Release Overview - Unimus 1.9.0
Unimus 1.9.0 is the biggest release of Unimus to date. This release overview showcases the new features and improvements present in the 1.9.0 release.
With each new release, we also upload a release overview video, so if you prefer a video format, you can find it here: Youtube - 1.9.0 Release Overview video
For those who prefer readable content, read on!
Device Tags - friendlier and available in more places
We improved the usability of Device Tags and made them more available across Unimus. Device Tags now have their own top-level menu, and managing them is more user-friendly. We have also added a new "Tags" window on the Devices screen, so you can tag devices directly from the Devices screen.
Device Access Limitation - usability improvements
Since we were working on improvements to Device Tags we also improved the Device Access Limitation system. The Device Access table in User management has been simplified and made more intuitive. In the Devices screen, we added a new table that shows which accounts have access to the selected device, and what grants user the access. You can find this under the new "Tags" window.
Device Ownership - new feature to simplify access management
We have also added Device Ownership - when a user creates a device, he is the owner of that device. Owners have access to their devices even if limited by Tags, or other access-limitation. This fixes an issue where an access-limited Operator-level user was not able to see the devices they themselves created. You can of course change the owner of any device, or set the owner for a device to "None" in the device "Edit" window.
New "High Security Mode" for credentials and enable/configure passwords
When creating a new credential, you can now create it in "High security mode". This will make the password for this credential completely private, and disables any "Show Password" features for that credential across Unimus. The password will be un-retrievable even to administrator-level accounts, making it easier to comply with security requirements in strict environments.
"Comments" windows - real-time updates
The "Comments" windows now have live-update, so when someone comments all other open Comments windows will refresh automatically. When a new comment is added to any entity in the system, all other users also immediately see the comment icon updated as well. This makes the commenting feature in Unimus update in real-time for all users, and improves UX dramatically.
In addition to these major features, we have also added support for 9 new devices from various vendors, as well as 9 other minor features. There are also new API endpoints present for config change and diff retrieval over the API.
We recommend checking out the full changelog below for more details.
This release also contains fixes for more than 20 various issues and bugs reported since the 1.8-branch release. We have worked very hard to eliminate all issues small and large, and fixed many edge-cases where device interaction would fail. We are happy to report that from beta and RC testing, the 1.9.0 release is showing to be the most stable release of Unimus yet.
We highly recommend all users to upgrade to this release.
Full changelog:
= Version 1.9.0 =
Features:
Juniper JunOS driver completely rewritten, solving multiple issues with JunOS
Added hints (contextual help) to "Do not manage device" and "High security mode" checkboxes
Improved compatibility with certain Cisco MDS models
Backups for Cisco IOS and NXOS will now complete even if the "show vlan brief" command is not available
Increased subnets text area limit in the Network Scan to 65k characters
Improved support for devices with certain versions of Comware / Huawei VRP
Improved support for certain models of Cisco SMB switches
Mass Config Push now supports devices which present a menu after login (pfSense, ProCurve stacks, etc.)
Improved support for devices that display "Press any key to continue" but really ignore that and proceed to prompt
Improved visuals for all input fields to better handle IPv6 addresses or long FQDNs
Event system (top right corner popups) enhanced and visually unified
Added support for "enhanced security-mode" on HP ProVision / HPE ProCurve / Aruba ArubaOS
Improved support for "(y/n)" prompts
Improved the usability of Device Tags:
- Device Tags now have their own top-level menu for tag management
- improved the tag management (add/remove/assign/unassign) process
- various other UI and UX improvements related to tags
Improved the Device Access Limitation system:
- Added a new "Users with access" window to devices which have Tags
(will show which users have access to this device, and where the access comes from)
- Added device ownership - account which creates a device is now the owner of that device
- owners always see the devices they own, even if limited Access Limited by Tags
(solves Operator-level users not seeing the devices they create when they are access-limited)
- Accounts are not able to changed their own access role anymore - you can't cut yourself from Admin access anymore
Update to the Comments windows across Unimus:
- Comments now have live updates, if one user adds a new comment, all users will immediately see it
- multiple graphical and visual updates and fixes to the Comments windows
Added two new API endpoints to retrieve configuration changes
- you can now retrieve list of devices with config changes over the API
- external integrations can now use the API to display diffs generated by Unimus
- more details at: https://wiki.unimus.net/display/UNPUB/Full+API+v.2+documentation
Added high security mode option for credentials and enable passwords
- will disable "Show password" for these credentials anywhere in Unimus
- useful to make sure no one (no matter their access level) can retrieve password from Unimus
New "Sensitive data striping" feature:
- will not store any sensitive data in backups (passwords, keys, etc.)
- can be configured globally, or per-Tag
- currently supported on Cisco ASA, IOS, IOS-XR, Nexus, NXOS
- more details at: https://wiki.unimus.net/display/UNPUB/Sensitive+data+striping
The CLI login handler has been rewritten from scratch:
- this improves overall compatibility with all devices that we support
- many edge-cases where login to device would fail were solved
Added support for:
- A10 Networks Thunder series
- Adtran TA (Total Access) 2nd gen.
- Cisco SMB SF2xx / SG2xx / SX2xx switch series
- more H3C Comware switches
- HPE 1920S
- Nomadix AG
- more Zyxel MGS switches (37xx and newer)
- more Zyxel USG models
- Zyxel XGS switches
- more Zyxel ZyWALL models
Fixes:
Fixed a bug casing some login banner to cause Unimus to fail the login to devices
Solved access-limited users not seeing the devices they create when they are Operator level (see device ownership in Features section)
Fixed users with Device Access limitations seeing devices they should not see in Mass Config Push device binding
Fixed UBNT devices not discovering / backing-up if firmware version contained 4 digits
Fixed some environment configuration being ignored on startup (logging, proxy, etc.)
Fixed a rare failure when trying to switch to enable / configure mode during discovery
Fixed enable / configure mode switch failing on devices which responded with a lot of data immediately during mode switching
Fixed Mass Config Push incorrectly reporting "unsupported command" in very rare cases
Fixed multiple issues with Juniper JunOS backups (parts of backups missing, incorrect change notifications, etc.)
Fixed not discovering / backing-up some models of UBNT AirFibers
Fixed some versions of ZyXel USGs not being discovered
Fixed some versions of Comware / Huawei VRP devices not being discovered
Fixed some models of Cisco SMB switches not being discovered
Fixed "--More--" not being properly removed from FortiOS backups in rare circumstances
Another round of fixes for more incorrect configuration change notifications for FortiOS
Fixed table search not behaving as expected with certain special characters
Fixed incorrect username format tooltip message on the login screen
Fixed inconsistent width of subnets area in the NetworkScanView when changing browser window size
Fixed Unimus switching view when licensing server went offline and then back online
Fixed device output logging not working after enabling/disabling it multiple times
Fixed a UI error when trying to backup multiple unmanaged devices
Fixed a UI error when a 'read only' account navigated to the Notifications view
Fixed a UI error when 'Expand command(s) windows' clicked when creating new mass config push preset
Fixed various cases where login would fail to devices that display "Press any key to continue" but
really ignore that and proceed to prompt
Fixed some models of Zyxel MGS switches not being discovered
Tickets closed by this release:
UN-245, UN-272, UN-316, UN-334, UN-362, UN-365, UN-371, UN-372, UN-377, UN-378, UN-379, UN-380, UN-382
Known issues:
Special characters can be replaced by '?' under specific circumstances