8.9.04.001: Patch 1 for Service Pack 4

This topic contains information about updates in this patch, and provides instructions for downloading and installing the patch.

• Enhancements
• BMC Cloud Lifecycle Management-related update
• Changes to supported product and solution versions
• Downloading, installing, and upgrading to the patch
• Related topics

Enhancements

Version 8.9.04.001 provides the following enhancements.

Earlier, you could add groups to a combo group by choosing operators and groups only from menus. From this release, in addition to menus, you can add operators and groups by entering Boolean expressions in a text editor. 

The text editor is useful in case you have a large number of groups to combine. For example, many models of Cisco devices or many auto-groups derived from data extracted from configurations. It is easier to type the Boolean expression in the text editor rather than use menus to construct the expression bit by bit. For more information, see Adding-or-editing-a-combo-group.

Earlier, for Cisco IOS device types, you could validate device configuration passwords only by using the MD5 algorithm. This release includes the encrypt_cisco function to validate passwords using additional algorithms. This function has the following syntax:

$ {eval encrpyt_cisco p3  p1  p2}

where p3 indicates the algorithm type and can have the following Integer values:

For information about the encrypt_cisco syntax and examples, see About-substitution-parameters and Updating-device-passwords.

Network Automation provides a canned rule, NET0240 - Enable PBKDF2 in the DISA - Cisco Infrastructure Router rule set that can be referred for using the encrypt_cisco function.

Now, you can push the following types of content from a single application server to multiple application servers by using TrueSight Network Automation – Multi-Server Administration:

• Global Substitution Parameters
• Templates

For more information, see Pushing-content-to-sites.

Now, you can import vendor-supplied security vulnerability advisories for the following TrueSight Network Automation supported device types from the National Vulnerability Database (NVD) repository into the system:

• Extreme Networks
• Hewlett Packard Enterprise (HPE) Aruba
• Palo Alto

A canned database of NVD-based advisories for these device types is provided with Network Automation. For more information, see About-security-vulnerability-importers and Managing-security-vulnerabilities.

Earlier, you could only select devices to be included in a static group when creating the group. Now, you can specify the devices to be included in a text file, thus making it easier to specify a large number of devices. The text file must contain one device per line. For more information, see Adding-or-editing-groups.

With this release, Network Automation allows you to specify groups while creating a device import task for the TrueSight Network Automation XML Import and Comma Separated Value Text formats. You can add these groups in the XML and CSV files that you want to import.

You can choose from the following options while specifying groups:

• Retain the existing group associations and associate only those groups that were not associated earlier
• Remove the existing group associations and associate only the new groups

For details, see Adding-a-file-access-device-import-task.

In this release, you can define the default violation severity that should be assigned to a new rule. You define the severity by using a new system parameter, Default Violation Severity in the System Parameters page.

This version of Network Automation supports Microsoft Windows Server version 2019. For the complete list of operating systems supported by Network Automation, see OS support.

This version of Network Automation is bundled with the following third-party software:

• AdoptOpenJDK 11.0.3
• Apache Tomcat web server 9.0.19

BMC Cloud Lifecycle Management-related update

TrueSight Network Automation provides the following custom actions to support A10 Networks load balancers:

• Add New Server to Pool
• Create Partition
• Create Pool
• Delete Partition
• Delete Pool
• Delete Server from Pool
• Disable Pool Member
• Enable Pool Member
• Show Pools

For more information, see Configuring-A10-Networks-load-balancers in the Cloud LifeCycle Management documentation.

Changes to supported product and solution versions

This section lists product and solution versions supported by Network Automation version 8.9.04.001.

BMC Discovery

Network Automation version 8.9.04.001 supports version 11.3.00.005 of BMC Discovery.

BMC TrueSight Vulnerability Management

Network Automation integrates with TrueSight Vulnerability Management version 3.0.01. For more information, see the TrueSight Vulnerability Management documentation.

BMC Continuous Compliance for Network Automation

Network Automation integrates with the following products to provide the BMC Continuous Compliance for Network Automation solution. For more information about this integration, see BMC-Continuous-Compliance-for-Network-Automation-solution.

BMC Cloud Lifecycle Management

Network Automation integrates with the following BMC and non-BMC products to provide the BMC Cloud Lifecycle Management solution. For more information about this integration, see BMC-Cloud-Lifecycle-Management. 

Entuity Network Analytics

This version of Network Automation supports Entuity Network Analytics version 17.0 Patch P05. For more information, see Entuity-Network-Analytics.

Downloading, installing, and upgrading to the patch

For instructions, see Downloading-the-installation-files and Installing.

You can also upgrade to this patch from version 8.5.x or later. If you are upgrading the application server, you must also upgrade all the remote device agents to the same version as the application server. For more information, see Upgrading.

Related topics

Known-and-corrected-issues

Release-notes-and-notices