Release Overview — Unimus 1.9.0

Device Tags — friendlier and available in more places

We improved the usability of Device Tags and made them more available across Unimus. Device Tags now have their own top-level menu, and managing them is more user-friendly. We have also added a new “Tags” window on the Devices screen, so you can tag devices directly from the Devices screen.

Device Access Limitation — usability improvements

Since we were working on improvements to Device Tags we also improved the Device Access Limitation system. The Device Access table in User management has been simplified and made more intuitive. In the Devices screen, we added a new table that shows which accounts have access to the selected device, and what grants user the access. You can find this under the new “Tags” window.

Device Ownership — new feature to simplify access management

We have also added Device Ownership — when a user creates a device, he is the owner of that device. Owners have access to their devices even if limited by Tags, or other access-limitation. This fixes an issue where an access-limited Operator-level user was not able to see the devices they themselves created. You can of course change the owner of any device, or set the owner for a device to “None” in the device “Edit” window.

New “High Security Mode” for credentials and enable/configure passwords

When creating a new credential, you can now create it in “High security mode”. This will the password for this credential completely private, and disables any “Show Password” features for that credential across Unimus. This will make the password un-retrievable even to administrator-level accounts, making it easier to comply with security requirements in strict environments.

“Comments” windows — real-time updates

The “Comments” windows now have live-update, so when someone comments all other open Comments windows will refresh automatically. When a new comment is added to any entity in the system, all other users also immediately see the comment icon updated as well. This makes the commenting feature in Unimus update in real-time for all users, and improves UX dramatically.

Full changelog:

= Version 1.9.0 = 
Features:
Juniper JunOS driver completely rewritten, solving multiple issues with JunOS
Added hints (contextual help) to "Do not manage device" and "High security mode" checkboxes
Improved compatibility with certain Cisco MDS models
Backups for Cisco IOS and NXOS will now complete even if the "show vlan brief" command is not available
Increased subnets text area limit in the Network Scan to 65k characters
Improved support for devices with certain versions of Comware / Huawei VRP
Improved support for certain models of Cisco SMB switches
Mass Config Push now supports devices which present a menu after login (pfSense, ProCurve stacks, etc.)
Improved support for devices that display "Press any key to continue" but really ignore that and proceed to prompt
Improved visuals for all input fields to better handle IPv6 addresses or long FQDNs
Event system (top right corner popups) enhanced and visually unified
Added support for "enhanced security-mode" on HP ProVision / HPE ProCurve / Aruba ArubaOS
Improved support for "(y/n)" prompts
Improved the usability of Device Tags:
- Device Tags now have their own top-level menu for tag management
- improved the tag management (add/remove/assign/unassign) process
- various other UI and UX improvements related to tags
Improved the Device Access Limitation system:
- Added a new "Users with access" window to devices which have Tags (will show which users have access to this device, and where the access comes from)
- Added device ownership - account which creates a device is now the owner of that device
- owners always see the devices they own, even if limited Access Limited by Tags (solves Operator-level users not seeing the devices they create when they are access-limited)
- Accounts are not able to changed their own access role anymore - you can't cut yourself from Admin access anymore
Update to the Comments windows across Unimus:
- Comments now have live updates, if one user adds a new comment, all users will immediately see it
- multiple graphical and visual updates and fixes to the Comments windows
Added two new API endpoints to retrieve configuration changes
- you can now retrieve list of devices with config changes over the API
- external integrations can now use the API to display diffs generated by Unimus
- more details at: https://wiki.unimus.net/display/UNPUB/Full+API+v.2+documentation
Added high security mode option for credentials and enable passwords
- will disable "Show password" for these credentials anywhere in Unimus
- useful to make sure no one (no matter their access level) can retrieve password from Unimus
New "Sensitive data striping" feature:
- will not store any sensitive data in backups (passwords, keys, etc.)
- can be configured globally, or per-Tag
- currently supported on Cisco ASA, IOS, IOS-XR, Nexus, NXOS
- more details at: https://wiki.unimus.net/display/UNPUB/Sensitive+data+striping
The CLI login handler has been rewritten from scratch:
- this improves overall compatibility with all devices that we support
- many edge-cases where login to device would fail were solved
Added support for:
- A10 Networks Thunder series
- Adtran TA (Total Access) 2nd gen.
- Cisco SMB SF2xx / SG2xx / SX2xx switch series
- more H3C Comware switches
- HPE 1920S
- Nomadix AG
- more Zyxel MGS switches (37xx and newer)
- more Zyxel USG models
- Zyxel XGS switches
- more Zyxel ZyWALL models
Fixes:
Fixed a bug casing some login banner to cause Unimus to fail the login to devices
Solved access-limited users not seeing the devices they create when they are Operator level (see device ownership in Features section)
Fixed users with Device Access limitations seeing devices they should not see in Mass Config Push device binding
Fixed UBNT devices not discovering / backing-up if firmware version contained 4 digits
Fixed some environment configuration being ignored on startup (logging, proxy, etc.)
Fixed a rare failure when trying to switch to enable / configure mode during discovery
Fixed enable / configure mode switch failing on devices which responded with a lot of data immediately during mode switching
Fixed Mass Config Push incorrectly reporting "unsupported command" in very rare cases
Fixed multiple issues with Juniper JunOS backups (parts of backups missing, incorrect change notifications, etc.)
Fixed not discovering / backing-up some models of UBNT AirFibers
Fixed some versions of ZyXel USGs not being discovered
Fixed some versions of Comware / Huawei VRP devices not being discovered
Fixed some models of Cisco SMB switches not being discovered
Fixed "--More--" not being properly removed from FortiOS backups in rare circumstances
Another round of fixes for more incorrect configuration change notifications for FortiOS
Fixed table search not behaving as expected with certain special characters
Fixed incorrect username format tooltip message on the login screen
Fixed inconsistent width of subnets area in the NetworkScanView when changing browser window size
Fixed Unimus switching view when licensing server went offline and then back online
Fixed device output logging not working after enabling/disabling it multiple times
Fixed a UI error when trying to backup multiple unmanaged devices
Fixed a UI error when a 'read only' account navigated to the Notifications view
Fixed a UI error when 'Expand command(s) windows' clicked when creating new mass config push preset
Fixed various cases where login would fail to devices that display "Press any key to continue" but really ignore that and proceed to prompt
Fixed some models of Zyxel MGS switches not being discovered
Tickets closed by this release:
UN-245, UN-272, UN-316, UN-334, UN-362, UN-365, UN-371, UN-372, UN-377, UN-378, UN-379, UN-380, UN-382
Known issues:
Special characters can be replaced by '?' under specific circumstances

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store