Hello fellow Airheads,
I have to first confess this message is a bit delayed. I really should have gotten this out sooner but as they say better late than never.
So without further ado, I’m pleased to announce the availability of Aruba OS 7.4 for the Mobility Access Switches! This release has some unique, dare I say, non-traditional switching features as well as some very cool integration features with our other platforms (e.g Access Points). Ready to try it out? Here are the pertinent links you'll need.
User Guide Download: ArubaOS 7.4 User Guide
Release Notes Download: ArubaOS 7.4 Release Notes
Software Downlaod: ArubaOS 7.4.0.0
I think I'm missing something, oh right, here are all the great new features:
Layer 2 and Layer 3
- Static ARP
- Every now and then you just need a static ARP entry...
- IGMPv3 Snooping
- This adds on to our existing support of IGMPv1/v2 Snooping
- Route Monitoring (aka L3 Interface Monitoring)
- Remove L3 interface from the routing table based upon ICMP probe status.
- Route Metrics for DHCP Client enabled L3 interfaces
- Ability to favor one DHCP enabled uplink over another.
Security Enhancements
- Session ACL on Routed VLAN Interfaces (RVI)
- Useful for Internet facing links.
- Deny Inter User Traffic
- This is supported in hardware to prevent users within the same role (up to 7 user-roles) from communicating.
- Particularly useful in hospitality when port isolation or private VLAN is required.
Branch Features
- Dynamic DNS Client
- Currently qualified with no-ip.com, changeip.com & myonlineportal.net.
- NAT Pools
- Ever have a need for some 1:1 NAT?
- Excludes dynamic-srcnat pool, but don't worry. Keep reading...
- IP NAT Outside
- For use when there are multiple private side subnets to avoid NATting local to local traffic (aka inter-vlan traffic) and in lieu of dynamic-srcnat pool. Told ya!
- Site to Site VPN Enhancements
- Standby/Backup VPN Interface
- Default Route to VPN
- Aruba VPN Support (aka Instant VPN)
- Distributed L3 VPN mode
- Distributed L3 DHCP Scopes (uses BID to allocate pools just like Instant APs)
Access Point Integration Features
- Device Groups
- Ability to detect a device via LLDP and change physical port properties, including changing from access to trunk.
- Initial support will be for Aruba APs and requires that LLDP be enabled.
- Device Group can also override a Tunneled Node port as long as the TN port can successfully COMPLETE at which point the MAS sees the LLDP messages from the AP and overrides the port configuration.
- Configurable Rogue Containment Options
- Currently if an Instant AP sends a MAS blacklist information, we shutdown the port including PoE if on an Access Port or discard the MAC address if on a Trunk for a period of 5 minutes.This enhancement allows an administrator to have the port stay down or discard indefinitely based upon a configurable auto-recovery time or disable processing the blacklist all together.
Manageability
- Airwave ZTP VPN
- Activate provides a Mobility Controller IP so MAS can establish a VPN as part of ZTP to reach Airwave to receive it’s configuration.
- This enables us to be deployed behind NAT devices.
- AMP 8.0.X supports ArubaOS 7.3.0.0 and below from a configuration standpoint and will ignore this new VPN component (won’t cause mismatch). Post 7.3.0.0 features including 7.4.0.0 configuration elements are planned for a subsequent release of AMP 8. The AMP and MAS teams are working hard on prioritizing the features into AMP as soon as possible.
- New WebUI Dashboard Items
- MAC Address Table, VLANs, LLDP/CDP Neighbors table, User Table
New Optics and DAC Support
- DAC support on S1500
- Will only operate at GbE speed.
- 10GBASE-ER SFP+
- 10GBASE-ZR SFP+
Got an idea for a feature enhancment? You can submit those here and we'll see what we can do!
Idea Portal
Best regards,
Madani