20.02 enhancements

This topic provides an overview of the enhancements and new features in version 20.02 of TrueSight Network Automation.

Enhanced user experience

Version 20.02 of Network Automation presents an enhanced, cleaner user interface using a new framework. After the upgrade, you can see all your data in the new UI seamlessly. The following example shows the Devices page from the new UI.

Drill-down Dashboard

Version 20.02 includes a drill-down Dashboard, which contains the following sections:

Discrepancies – Displays the number and percentage (%) of online devices with and without discrepancies on a pie chart. Clicking on the pie chart displays the devices and their realms.
Compliance violations – Displays the number and percentage (%) of online devices with and without compliance violations on a pie chart. Clicking on the pie chart displays the devices and their realms.
Devices with most compliance violations – Displays the devices with most number of violations and the number of rules violated by the devices. When you click a device link, the pop-up window displays the rules violated by the device, the rule set to which the rule belongs, and the violation severity.
Recently failed jobs – Displays the job IDs of the recently failed jobs, the actions performed via those jobs, the users who initiated those jobs, and status of those jobs. When you click a job ID, the pop-up window displays the Job Details report. A job with one of the following status can be considered as failed:
- Aborted
- Cancelled
- Cancelled not approved
- Completed with errors
- Completed with warnings
- Rejected

Simplified installation

To simplify the installation process, starting from version 20.02, you are not required to provide parameters to integrate Network Automation with the following BMC products during installation. You can integrate with these products later using the following system parameters.

Integration with	System parameter
BMC Universal Description, Discovery, and Integration (UDDI) Registry	Enable Web Services Registry Integration
TrueSight Orchestration	Enable TrueSight Orchestration Integration
BMC Configuration Management Database (CMDB)	Enable CMDB Integration

Capability to import LDAP and Active Directory users

In this release, you can import users from LDAP and Active Directory (AD) into Network Automation using the script, ldap_import_users. This script iterates over all the roles present in Network Automation and checks for any group present in LDAP and Active Directory with the same name as the role name. If a match is found, the script imports all the members of that group into Network Automation and that role is assigned to them. Before you execute the script, this role must exist in Network Automation. Using this script, you can assign the same role to multiple users that belong to one particular group at the same time.

For example, you have created a group, privilegedUsers on the LDAP or AD server and userA and userB belong to this group. You need to create a role in Network Automation with the same name as the group, privilegedUsers. After you execute the script, userA and userB are imported into Network Automation and the privilegedUsers role is assigned to them.

For more information about this script, see Tools and scripts.

Device and device adapter enhancements

Enhancement	Description
Tejas Networks device adapter	Network Automation now supports a new device adapter, Tejas Networks, to manage the TJ1400P M3 switches running with TEJOS 8.0. This device adapter supports the following configuration trails, span actions, access modes, and file transfer modes: Access modes SSH2 Telnet Configuration tails Running Startup File transfer modes SCP TFTP Standard span actions Commit Deploy OS Image Deploy to Active Deploy to Stored Reboot Remediate Snapshot Snapshot OS Image
F5 BIG-IP TMSH version 14.x devices	This release supports version, 14.x, of the F5 BIG-IP TMSH devices.
Deleting files from a device's filesystem using a new custom action	This version provides the new custom action, Delete File(s) From Device File System. You can use this custom action to delete one or more files that match the specified naming criteria from the current filesystem of the device. You can use asterisk ( * ) as the wildcard character to delete multiple files. Before deploying an OS image, you can use this custom action to free up the disk space from a device for the new OS image. The current booted image file and the one referenced in the configuration file are not deleted.

Security enhancements

Support for an enhanced algorithm to store logon passwords

In version 20.02, for enhanced security, Network Automation stores logon passwords in the database using the SHA-256 with salt and iterations message digest algorithm when local authentication is being used.

Due to change in the algorithm, when existing Network Automation users log on to the GUI after upgrade to 20.02, they are redirected to the Change Password page to change their password. The users with the Password Never Expires option selected need to manually change their password.

Enhancements in cryptographic algorithms

Starting with version 20.02, Network Automation uses the AES-256 algorithm for key creation and the AES-GCM algorithm for sensitive data encryption.

Change in the minimum password length

Default value of the Minimum Password Length system parameter for a Network Automation user has been changed to 8. If you have changed this parameter before upgrade, it is not overwritten.

Application running with a non-privileged user

For security reasons, in version 20.02, the following services start with a non-privileged user account that you provide during installation:

Application Server:
- (Windows) BCA-Networks Web Server Service
- (Linux) enatomcat service
Remote Device Agent:
- (Windows) TrueSight Network Automation Agent Service
- (Linux) TrueSight Network Automation Device Agent Service

For more details, see the following topics:

Miscellaneous enhancements

Support for importing vulnerability advisories from NVD JSON files

As of October 2019, NVD does not support vulnerability data feeds in XML format. To support the import of vulnerability advisories from NVD, this release of Network Automation supports the import of advisories in JSON format. For more information, see About security vulnerability importers.

Ability to delete multiple OS images from the GUI

You can delete multiple OS images simultaneously by selecting and clicking the Delete button in the menu bar on the OS Images page. For more information, see Deleting OS images.

Change in the name of the Entuity Eye of the Storm XML format

Entuity Eye of the Storm XML Format has been renamed to Entuity Network Analytics XML Format in the GUI. You need to select the renamed format while importing a device from Entuity Network Analytics into Network Automation. For more information, see Importing devices from Entuity Network Analytics.

Platform support

Operating system support

Network Automation version 20.02 supports the following additional operating systems:

Microsoft Windows Server 2019
Red Hat Enterprise Linux 8.0

For the complete list, see Operating system support.

Database support

Network Automation version 20.02 supports the following additional databases:

Microsoft SQL Server 2017 AlwaysOn Clustering
Microsoft SQL Server 2017 Active-Passive Mode Clustering

For the complete list, see Database requirements.

Third-party software support

This version of Network Automation is bundled with the following third-party software:

AdoptOpenJDK version 11.0.5
Apache Tomcat web server version 9.0.30

Downloading, installing, and upgrading

For download instructions, see Downloading the installation files. For installation instructions, see Installing.

If you are upgrading the application server, you must also upgrade all remote device agents to the same version as TrueSight Network Automation. For more information about upgrade, see Upgrading.