BMC Network Automation 8.9.00 provides the following enhancements:
For information about issues corrected in this release, see Known and corrected issues.
Standalone BMC Network Automation updates
The following table describes the standalone BMC Network Automation system updates included in this release:
Remediation of rule violations by means other than SmartMerge or full configuration push
You can associate a rule with a corrective action that performs span actions other than pushing a compliant configuration. You can choose to push a template, run a Deploy OS Image action, or run a custom action. A rule with no corrective actions cannot be enforced.
You can run a new span action, called Remediate, to execute the defined corrective actions in violated rules. This span action expands into sub-actions to support a mix of various span action types that need to be run.
The Deploy to Active and Deploy to Stored span actions also execute corrective actions of the same type. Only actively violated rules are corrected when you choose the Remediate With All Assigned option. You can make adhoc changes to non-violated rules by choosing specific rule sets or rules.
For detailed information about the Remediate span action and the software upgrade considerations, see Remediating compliance violations.
|Support for remediating multiple rule sets and rules|
In the following span actions, now you can choose to remediate with any number and a mix of rule sets and rules:
|Support for CVE ID association||You can optionally associate a rule with one or more MITRE Common Vulnerabilities and Exposures (CVE) IDs to indicate that the rule is detecting a security vulnerability. You can filter for rules that match a CVE ID. For more information, see Adding or editing a rule .|
|Network Security Operations (SecOps) enhancements|
|Integration with BMC Threat Director version 2.2|
You can now use Threat Director and BMC Network Automation to track, analyze, and remediate network vulnerabilities. Using Threat Director you can:
For more information about the integration, see the BMC BladeLogic Portal documentation.
|Support for filtering security vulnerabilities by device types|
You can filter security vulnerabilities by device type. This filtering helps you plan your remediation tasks for that device type. You can either choose the device type from a list or you can specify the name of the device type.
When filtering by name, you can use asterisk (*) as the wildcard character. You can use the name filter to find those security vulnerabilities that have associated device types not supported by BMC Network Automation. For more information, see Viewing the security vulnerabilities listing and details.
|Device and device adapter enhancements|
|Support for new custom actions for NSX devices|
BMC Network Automation supports the following new actions to support NSX network containers:
For more information, see Configuring VMware NSX in the BMC Cloud Lifecycle Management documentation.
|Support for the Check Point Gaia device adapter|
BMC Network Automation supports a new device adapter, Check Point Gaia to manage the Check Point GAiA devices running with OS R77.30 and R80. This device adapter supports the following configuration trails and span actions:
Note: If you encounter any "interaction failure" while performing TGZ file (a TAR file archive compressed with Gnu Zip) management through Snapshot or Deploy to Store actions on a Check Point GAiA device, increase the device inactivity timeout by using the following command:
|Support for the Deploy OS Image action for MRV OptiSwitch|
The MRV device adapter supports the Deploy OS Image action for the MRV OptiSwitch 904 devices.
|Support for JunOS 14.2R5.8||The Juniper device type now supports devices running with JunOS 14.2R5.8.|
|Support for Cisco Nexus 9000 Series switches||BMC Network Automation supports Cisco Nexus 9000 Series switches running with NX-OS 7.x.|
|Simplified merge for devices using tunneled mode|
When deploying changes to a device using tunneled mode, the system no longer manages the block
Also, the baseline device types have been enhanced to detect when a config mode has been exited in error while tunneling out a script. In such a case, the system re-enters the config mode automatically. Thus, users are prevented from running arbitrary CLI commands via a template for the device types that support a config mode.
|File transfer enhancements|
|Support for proxy file server|
You can now configure a device agent to use a proxy file server, which is separated from the device agent. With this enhancement, you do not need to configure FTP, SCP, and TFTP on the device agent. The inbound connections are now relegated to the proxy file server instead of the device agent, thus making the device agent more secure.
You can configure FTP, SCP, and TFTP on the proxy file server and provide these details to the device agent. After you configure a device agent to use the proxy file server, all the configuration and images are transferred through the proxy file server.
|New database support|
BMC Network Automation supports PostgreSQL version 9.5.3. For the complete database support information, see Database support .
|New browser support||BMC Network Automation supports Microsoft Edge. For the complete browser support information, see Web-based client system requirements .|
|Third-party software support|
This version of BMC Network Automation is bundled with the following third-party software:
For the list of third-party versions supported by other versions of BMC Network Automation, see Application server system requirements.
|Enhanced System Diagnostics report|
The System Diagnostics report shows the following counts:
|Support for previewing any type of script prior to deployment|
In the Deploy to Active, Deploy to Stored, Remediate, and Scan Syntax span actions, you can preview the scripts that are to be deployed. To support the preview feature, following changes have been made:
For more information about the Preview option, see Creating a generic job.
|Importing and exporting global substitution parameters from the CLI (import and export utility)||With this version, you can import and export global substitution parameters by using the import and export utility .|
|Enhanced logging for the |
When BMC Network Automation is starting up or being upgraded, you might see warnings related to
For more information, see Property capture warnings.
BMC Network Automation web services updates
The following table describes the BMC Network Automation web services updates included in this release:
|Span action service updates|
The SpanActionService class includes the following new methods:
|Job service updates|
The JobService class includes the following new methods:
The JobService class includes the following modified method:
|Rule service updates|
The RuleService class includes a new method, getAbbreviatedCorrectableRules() to retrieve brief information for rules that can be corrected via a remediation action.
|Pod service updates|
The PodService class includes a new method, addExtendedVlanPool() to add an extended VLAN pool with the given information to the specified pod. For an extended pool (a pool supporting VXLAN), the VLAN pool range is from 0 to 224, as compared to the standard VLAN pool, which has a pool range from 0 to 4096.
|Import and export service updates|
The ImportExportService class includes a new method, exportSubstitutionParameters() to export global substitution parameters to an XML format.
The importComponents() method now supports the import of global substitution parameters into the BMC Network Automation database from an XML format.
BMC Cloud Lifecycle Management-related updates
The following table describes the BMC Network Automation updates included in this release to support BMC Cloud Lifecycle Management :
|Support for Virtual Extensible LAN (VXLAN)|
BMC Cloud Lifecycle Management supports VXLAN to improve scalability problems. For a pool supporting VXLAN (extended pool), the VLAN pool range is from 0 to 2 24, as compared to the standard VLAN pool, which has a pool range from 0 to 4096. For more information, see Creating a pod from a pod blueprint.
A new tag,
|Support for NSX devices|
Now you can create VMware NSX Bronze containers as well containers with distributed firewalls. For more information about configuring VMware NSX, see Configuring VMware NSX (SDN) platform in the BMC Cloud Lifecycle Management documentation.
|Updates in the pod and container blueprint schemas|
BMC Network Automation includes the following updates in the pod and container blueprint schemas:
|Support for sharing access layer devices among pods|
BMC Network Automation allows sharing of access layer devices among pods to allow for the Software Defined Networking (SDN)-style containers that might need to do sharing.
Changes to the supported products and solution versions
This section describes the versions of products and solutions supported by BMC Network Automation version 8.9.00.
BMC Network Automation integrates with BMC Threat Director version 2.2. For more information, see the BMC BladeLogic Portal documentation.
BMC Network Automation integrates with the following products to provide the BMC Continuous Compliance for Network Automation solution. For more information about this integration, see BMC Continuous Compliance for Network Automation solution .
BMC Remedy AR System Server
BMC Remedy ITSM Suite
BMC Atrium CMDB Enterprise Manager
BMC Atrium Orchestrator Platform
BMC Atrium Orchestrator Content
|BMC Decision Support - Network Automation||8.9.00|
BMC Network Automation integrates with the following BMC and non-BMC products to provide the BMC Cloud Lifecycle Management solution. For more information about this integration, see BMC Cloud Lifecycle Management .
|BMC Cloud Lifecycle Management||4.6.03|
BMC Atrium Orchestrator Platform
BMC Atrium Orchestrator Content