We are pleased to announce the immediate availability of ClearPass Policy Manager 6.10.0! In addition to bug fixes, this release also includes several new features that our Engineering and QA team have worked tirelessly to include:
Inclusive Language Changes
Why is this interesting? This release introduces changes in multiple areas of ClearPass Policy Manager to reflect the commitment to inclusive language. Changes have been made in multiple UI screens, APIs, CLI commands, database table names, and audit events to chage to a more inclusive language for all our customers.
Updated HPE Passport Interactions
Why is this interesting? Customers need to enter a valid HPE Passport (HPP) credential to enable ClearPass Policy Manager to download updates (patches, fingerprints, etc.). When HPP password changes occur the ClearPass Policy Manager is not aware of this and frequently continues to use the old credentials until the account is locked out and TAC needs to be called. The HPP system now supports a token-based workflow that will only ever use a current username/password workflow to issue a token that the ClearPass Policy Manager will renew automatically.
Local Node Authentication Source Status Widget
Why is this interesting? It may sound like a long title, but the status of each Active Directory or LDAP server is now displayed in the Policy Manager dashboard. This provides a quick view to the sources that are up or down as well as reasons that problems are being observed. This allows administrators to see on a per-node basis if they are having any communication issues with these servers.
Policy Hit Counter
Why is this interesting? Customers are now able to display the number of times Service Policies are hit within specified times to determine how frequently policies are used.
Endpoint Cleanup on Last Seen
Why is this interesting? Not every endpoint is profiled making it difficult to cleanup systems that are no longer relevant on the network from the endpoint database. Customers can now select options to remove known and unknown devices from the endpoint database based on the last time it authenticated on the network.
Updated Dictionaries and Templates
Why is this interesting? The latest TACACS+ & RADIUS dictionaries have been updated for multiple vendors and Dynamic Authorization templates have been added or updated to provide the latest functionality when working with infrastructure systems. This includes Arista, Arista CVP, Cisco, Cisco-Meraki, Juniper, Silver Peak, and the latest Aruba updates.
Why is this interesting? The TechPubs team has spent significant time updating the formats of ClearPass Policy Manager related documentation to align with other Aruba product formats (such as AOS). This includes unifying all installation guides into a single document that includes installation, upgrading, and deployment of VPC systems.
As always, please take note of the 'Changes of Behaviors' section of the release notes (https://www.arubanetworks.com/techdocs/ClearPass/CP_ReleaseNotes_6.10.x/Default.htm).
Software images are available on the Aruba Support Portal and support updates (clearpass.arubanetworks.com) portal already. New AMI images will be available within 24 hours for customers who request these. New images Azure images will be available within the Azure Marketplace in approximately 2 weeks.
A big thanks and congratulations to the ClearPass Engineering, ClearPass QA and TechPubs teams for reaching this milestone!
We are pleased to announce the immediate availability of ClearPass Policy Manager 6.10.1! This release includes multiple bug fixes for all customers.
This release does not include new features but does include several Behavior Changes that everyone is encouraged to review in the release notes posting.
The update images have been posted to the Aruba Support Portal (ASP) and the software updates portal.
We are pleased to announce the immediate availability of ClearPass Policy Manager 6.10.2! In addition to bug fixes, this release also includes several new features that our Engineering and QA team have worked tirelessly to include:
Local Profiling (when using CPDI)
Why is this interesting? While many people have enjoyed the integration with CPDI in Central to get additional profiling information, systems that are not managed by Central required customers to select between using the local profiling and the CPDI capabilities. This release allows customers to use BOTH CPDI profiling and local profiling capabilities for non-Central managed parts of the network
OnGuard IPv6 Support
Why is this interesting? Customers using dual stack networks can now leverage OnGuard persistent agent (PA) and native dissolvable agent (DA) clients to communicate information with CPPM over IPv4 or IPv6 networks. Note that this is not currently supporting agentless OnGuard (AOG) or pure IPv6 networks.
DUR Enhanced with AOS-CX 10.08 and later
Why is this interesting? Administrators are now able to configure end-to-end primary and secondary roles with AOS-CX switches that use UBT with AOS Mobility Controllers & Gateways in the downloadable user role configuration screens (both Standard & Advanced modes)
Kerberos DNS URI Support
Why is this interesting? CPPM will now use Kerberos DNS URI lookups if traditional DNS is not available during network join events.
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.