What's New in NEN 2.6.x Releases
This section describes new features introduced in the following NEN releases.
NEN 2.6.40 New Feature
JSON Format Change
Beginning with this release, generic workload JSON files are uploaded as a single, parseable object. This new format allows a program to use the JSON file to apply policy to a device customers want to protect.
NEN 2.6.30 New Features
Important
Before installing NEN release 2.6.30
Installing this release upgrades the existing database on the NEN to a newer version of the database software. Illumio recommends that you back up the existing NEN database before you install NEN 2.6.30 so that you can revert the installation if necessary.
To back up the existing NEN database, issue the following commands on the NEN primary node:
illumio-nen-ctl set-runlevel 1 -svw
illumio-nen-db-management dump --file <outputfile-name>
illumio-nen-ctl stop
Support for CentOS Stream 9
This release includes support for installing NENs on nodes running CentOS Stream 9.
Switch ACL generation now supports all protocols
With this release, the NEN now recognizes all PCE-supported protocols, ensuring that the NEN can translate switch policy into ACLs when such policy references any PCE-supported protocol.
Support for VMware NSX Advanced Load Balancer AVI 22.1.6
With this release, the NEN now supports VMware NSX Advanced Load Balancer AVI version 22.1.6.
NEN 2.6.20 New Features
Support for RHEL 9
This release includes support for running standalone NENs on Red Hat Enterprise Linux (RHEL) 9 where the version of openssl-libs is 3.1 or earlier.
To determine the openssl-libs version, issue rpm -qa | grep openssl-libs .
NEN 2.6.10 New Features
Support for Verifying NEN RPM Signature
Beginning with NEN release 2.6.10, you can verify the signature of the NEN RPM package before installation. This allows you to ensure that the package hasn't been modified since it was signed. For details, see Verify the NEN RPM digital signature.
Support for NEN Proxy Communication
Beginning with NEN release 2.6.10, there is now runtime_env support for defining an HTTP/HTTPS proxy for communication between the NEN and the PCE or between the NEN and managed devices (such as Server Load Balancers (SLBs)). You can also specify a list of IP address that are not allowed to communicate via a proxy server. For details, see Configure Proxy Support for NENs.
Ruby updated to version 3.1.2
Ruby was upgraded from version 2.7.1 to 3.1.2.
NEN 2.6.1 New Features
Support for all Citrix ADC (Netscaler) Load Balancer-supported protocols
With this release, the NEN now supports all the protocols that Citrix (NetScaler) 13.1 lists in the Load Balancing > Virtual Servers > Add > Protocol menu.
NEN 2.6.0 New Features
Support for Citrix ADC (Netscaler) Load Balancer
With this release, the NEN now supports Citrix ADC (Netscaler) Load Balancers and their associated virtual servers that have only a single IPv4 address.
To add a Citrix Software Load Balancer, see the section Configure Load Balancers in the "Load Balancers and Virtual Servers for the NEN" topic.
Support for allowing customers to specify whether disabled VIPs are reported to the PCE
Prior to the release of NEN 2.6.0, if VIP filtering was disabled, all VIPS – including disabled VIPs – were reported to the PCE. You can now disable this reporting using the following new option in the illumio-nen-ctl slb-enable command:
--disabled-virtual-server-reporting enabled|disabled
To ensure backwards compatibility, the default value is enabled.
PCE-provided rule IP addresses and ports now combined into CIDR blocks
NENs now combine rule IP addresses and ports provided by the PCE into CIDR blocks and port ranges. This reduces the number of ACLs that NENs need to generate for switches.
Benefits include:
Fewer ACLs that the NEN generates for switches.
Fewer ACLs generated for the IBM iSeries integration with Precisely (current limit: 10k ACLs) allows for optimization of IP addresses into ranges larger than can be covered by a single CIDR block.
Lower demand on switch TCAM where ACLs are stored.
Support for Rocky Linux 8.7
This release includes support for running standalone NENs on Rocky Linux 8.7.