VMware vRealize Network Insight 3.3 Release Notes
vRealize Network Insight 3.3 | 2 MARCH 2017 | Build 1487914671
Check regularly for additions and updates to these release notes.
Last updated on 29 MARCH 2017
The release notes cover the following topics:
The new and enhanced features in this release are as follows:
- Enhanced Event Management Experience and new NSX events
New configuration and inter-communication checks have been added for checking and reporting on NSX manager, controller, and data plane services deployment and production issues. Additionally, all events have been enriched with new set of information that includes, name, severity, category (event tags), and best practice remediation recommendations.
- Enhanced visibility into planning micro-segmentation topology
The expansion of shared wedges into groups is introduced to provide increased visibility into the traffic pattern and improve micro-segmentation planning.
- NSX for vSphere Firewall Rules Enhancements
- The firewall rule negation configuration is supported.
- The VNIC in source, destination and Applied To configuration of a firewall rule is supported.
- The raw IP and port configuration in a firewall rule is supported.
- The process of configuring the direction (IN/OUT/INOUT) in a firewall rule is supported.
- NAT Improvements
Users can better visualize the NAT communication between virtual machines when running any VM-VM path trace, or path troubleshooting queries. This improved visualization helps in quickly resolving NAT configuration, and NAT data path issues. Enhancements are also made in handling of IPFIX flow records to filter out NAT affected flows.
- NSX for vSphere 6.3 Compatibility
vRealize Network Insight has been extensively tested with NSX for vSphere version 6.3. All existing vRealize Network Insight features are certified to work with this version of NSX.
- VMware vSphere 6.5 Compatibility
vRealize Network Insight has been extensively tested with vCenter 6.5. It is a compatible as well as a fully supported deployment for vRealize Network Insight.
- Support for Dell Switches
The following Dell switches are supported:
- Dell S4048
- Dell Z9100
- Dell S4810
- Medium brick size deployment scales up to 1 million flow records (4 tuple)
- Large brick size deployment scales up to 2 million flow records (4 tuple)
The following documentation is available at the vRealize Network Insight Information Center:
vRealize Network Insight 3.3 does not support direct upgrade from version 3.0 and 3.1. Refer to KB article at https://kb.vmware.com/kb/2149264 to get information on upgrade options.
- TLS v1.1/1.2 is supported. TLS v1.0 is no longer supported.
- The export of recommended firewall rules is supported for Security Groups, Applications, and Tiers.
- The IPset created out of physical (non-VM) IP addresses and a security group created by including such ipset is supported for micro-segmentation planning analysis.
- In the Applied To grouping criteria, VNICs are supported.
- For Security Group Exclusion, exclusion criteria based on VNIC, Directory Group, MAC Set and vApp are supported.
- To configure group restriction in LDAP, the user provided to validate credentials need not belong to one of the groups.
- The LDAP feature now supports group hierarchies. Access granted to a group automatically grants access to its subgroups.
The known issues and limitations for vRealize Network Insight 3.3 are as follows:
- The data source of the Dell Switch indicates that S6010 is supported. This is incorrect as S6010 is not supported.
- Some events such as Host network control plane mismatch are not raised if the datacenter is not at the top level and is located inside a folder in vCenter.
- The product downgrade is not supported.
- You need to enable the use of NSX central CLI to use NSX NAT support in the Settings page.
- The export as CSV is not supported for advanced searches that use group by, sum, max, and min functionality.
- At the end of the online upgrade, clicking Done results in no action. Once the online upgrade is complete, open a new browser window to use the product.
- The product update notifications are supported only for single platform node deployment connected to internet.
- Sometimes the online product update is stuck or frozen. File a support ticket to resolve this issue.
- The NAT rules on NSX Edge version 5.5 or below are not supported.
- In the Applied To grouping criteria, the edge is not supported
- The central CLI must be enabled in environments where NAT is being used.
- The browser needs to be refreshed after clearing browser cache once the product upgrade is complete.
- SNMP v1 is no longer supported.
- The platform cluster feature does not support high availability (HA) configuration. All the platform nodes need to be up and running for the cluster to work at optimal performance levels.
- There is a known issue in events search list view where sometimes facet counts are incorrect upon selection and no events are shown.
- The LDAP feature does not support restricting group access based on the Active Directory Primary Group.
- Upon Evaluation license expiry, the data providers are disabled and stop collecting data. After renewing license, the data providers must be enabled from the UI to start data collection.
- To use Gmail® server as the choice of Mail server, additional configuration settings as listed on https://support.google.com/accounts/answer/6010255?hl=en are required.
- The export to CSV feature can export a maximum of 20,000 rows.
- During deployment, if a vRealize Network Insight Proxy Appliance is configured with an incorrect IP address and an incorrect shared secret, then the appliance goes in an unrecoverable state and has to be redeployed.
- Once a data provider is removed from the system, the same data provider can be added back only after two or more hours.
- The support bundle creation on a medium sized system can take in excess of fifteen minutes of time.
- NSX Manager Data Provider requires Enterprise role. If Central CLI is to be enabled, System Admin user credentials are required for NSX Manager Data Provider.
- When number of VMware vCenter® flows (4-tuples) exceed 3 million, the processing of flow data on a Proxy VM is paused. It resumes only when number of active flows in the system are less than this limit. To reduce the number of flows, remove some of the vCenter data sources or disable IPFIX on some if the DVS.
- A flow in vRealize Network Insight is a 4-tuple of (source IP, destination IP, destination port, and protocol).
- More than 100,000 unique IP addresses are not supported for flow based analytics.
- Recommended firewall rules only supports global rules creation and universal rules creation is not supported.
VMware MIB Files
For MIB information, see Determining the MIB module listing, name, and type of an SNMP OID.
You can download the SNMP MIB module file at http://kb.vmware.com/kb/1013445.
Top of Page