Skip to main content

What's New and Release Notes 25.3

What's New in NEN 2.7.x Releases

This section describes new features introduced in the following NEN releases.

NEN 2.7.0 New Features

  • Top-of-rack Cisco IOS XR series routers

    This release supports integrating the NEN with Cisco IOS series routers. (Illumio Core PCE 25.3.0 or later, SaaS only.)

  • Support for CIDR block interfaces

    Allows you to assign CIDR blocks to unmanaged workloads. Each unmanaged workload can represent a subnet, a Layer 3 interface, or a group of workloads instead of just a single workload. (Illumio Core PCE 25.3.0 or later, SaaS only.) See Enhance network security for Top Of Rack routers using Illumio NEN 2.7.0 and Cisco IOS XR.

  • Support for NVIDIA BlueField DPU (with OVS)

    OVS is a software-based network technology that enhances virtual machine (VM) communication within internal and external networks. It functions as a virtual switch, allowing VMs to communicate within a host and across different hosts. Typically installed on a NIC (for example NVIDIA's BlueField-3 Data Processing Unit; support for other cards may also be available), OVS' software-based approach for packet switching relieves the strain on CPU resources that can impact system performance and network bandwidth. See Integrate the NEN with the NVIDIA BlueField®-3 DPU featuring OVS.

    • Illumio NEN + OVS Use Case

      Integrating the NEN with OVS enables visibility and policy enforcement for traffic within and between IT and OT layers, allowing you to visualize all traffic to and from OT systems. Illumio’s flexible labeling architecture helps you understand how your assets communicate. The NEN converts your segmentation policies into ACLs that are then installed on the OVS to secure your OT/IT infrastructure.

    • Streamlined integration through the Illumio API

      Integrating the NEN with OVS through the PCE web console is straightforward enough, but integration through the PCE API is even easier: enter the IP address and credentials for the OVS switch (see note below) and the NEN automatically discovers the switch configuration, programs flow monitoring on the switch, discovers and creates workloads in the PCE, and programs the ACLs on the OVS.

      Important

      The user credentials you provide for the OVS must allow access to the ovs-vsctl and ovs-ofctl commands either through the user login or password-less sudo access.

  • Support for NetFlow and IPFIX flow data monitoring protocols

    These protocols are added to the NEN's existing support for sFlow.

  • Support for IPv6 Access Control Lists (ACLs)

    Provided in addition to existing support for IPv4.