Skip to main content
  • 102 Product updates
Synthetic Device: Missing Peers
Entity Decorators Improvements
Vulnerability - Bring exposure analysis to the Vulnerability app
Cloud specific tab in Licensed Device page
Add ability to restrict limited RIB collection to a few VRFs
Entity Decorators
Enhancements to cluster-monitoring dashboards for Org Admins
Webhook for snapshot readiness
Diffs for Inventory+
NQE permission control, Expose Hostnames, and New Discovery Folder

NQE permission control, Expose Hostnames, and New Discovery Folder

NQE permission controlRelease 23.3 introduces the ability to restrict write access to the NQE library queries. Our users have expressed the desire to protect the queries they and their teams have been working on from accidental or intentional editing by other users. By default, users with an Admin or network operator role have full write access to NQE queries. With this release, our users can define permissions on folders within the NQE Library to control who can edit individual queries and the contents of query folders themselves.Expose hostnames in the data modelThis addition to the NQE data model brings in the network device's hostname. Our users have asked to add that information, so they could write queries that help them in the reconciliation and improved correctness of their CMDBs. New Discovery folder and queries in the Forward libraryThe release 23.3 adds a new Discovery folder to the NQE Forward library, the out-of-box library of NQE checks developed by Forward for its users. Within this new Discovery folder, our users can find two new queries: Uncollected CDP-LLDP neighbors - This query looks within the collected CDP/LLDP files and finds names of devices that have not been included in the Forward modeling, potentially uncovering areas of the network infrastructure that the Network Admin could then add to the Forward inventory for collection Uncollected next hops - This query looks into the collected routing tables to find any IP addresses of next hops that are not on currently collected devices. The goal, like for the previous query, is to help with discovery of devices that are missing from the model.

Related products:NQE
Introducing Inventory+

Usability, Process and Collection, and Modeling

UsabilityFWD-30091 Table component improvements The release 23.2 introduces the first set of improvements to the table component in the UI. This release specifically introduces the following table usability improvements: Sticky row actions column Default min and max widths for flexible columns Resizable columns Processing and Collection​FWD-30280 Throttle vCenter collections Throttling collections from vCenter allows for a safer and more consistent collection. This task limits collection to a single vCenter per collector.Modeling​ FWD-30071 Add sensitive data redaction to all Cisco, Juniper and F5 platform This release introduces a highly requested item from our users, that is the ability to redact sensitive data in device configurations (e.g., password fields, SNMP server names) or replace it with a MD5 hash. To enable the redaction or the replacement with a hash, go to Collection > Collection Settings and look for Sensitive data redaction. FWDN-7753 Support Azure public IP prefix This release introduces support for Azure public IP prefix. A public IP address prefix is a reserved range of public IP addresses in Azure. Public IP prefixes are assigned from a pool of addresses in each Azure region. You create a public IP address prefix in an Azure region and subscription by specifying a name and prefix size. To learn more about this functionality, please visit the Azure documentation. FWDN-7668 Support GCP private service connect Private Service Connect allows private consumption of services across VPC networks that belong to different groups, teams, projects, or organizations. Release 23.2 introduces support for this GCP feature. To learn more, please visit GCP documentation. FWDN-7750 Support managed firewall rule groups in AWS Managed rule groups are collections of predefined, ready-to-use rules that AWS and AWS Marketplace sellers write and maintain for AWS users. To learn more, please visit the AWS documentation.

Related products:Snapshot ProcessingVendors & ModelingUsability

Topology, Processing, and Modeling

Topology​FWD-29297 Remove synthetic device editing from location toolbar Release 22.11 had already placed the managing of the synthetic devices at pair with the other collection sources. A new tab was in fact added to the Sources page and from there the user can fully manage these critical objects. This additional enhancement completes the transition by removing the synthetic device editing from the location toolbar.Processing​FWD-29506 Improve duplicate device removal This enhancement improves the order of preference when choosing the winner among what appear to be duplicate devices. The logic to verify that two network devices that are discovered by Forward or added by the users are not the same device is quite complex and takes into account several factors. This enhancement further improves the logic for deduplication by implementing the following preferences: Prefer the device that does not use a jump server Prefer the device referenced to with a hostname rather than an IP address Prefer the device with shorter name Modeling​ FWDN-7613 AWS - Support layer 7 features in AWS application load balancer Learn more on the AWS documentation page. FWDN-912 Nokia - Support for additional features on Nokia devices Support for Nokia 7750 and 7700 family was introduced in the 22.12 release. The 23.1 release adds support for additional functionality like ACL filters and EVPN for MPLS in Epipe service. FWDN-7281 ForcePoint - Initial support for ForcePoint Next Gen Firewalls FWDN-7633 Viptela - vSmart collection The collector now places the state files collected for vSmart into each vEdge snapshot for modeling. FWDN-7663 Privilege mode password association with login credentials This enhancement implements a logic that allows for retries when a privilege mode error occurs. When this happens, the system will now also try the other available credentials, until one of them passes the privilege password discovery part. If none of them passes, then the system reports the failure as a privilege password issue.

Related products:Snapshot ProcessingVendors & ModelingTopology