Product Updates

Released: 2025-10-21We’re happy to announce the immediate release of Forward Enterprise 25.10.0, which introduces major enhancements across NQE, compliance, security, topology, and collector management, along with expanded device modeling and usability improvements.See the full release notes for Forward Enterprise version 25.10.0.  What’s New NQE HistoryNQE History adds time-based visibility to Inventory+ queries, allowing users to see how network data evolves across snapshots. When enabled for a query that uses primary-keyed attributes, NQE History tracks when each unique record (such as a device, interface, or IP address) was last observed and shows that information alongside current query results. This capability eliminates the need to manually inspect multiple snapshots to determine when specific data first appeared or disappeared. Historical data is retained according to the configured history retention period.  For additional information, visit the Inventory+ documentation page.  Collector Management ViewThe new Collector Management View in the Platform section provides a centralized location for managing all collectors across the organization. It displays key details such as: version, IP address, encryption key hash, status, and associated networks. Along with version health indicators like: End of Life, No Support, or Outdated. Administrators can set a default collector for new networks, rename existing collectors, or remove inactive ones, all from a single, unified interface.   Remote Collector Support for On-Premises DeploymentsOn-premises environments now support remote collectors, allowing data collection from isolated or segmented zones that cannot be reached directly from the main deployment. Administrators can choose from three modes: Bundled Only, Remote Only, or Both Allowed, and manage all collectors centrally. Remote collectors can be installed directly from the Forward cluster, use version-matching controls, support custom SSL certificates, and can be assigned to networks individually.   Security-Focused Path Search ViewPath search now includes a dedicated security view that highlights devices responsible for enforcing access controls or performing IP address translation, while filtering out forwarding-only segments. This view makes it easier to analyze traffic enforcement points, NAT traversal, and exposure paths without distraction from routine forwarding activity.  Improved Device Vulnerability MetricsDevice vulnerability dashboards now provide a more actionable overview of security risks. The summary highlights devices with confirmed vulnerabilities and identifies those reachable from the Internet. Each dashboard item is interactive, dynamically updating filters in the vulnerability table and maintaining those filters when users navigate to detailed vulnerability findings. STIG Compliance Refresh (CY25Q3)STIG verification scripts and policy checks have been updated in both the Verifications section and the NQE Forward Library to align with the Q3 2025 DISA STIG benchmark updates, ensuring consistent compliance validation. Parametrized STIGs (Tech Preview)This technical preview introduces parameterized STIG validation through spreadsheet uploads. Administrators can provide organization-specific parameters to evaluate checks that previously required manual review.Supported platforms include Cisco IOS Router NDM, Cisco IOS XE Router NDM, Cisco NXOS Switch NDM, and Cisco ASA NDM. Parameters can be uploaded using the fn-stig-policy.csv template from the Platform > Data Files > Import data file wizard, applying automatically across all networks.  Dark Mode (Tech Preview)Dark Mode introduces a low-light interface theme available across most areas of the platform, improving accessibility and visual comfort. Dark Mode can be toggled on or off at any time, with additional support for the NQE Editor, File Viewer, and Topology views planned for a future release.   Global Synthetic NodesSynthetic nodes, such as L3VPN, now appear across all connected locations in topology views, similar to the Internet node. This improvement provides a clearer representation of inter-location connectivity and removes the need to manually assign synthetic nodes to specific locations.  Public Subnet Exclusion for Internet NodesAdministrators can now define specific public IP subnets to be excluded from the Internet node, allowing those ranges to be treated as internal networks. This ensures proper handling of internal public addresses for routing, location inferences, and path searches.   Discovery ExclusionsDiscovery scans can now exclude specified IP addresses or subnets on a per-network basis. This allows administrators to refine scan scope, avoiding unnecessary traffic to sensitive or non-essential devices during automated discovery processes.  Host Enrichment with Endpoint and Scanner DataHosts discovered in Topology or Inventory+ are now enriched with endpoint data and vulnerability scanner information,. Enrichment includes hostnames, open ports, and other attributes, improving visibility into network reachability and device relationships.  Password Policy Enhancements for SaaS OrganizationsSaaS administrators can now configure password strength and reuse limits, bringing SaaS deployments to feature parity with on-premises deployments. This enhancement improves account security and compliance for managed user access.  Modeling and Device SupportThis release adds support for Cisco Firepower FXOS and extends Segment Routing v6 (SRv6) coverage to Cisco IOS-XR, IOS-XE, NXOS, Nokia SR OS, and Juniper JunOS, expanding modeling coverage for advanced routing configurations.

Released: 2025-10-21We are happy to announce the following enhancements to NQE as part of release 25.10.0.See the full release notes for Forward Enterprise version 25.10.0.  What’s NewQueries can now include an @primaryKey annotation in the main expression to define a primary key, making it easier to identify unique records in query results. The HeaderRegion type now includes a new domains field.AVAYA_ERS has been added as a value of the OS type, expanding support for Avaya devices.  What’s FixedThe IfaceType type now includes IF_BRIDGE. Switched virtual interfaces (SVIs) on devices running NXOS now correctly report interfaceType = IF_BRIDGE in the Iface data model. The Platform.osVersion field is now populated for F5 devices when the version follows the format 1.5.1-12283 and the operating system is F5OS. Because NQE does not yet define a dedicated OS value for F5OS, these devices currently use OS = UNKNOWN. Pretty printing now works correctly in more cases, including expressions with binary operators, when clauses, and parentheses. Command ChangesHuawei – Added Command definitions for the HUAWEI operating system in the Outputs of each Device. Juniper SRX – For CommandType = DNS_CACHE, the command now includes show host routing-instance {} {} in device outputs. F5 – For CommandType = CONFIG, new commands were added to improve visibility into SIP and HTTP/2 configurations: list ltm message-routing sip profile router list ltm message-routing sip profile session list ltm profile http2 Aruba AOS-CX – For CommandType = BGP_PEERS, the command show bgp ip unicast neighbors has been replaced with show bgp ipv4 unicast neighbors. For CommandType = BGP_SUMMARY, the command show bgp ip unicast summary has been replaced with show bgp ipv4 unicast summary.  DeprecationsThe following fields, functions, and types are deprecated and will be removed in a future major release. FieldsCloudAccount – publicUnallocatedIps Cve – criteria, description, severity Ethernet – negotiatedPortSpeed ExternalSources – cliSources, httpSources, snmpSources System – uptimeSeconds VpcData – cloudType  FunctionsThe built-in functions blockDiff_alpha1, blockMatches_alpha1, and hasBlockMatch_alpha1 are deprecated.Use the versions without the _alpha1 suffix instead.Types Number (new) – The Number type is deprecated and replaced by Integer.During pretty printing, any instance of Number is automatically converted to Integer, and a warning is issued for each use.

Released: 2025-10-21We are happy to announce the following updates to the Forward Networks API as part of release 25.10.0.See the full release notes for Forward Enterprise version 25.10.0.  Breaking ChangesNetwork Snapshots – The needsReprocessing property has been removed from SnapshotMetrics. Use the snapshotState value "UNPROCESSED" to identify snapshots that require reprocessing. Affected operation: GET /api/snapshots/{snapshotId}/metrics Vulnerability Analysis – The operation GET /api/snapshots/{snapshotId}/vulnerabilities has been removed. Use GET /api/networks/{networkId}/vulnerabilities instead.  Query Parameter ChangesNetwork Collection – The optional force parameter has been removed from the cancel collection operation. Affected operation: POST /api/networks/{networkId}/cancelcollection   Model UpdatesClassicDevice, ClassicDevicePatch, NewClassicDevice – Renamed type values: "avaya_ssh" → "avaya_sr_ssh", "avaya_telnet" → "avaya_sr_telnet". Added new type value "cisco_fxos_ssh". Affected operations: GET, POST, PATCH, and PUT on /api/networks/{networkId}/classic-devices and /api/networks/{networkId}/classic-devices/{deviceName}. Device – Renamed platform value "avaya" → "avaya_sr". Added new platform value "cisco_fxos". Affected operations: GET /api/networks/{networkId}/devices, GET /api/networks/{networkId}/devices/{deviceName}. JumpServer, JumpServerUpdate, StoredJumpServer – Added a new authenticationTimeoutSeconds property to define the SSH authentication timeout. Affected operations: GET /api/networks/{networkId}/jumpServers, POST /api/networks/{networkId}/jumpServers, PATCH /api/networks/{networkId}/jumpServers/{jumpServerId}. MissingDevice – Renamed possibleTypes values: "avaya_ssh" → "avaya_sr_ssh", "avaya_telnet" → "avaya_sr_telnet". Added new possibleTypes value "cisco_fxos_ssh". Affected operation: GET /api/networks/{networkId}/missing-devices. PathSearchQuery – The srcIp property is no longer required and can be omitted when from is specified. Affected operations: POST /api/networks/{networkId}/paths-bulk, POST /api/networks/{networkId}/paths-bulk-seq. SnapshotMetrics – Removed the needsReprocessing property. Affected operation: GET /api/snapshots/{snapshotId}/metrics. SourceConnectivityResult – Renamed discoveredType values: "avaya_ssh" → "avaya_sr_ssh", "avaya_telnet" → "avaya_sr_telnet". Added new discoveredType value "cisco_fxos_ssh". Affected operations: GET /api/networks/{networkId}/classic-devices, GET /api/networks/{networkId}/classic-devices/{deviceName}. Vulnerability – Renamed os value "avaya" → "avaya_sr". Added new os value "cisco_fxos". Affected operation: GET /api/networks/{networkId}/vulnerabilities[?snapshotId={snapshotId}].   Models RemovedDeprecated vulnerability analysis models have been removed: VulnerabilityAnalysisDeprecated VulnerabilityDeprecated   

Released: 2025-09-16We're happy to announce the immediate release of Forward Enterprise version 25.9.0.See the full Forward Enterprise 25.9.0 release notes for more details.  What’s New Device Config File History Device Config File History introduces a fast way to trace how a device’s configuration has changed over time, without needing to open prior snapshots. From any device configuration view, users can quickly surface which snapshots introduced changes, making it easier to understand when vulnerabilities or issues were introduced and to speed up root cause analysis. See the Device Config File History documentation for more details.   Diff Insights and Route Diffs Diffs now provide richer insights through a new Diff Overview dashboard. Highlights include warnings for new routing loops, CVEs, and Intent violations; change propagation analysis showing devices indirectly impacted; routing diffs summarizing prefix-level changes; and an enhanced Files tab with new data columns such as tags, type, location, and vendor. These improvements give change management and troubleshooting efforts clearer context. See the Diff documentation page for more details.   Inventory+ Diff Exports Inventory+ NQE Query Diffs can now be exported directly as CSV or XLSX files. This makes it easier to share results with other teams, include them in automated workflows, or support manual investigations.  Topology Enhancements Manual interface label overrides allow users to reclassify links as data or management, making it easier to declutter the topology view or focus specifically on management traffic. See the Manual Interface Label Override documentation for more details.     Meraki device names are now simplified by removing the dashboard prefix, improving readability and search across topology and NQE.  AI Assist for NQE Queries NQE Query Generator AI Assist has been updated so that new queries open in a dedicated panel instead of replacing the active one. This ensures work in progress is preserved while still benefiting from AI-assisted query generation. Infoblox Integration Enhancements Infoblox DDI integration now supports data preview and validation before pushing updates, along with push logs that provide a full audit trail of past payloads. These updates help confirm data accuracy and improve troubleshooting and compliance.

Released: 2025-09-16We’re pleased to announce the following updates to the Forward Networks API as part of release 25.9.0.See also the full release notes for Forward Enterprise version 25.9.0.Breaking changes Network Setup: Deprecated device source operations have been removed. Use the /classic-devices endpoints instead. Removed operations: GET /api/networks/{networkId}/deviceSources POST /api/networks/{networkId}/deviceSources DELETE /api/networks/{networkId}/deviceSources GET /api/networks/{networkId}/deviceSources/{deviceSourceName} PUT /api/networks/{networkId}/deviceSources/{deviceSourceName} PATCH /api/networks/{networkId}/deviceSources/{deviceSourceName} DELETE /api/networks/{networkId}/deviceSources/{deviceSourceName} Network Devices: Snapshot-based device operations have been removed. Use /api/networks/{networkId}/devices/... and /missing-devices instead. Removed operations: GET /api/snapshots/{snapshotId}/devices/{deviceName} GET /api/snapshots/{snapshotId}/devices/{deviceName}/files GET /api/snapshots/{snapshotId}/devices/{deviceName}/files/{fileName} GET /api/snapshots/{snapshotId}/missingDevices Scheduled breaking changes Network Snapshots: The needsReprocessing property of SnapshotMetrics is deprecated and will be removed in release 25.10. Check snapshotState for "UNPROCESSED" instead. Affected operation: GET /api/snapshots/{snapshotId}/metrics Vulnerability Analysis: The legacy snapshot-level vulnerabilities endpoint is deprecated for removal in release 25.10. Use GET /api/networks/{networkId}/vulnerabilities instead. Affected operation: GET /api/snapshots/{snapshotId}/vulnerabilities Model changes Vulnerability, VulnerabilityDeprecated: Added knownExploitSource property. Added weaknesses property. Affected operations: GET /api/networks/{networkId}/vulnerabilities[?snapshotId={snapshotId}] GET /api/snapshots/{snapshotId}/vulnerabilities Models removed Device source models: The following models have been removed as part of device source API cleanup: DeviceSource DeviceSourcePatch DeleteDeviceSourcesResult Notable unpublished API changesThese changes affect internal or unpublished APIs that have no stability guarantees but are shared here for awareness: Added collect in network endpoint operations; collectionDisabled is deprecated for removal in 25.10. Updated discovered devices response: new properties cliCredentialId, httpCredentialId, snmpCredentialId, and jumpServerId replace deprecated snake_case versions (removal in 25.10). Removed unused /deviceConfigs operations (use /classic-devices and /device-tags instead). Removed snapshot-level device operations that were migrated to /api/networks/{networkId}/... in 25.8. Removed a deprecated NQE queryResults variant; use POST /api/nqe/queryResults?snapshotId={snapshotId}&resultKey={resultKey} instead.  

Released: 2025-09-16We are happy to announce the following enhancements to NQE as part of release 25.9.0.See the full release notes for Forward Enterprise version 25.9.0.What’s New STIG parameters are now available in the data model, including device role and connectivity attributes (e.g., device.isProviderEdge, interface.connectivity.toCoreLayer, interface.connectivity.toCustomerEdgeDevice, interface.connectivity.toDodinBackbone, and interface.pseudowireVirtualCircuitId). These parameters appear under StigPolicy and DefaultStigParameters, with usage data exposed through parameterUsages in StigDatabase. Velocloud support has been expanded, with VELOCLOUD_EDGE and VELOCLOUD_GATEWAY added as values of the OS type. What's Fixed Duplicate MAC entries in NetworkInstanceFdb.macEntries have been eliminated, ensuring unique results. The Iface.description field is now correctly populated for Huawei devices. Query performance has been improved for cases involving type annotations, reducing execution time. IpAddress set handling has been enhanced: The subnet limit for representing set contents has increased from 10,000 to 20,000. When the limit is exceeded, queries now fail gracefully with an HTTP 200 response instead of returning a 500 error. Command Changes For F5 devices, list ltm profile tcp was added to the outputs of CONFIG commands to improve visibility into TCP profile configurations. For Checkpoint devices, VERSION commands now include cat /etc/cp-release && cpinfo -y all (or sometimes cpinfo -y all alone), providing more complete version details. DeprecationsThe following fields and functions are deprecated and will be removed in a future major release: Fields: CloudAccount.publicUnallocatedIps Cve.criteria, Cve.description, Cve.severity Ethernet.negotiatedPortSpeed ExternalSources.cliSources, ExternalSources.httpSources, ExternalSources.snmpSources System.uptimeSeconds VpcData.cloudType Functions: blockDiff_alpha1, blockMatches_alpha1, and hasBlockMatch_alpha1 (use the versions without the _alpha1 suffix).

Released: 2025-08-19 We’re pleased to announce the following updates to the Forward Networks API as part of release 25.8.0.For more details, see the full Forward Enterprise API 25.8.0 release notes.  Breaking changes None.  Scheduled breaking changes Network Setup – Legacy /deviceSources operations are deprecated for removal in release 25.9. Use the /classic-devices operations instead. Affected operations: GET/POST/DELETE /api/networks/{networkId}/deviceSources GET/PUT/PATCH/DELETE /api/networks/{networkId}/deviceSources/{deviceSourceName} Network Devices – Snapshot-scoped device operations are deprecated for removal in release 25.9. Use /api/networks/{networkId}/devices/... and /missing-devices instead. Affected operations: GET /api/snapshots/{snapshotId}/devices/{deviceName} GET /api/snapshots/{snapshotId}/devices/{deviceName}/files GET /api/snapshots/{snapshotId}/devices/{deviceName}/files/{fileName} GET /api/snapshots/{snapshotId}/missingDevices Network Snapshots – The needsProcessing property in SnapshotMetrics is deprecated for removal in release 25.10. Use snapshotState == "UNPROCESSED" instead. Affected operations: GET /api/snapshots/{snapshotId}/metrics Vulnerability Analysis – The snapshot-scoped vulnerability operation is deprecated for removal in release 25.10. Use the network-scoped operation instead. Affected operations: GET /api/snapshots/{snapshotId}/vulnerabilities → GET /api/networks/{networkId}/vulnerabilities[?snapshotId={snapshotId}]   Model changes Device – Added type="ALKIRA_CLOUD", vendor="ALKIRA", and platform="alkira_portal". Affected operations: GET /api/networks/{networkId}/devices GET /api/snapshots/{snapshotId}/devices GET /api/snapshots/{snapshotId}/devices/{deviceName} PathHop – Added deviceType="ALKIRA_CLOUD". Affected operations: GET /api/networks/{networkId}/paths POST /api/networks/{networkId}/paths-bulk POST /api/networks/{networkId}/paths-bulk-seq Vulnerability, VulnerabilityDeprecated – Added vendor="ALKIRA". Affected operations: GET /api/networks/{networkId}/vulnerabilities[?snapshotId={snapshotId}] GET /api/snapshots/{snapshotId}/vulnerabilities   Notable changes to unpublished APIs Snapshot invalidation – The operation has moved to an action-style URL: POST /api/snapshots/{snapshotId}/invalidate → POST /api/snapshots/{snapshotId}?action=invalidate[&reprocess=true] Snapshot-optional URLs – Several snapshot-scoped operations now support network-scoped URLs where snapshotId is optional. If omitted, the latest processed Snapshot is automatically used and identified in the Network-Snapshot response header. The old snapshot-scoped URLs will stop working in release 25.9. Examples include: GET /api/snapshots/{snapshotId}/deviceDisplayNames → GET /api/networks/{networkId}/devices?view=displayNames[&snapshotId={snapshotId}] GET /api/snapshots/{snapshotId}/devices?for=ui → GET /api/networks/{networkId}/devices?for=ui[&snapshotId={snapshotId}] GET /api/snapshots/{snapshotId}/devices-without-snapshots → GET /api/networks/{networkId}/devices-without-snapshots[?snapshotId={snapshotId}] GET /api/snapshots/{snapshotId}/devices/{deviceName}?for=ui → GET /api/networks/{networkId}/devices/{deviceName}?for=ui[&snapshotId={snapshotId}] GET /api/snapshots/{snapshotId}/devices/{deviceName}/bgp-peers/vrfs → GET /api/networks/{networkId}/devices/{deviceName}/bgp-peer-vrfs[?snapshotId={snapshotId}] GET /api/snapshots/{snapshotId}/devices/{deviceName}/files?for=ui → GET /api/networks/{networkId}/devices/{deviceName}/files?for=ui[&snapshotId={snapshotId}] GET /api/snapshots/{snapshotId}/devices/{deviceName}/hosts → GET /api/networks/{networkId}/devices/{deviceName}/hosts[?snapshotId={snapshotId}] GET /api/snapshots/{snapshotId}/devices/{deviceName}/interfaces → GET /api/networks/{networkId}/devices/{deviceName}/interfaces[?snapshotId={snapshotId}] GET /api/snapshots/{snapshotId}/devices/{deviceName}/interfaces/{interfaceName} → GET /api/networks/{networkId}/devices/{deviceName}/interfaces/{interfaceName}[?snapshotId={snapshotId}] GET /api/snapshots/{snapshotId}/devices/{deviceName}/bgp-advertisements → GET /api/networks/{networkId}/devices/{deviceName}/bgp-advertisements[?snapshotId={snapshotId}] GET /api/snapshots/{snapshotId}/devices/{deviceName}/vrfs/{vrfName} → GET /api/networks/{networkId}/devices/{deviceName}/vrfs/{vrfName}[?snapshotId={snapshotId}] GET /api/snapshots/{snapshotId}/hosts/{hostSpecifier} → GET /api/networks/{networkId}/hosts/{hostSpecifier}[?snapshotId={snapshotId}] GET /api/snapshots/{snapshotId}/vrfs → GET /api/networks/{networkId}/vrfs[?snapshotId={snapshotId}] GET /api/snapshots/{snapshotId}/vrfs/{vrfName} → GET /api/networks/{networkId}/vrfs/{vrfName}[?snapshotId={snapshotId}]

Released: 2025-08-19 We are happy to announce the following enhancements to NQE as part of release 25.8.0.For more details, see the full Forward Enterprise NQE 25.8.0 release notes.  What’s New New vendor and OS support — HUAWEI has been added as a recognized value for both Vendor and OS, while ALKIRA has been added as a Vendor and ALKIRA_CXP as a corresponding OS. These additions expand support for querying multi-vendor environments.  Improvements GCP region visibility — The cloudRegions field in VpcData can now return values for Google Cloud Platform, improving accuracy for GCP environments. IPv4 parsing flexibility — The ipAddress function now accepts IPv4 addresses with leading zeroes (for example, 01.1.1.1), providing broader input compatibility.  Command Changes Expanded command coverage — New and updated commands improve device output coverage across multiple operating systems: Added ARUBA_AOS_CX commands, along with DEVICE_HARDWARE_INFO commands for a wider set of platforms. Updated BGP_PEERS and BGP_SUMMARY commands for Cisco IOS and IOS-XE, including support for IPv6 and VPNv6. Enhanced BGP_PEERS commands for Arista EOS and ASA with more complete IPv6 neighbor coverage. Added an ARP_TABLE command for NX-OS. Added INTERFACES_STATUS and PORT_CHANNEL_MEMBERS commands for Fortinet, moving these details out of the CONFIG command for clearer separation. These updates expand command coverage and improve parsing consistency across vendors.  Deprecations Several fields and functions are now deprecated and will be removed in a future major release: Fields: publicUnallocatedIps (CloudAccount), criteria, description, and severity (Cve), negotiatedPortSpeed (Ethernet), cliSources, httpSources, and snmpSources (ExternalSources), uptimeSeconds (System), and cloudType (VpcData). Functions: blockDiff_alpha1, blockMatches_alpha1, and hasBlockMatch_alpha1 are deprecated in favor of their stable counterparts without the _alpha1 suffix.

Released: 2025-08-19 We’re happy to announce the immediate release of Forward Enterprise version 25.8.0.See the full Forward Enterprise 25.8.0 release notes for more details.  What’s New Integrations – DNS Zone TransferForward Enterprise now supports DNS zone transfers, allowing authoritative hostname records to be imported directly from organizational DNS servers. Fully qualified domain names (FQDNs) are stored in snapshots and can be used in search results, path checks, and intent verifications, making analysis clearer and reducing confusion in networks with overlapping IP ranges. The integration supports secure transfers across multiple DNS zones, follows the DNS server’s update schedule, and gives administrators control over which zones are imported or cleared. Security – Vulnerability Analysis with CWE and KEV DataVulnerability analysis now incorporates Common Weakness Enumeration (CWE) and Known Exploited Vulnerabilities (KEV) information in CVE details and key metrics. KEV data is sourced primarily from CISA and may also include vendor advisories, helping teams assess exploitation risks more accurately and prioritize remediation work. Security – STIGs for Arista DevicesAutomated verification of DISA STIG controls for Arista devices, introduced in 25.7, is now complete. This ensures consistent policy enforcement and compliance checks across Arista platforms. Modeling – Alkira Cloud SupportForward Enterprise can now model Alkira cloud exchange points and services, providing visibility into Alkira-based multi-cloud and hybrid network environments. Modeling – Segment Routing v6 for Cisco IOS-XRModeling support now includes Segment Routing v6 (SRv6) on Cisco IOS-XR platforms, allowing more accurate representation of advanced routing designs in snapshots and path analyses.

Released: 2025-07-22We’re happy to announce the release of Forward Enterprise 25.7.0, which includes a new Infoblox integration, improvements to NQE AI Assist, security dashboard optimizations, expanded STIG and EoL support, and enhancements to Inventory+ diffing and IPv6 modeling. See the full Forward Enterprise 25.7.0 release notes for more details.  Integrations – Infoblox DDI Forward Enterprise now integrates directly with Infoblox DDI, enabling the automatic push of discovered network data, such as subnets, IP addresses, and device metadata, into Infoblox IPAM. This replaces legacy NetMRI-based workflows, which are being phased out by Infoblox, and ensures that IPAM records stay accurate and up to date.By reducing the need for manual synchronization, this integration helps eliminate data inconsistencies and improves the reliability of DNS and DHCP operations.  Forward AI – AI Assist Improvements This release introduces an improved schema retrieval algorithm that improves the quality of NQE query generation by 21%.  Security – Vulnerability Dashboard Redesign The redesigned Vulnerabilities Dashboard loads faster by showing only summary data up front and loading per-device details on demand. Detailed results are now available in expandable drawers, improving responsiveness and making it easier to work with large datasets.  Security – STIGs for F5 and Arista (Partial) STIG analysis now includes expanded support for both F5 and Arista devices: F5 BIG-IP TMOS: 86 new DISA STIG rules have been implemented, with support spanning ALG, DNS, FW, NDM, and VPN components. Legacy F5 STIGs authored by DISA are slated for removal in an upcoming release. Arista EOS 4.x: Partial support has been added for Arista MLS STIGs, including L2S, NDM, and Router profiles, increasing coverage for DISA compliance programs.   Data Analysis – End-of-Life (EoL) Support for F5 Platforms EoL analysis, introduced in version 24.11, has been expanded to include F5 hardware platforms. This allows teams to monitor lifecycle status, plan for decommissioning, and ensure platform compatibility across a broader set of devices. F5 EoL data is now fully integrated into existing platform lifecycle reporting and inventory workflows.  Data Analysis – Selective Execution for Inventory+ Diffs To improve scalability and system performance, Inventory+ table diffs are no longer run automatically. Instead, users can selectively trigger diffs for relevant tables when needed. Enhancements include: Manual controls to run diffs on demand Stale data indicators to highlight outdated results Admin-configurable execution preferences for both Library and organization-level NQE queries This opt-in model reduces unnecessary compute overhead while preserving the ability to investigate and track key changes.  

Released: 2025-07-22We’re pleased to announce the following updates to the Forward Networks API as part of release 25.7.0.For more details, see the full Forward Enterprise API 25.7.0 release notes. Breaking Changes Device credential APIs removed: The legacy deviceCredentials endpoints have been removed. Use the /cli-credentials and /http-credentials endpoints instead. Removed endpoints: GET /api/networks/{networkId}/deviceCredentials POST /api/networks/{networkId}/deviceCredentials PATCH /api/networks/{networkId}/deviceCredentials PATCH /api/networks/{networkId}/deviceCredentials/{credentialId} DELETE /api/networks/{networkId}/deviceCredentials/{credentialId}  Scheduled Breaking ChangesThe following endpoints and fields are deprecated and scheduled for removal in a future release. Device source operations (removal in 25.9): Use /classic-devices operations instead. Affected endpoints include: GET|POST|DELETE /api/networks/{networkId}/deviceSources GET|PUT|PATCH|DELETE /api/networks/{networkId}/deviceSources/{deviceSourceName} Legacy snapshot device operations (removal in 25.9): Use /devices/... or /missing-devices instead. Affected endpoints: GET /api/snapshots/{snapshotId}/devices/{deviceName} GET /api/snapshots/{snapshotId}/devices/{deviceName}/files[/{fileName}] GET /api/snapshots/{snapshotId}/missingDevices Snapshot processing state (removal in 25.10): SnapshotMetrics.needsProcessing is deprecated. Use snapshotState = "UNPROCESSED" instead. Affected endpoint: GET /api/snapshots/{snapshotId}/metrics Vulnerability endpoint moved (removal in 25.10): Use GET /api/networks/{networkId}/vulnerabilities instead. Deprecated endpoint: GET /api/snapshots/{snapshotId}/vulnerabilities  New Operations GET /api/networks/{networkId}/vulnerabilities[?snapshotId=...] Adds support for querying vulnerabilities by network, with optional snapshot filtering.  New Models VulnerabilityAnalysisDeprecated and VulnerabilityDeprecated were introduced to preserve current behavior during the transition to newer models.  Query Parameter Changes Path Search: Added optional includeTags parameter. Affected endpoint: GET /api/networks/{networkId}/paths Vulnerability Analysis: Added offset and limit parameters to support pagination. Affected endpoint: GET /api/networks/{networkId}/vulnerabilities[?snapshotId=...]  Model Changes Device platform values: "dell" has been renamed to "dell_os6" in the Device and Vulnerability models. CLI credential schema cleanup: The deprecated loginType property was removed from all CLI credential models. Error response structure: ErrorInfo and NqeErrorInfo now explicitly require httpMethod, apiUrl, and message—this improves schema accuracy but does not change runtime behavior. Path modeling: tags added to PathHop. includeTags added to PathSearchBulkRequest. SnapshotMetrics: Added snapshotState. Deprecated needsReprocessing for future removal. Vulnerability models: score removed; use v2Score, v3Score, or v4Score. devices is now optional when deviceResults is present. Introduced a simplified Vulnerability model without relevantLineRanges. VulnerabilityAnalysis: Uses string timestamps for indexCreatedAt and indexUploadedAt. Pagination support added via offset and total.  Unpublished API ChangesThe following unpublished operations were removed. These were undocumented and unsupported. Legacy device tagging operations removed: Use the documented /device-tags endpoints instead. Removed operations include: POST /deviceConfigs?op=addTags|deleteTags PATCH /deviceConfigs/{deviceName} POST /endpoints?action=addTags|deleteTags|deleteAllTags POST /snapshots/{snapshotId}/devices?op=addTags|deleteTags PATCH /snapshots/{snapshotId}/devices/{deviceName}   

Released: 2025-07-22We are happy to announce the following enhancements to NQE as part of release 25.7.0.For more details, see the full Forward Enterprise NQE 25.7.0 release notes.  What’s New IPv6 support in header modeling: ipv6Src and ipv6Dst are now available in the HeaderRegion and HeaderRewrite types. Additionally, ipv4Src and ipv4Dst will now be empty, rather than [0.0.0.0/0] when the IP type is IPv6. STIG modeling improvements: The StigDatabase type now includes policy, parameterUsages, and defaultParameters fields to support parameterized STIG checks. Improvements Vendor-specific modeling: DevicePart.support is now available for devices with vendor F5. EDGE_CORE is now a supported Vendor, and EDGE_CORE_SONIC is now a supported OS. HUAWEI is now a valid value for both Vendor and OS. Command Changes Fortinet: Over 30 new CONFIG-type commands have been added. All existing commands with CommandType values such as INTERFACES_STATUS, FIREWALL_POLICIES, PORT_CHANNEL_MEMBERS, and SYSTEM_SETTINGS now use CONFIG. Specific commands like show system gre-tunnel and show system interface have been reclassified from INTERFACES to CONFIG. F5: Over 30 new CONFIG-type commands have been added. Some CONFIG commands now combine multiple list sys db calls into a single command to reduce duplication. DeprecationsThe following fields and functions are deprecated and will be removed in a future major release:Fields CloudAccount: publicUnallocatedIps Cve: criteria, description, severity Ethernet: negotiatedPortSpeed ExternalSources: cliSources, httpSources, snmpSources System: uptimeSeconds VpcData: cloudType Functions blockDiff_alpha1 blockMatches_alpha1 hasBlockMatch_alpha1 Replace all _alpha1 functions with their stable counterparts (without the _alpha1 suffix).

Released 2025-06-17The 25.6.0 release brings several important changes to the Forward Networks API, including new operations, scheduled deprecations, and refinements to models and responses. For a full list of changes and updates, check out the 25.6.0 Release Notes. Scheduled DeprecationsPrepare for upcoming breaking changes in future releases: Release 25.7 Legacy device credential APIs will be removed. Use the /cli-credentials and /http-credentials endpoints instead. Release 25.9 Legacy /deviceSources APIs will be removed in favor of /classic-devices. Several legacy device access APIs tied to snapshot context are moving to more flexible network-level endpoints.  New API Endpoints Classic Devices (/classic-devices) – A unified way to manage legacy device sources. Device Tags (/device-tags) – Enables better organization and filtering of devices by custom tags. Moved Device Operations – New versions of device-related endpoints now accept an optional snapshotId query parameter.  New API Models Introduced models for Classic Devices and Device Tags to support the new APIs.  Model and Field Updates Timezone Formatting Fix: CollectionSchedule.timeZone values now follow standard formats (e.g., America/Los_Angeles). Device Model Enhancements: New collectionError value: FILE_TRANSFER_FAILED Renamed OS and platform values: aruba_cx_switch → aruba_aos_cx Similar renames for DeviceSource, MissingDevice, and Vulnerability resources to reflect Aruba platform updates.  Notable Internal Changes Unpublished API GET /api/networks/{networkId}/devices/status has been removed. Use the new ?with=testResult query param on device and endpoint queries to access connectivity test results.  

Released 2025-06-17The 25.6.0 release introduces new enhancements and fixes to NQE, expanding support for additional platforms and improving data quality. For more details, see the full For more details, see the full Forward Enterprise 25.6.0 release notes. What’s New Expanded Data Coverage The stigDatabase field is now part of the Network object, improving how STIG data is queried. ARUBA_AOS_CX and VERSA are now recognized OS values. Fortinet devices now support the DevicePart.support field.  Command Output Enhancements Fortinet: CONFIG commands now include show vpn ssl web portal. Cisco IOS-XE: A new SYSTEM_SETTINGS command returns output from show sdwan control local-properties. Juniper SRX: The DNS_CACHE command was updated to include show host {}.  Bug Fixes and Improvements VLAN data (NamedVlanCollection.name) is once again populated for Arista EOS devices. A new error type FILE_TRANSFER_FAILED has been added to DeviceCollectionError.  DeprecationsSeveral fields and functions are now deprecated and will be removed in a future major release. This includes fields from objects like CloudAccount, Cve, Ethernet, and System, as well as legacy functions such as blockDiff_alpha1.

Released 2025-06-17Forward Enterprise 25.6.0 is now available! This update brings enhancements to both data analysis and security compliance.For more details, see the full Forward Enterprise 25.6.0 release notes.What’s New End of Life (EoL) Analysis for FortinetEoL analysis now includes Fortinet hardware platforms, expanding on the initial coverage introduced in version 24.11. This helps teams proactively identify and manage aging infrastructure across a broader set of vendors. STIGs: CY25Q2 UpdatesThe latest DISA STIGs update (CY25Q2, published 2025-04-10) is now integrated into Forward Enterprise. This release includes 28 new rules, delivered within our 90-day commitment window to help maintain continuous compliance.

Release Date: May 20, 2025We’re excited to announce the immediate release of Forward Enterprise version 25.5.0. This update introduces new data import capabilities, enhancements to EoL and vulnerability analysis, improved authentication controls, and increased visibility into collector operations. What’s New Data Analysis – Importing Data FilesForward Enterprise now supports uploading external Data Files (CSV, JSON, or unstructured text) as enrichment sources. These files can be used in NQE queries to provide context and enhance analysis results. Data files are uploaded at the organization level. They must be explicitly included on the Sources page for each network where they are needed. Only users with Network Admin or higher privileges can upload data files. Structured content becomes part of the NQE data model and is queryable by field names, similar to other data sources. Files are snapshot-aware and are preserved during snapshot export and restore.Data Files Data Analysis – Expanded End of Life (EoL) CoverageThe End of Life analysis, introduced in version 24.11, has been extended to include Palo Alto Networks hardware platforms, further helping teams manage lifecycle risk across more vendor environments. Data Analysis – NQE Query Table EnhancementsTwo key improvements enhance the usability of NQE query results: Glob filtering for both regular and enum-based columns. Information status formatting for individual query cells, providing clearer context. For more details, see the NQE-specific release notes. Collection – Collector Queue VisibilityGain real-time insight into collector operations. Users can now view a queue of pending tasks, including: Who triggered each operation When it was triggered Operation type and queue position Runtime duration Admins or job owners can also monitor progress and terminate operations directly from the UI.Collector Queue Security – Vulnerability Detection for Dell OS9This release adds enhanced configuration-based CVE detection for Dell devices running OS-9, expanding platform coverage in vulnerability management. Authentication – API Token Management EnhancementsOrg Admins now have improved visibility and control over API tokens assigned to users. New capabilities include: Viewing token creation time and last used timestamp Setting expiration durations (in days) Revoking tokens from the UI API Token Management Modeling Enhancements Checkpoint – Added support for collecting system configuration. Aruba (AOS-CX) – Added support for GRE, IPSec, and VXLAN tunnel types.  Additional Features Authentication – Option to tie login sessions to IP addresses to help prevent session hijacking. Collection – Smart auto-association of credentials improves efficiency in device access configuration.  

Release Date: May 20, 2025We’re happy to announce the latest enhancements to NQE as part of release 25.5.0.For platform-wide updates, see the full Forward Enterprise 25.5.0 Release Notes.What’s New A new field cloudSetupId has been added to the CloudAccount model. withInfoStatus is now available as a built-in function. Improvements The support field of DevicePart can now be present for the vendor PALO_ALTO_NETWORKS. The error message produced when using the ipSubnet function with incorrect argument types has been made more accurate and precise. Command Changes For devices running PAN_OS, the BGP_PEERS command has been updated to include show advanced-routing bgp peer detail in the command outputs. The ROOT_CONTEXT_CONFIG command is now supported for devices running ASA, providing the response from show running-config. DeprecationsCertain fields and functions remain deprecated and will be removed in a future major release.Deprecated Fields CloudAccount publicUnallocatedIps Cve criteria description severity Ethernet negotiatedPortSpeed ExternalSources cliSources httpSources snmpSources System uptimeSeconds VpcData cloudType Deprecated FunctionsThe following built-in functions are deprecated and will be removed in a future major release. Use the corresponding versions without the _alpha1 suffix: blockDiff_alpha1 blockMatches_alpha1 hasBlockMatch_alpha1

Release Date: May 20, 2025We’re pleased to announce the following updates to the Forward Networks API as part of release 25.5.0. For platform-wide updates, see the full Forward Enterprise 25.5.0 Release Notes.Breaking Changes Compact System-Generated IDsDevice credentials (CLI, HTTP, and SNMP), jump servers, and internet proxies now use a new compact, system-generated ID format. This update enhances consistency and efficiency across the API.Most customers should not experience disruption. However, if you have stored credential, jump server, or proxy IDs externally (outside the Forward Platform), you will need to update them.Affected API Endpoints: CLI Credentials GET, PATCH: /api/networks/{networkId}/cli-credentials GET, PATCH, DELETE: /api/networks/{networkId}/cli-credentials/{credentialId} HTTP Credentials GET, PATCH: /api/networks/{networkId}/http-credentials GET, PATCH, DELETE: /api/networks/{networkId}/http-credentials/{credentialId} Legacy Device Credentials GET, PATCH: /api/networks/{networkId}/deviceCredentials PATCH, DELETE: /api/networks/{networkId}/deviceCredentials/{credentialId} Device Sources GET, POST: /api/networks/{networkId}/deviceSources GET, PUT, PATCH: /api/networks/{networkId}/deviceSources/{deviceSourceName} Jump Servers GET: /api/networks/{networkId}/jumpServers PATCH, DELETE: /api/networks/{networkId}/jumpServers/{jumpServerId} Scheduled Breaking ChangesDeprecation of Legacy Device Credential EndpointsThe legacy deviceCredentials API endpoints are scheduled for removal in release 25.7. Please migrate to the cli-credentials and http-credentials endpoints.Endpoints to be removed in 25.7: GET /api/networks/{networkId}/deviceCredentials POST /api/networks/{networkId}/deviceCredentials PATCH /api/networks/{networkId}/deviceCredentials PATCH /api/networks/{networkId}/deviceCredentials/{credentialId} DELETE /api/networks/{networkId}/deviceCredentials/{credentialId} Model ChangesDevice Added a new processingError value: MODELING_EXCEPTION This helps distinguish devices that encountered modeling issues during processing. Affected API Endpoints: GET /api/networks/{networkId}/devices GET /api/snapshots/{snapshotId}/devices GET /api/snapshots/{snapshotId}/devices/{deviceName}

Release Date: April 22, 2025We’re excited to announce the immediate availability of Forward Enterprise version 25.4.0. This release delivers enhancements across security, data analysis, cloud automation, topology visualization, and collection workflows.See the full Forward Enterprise 25.4.0 Release Notes for more information.What’s NewSecurity – Enhanced CVE Detection DetailsForward Enterprise now provides more detailed classifications for CVE detection results, helping security teams quickly assess risk and determine next steps. The new vulnerability states include: Config-independent vulnerability – Device is confirmed vulnerable regardless of configuration. Config confirmed vulnerable – Specific configuration elements trigger the vulnerability. Config detection not supported – Analysis not yet supported for this device/vendor. Manual verification is recommended. Config cannot be confirmed – Analysis was incomplete or inconclusive. Manual investigation is required. Config not vulnerable – Current configuration does not expose the vulnerability.     Security – Sonic Dell Device SupportThis release expands vulnerability detection coverage to Sonic Dell devices, beginning with versions released in 2015.Security – STIGs UpdateForward Enterprise now includes the DISA CY25Q1 STIG updates published on January 30, 2025. The integration covers 50 updated rules and was delivered within the 90-day compliance window.Data Analysis – End of Life (EoL) EnhancementsEnd of Life analysis, first introduced in version 24.11, now includes additional Cisco hardware platforms. Located in the Inventory+ Forward Library under the "Device" folder, the enhanced EoL analysis covers: End of Support End of Vulnerability End of Maintenance Cloud – Automatic Reporting of Discovered AccountsForward Enterprise now automatically reports newly discovered cloud accounts during data collection. Users can optionally auto-add these accounts to their collections, simplifying cloud environment onboarding at scale.Topology – AnnotationsUsers can now annotate location layouts using text and basic shapes. This enables teams to highlight network design details, communicate topology-related insights, and provide visual context directly within the topology map. Collection – Custom Commands: Flexible Device SelectionCustom command groups now support greater targeting flexibility. In addition to selecting by device type, you can define commands for: Individual devices Groups of devices matched dynamically using name-based globs Additional Features IP Location Logic – Subnets can now be excluded from geolocation to internet nodes (available via API). Collection Credentials – CLI and HTTP credentials are now managed separately for improved security and clarity. SNMP Collection – Added support for multiple SHA authentication types: SHA-256, SHA-384, and SHA-512. CLI Collection – Introduced Telnet support for CLI-based endpoints.

Release Date: April 22, 2025We’re pleased to announce the following updates to the Forward Networks API as part of release 25.4.0. This update introduces breaking changes to credential management, adds new models and properties, and expands support for vendors and device types.For platform-wide updates, see the full Forward Enterprise 25.4.0 Release Notes.Breaking ChangesID Auto-Generation for Credentials and Jump ServersThe id property is no longer accepted in API requests when creating device credentials or jump servers. IDs are now always auto-generated by the system.Affected API Endpoints: POST /api/networks/{networkId}/deviceCredentials PATCH /api/networks/{networkId}/deviceCredentials POST /api/networks/{networkId}/jumpServers Credential Segregation by ProtocolDevice credentials are now separated into CLI credentials (for SSH/telnet) and HTTP credentials (for HTTP/HTTPS). New APIs are available for managing each type. Legacy device credential operations are now deprecated and scheduled for removal in release 25.7.Affected API Endpoints: GET /api/networks/{networkId}/deviceCredentials POST /api/networks/{networkId}/deviceCredentials PATCH /api/networks/{networkId}/deviceCredentials PATCH /api/networks/{networkId}/deviceCredentials/{credentialId} DELETE /api/networks/{networkId}/deviceCredentials/{credentialId} Scheduled Breaking ChangesNew Compact ID Format for CredentialsStarting in release 25.5, CLI, HTTP, and SNMP credentials will use a new compact, system-generated ID format. Most customers will not be affected, but any use of externally stored credential IDs will require updates.Affected API Endpoints: CLI credentials GET, PATCH: /api/networks/{networkId}/cli-credentials GET, PATCH, DELETE: /api/networks/{networkId}/cli-credentials/{credentialId} HTTP credentials GET, PATCH: /api/networks/{networkId}/http-credentials GET, PATCH, DELETE: /api/networks/{networkId}/http-credentials/{credentialId} Legacy device credentials GET, PATCH: /api/networks/{networkId}/deviceCredentials PATCH, DELETE: /api/networks/{networkId}/deviceCredentials/{credentialId} Device sources GET, POST: /api/networks/{networkId}/deviceSources GET, PUT, PATCH: /api/networks/{networkId}/deviceSources/{deviceSourceName} Operation Behavior ChangesMost operations that return device credentials now use the StoredDeviceCredential model, which includes the following attribution properties: createdById, createdBy, createdAt updatedById, updatedBy, updatedAt Affected API Endpoints: GET /api/networks/{networkId}/deviceCredentials GET /api/networks/{networkId}/deviceCredentials/{credentialId} PATCH /api/networks/{networkId}/deviceCredentials/{credentialId} New OperationsCLI Credentials GET, POST, PATCH: /api/networks/{networkId}/cli-credentials GET, PATCH, DELETE: /api/networks/{networkId}/cli-credentials/{credentialId} HTTP Credentials GET, POST, PATCH: /api/networks/{networkId}/http-credentials GET, PATCH, DELETE: /api/networks/{networkId}/http-credentials/{credentialId} Model ChangesDevice Added collectionError value: CONFIG_COLLECTION_UNAUTHORIZED Added vendor: EDGE_CORE, platform: edge_core_sonic Affected Endpoints: GET /api/networks/{networkId}/devices GET /api/snapshots/{snapshotId}/devices GET /api/snapshots/{snapshotId}/devices/{deviceName} Device Credential Models Renamed: DeviceCredential → CliCredential DeviceCredentialUpdate → CliCredentialUpdate NewDeviceCredential → NewCliCredential StoredDeviceCredential → StoredCliCredential DeviceSource Added type value: sonic_edge_core_ssh Added properties: httpCredentialId, apiKeyId Affected Endpoints: GET, POST: /api/networks/{networkId}/deviceSources GET, PUT, PATCH: /api/networks/{networkId}/deviceSources/{deviceSourceName} InternetNode Added property: subnetsToExclude Affected Endpoints: GET, PUT, PATCH: /api/networks/{networkId}/internet-node MissingDevice Updated allowable values for type and possibleTypes Added discoveryMethod property with values: LLDP_CDP, IBGP, OSPF Added new types: sonic_edge_core_ssh versa_flexvnf_ssh versa_switch_ssh Renamed cisco_wireless_api → cisco_wireless_ap Affected Endpoint: GET /api/snapshots/{snapshotId}/missingDevices PathQuery Added flowTypes value: POTENTIAL_LOOP StoredCliCredential Added attribution properties: createdById, createdBy, createdAt, updatedById, updatedBy, updatedAt Vulnerability Added properties: dependsOnConfig, deviceResults Added vendor: EDGE_CORE, OS: edge_core_sonic Affected Endpoint: GET /api/snapshots/{snapshotId}/vulnerabilities New Models NewDeviceCredential – Same as DeviceCredential, but without an id NewJumpServer – Same as JumpServer, but without an id StoredDeviceCredential – Includes attribution metadata StoredJumpServer – Includes attribution metadata HttpCredential, NewHttpCredential, HttpCredentialUpdate, StoredHttpCredential VulnerabilityDetectionResult – Used in deviceResults of Vulnerability Notable Changes to Unpublished APIsSome unpublished API operations have moved. These APIs are not part of the public documentation and have no stability guarantees, but we are including changes here for your awareness: GET /api/networks/{networkId}/basic-auth-credentials → GET /api/networks/{networkId}/http-credentials POST /api/networks/{networkId}/basic-auth-credentials → POST /api/networks/{networkId}/http-credentials PATCH /api/networks/{networkId}/basic-auth-credentials/{credentialId} → PATCH /api/networks/{networkId}/http-credentials/{credentialId} DELETE /api/networks/{networkId}/basic-auth-credentials/{credentialId} → DELETE /api/networks/{networkId}/http-credentials/{credentialId}

Release Date: April 22, 2025We’re happy to announce the latest enhancements to NQE as part of release 25.4.0. This release introduces new fields for cloud, device, and file data models, refines behavior around CVE criteria, and includes updates to command outputs.For more details on platform-wide changes, see the full Forward Enterprise 25.4.0 Release Notes.What’s New A new field support (of type DevicePartSupport) is now part of the DevicePart model. Improvements The dependsOnConfig field of CveOsCriteria can now be false in some cases, indicating that configuration data is not required to assess whether a CVE impacts a given OS. For RouteTable: The name and region fields may now be present when the cloud type is AZURE. The region field may now also be present when the cloud type is GCP. The locationName field of Device is now available for virtualized devices that have an inferred cloud region (e.g., AWS.eu-central-1). The config field of Files is now present when a device’s configuration is collected via API. Command Changes For F5 devices, the command with type CONFIG was updated to include bigpipe stp list all in the outputs. For CHECKPOINT devices, the CONFIG command now uses either clish -c "show configuration" or show configuration, replacing previous commands. For CHECKPOINT devices, the INTERFACES command has been updated in some cases by removing show interfaces from the outputs. DeprecationsSome fields and functions are now deprecated and will be removed in a future major release.Deprecated Fields CloudAccount publicUnallocatedIps Cve criteria description severity Ethernet negotiatedPortSpeed ExternalSources cliSources httpSources snmpSources System uptimeSeconds VpcData cloudType Deprecated FunctionsThe following built-in functions are deprecated and will be removed in a future major release. Please use their standard equivalents (without the _alpha1 suffix): blockDiff_alpha1 blockMatches_alpha1 hasBlockMatch_alpha1

Release Date: March 18, 2025We’re happy to announce the latest enhancements to NQE as part of release 25.3.0. This release introduces support for OSPF within protocol data, expands platform and cloud interface modeling, and includes command refinements and deprecations in preparation for future changes.For platform-wide changes, see the full Forward Enterprise 25.3.0 Release Notes. What’s New The ospf field (of type Ospf) is now part of the NetworkInstanceProtocol model. Improvements The osSupport field of Platform can now include the OS value CLOUD_GENIX. Added a new description field to the CloudIface model. Command Changes The Command with type BRIDGE_INTERFACES was updated for devices running the CHECKPOINT operating system. In some cases, the command show bridging groups was replaced with brctl showstp {} in the Outputs of a Device. DeprecationsSome fields and functions are now deprecated and will be removed in a future major release.Deprecated Fields CloudAccount publicUnallocatedIps Cve criteria description severity Ethernet negotiatedPortSpeed ExternalSources cliSources httpSources snmpSources System uptimeSeconds VpcData cloudType Deprecated FunctionsThe following built-in functions are deprecated and will be removed in a future major release. Please use their standard counterparts (without the _alpha1 suffix): blockDiff_alpha1 blockMatches_alpha1 hasBlockMatch_alpha1

Release Date: March 18, 2025We’re pleased to announce the following updates to the Forward Networks API as part of release 25.3.0. This release includes scheduled breaking changes, model updates, and improvements to how device credentials are handled.For platform-wide changes, see the full Forward Enterprise 25.3.0 Release Notes.Scheduled Breaking Changes DeviceCredential and JumpServer ID HandlingThe optional id property for device credentials and jump servers will no longer be allowed in API requests. Going forward, the system will always auto-generate IDs for new entries.Affected API Endpoints: POST /api/networks/{networkId}/deviceCredentials PATCH /api/networks/{networkId}/deviceCredentials POST /api/networks/{networkId}/jumpServers This change was first announced in the OpenAPI specification for release 24.10. Credential Segregation by ProtocolDevice credentials will be separated into CLI credentials (for SSH/telnet) and HTTP credentials (for HTTP/HTTPS). New API endpoints for managing each type will be introduced in future releases. Current credential APIs will continue to function for at least three major releases, in line with our API change policy.Affected API Endpoints: GET /api/networks/{networkId}/deviceCredentials POST /api/networks/{networkId}/deviceCredentials PATCH /api/networks/{networkId}/deviceCredentials PATCH /api/networks/{networkId}/deviceCredentials/{credentialId} DELETE /api/networks/{networkId}/deviceCredentials/{credentialId}  Model Changes DeviceCredential The password field is now formally required in the schema (behavior remains unchanged).Affected API Endpoints: GET /api/networks/{networkId}/deviceCredentials POST /api/networks/{networkId}/deviceCredentials PATCH /api/networks/{networkId}/deviceCredentials  NqeQueryRunRequestOptions Added a new property: itemFormat.Affected API Endpoint: POST /api/nqe  NqeSimpleValue Renamed model: NqeCellValue → CellValue (no functional change).Affected API Endpoint: POST /api/nqe

Release Date: February 13, 2025 We’re pleased to announce the latest enhancements to NQE as part of release 25.2.0.For more details on platform-wide updates, see the full Forward Enterprise 25.2.0 Release Notes. What’s Newany and all are now recognized as functions. dataConnectors is now a field of Network. lifecycleData is now a field of AclEntry.ImprovementsThe osSupport field of Platform can now be present for the OS values: CHECKPOINT F5 FORTINET Command ChangesSeveral command modifications have been made to improve accuracy and compatibility:CHECKPOINT (INTERFACES command type) – In some cases, show interface {} has been replaced with show interfaces in the command output. CHECKPOINT (VERSION command type) – In some cases, POST show-api-versions has been replaced with POST /web_api/show-api-versions in the command output. JUNIPER_JUNOS, JUNIPER_SRX (VERSION command type) – In some cases, show version invoke-on other-routing-engine has been added to the command output. NXOS (VRF_MCAST_ROUTING command type, ACI mode) – Added show ip mroute detail vrf all to the command output. NETSCALER (SLB_GSLB_VIRTUAL_SERVERS command type) – In some cases, show gslb vserver {} has been replaced with show gslb vserver in the command output.DeprecationsCertain fields and functions are now deprecated and will be removed in a future major release.Deprecated Fields(Fields newly deprecated in this release are marked with (new))CloudAccountpublicUnallocatedIpsCvecriteria description severityEthernetnegotiatedPortSpeedExternalSourcescliSources httpSources (new) snmpSourcesSystemuptimeSecondsVpcDatacloudTypeDeprecated FunctionsThe following built-in functions are deprecated and will be removed in a major release:blockDiff_alpha1 blockMatches_alpha1 hasBlockMatch_alpha1For each function, use the equivalent function without the _alpha1 suffix instead.

Release Date: February 13, 2025We’re excited to announce the latest updates to the Forward Networks API as part of release 25.2.0.For more on what’s new, see the full Forward Enterprise 25.2.0 Release Notes. Scheduled Breaking Changes None.   Model UpdatesDeviceSource & DeviceSourcePatchNew device source types added:Added support for bluecat_v2_http and bluecat_v2_https. Introduced dell_os6_switch_telnet type. Introduced dell_os9_switch_telnet type. Introduced dell_os10_switch_telnet type.Affected API Endpoints:GET /api/networks/{networkId}/deviceSources POST /api/networks/{networkId}/deviceSources GET /api/networks/{networkId}/deviceSources/{deviceSourceName} PUT /api/networks/{networkId}/deviceSources/{deviceSourceName} PATCH /api/networks/{networkId}/deviceSources/{deviceSourceName}MissingDeviceUpdated type values to support Dell OS switch models:Added dell_os6_switch_telnet to type and possibleTypes fields. Added dell_os9_switch_telnet to type and possibleTypes fields. Added dell_os10_switch_telnet to type and possibleTypes fields.Affected API Endpoint:GET /api/snapshots/{snapshotId}/missingDevicesNqeQueryRunRequestOptionsCreated NqeQueryRunRequestOptions by copying NqeQueryOptions. No behavior changes introduced. Affected API Endpoint:POST /api/nqeNqeRunResultAdded a new property: totalNumItems. This property provides additional insight into query results. Affected API Endpoint:POST /api/nqeNqeSimpleValue → NqeCellValueRenamed NqeSimpleValue to NqeCellValue. No behavior changes introduced. Affected API Endpoint:POST /api/nqe