured by the user for the AP Group.

Authentication Servers

• Longer RADIUS Server Password Supported
  • The RADIUS Server Shared Secret can now contain up to 64 characters.

License

• Manual Polling for Immediate Subscription Update
  • A Check For Updates To Subscription button has been added to the top of the License Home Screen that the user can click on to immediately activate any subscription updates.

mDNS

• Access Role Profile Condition for mDNS Client and Server Policies
  • You can now include an Access Role Profile Condition in mDNS Client Policies and mDNS Server Policies.

Notifications

• Acknowledge/Clear All Traps
  • You can now acknowledge or clear all traps in the Notifications Table in a single step. Click on the new Actions button at the top of the Notifications Home Screen and select Ack All or Clear All. The Poll button to poll devices for traps, is now under the new Actions button.
• Option to Ignore Stellar AP “Unsaved Changes” Traps
  • There is a new option under the Unsaved Device Notifications icon (Bell) at the top of the OmniVista UI. Unsaved changes on Stellar APs are generally not a problem since Stellar APs receive the latest configuration at reboot. To prevent notifications for unsaved changes on Stellar APs, click on the Bell icon, then click on Settings. Uncheck the "Unsaved Changes Notification for Stellar Access Points" checkbox, and click OK.

Preferences

• Create Alarm Sounds for UI Inactivity and Notifications Traps
  • You can now set audible alarm sounds for UI Inactivity and Notifications Traps. For Notifications, you can set the same sound for all traps or set different sounds for different Severity Levels. The sounds are configured on the Preferences “ Sounds Screen (Administration “Preferences “ User Settings “ Sounds).

Unified Access

• Map Access Role Profiles to Dynamic VLANs
  • On 6.x Switches (running 6.7R08 and higher) and 8.x Switches (running 8.6R1 and higher) you can map an Access Role Profile to a dynamically-created VLAN. On 6.x Switches, you can map an Access Role Profile to a VLAN learned by a dynamic protocol (e.g., MVRP). On 8.x Switches you can map an Access Role Profile to any VLAN even if the VLAN does not yet exist on the switch. The switch will create a UNP Dynamic VLAN. In both cases, the switch will decide whether it will permit the mapping.
  • For dynamic VLAN mapping, you must first configure a Unified Access Global Configuration Setting with Global Dynamic UNP VLAN creation enabled, and assign that Global Configuration to network switches.
• Assign an Access Auth Profile to an AP Downlink Port
  • You can now assign an Access Auth Profile to a Downlink Port on AP1201H, AP1201HL, and AP1311 Devices. When you assign the profile to an AP Group, you have the option of selecting up to three Downlink Ports. OmniVista will apply the profile to the selected port(s) on supported APs/ports in the AP Group. OmniVista will ignore unsupported APs/ports in the AP Group.
• Map a UNP VLAN to UNP Port When Assigning an Access Authentication Profile
  • When assigning an Access Authentication Profile, you can map a UNP VLAN to a UNP Port. This configures a Tagged or Untagged VLAN Port Association between the specified UNP Bridge Port and the VLAN This feature is useful when connecting “Silent" devices (e.g., printers) to Bridge Ports. The feature is supported on 6.x Switches (running AOS 6.7.2.R07 and higher) and 8.x Switches (running AOS 8.6R1 and higher).
• Bypass VLAN Feature for AP1201H and 1201HL APs
  • A Bypass VLAN attribute in now available when configuring Access Auth Profiles. The Bypass VLAN attribute is supported on Stellar AP1201H and AP1201HL Devices. The feature improves wired port forwarding performance by skipping the CPU process. When a Bypass VLAN is configured, traffic from the AP uplink port to the downlink port, or vice versa, is forwarded directly through the switch chipset without CPU intervention.
  • The Bypass VLAN has higher priority than Trust Tag. When a VLAN is configured as the Bypass VLAN and Trust Tag at the same time, the Bypass VLAN function is effective on that VLAN, while Trust Tag is not. Note that when Bypass VLAN is configured, Authentication/ACL/Policy etc. features cannot be applied to the traffic in the Bypass VLAN.
  • This attribute is supported on AP1201H and AP1201HL Devices. When an Access Auth Profile is applied to an AP Group, OmniVista will pass the Bypass VLAN attribute to all APs in the AP Group. 1201H and 1201HL APs will accept it, other APs in the group will silently ignore this attribute. Bypass VLAN is recommended for the use case of HD IPTV.

UPAM

• New Web Content Filtering Feature
  • A new Web Content Filtering (WCF) Feature has been added to the UPAM application (UPAM – Web Content Filtering). WCF Profiles can be configured to allow/deny client access through Stellar APs to web sites based on specific security or content conditions (e.g., Malware Sites, Gambling). A single WCF profile can contain multiple filtering conditions. To configure Web Content Filtering on an AP, you create a WCF Profile, configure an Access Role Profile or SSID with the WCF Profile, and then apply the Access Role Profile or SSID to APs.
  • When a client tries to access a restricted website, the page will fail to load, and the browser will display an error. In a future release, if a client attempts to access a restricted site, OmniVista will redirect the client to a specific block page.
  • Web Content Filtering is supported on APs running AWOS 4.0.2 (except AP1101, AP1201H, AP1201L, and AP1201HL models).  
  • You must have a Web Content Filtering License installed to use this feature. Licenses are purchased for a set number of APs.
• Configure Automatic Deletion of Expired UPAM Guest Accounts
  • You can now configure automatic deletion of UPAM Guest Accounts once their validity period expires. The “Guest Account Deletion Policy” field on the UPAM Global Configuration page (UPAM “ Guest Access “ Global Configuration) enables you to configure how long expired Guest Accounts are retained before they are automatically deleted. The following retention options are available: never accounts, delete accounts as soon as they expire, delete accounts after a certain number of days (1 “ 90). 
• Configure Guest Access Batch Account Access Code Length
  • You can now configure the Access Code Length for Guest Accounts when creating accounts using the Batch Account Creation Feature. The Access Code Length is configured on the UPAM Guest Account page (UPAM “ Guest Access “ Guest Account). The Access Code Length can be between 6 and 16.
• Set the Validity Period Start Time for Guest Accounts
  • You can now configure a Guest Account Validity Period to start the first time a user logs in. This is set in the “Effective at First Login” field on the UPAM Guest Account page (UPAM “ Guest Access “ Guest Account).
• EAP Option Available for UPAM Access Policy Configuration
  • A new EAP option is now available when configuring a UPAM Access Policy that enables the user to restrict authentication to specific EAP Protocols (EAP-PEAP, EAP-TLS). The option is available under the Advanced Attributes Mapping Conditions (Attribute = Service-Type, Value = Framed User).
• Guest Access User Password Reset Option
  • A “Reset Password” option is now available when configuring a Guest Access Strategy. If this option is enabled, a Guest User can change their login password without Administrator operation by receiving a Verification Code through e-mail or SMS. The user will be able to click on the "Forget Password?" link on the login screen for their account to request a Verification Code to change their password.

Users and User Groups

• Two-Factor Authentication
  • You can now configure Two-Factor Authentication for user login based on User Role (Security “ Users and User Groups “ Two Factor Authentication). Two-Factor Authentication requires a user to enter an authentication code after entering their login/password to access OmniVista Cirrus. The authentication code is a time-based, 6-digit code generated using the Google Authenticator App, a free App that the user downloads to their Smartphone. When Two-Factor Authentication is enabled/disabled, the configuration is applied to all users who are members of a User Group with a User Role configured for Two-Factor Authentication.

OmniVista Cirrus Framework Improvements

• Improved Performance and Redundancy
• OmniVista Cirrus is now more fault tolerant and offers better performance due to redundancy and load balancing on key components.
• New Analytics AP Uptime/Downtime Report Display Options
  • The Analytics AP Uptime/Downtime Report now has the option to filter the display data by device or map; as well as displaying data by time range or displaying the most recent data.
• Search Bar Added to Configuration Fields in UI
  • A Search Bar has been added to configuration fields throughout the UI to assist the user in locating information from drop-down menus during configuration.
• IoT Device Classification Improvements
  • The IoT device classification process between the cloud-based Device Fingerprinting Service and OmniVista has been streamlined, speeding up the IoT device classification process.
• Faster Loading of Application Visibility Screens
  • The Application Visibility Signature Profile Screen now loads more quickly regardless of the number of Signature Profiles.
• VLAN Polling Improvements
  • VLAN Polling has been streamlined for faster updates of VLAN information.

Remote Access Points

• Increased Scalability
  • OmniVista can now support up to 1,000 Remote Access Points. Required CPU and Memory configurations are detailed in the OmniVista 4.5R3 Remote Access Point and VPN VA Installation Guide.
• Assign an Access Auth Profile to an AP Downlink Port
  • As described above, you can now assign an Access Auth Profile to an AP Downlink port on AP1201H, AP1201HL, and AP1311 Devices.
• Tagged VLAN Traffic and VLAN Pool Supported
  • Remote Access Points now supports Tagged VLAN traffic via GRE Tunnel, as well as VLAN Pool.

OmniVista Cirrus Production Notes 4.5.2

OmniVista Cirrus Production Notes 4.5.2

OmniVista® Cirrus Production Notes detail new features and functions, network/device configuration prerequisites, supported devices, and known issues/workarounds in OmniVista Cirrus. Please read the Production Notes in their entirety as they contain important operational information that may impact successful use of the application.

New Features and Functions

An overview of new features and functions is provided below.

Devices

OmniVista Cirrus now supports the following devices:

• AOS Devices
  • OS6860N - OS6860N-U28, OS6860N-P48Z, and OS6860N-P48M
  • OS6900 - OS6900T48 and OS6900X48

Software

OmniVista Cirrus now supports the following OS Software Versions:

• AWOS 4.0.1.44 and higher
• AOS 6.7.2.R08
• AOS 8.7R1

Applications

New Applications

The following section details new applications introduced in this release.

• Scheduled Upgrades
  • The new Scheduled Upgrades feature (Network - Inventory - Scheduled Upgrades) enables you to schedule automatic upgrades to specific network devices during specific time windows (e.g., non-business hours) to ensure minimal network disruption. Scheduled upgrades can also be configured on the Device Catalog Screen (Inventory - Device Catalog) by selecting a device(s) in the Device Catalog and clicking on the "Set Software Version" button to bring up the Schedule Software Upgrade Wizard. A device must be managed and the Running Configuration must be saved for an upgrade to occur.

It is recommended that you schedule upgrades on devices so that they do not adversely affect network performance. For example, stagger upgrades of different devices in different time windows during non-busy hours.

• Responder mDNS
  • You can now configure mDNS using the Responder Model. Responder mDNS is configured on Responder Switches which communicate with Edge Switches/APs to which clients connect. In this mode, the Responder Device acts as a core switch. Server Rules are created on the Responder Device that contain Server Policies and Client Policies. The Service Rules define the criteria by which the Responder Device decides which services can be shared with which client requests.

The following devices can be configured as Responder Devices: OS6860, OS6865, OS6900, and higher. The following switches and APs can be configured as Edge Devices: OS6465, OS6560, OS6860, OS6865, and OS6900; and APs running 4.0.1.44 and higher (except for OAW-AP1101).

Note that OmniVista does not support importing existing mDNS configurations.

Application Updates/Enhancements

The following section details updates and enhancements to existing OmniVista Cirrus applications.

Analytics

• New Stellar AP Uptime/Downtime Report
  • The new Analytics AP Uptime/Downtime Report displays detailed information about the Uptime/Downtime of APs, and the Uptime/Downtime of the link between APs and OmniVista.
• Port Statistics Displayed in Kbps
  • Port Tx/Rx Kpbs options are now available when configuring Analytics Statistics Collection Profiles.

Application Visibility

• Application Visibility Support on AP132x and AP136x
  • Application Visibility is now supported on Stellar AP132x and AP136x models (requires minimum Signature Kit version 3.6.11).

AP Registration

• Out-of-the-Box Mesh Configuration
  • Out-of-the- box Mesh is a feature that helps you quickly set up a Mesh Network without configuring the out-of-box APs. The out-of-box APs will establish a Mesh network with hardcoded settings. You only need to specify the Mesh root, then other APs will establish a Mesh configuration automatically. Select an AP in the Access Points List and select Edit Mesh Configuration to enable Mesh and configure Mesh root. Note that to enable Out-of-box Mesh, the factory AP should be powered up by adapter or PoE injector without connecting to wired LAN.
• Edit Bridge AP Name
  • You can now edit a Bridge AP Name. Go to the Bridge AP Tab, select an AP and select the Edit Basic Info edit option.
• AP Uptime Displayed in Detailed View
  • AP Uptime is now displayed in the Detailed View of an AP. Select an AP to bring up the Detailed View. AP Uptime information is in the General section.
• IoT/Location Server KonSP BLE Beacon Is Now Supported
  • The KonSP BLE Beacon format is now supported. This format must be used for location data when tags are not in motion.
• APs Support Multiple VLANs for Local Breakout
  • APs can now support Local Breakout for multiple APs. Local Breakout is configured as part of a tunnel configuration in the Unified Profile application and the SSIDs application.

Authentication Servers

• Increased Password Length for LDAP Servers
  • You can now create a password of up to 128 characters when configuring an LDAP Server (Security - Authentication Servers - LDAP Server).

CLI Scripting

• Browser Tab Improvement When Connecting to a Device
  • When you connect to a device using the CLI Scripting Terminal application, the browser tab now displays the devices IP address.
• Improved Device Selection Process to Connect to a Switch
  • You can now enter search criteria (e.g., IP address, OS Version, Location) in the Device field to search for and select a device to connect to. The Switch Picker and Topology options are still available.

IoT

• IPv6 Endpoint Support
  • IPv6 endpoints connected to AOS 8x switches are now reported in the IoT application.

Report

• Report Name and Widget Name Included in Report PDF
  • When you create a PDF of a Report, the Report Name and Widget Name are now included in the Report PDF.

Security

• External Apps Feature
  • The new External Apps feature (Security - External Apps) is used to create an API security key that is used by external devices/applications to access the OmniVista Server. For example, the Asset Tracking Engine will use this key to access OmniVista Cirrus.

SSID (and WLAN Expert)

• New Roaming Option
  • FBD Update on Association - Enables/Disables FDB update on Association. If enabled, when a client roams to a new AP, the AP will send ARP packets to the uplink switch to notify the switch to change the downstream forwarding port for the wireless client's traffic.

Topology

• New Highlight Filters
  • There is a new Filter Category - Device Properties, that can be used to highlight SPB Backbone Edge Bridge (BEB) devices and Backbone Core Bridge (BCB) devices in a map.

Users and User Groups

• New Permissions for Netadmin User
  • The netadmin user now has read/write access to the License Screen and can also create/edit/delete AP Groups, Trust/Untrust APs, create/delete maps/sites, and modify the accessible maps of role.

UPAM

• Enable the Local UPAM Database for ASA
  • You can enable Switch User Authentication through the local Switch User Account Database in UPAM. By default, this option is disabled, and Switch User Accounts are authenticated through an external Authentication Server. To enable ASA using the local UPAM Database, go to the Switch User Account Screen (UPAM “Authentication“ Switch User Account), select a username(s) and click on the “Enable ASA” button.
• Automatically Generate Random Device Specific Passphrase
  • When you are creating/editing an entry in the Company Property List, click on the “Generate” button to automatically create a random Device Specific Passphrase.
• Device Specific Passphrase Validity Period
  • You can now set the duration for a Device Specific Passphrase (e.g., Always, 6 Weeks, 3 Months). You can also set a specific date and time for the validity period to expire.
• Additional Information on Company Property PSK Printout
  • The Device Name and PSK Passcode Validity Period are now displayed on the PSK Printout.
• PSK Passphrase Can Be Viewed Company Property List
  • You can now view the Device Specific Passphrase for a device in the Company Property List. In the Detailed View for the device click on the “Show Password” icon next to the field to view the passphrase. It can also be viewed when creating/editing the passphrase.
• Custom Attributes Displayed for Captive Portal Access Records
  • Custom Attributes created by a user are now displayed in the Detailed View of Captive Portal Access Records as well as in exported .csv files of Captive Portal Access Records if Login Strategy = “Terms and Conditions”.
• Create Employee Account or Company Property Entry from Authentication Record
  • If a device fails authenticated through the Local Database, you can automatically create an Employee Account, or add the device to the Company Property List by selection it and clicking on the Generation button at the top of the Authentication Record Screen.

Unified Policy

• Reflexive Policies for Stellar APs
  • You can now configure Reflexive Policies for Stellar APs in when configuring a Unified Policy. Note that if the Reflexive option is set to "No", the policy will be a stateless rule. In this case, the iptable rule is with "NOTRACK". If some traffic matches the NOTRACK rule, functions depending on conntrack will not work. For example, DPI depends on the first 15 packets of the same conntrack session, it might not work if the traffic matches a "NOTRACK" policy. 

WLAN

• Filter Clients by Physical Map and Logical Map
  • You can now filter the Wireless Client List, Wired Client List, Wireless Client Session, Wired Client Session, and Client Summary data by Physical or Logical Map.
• Heat Map Improvement
  • You can now configure up to 150 floors in a Heat Map.
• Export the Wireless Client List
  • You can now export the List of Clients on All APs List to a .csv file. You can include all clients. However, only the clients included in the current filter applied to the list, if applicable.
• New RF Profile Settings
  • MU-MIMO - Enables/Disables Multi-User, Multiple-Input, Multiple-Output (MU-MIMO) feature. If enabled, the AP can communicate with multiple devices simultaneously. This decreases the time each device has to wait for a signal and speeds up the network.
  • High-Efficiency - Enables/Disables 802.11ax high efficiency wireless functionality. If Disabled, an HE mode capable AP will downgrade to VHT (Very High Throughput) mode.
  • Scanning Channel -Specify the channel(s) on which the wireless background scanning is executed (Working Channel/Working Channel and Non-Working Channel). For a highly-sensitive packet delay use case, it is recommended that you enable background scanning only for the Working Channel.

Remote Access Points

• Hyper-V Deployment Support
• Hyper-V is now supported for RAP VPN VA deployment.
• Improved RAP Import Process
• You can now include the VPN Server Settings name in the .csv file used to import RAPs into the Device Catalog of your Freemium OmniVista account.
• Improved VPN Settings Export Process
• You can now export VPN Settings for RAP as soon as the RAP is added to the Device Catalog. You do not have to wait until the AP reaches “Registered” status.
• Remote APs Support for Multiple VLANs and Local Breakout
  • SSID Tagged VLAN - SSID Tagged VLANs are now supported. Note that on AP1201H downlink ports, only untagged traffic is supported for tunneling.
  • Local Breakout - Local Breakout is now supported. Local Breakout must be configured in the SSIDs application. The routes are applied to all SSIDs.

OmniVista Cirrus Production Notes 4.5.1

OmniVista® Cirrus Production Notes detail new features and functions, network/device configuration prerequisites, supported devices, and known issues/workarounds in OmniVista Cirrus. Please read the Production Notes in their entirety as they contain important operational information that may impact successful use of the application.

New Features and Functions

An overview of new features and functions is provided below.

Devices

OmniVista Cirrus now supports the following devices:

• APs
• AP1201BG - AP1201BG is now supported in OmniVista. The 1201BG AP has limited functionality and is used primarily for scanning in the Asset Tracking application.
• AP1321/AP1322 - AP1321 and AP 1322 are now supported in OmniVista Cirrus.
• AP1361/AP1361D/1362 - AP1361, AP1361D, and AP1362 are now supported in OmniVista Cirrus.

Software

OmniVista Cirrus now supports the following OS Software Versions:

• AWOS 4.0.0.x - APs

Browser Support

• Internet Explorer is no longer supported. Chrome 68+ and Firefox 62+ are supported.

Applications

New Applications

The following section details new applications introduced in this release.

• Asset Tracking - A separate Asset Tracking application is available. OmniVista supports this application with the new OAW-AP1201BG AP as well as the existing OAW-AP1231and OAW-AP1231 APs.
• Mobile App for Template Based Provisioning - The OmniVista Assistant Mobile App is now available to provision and configure AOS Switches. The OmniVista Assistant App enables you to easily provision and configure new switches or re-configure existing switches. The OmniVista Assistant App connects to the OmniVista Server to push switch configurations defined in a matching Provisioning Rule to the switch you are configuring. A Provisioning Rule matching the switch you are configuring must exist in the OmniVista Provisioning Application before you can configure it with the OmniVista Assistant App.
  • A Provisioning Rule matching the switch you are configuring must exist in the Provisioning Application before you can configure it with the OmniVista Assistant App.
  • The OmniVista Assistant App is supported on all AOS 6x and Switches. You can connect to the switch via cable (6x and 8x Switches) or Bluetooth (8x Switches). Note that you cannot connect via Bluetooth on the OS9900 Switch.
  • The OmniVista Assistant App is supported on Android devices running versions 7.0, 8.0, and 9.0. It is not supported on Android 10.0.

Application Updates/Enhancements

The following section details updates and enhancements to existing OmniVista Cirrus applications.

Analytics

• New Analytics Reports - Two new Analytics Reports can now be generated:
  • Top N PoE Ports - Displays the top network PoE ports based on the amount of power being utilized by each PoE Port. Reports can be generated by creating an Analytics PoE Report Profile or a Statistics Collection Profile, and can also be generated on the fly by selecting devices and attributes on the Statistics Screen. New PoE widgets are also available and can be displayed on the Global Dashboard.
  • Top N PoE Switches - Displays total PoE utilization by switch. When you create an Analytics PoE Report Profile or a Statistics Collection Profile, the Top N PoE Switches Report is also generated.
• Improved Statistics
  • The Statistics Feature in Analytics (formally called Performance Monitoring) has been simplified. By default, statistics are now automatically collected from all switches and ports for all new switches added to the network. There is no need to manually create a Collection Profile to gather Statistics data. This default setting can be changed on the Analytics Settings page.
  • Statistics collection and statistics views are now separate. In previous releases, graphical views of statistics data were based on the switches as configured in the Collection Profile. Now you can create custom Statistics Views from any switches generating Statistics data.

AP Registration

• Remote Access Points (RAP)
  • You can now configure an offsite, remote AP as a Remote Access Point (RAP) that can be managed by your local OmniVista Cirrus installation through a VPN Tunnel.
  • The Remote AP Feature is supported on all OAW-AP12xx Series APs. It is not supported on OAW-AP1101 or OAW-AP13xx Series APs.
• Set AP Root Account Password Seed
  • You can now set an AP Root Account Password Seed for APs. Configuring a Root Account Password Seed adds a second layer of security for AP access. When you configure a Password Seed, the Root Password is derived from a character string composed of two parts - the Password Seed and the Fixed Root Password. The Password Seed can be changed at any time. The password is set by AP Group and is only supported on APs running AWOS 4.0.0 and higher. A Root Account Password Seed will not be applied to any APs in the group running a lower AWOS.
• Limit/Shutdown an AP's Radio
  • You can now edit an APs configuration by limiting an APs radio to a specific band or shutting down the APs radio. Select an AP in the Access Points List, click on the Edit icon, and select Edit Radio Configuration.
• Default Beaconing AP Group
  • There is a new default Beaconing AP Group ("default BLEGW group") for OAW-AP1201BG APs. When a 1201BG when a 1201 BG AP initially registers, it is placed in this group. OAW-AP1201BG APs have limited functionality and are used specifically for scanning for the Asset Tracking application.

Dashboard

• Performance Monitoring Dashboard
  • A new Performance Monitoring Dashboard tab has been added to the OmniVista Dashboard. The Performance Dashboard displays Analytics Statistics Chart View Profile widgets. Statistics Chart View Profiles are graphical displays of collected statistics data. The profiles are configured in the Analytics application on the Analytics Statistics Chart View Screen (Network - Analytics - Statistics - Chart Views). The data can be displayed in graphical or table view and you can configure the display time range. You can add up to 20 widgets to the dashboard.
• New Global Dashboard Widgets
  • Top N PoE Ports Utilization Detail View - Displays PoE Port power utilization in bar chart format for PoE-enabled ports on the network. Hover the mouse over a bar chart for more detailed information. You must create an Analytics PoE Profile in the Analytics application and assign the profile to switches/ports to generate and display information for this widget.
  • Top N PoE Ports Utilization Trending View - Displays PoE Port power utilization in line chart format for PoE-enabled ports on the network. Click on a data point for more detailed information. You must create an Analytics PoE Profile in the Analytics application and assign the profile to switches/ports to generate and display information for this widget.
  • Top N PoE Switches Utilization Summary View - Displays PoE Port power utilization by switch in pie chart format. Hover the mouse over a section for more detailed information. You must create an Analytics PoE Profile in the Analytics application and assign the profile to switches/ports to generate and display information for this widget.
• New WLAN Advanced Dashboard Widget
  • Most Recent 1000 Client Records - Displays information about all active clients on the network. Click on the "More" link at the bottom of the widget to display the most recent 1,000 client sessions on all Stellar APs on the network. Click on a client in the widget to bring up the "Details of Client" window, which displays detailed information about the selected client and its sessions.

IoT

• IoT Enforcement
  • The new IoT Enforcement feature enables you to authenticate devices by associating an IoT Category with an Access Role Profile. Once a device accesses the network and is categorized, the assigned Access Role Profile is applied to the device. You can associate different Access Role Profiles with different categories; and you can enable automatic or manual enforcement Categories. IoT Enforcement is not supported on OS6560-P48Z16 switches.
• IoT Data Retention Settings
  • The new IoT Settings screen enables you to configure IoT data retention preferences for IoT data.
• G Suite Integration
  • The IoT application can now be configured to integrate with Google G Suite to collect device information and provide network security for Chrome devices. G Suite Integration is only supported on devices connected to AOS Switches running AOS 8.6R2 and later, or devices connected to APs connected to AOS Switches running AOS 8.6R2 and later.

Topology

• You can now set the line style and line weight you want to use when displaying LLDP/AMAP/SPB/ERP Links and Manual Links in a Topology Map. The preference is set in the Topology Configuration Window. Click on the Configuration icon in the upper-right corner of the topology map to bring up the Configuration window.
• Link information now includes the Link Type (Copper or Fiber) and Link Speed when you hover over a link or click on a link in a Topology Map.
• In previous releases, a link status color would display Red if any port in a Linkagg was down. The link will now display Orange if any port in a Linkagg is down.

Unified Access

• Tunnel Profiles to Connect to Third-Party Devices
  • You can now configure a Tunnel with a Tunnel ID of “0”, with “Entropy” disabled, enabling a GRE Tunnel Server connection to a third-party Tunnel Server (e.g., Linux), which require no Entropy.

UPAM

• Authenticated Switch Access Through UPAM
  • You can now use UPAM for Authenticated Switch Access (ASA) for network switches. Users are configured on the UPAM Switch User Account Screen (UPAM Authentication Switch User Account). You can set user credentials as well as user privileges for switch operations. You then configure a AAA Profile (Unified Access Template Global Configuration AAA), select the UPAM Server as the authentication server for switch access, and assign the AAA Profile to network switches.
• Device Specific PSK Encryption Option
  • You can now configure WLAN/SSID Encryption with Device Specific PSK. A Device Specific PSK provides more security that traditional PSK. When Device Specific PSK is enabled, when the AAA Server sends the Radius Access Accept of MAC Authentication, it will also send the specific pre-shared key for that client, distinguished by the client's MAC Address. This means that each client will have a different key.
• Print PSK or QR Code
• The Company Property Screen has options to print the Device Specific PSK Passphrase for devices in the Company Property List. The passphrase can be printed in standard format or in QR Code that a user can scan and use to log into the network. Select a device(s) in the Company Property List and click on either the Print PSK or Print QR Code button.
• Auto-Generate PSK
• The Authentication Records Screen had the option to quickly add a device(s) in the Authentication Records List to the Company Property List as a Device Specific PSK device. Select the device(s) in the Authentication Records List and click on the Generation PSK button. OmniVista will add the device(s) to the Company List with an auto-generated PSK Passphrase. The device information, including the PSK Passphrase can be edited at any time on the Company Property Screen.

OmniVista Cirrus Production Notes 3.1.0

OmniVista® Cirrus Production Notes detail new features and functions, network/device configuration prerequisites, supported devices, and known issues/workarounds in OmniVista Cirrus. Please read the Production Notes in their entirety as they contain important operational information that may impact successful use of the application.

New Features and Functions

An overview of new features and functions is provided below.

Browser Support

• Internet Explorer has been deprecated and is not recommended. Chrome 68+ and Firefox 62+ are recommended.

Applications

New Applications

The following section details new applications introduced in this release.

• Internet of Things (IoT) - The new IoT application provides a detailed view of all endpoint devices connected to AOS Switches. OmniVista monitors network packets to identify, track, and categorize these devices, and presents detailed information for the devices on the application’s Inventory Screen. When a client/endpoint is connected to an AOS Switch, the switch sends messages to OmniVista in real-time. This information includes the device MAC address, DHCP fingerprint, User-Agent, TCP signatures, network behavior, and more. Once the device is learned, OmniVista connects to a Cloud-Based Device Fingerprinting Service to categorize the device. The IoT application is supported on AOS 8.x Switches (AOS 8.6R1 and higher), and provides information on IPv4 endpoint devices.

• Provisioning - The new Template-Based Provisioning application provides a simplified method for deployment of AOS Switches that are not yet managed in OmniVista. The Provisioning application utilizes user-configured templates to automatically push Management User and Switch Configurations to AOS Switches. Using the application, you create Provisioning Rules containing Management User and Switch Configuration Templates for specific switches/switch models. When a switch contacts the OmniVista Server, the switch is matched to a Provisioning Rule containing the Management User and Switch Configuration Templates for that switch/switch model. The Configuration Templates are then automatically pushed to the switch. Once the configuration is complete, the switch is added to the Managed Devices List and is manageable by OmniVista. The Provisioning application is supported on switches running AOS 6.7.2.R03 GA and higher, and AOS 8.4.1.R03 GA and higher. Switches running a lower version than 6.7.2.R06 GA will be upgraded automatically if they are set up to be onboarded using this application.

Application Updates/Enhancements

The following section details updates and enhancements to existing OmniVista applications.

• MTS
  • The MTS Administrator can now configure read-write permissions for a Tenant's local users while the Tenant is being managed from MTS.
• UPAM
  • WiFi4EU is now available as an option when configuring a Guest Access Strategy. WiFi4EU is a European Union initiative that provides WiFi access on public sites in different municipalities. To use the WiFi4EU feature, the Redirect Strategy must use the WiFi4EU Captive Portal template.
  • Rainbow Social Login is now supported for Guest Users in the UPAM application. The Rainbow Social Login configuration options are available as part of the UPAM Guest Access Strategy and Unified Access – Access Role Profile configuration.

UI Enhancements Across Applications

The following section details UI enhancements introduced in this release.

• IoT Tab Added to Dashboard - In addition to the Global and WLAN tabs on the OmniVista Dashboard, there is now an IoT tab. This tab provides the same functionality as the Global and WLAN tabs, but displays widgets that are specific to the new IoT application.

OmniVista Cirrus Production Notes 3.0

OmniVista® Cirrus Production Notes detail new features and functions, network/device configuration prerequisites, supported devices, and known issues/workarounds in OmniVista Cirrus. Please read the Production Notes in their entirety as they contain important operational information that may impact successful use of the application.

New Features and Functions

An overview of new features and functions is provided below.

Devices

OmniVista Cirrus now supports the following devices:

• AOS Devices
  • OS6900-V72 and C32 are now supported in all OmniVista applications.

Software

OmniVista Cirrus now supports the following OS Software Versions:

• AOS 6.7.2.R06
• AOS 8.5R4
• AWOS 3.0.6.27

Applications

Application Updates/Enhancements

• AP Registration
• AP Neighbor Table - You can click on the Static Neighbor AP field in the Access Points Detail Panel to view information about any neighbors for the AP.
• Application Visibility
  • Additional Reports Supported on Stellar APs - "Top Users Per Application" and "Top Applications Per User Reports" are now supported on Stellar APs in addition to OS6860E Devices.
• Audit
• Collect Support Info - OmniVista now collects Support Information Logs for APs, in addition to AOS Devices. In addition, logs are now stored on the OmniVista Cirrus Server and can be downloaded to an OmniVista Client at any time. The logs are retained on the Server as configured in the new Preferences - Collect Support Info Screen.
• Inventory
  • Device Catalog Support for Duplicate IP Addresses - OmniVista Cirrus supports duplicate IP addresses. For example, a Tenant may have multiple DHCP Servers. In this case, the same IP address may be given to multiple devices. You can identify devices with the same IP address by referring to the device Friendly Name or Device Name. If no Device Name was configured for a device, you can identify the device by clicking on the Device's Serial Number in the Device Catalog to highlight the device in a Topology Map.
• Multi-Tenancy Service
  • A Managed Service Provider (MSP) can now use the same email for multiple Tenant accounts. This will enable a Service Provider to view notifications from all accounts they are supervising under one e-mail address.
• Notifications
  • New Trap Name Filter - You can now filter traps from the OmniVista Database by Trap Name. Click on the "Filter" drop-down at the top of the table and enter a trap name(s) in the Trap Name field to display specific traps.
• Preferences
  • New Device Naming Default - The Device Naming default setting is now IP Address (System Name). This is to help identify devices with duplicate IP addresses. The other naming conventions are still available.
• Subscription
  • Reminder E-Mails for Subscription Renewal - When a Paid Account is 90 days from expiration, a "Renew Subscription" button is displayed at the top of the OmniVista Cirrus screen, and OmniVista automatically sends periodic renewal reminder e-mails to all account users. There is a 90-day Grace Period after a Paid account expires during which time the user has access to the account. If you renew a Paid Account within the Grace Period, all of your data will be available with your renewed/upgraded account. ​​Once the Account Access Grace Period expires there is no way to restore data, and there is no option to renew a Paid account. The only option is to obtain a new Subscription and OmniVista Tenant and re-configure it.
• Topology
  • Map Status Indicator - A device status indicator is now displayed on the Globe icon in the Map drop-down in the upper left corner of the screen. The Globe icon in the drop-down displays the status of the highest-level notification of any device in the map (e.g., if all devices in a map are "Up", the icon is green, if a device in a map is a "Warning" state, the icon is orange, if a device in a map is "Down", the icon is Red).
  • Map Pin - You can click on the Pin icon in the Map drop-down keep the Topology Map drop-down open. Click the Pin icon again to close it.
  • AP Mesh Network View - AP Mesh networks are now displayed on Topology maps. APs in the Mesh Network are identified by Wi-Fi icons at endpoints between APs and a network symbol next to the Root AP in the network. A Mesh Link filter has also been added to Topology maps.
  • Geo Map Sub-Sites - You can now create Sub-Sites within a Site (e.g., buildings, floors) by creating child maps from the logical Site map that is automatically created when you create a Site. The new Sub-Site map will appear as a sub-map under the Site in the Map drop-down at the upper-left corner of the screen. When you go to the Geo Map view, the total number of devices at the Site will be displayed in the Site circle (the total number of devices at the Site including all Sub-Sites), along with the device status and notifications status for all devices at the Site.
• Unified Access
  • DHCP Option 82 - A new DHCP Option 82 Feature has been added to the Global Configuration Template group to allow a DHCP Relay Agent to insert specific information into a request that is being forwarded to a DHCP Server by an AP. Once the feature is configured, it is enabled/disabled as part of an Access Role Profile.
• UPAM
  • Machine Authentication for AD Servers - OmniVista now supports 802.1x authentication of existing users in a Microsoft Active Directory in cases where the NETBIOS is not the same as the Active Directory name.
• WLAN
  • SSID Improvements - The following improvements have been made to the SSIDs application:
  • ESSID Renamed to SSID Service - The ESSID field has been renamed to SSID.
  • Multiple SSID Services - You can now configure multiple SSID Services using the same SSID (previously called ESSIDs). For example, you could define an SSID called "Student" and have two SSID Services at different locations - "School 1" and "School 2".
  • Implicit Access Policy - A default Access Policy is automatically created for an SSID using the SSID Name when UPAM is selected for authentication. You can customize the default Access Policy by creating the SSID and then editing it. You can also select an existing Access Policy when configuring the SSID.
  • Support for Multiple RADIUS Servers - Multiple External RADIUS Servers are now supported when configuring an SSID.
  • Improved AP Group Assignment Window -  The AP Group Assignment and Schedule window has been updated for easier configuration.
  • SSID Order Preference - The order of the SSIDs listed will persist if a user changes the order of the SSIDs displayed.
  • Horizontal Scroll Bar Visibility - The horizontal scroll bar is now visible at all times.
  • Expanded SSID Drop-Down List -  The SSID drop-down list at the top of each SSID column can now display up to 10 SSIDs.
  • WPA3 Encryption - WP3A Encryption is now supported in the WLAN application when configuring a wireless network.
  • Fixed Channel Width Setting in RF Profile - You can now specify a fixed Channel width if needed even when the Channel Setting is “Auto”. This ensures that all APs configured with the same RF profile are assigned channels that abide by the configured channel width.
  • Heat Map AP Neighbor Display - You can now highlight neighbor APs in a Heat Map. Select an AP and click on the “Display Neighbor AP” in the Survey Toggle Panel to highlight any static neighbor APs or automatic discovery neighbor APs.

OmniVista Cirrus Production Notes 2.1.0

OmniVista® Cirrus Production Notes detail new features and functions, network/device configuration prerequisites, supported devices, and known issues/workarounds in OmniVista Cirrus. Please read the Production Notes in their entirety as they contain important operational information that may impact successful use of the application.

New Features and Functions

An overview of new features and functions is provided below.

Devices

OmniVista Cirrus now supports the following devices:

• APs
• OAW-AP1201

Software

OmniVista Cirrus now supports the following OS Software Versions:

• AOS 6.7.2.R05 - OS6350 and OS6450 Devices
• AWOS 3.0.5.30 - APs

UI Enhancements Across Applications

• LAN/WLAN Menu Option - There is now an option to display application drop-down menus specific to WLAN devices (e.g., SSIDs, APs). The option is available by clicking on the LAN/WLAN Menu drop-down at the top of the screen.
• Alarm Status Bar - A real-time display of unacknowledged alarms is displayed at the bottom of all screens in OmniVista Cirrus.
• Application Results Log - The "Application Results" log now displays actions taken in the SSIDs application (in addition to the Device Catalog application).

Applications

New Services

The following new services enable a Business Partner to remotely monitor and manage OmniVista Cirrus Systems.

• Multi-Tenancy Service Master Dashboard - The new Multi-Tenancy Service (MTS) feature enables a Business Partner (MTS Provider) to remotely monitor and manage multiple OmniVista Cirrus Systems (Tenant Systems).
• Multi-Tenancy Service - The Multi-Tenancy application (Administration - Multi-Tenancy Service), is used by Tenant Systems to manage MTS Providers.

New Applications

The following new application has been added to OmniVista Cirrus.

• SSIDs - The new SSIDs application (WLAN - SSIDs) simplifies wireless network configuration with one-step provisioning, including SSID setup as well as authentication and policy configuration.

Application Updates/Enhancements

• AP Registration
• Access Points
• Scanning Mode - You can set APs to examine the radio frequency environment in which the Wi-Fi network is operating, identify interference, and classify its sources.
• AP Group
• BLE Beaconing - You can enable BLE Beaconing for APs. BLE Beaconing is used by the Location Service to deliver location services like way-finding, geo-location, geo-notification, and geo-fencing.
• Location Service - This new AP Registration option is used to configure WiFi Location Based Service (LBS) Profiles. .
• Audit
  • A new User Activity Report is available in the Audit application. The log contains user login/logout information as well as user Device Catalog actions (e.g., adding devices, licensing devices).
• Authentication Servers
  • On Premise LDAP/AD Server - You now have the option to configure an on-premise LDAP/AD Server if you want to use a private LDAP/AD Server instead of one in cloud for AP authentication.
• Notifications
  • Resource Manager Backup Failure Trap - A new trap has been added to the Notifications application (alaOperationTrap) for Resource Manager Backup Failure.
• Preferences
  • Network ID - The Network ID feature provides additional security during the on-boarding process.
• Pre-Provisioning
  • Force Pre-Prov Config - A new Force Pre-Prov Config button has been added to the top of the Device List on the Pre-Provisioning Screen to push the Pre-Provisioning configuration to a device the next time the device "Calls Home".
  • Network Settings - A new Network Settings area has been added to the SNMP Default Template. The fields can be used to configure the Management VLAN used by devices.
  • Modify Factory Default - You can now modify factory-default admin password for AOS switches in the Pre-Provisioning Template.
• License Management
  • AP Device Licenses have been increased from 25 Guest Device Licenses/25 BYOD Device licenses per AP, to 50 Guest Device Licenses/50 BYOD Device licenses per AP.
• Topology
  • Geo Map View - The Topology application now provides a Geo Map view to display devices in their physical location on a geographical map.
  • Custom Notes - You can now add custom sticky notes to any Topology map. The notes can be placed anywhere on a map, and can be edited or deleted.
• WLAN
  • RF Scan View - The RF Management RF Scan View application is used to view Scanning Mode data for APs.
  • Client Summary Report - The Client Summary Report now displays download and upload

OmniVista Cirrus Production Notes 2.0

OmniVista® Cirrus Production Notes detail new features and functions, network/device configuration prerequisites, supported devices, and known issues/workarounds in OmniVista Cirrus. Please read the Production Notes in their entirety as they contain important operational information that may impact successful use of the application.

New Features and Functions

An overview of new features and functions is provided below.

Devices

OmniVista Cirrus now supports the following devices:

• Stellar APs
• OAW-AP1201H - Features three (3) RJ45 downlink Ethernet ports.
• AOS Devices
• OS6465
• Mobile Device Support
• UPAM Captive Portal Login is now supported on tablets and phones.

Software

OmniVista Cirrus now supports the following OS Software Versions:

• AOS 6.7.2.R04 - OS6350 and OS6450 Devices
• AOS 8.5R2 - OS6465, OS6560, OS6860/OS6860E/OS6865, and OS6900 Devices
• AWOS 3.0.4.1036 - APs

UI Enhancements Across Applications

• The UI has been optimized to display more information:
• Columns and text resized
• Full-screen view option available for all screens.
• Left-Hand Side Menus automatically close after a page is initially displayed to provide display more information on the screen. You can click on the arrows (>>) or hover the mouse over the area to temporarily display the menu, or lock the menu in place by clicking on the Pin Sidebar icon at the top of the menu.
• The navigation icon color scheme has been changed to a gray background for easier viewing.
• An "Application Results" button has been added to the top of the screen to display a list of user actions taken in the application. The information will persist until the user logs off. At this time, this feature is only supported in the Device Catalog application. The button is located to the left of the Support Center link at the top of the screen.

Applications

New Applications

The following new applications have been added to OmniVista Cirrus.

• Audit - OmniVista Cirrus now includes the Audit Application (Administrator - Audit). The Audit application is used to monitor client and server activity, such as the date and time when a user logged into OmniVista, when an item was added to the discovery database, when a configuration file was saved, or when a particular application was launched. The information is contained in log files, which are organized by type (e.g., Network, Configuration) on the Audit Home Page. You can also collect log information from a network device that you can send to Alcatel-Lucent Enterprise (ALE) Technical Support to troubleshoot problems.
• Configuration Manager - The Configuration Manager application (previously known as Resource Manager) is used to backup/restore configuration files, view the contents of a backup file, compare configuration files, and view a summary of backup/restore operations. You can also set the backup retention policy and the amount of space that must be available on the CMM before an upgrade is allowed. Image Upgrade Functions (which were previously part of the Resource Manager application) are now performed on the Device Catalog page.
• Report - OmniVista Cirrus now includes the Report Application (Configuration - Report). The Report Application enables you to create and schedule reports in certain OmniVista Cirrus applications. These reports are generated and stored as PDF documents. So in addition to viewing information in real-time, you can generate PDFs of the screens.

Application Updates/Enhancements

• AP Registration
• Access Points
• Reset APs - A new "Reset APs" button has been added. When you reset an AP, the AP will reset to the factory default configuration and reboot. When an AP is rebooted as part of a reset, the latest configuration available on OmniVista is downloaded to the AP. If the AP is unable to connect to OmniVista, the AP will come up with the factory default configuration.
• Edit AP IP Address - You can edit the IP address of an AP by selecting the AP and clicking on the Edit icon. Click on "Edit Mode" to edit the IP address. You can also set the AP to default DHCP Mode.
• Web UI Device Management Tool - A Web UI Device Management Tool is now available to view configuration information and perform limited management on individual Stellar APs. To access the Web UI Device Management Tool, select an AP in the Access Points List and click on the AP Web option in the "Action" drop-down. Access Points Screen.
• Access Heat Maps for Individual APs - You can view a Heat map for a Stellar AP by selecting an AP in the Access Points List and clicking on the Heat Map option in the "Action" drop-down.
• View Port Information - You can view port information on 1201H APs by selecting an AP(s) and selecting "Port Management" from the "Action" drop-down. The Ports page in the Inventory application will open with port information displayed for the selected APs.
• Bridge Tab - A new Bridge Tab has been added to the Access Points Table to display information on APs working in wireless Bridge Mode.
• AP Group
• Enable SNMP - This option allows third-party SNMP-based platforms to monitor APs in a group using SNMP. OmniVista Cirrus does not use SNMP to manage Stellar APs. With defined SNMP MIBs, an Administrator can monitor APs, configured services, and wireless clients and their traffic utilization.
• External Captive Portal Configuration - The External Captive Portal Config File Screen has been added to create a custom External Captive Portal Configuration File. The file is used to establish a secure connection between OmniVista and an external captive portal server for authentication of Stellar APs.
• Captive Portal
• Redirect to FDQN - Captive Portal can be configured to redirect to an FDQN as well as an IP address.
• Captive Portal Certificates - You can create Captive Portal Certificates to implement the HTTPs login when UPAM is used as a Captive Portal Server.
• Inventory
• Device Catalog Updates
• Automatic Call Home Feature - There is a new Automatic Call Home Feature for the following devices: LAN Devices running AOS 6.7.2.R04 (and later) or AOS 8.5R2 (and later), and APs running AWOS 3.0.4.1036. These devices contact the OmniVista Cirrus Server at regular intervals. If configured for automatic software updates, the device will download and install the latest software. Note that you should not reboot a device while it is upgrading. You can determine if a device is upgrading by checking the "Device Status" column; or check for the next schedule call home time in the "Approximate Time of Next Call Home" column.
• Image Upgrade - The image upgrade functions are now performed on the Device Catalog page. You can select a device(s) and click on the "Set Software Version" button at the top of the Device Catalog to upgrade image files.
• Streamlined Device Deletion - Device deletion from the Device Catalog has been streamlined. A device can be deleted directly from the Device Catalog in a single step.
• Color Coded Device Status - Information in the Device Status column is color coded to more easily view the status (e.g., Green, Yellow, Red).
• Color Code Current Software Version - Information in the Current Software Version column is also color coded to more easily view the status of the current device software. (e.g., Black = Up to Date, Yellow = Below the Latest Version, Red = Version Should Be Updated). In addition, you can hover over an entry for more information.
• Configuration Change Notification Button - There is an "Unsaved Working Directory" Notification button at the top of the screen. If any managed devices have unsaved changes in the Working Directory, a number will appear on the button (Bell icon). Click on the button to display a list of devices in this state. You then have the option of saving the changes in those devices. This Notification button is also displayed on the Managed Devices Screen and in the Topology application.
• Serial Number Links - Serial Numbers are displayed as links. When you click on a device's serial number, the Topology application will open and the device will be highlighted in a map.
• Updated Column Heading - The "Set to Software Version" column has been renamed to "Desired Software Version".
• License
• Automatically Apply Licenses - A new option in the License Wizard enables you to automatically apply a license to a device when a device is added to the Device Catalog. The option is also presented when a user upgrades from a Freemium account to a Trial or Paid account. Also, two new buttons have been added to the License Home Page:
• Activate Add Ons - If you purchase additional licenses or license extensions through your Business Partner, the "Activate Ad-On" button at the top of the screen will be activated. Click on the button to activate the licenses. If you do not click on the button, the new licenses/extensions will automatically be activated when older licenses expire.
• Extension Details - If you purchase a license extension, the "Detail of Extension" button will be activated. Click on the button to see when the extension will be applied.
• Subscription Number and Activation Code - When you upgrade to a Paid account, you now enter your Subscription Number and Activation Code, which you receive from your Business Partner, in the applicable fields.
• Unified Access
• Map Access Role Profile to Untagged Traffic - For AOS Devices, a VLAN must exist on a switch to configure VLAN Mapping. However, for APs, you can now map an Access Role Profile to untagged traffic.
• "Walled Garden" Feature - Fields on the Access Role Profile configuration screen have been updated to support the “Walled Garden” feature for Stellar APs. This feature allows users to authenticate through social media login, and also enables you to configure “whitelist” domains to direct users to certain website without authentication. Also, you can now configure Client Session logging as part of an Access Role Profile.
• Client Session Logging - You can enable and configure logging for wireless client sessions as part of an Access Role Profile.
• WLAN
• Client Isolation - Client isolation is a security feature to lock down your Wi-Fi clients to only access the Internet. It is configured on the WLAN Service Screen.
• Smart Sticky Avoidance - This feature is used to assist with client Wi-Fi roaming (e.g., 802.11k/802.11v protocol, Client Data Rate Controls, Minimum MGMT Rate Controls). It is configured on the WLAN Service Screen.
• New Client Monitoring Screens - New client monitoring screens have been added (WLAN - Client):
• Client Summary Screen - Provides a graphical view of the number of clients and client throughput on the network. You can view the information by AP/AP Group and WLAN; and can view information over different time periods (24 Hours, Last 7 Days, 30 Days, 90 Days).
• Client Session Screens - Provide information about wireless and wired clients associated with APs.

New Widgets

• LBS Widget - Provides a link to the OmniAccess® Stellar Location Based Services (LBS) Cloud Manager application.
• Top N Devices by Traps - Displays a summary of traps by device and severity level. You can display the top 5, 10, 15, or 20 devices, and view traps by severity level.

OmniVista Cirrus Production Notes 1.0.2

OmniVista® Cirrus Production Notes detail new features and functions, network/device configuration prerequisites, supported devices, and known issues/workarounds in OmniVista Cirrus. Please read the Production Notes in their entirety as they contain important operational information that may impact successful use of the application.

New Features and Functions

An overview of new features and functions is provided below. Details are provided in the Production Notes.

New Account Types

• Trial Account - The Premium-Trial Account has been renamed to Trial Account. Account features and support remain unchanged from previous releases.
• Paid Account - The Premium Account has been renamed to Paid Account. There are three (3) levels of Paid Accounts:
  • Base - Includes all previous Premium Account features and support.
  • Business - Includes all previous Premium Account features and support, plus TAC Device Support, AVR Service, and Support Portal Access for Business Partners.
  • Premium - Includes all previous Premium Account features and support, plus TAC Device Support, AVR Service, and Support Portal Access for End Customers.

OmniVista Cirrus Production Notes 1.0.1

OmniVista® Cirrus Production Notes detail new features and functions, network/device configuration prerequisites, supported devices, and known issues/workarounds in OmniVista Cirrus. Please read the Production Notes in their entirety as they contain important operational information that may impact successful use of the application.

New Features and Functions

An overview of new features and functions is provided below. Details are provided in the Production Notes.

Devices

• APs Can Connect Without DHCP Configuration - APs can now connect to OmniVista Cirrus without configuring the OmniVista Cirrus Server option in the DHCP Server. The AP only requires a unique IP address to automatically locate and connect to the OmniVista Cirrus Server.

Applications

• New Application Visibility Application - The Application Visibility application (Network - Application Visibility) supports monitoring and QoS configuration of application traffic flows, and performs statistics profiling on the collected data. OmniVista Cirrus simplifies Application Visibility configuration for the network by enabling you to quickly configure Application Visibility on devices throughout the network.
• Analytics - With the introduction of the Application Visibility application, the following new Analytics Reports are available: Top N Applications, Top N Applications - Advanced, and Top N Clients.
• Dashboard - If no data has been generated for a Dashboard widget, or the widget is not properly configured to display data, a "sample" widget is now displayed on the Dashboard. You can click on links in the widget to configure the widget display, or the application and configure the application to generate data.
• Inventory - The following enhancements have been made to the Device Catalog Page in the Inventory application.
  • Device Catalog Refresh - The Device Catalog Page automatically refreshes every minute to display the most recent device information.
  • Device Status Display - Device Status in the Device Catalog is now color-coded to more easily view device status (e.g., Green, Yellow, Red).
  • New Device Status - Unsupported devices that are added to the Device Catalog will now display an "Unsupported Device" status.
• License - The following enhancements have been made to the License application:
  • Additional Licenses Immediately Available - When additional licenses are purchased, they will be displayed in the Device Catalog Wizard to apply to network devices.
  • Expiration Display - The License Expiration Time/Date is displayed in the user's timezone.
• Topology - The following enhancements have been made to the Topology application:
  • Deleting Maps - You can now quickly delete maps containing devices, without having to first remove devices in the map.

OmniVista Cirrus Production Notes 1.0

OmniVista® Cirrus is being released into production on March 16, 2018. OmniVista Cirrus is a cloud-based Network Management System (NMS). This cloud-based approach eliminates the need for purchasing and maintaining a physical server and installing the NMS on premise, since everything resides in the cloud. Network Operators can access OmniVista Cirrus from anywhere, using any approved browser and device (e.g., workstation, tablet).

Access to OmniVista Cirrus is supported on the following browsers: Internet Explorer 10+ (on Windows client PCs), Firefox 26+ (on Windows and Redhat/SuSE Linux client PCs), Chrome 26+ (on Windows and Redhat/SuSE Linux client PCs).

The Production Notes detail network/device configuration prerequisites, supported devices, and known issues/workarounds in OmniVista Cirrus. Please read the Production Notes in their entirety as they contain important operational information that may impact successful use of the application.

New Features and Functions

This is the initial release of OmniVista Cirrus.