16.3.0 Release Notes

11/05/24

New Cloud Control Center updates for 16.3.0

This release includes various bug fixes, updates to the UI, updates to the API, and several new and improved features detailed below. 

 

Elisity IdentityGraph

Device Count for Global Distribution Zone
Cloud Control Center now displays the amount of online devices in the Global Distribution Zone. To learn more, read the Distribution Zones article.

Connector Advanced Timers
Global Query Timer and Initial Delay Timer is now configurable for connectors that support adjustment. To adjust the timers, navigate to the Advanced section for each connector configuration. 

Elisity Category
The Device Category feature provides an Elisity-determined classification for each device, calculated independently for each connected data source (e.g., ServiceNow, Medigate, Armis). This approach creates a standardized category for devices, with a Consistency Score indicating the alignment across sources. More information can be found in our Elisity IdentityGraph article.

Consistency Score
A new attribute in Elisity Native Identity has been added, called Consistency Score. Consistency Score reflects the consistency of Device Category that has been determined for each connector in IdentityGraph, calculated based on the alignment of identity attributes across multiple data sources.



Policy

Policy Evaluator v2
New functionality has been added to Policy Evaluator. This includes additional source and destination options, port ranges, RBAC support, and a more comprehensive report. To learn more, read the Policy Evaluator.

Enhanced Match Criteria for ServiceNow
New attributes "Created By" and "Updated By" are available as Policy Group match criteria for ServiceNow in Elisity IdentityGraph, with contains, equals, and not equal matching logic available. See our ServiceNow Classification Details article for the full list of attributes available.

Policy Audit Comments
Mandatory Audit Comments have been added as an optional feature for Policy Groups and Security Profiles. This feature is managed in Advanced Settings in Cloud Control Center.

Policy Group Security Levels
Policy Group Security Levels has been added as a feature in Elisity Cloud Control Center, which provides a structured way to label Policy Groups by their criticality, following the IEC 62443 standard. Read the Security Levels section in our Policy Groups article for more information.

 

Analytics

The Analytics dashboard in Cloud Control Center has received the following improvements, which are all documented in our Visibility and Traffic Analytics article. 

Change Device Flow Direction 
A new option has been added to the device analytics page that enables you to change the direction of flows with the click of a single button. Read this section of the Visibility and Traffic Analytics article for details.

Device Count Display on Sankey Chart
Hovering over the Policy Group on the Sankey chart will now provide a count of the devices classified into that Policy Group.

Sankey Chart Legend
A new color coded legend has been included in the Analytics Page, which can be toggled from the tool bar. Read this section of the Visibility and Traffic Analytics article for details.

Hide/Show Internet Flows
A toggle button for showing and hiding flows to the InternetPG has been added to the tool bar in the Traffic Flow view within the Analytics dashboard in Cloud Control Center. Read this section of the Visibility and Traffic Analytics article for details.

Sankey Chart Port Filtering 
Clicking on an observed port or service name in Traffic Flow view now automatically adds a filter for the selected port. Read this section of the Visibility and Traffic Analytics article for details.

Traffic Flow Export via UI and API 
Admins in Cloud Control Center can export flow records from the Flow Records pane by clicking on the Export data button at the top right of the Flow Records table in Analytics. Read this section of the Visibility and Traffic Analytics article for details.

Flow Records export is now also available via API. See the full list of API updates at the bottom of this article. 

"NOT" Filter Logic for Analytics
New filtering logic has been added to the filter tool to include "NOT" logic, meaning users can exclude specific assets, Policy Groups, ports and services, and more when creating filters for traffic flows.

Analytics Filtering UI Enhancements
Multiple improvements including a new tool bar, active filters display, and improved filtering options have been made to the Traffic Flow view in Analytics. 

 

System

Third Party NetFlow Support
Cloud Control Center now supports the configuration of an additional NetFlow collector target during onboarding of a switch. This is documented in our Managing Virtual Edges and Virtual Edge Nodes and Onboarding Catalyst 9000/3850/3650 as a Virtual Edge Node articles.

 

General UI

RBAC Advancements For Policy Activation 
Additional controls around permissions for activating/deleting/changing policies has been added to the RBAC suite. To learn more, read the Role Based Access Control (RBAC) article. 

Interface and VLAN Device Table Columns
VLAN and Interface information can be displayed in the device table as individual columns. To learn more, read the IdentityGraph™ article.

Policy Grid Toolbar Update
The toolbar to the right of the Policy Grid has been updated and simplified with collapsable options. In addition, the "Show Traffic Flow" option has moved from the top of the page to the new toolbar. To learn more, read the Policy Matrix article.

Virtual Edge Dashboard UI Enhancements
The Virtual Edge dashboard summary has been simplified to show the status of all Virtual Edges and Virtual Edge Nodes, removing the filter for VE Type (GROUPS vs STANDALONE).
New Feature Modals
New features will be introduced to Cloud Control Center users when they log in for the first time after an upgrade has taken place. This feature overview only appears once.

Policy Logging Column
Policy Logging status for Policies and Security profiles has now been included in respective tables for quick viewing and filtering. Read the relevant section in the Visibility and Traffic Analytics article for more detail. 

 

Virtual Edge

Virtual Edge Shell Update 
A new secure shell has been introduced to the Virtual Edge appliance in 16.3, with built-in CLI tools. Read the Virtual Edge 16.3+ (VE16) Shell and Commands article to learn more.

New Virtual Edge Deployment Workflows are documented in the following articles:
Virtual Edge Deployment Guide (Virtual Edge 16.3+) Switch Hosted

Virtual Edge Deployment Guide (Virtual Edge 16.3+) Hypervisor Hosted

 

API Updates

API Endpoints have been added or deprecated to accomodate new functionality. These can be viewed in the API Documentation portal in Cloud Control Center. Read the How to Access Elisity APIs article for details on how to access API documentation.

API Endpoints Removed

Device-CRUD

POST /api/identity-graph/v1/devices/{id}/enrich/{source}/async
async enrich option removed

group-controller

GET /api/ad-connector-service/v1/group/{domain}/{sid}
Get AD group by SID and Domain

PUT /api/ad-connector-service/v1/group/{domain}/{sid}
Update AD group

DELETE /api/ad-connector-service/v1/group/{domain}/{sid}
Delete AD group

POST /api/ad-connector-service/v1/group
Add AD group

device-controller

POST /api/ad-connector-service/v1/device/search

Search AD Device

 

API Endpoints Added

Device-CRUD

POST /api/identity-graph/v1/devices/{id}/enrich
enrich device by ID, accepts requests even if device doesnt exist

Device - Attach

GET /api/identity-graph/v1/devices/attach/can-accept-from/{nodeId}
Check if VEN is able to accept device attach

Feature Flag

GET /api/policy/v1/feature-flag/{name}
Get current status of a feature flag

POST /api/policy/v1/feature-flag/{name}
Enable/disable feature flag

policy-evaluator-controller

POST /api/policy/v1/evaluator/evaluate
sync-controller

POST /api/ad-connector-service/v1/sync/{domain}
Sync AD structure

Virtual Edge

POST /api/topology/v1/virtual-edges/export
Generate all virtual edges as CSV

virtual-edge-node-controller

POST /api/topology/v1/virtual-edge-nodes/export
Generate all virtual edge nodes as CSV

Task Manager

PUT /api/topology/v1/task-list/{id}
Update a task list, managing the status of published tasks

flow-exporter-controller

GET /api/topology/v1/flow-exporters/{id}
Get single Flow Exporter

PUT /api/topology/v1/flow-exporters/{id}
Update Flow Exporter

DELETE /api/topology/v1/flow-exporters/{id}
Delete Flow Exporter

GET /api/topology/v1/flow-exporters
Get all Flow Exporter

POST /api/topology/v1/flow-exporters
Create Flow Exporter

Bulk Validation

POST /api/topology/v1/virtual-edges/bulk/delete/validate
Validate list of VE IDs before Virtual Edge bulk delete.

Was this article helpful?
0 out of 0 found this helpful