Updates in upcoming releases
Important changes in future releases that might require additional steps or planning during upgrade.
Changes to the license expiration process
The current method of communicating license status within the security system user interface (UI) lacks clarity for some users, and the expiration behavior itself does not adhere to industry standards. In a future version, not earlier than 24.3.0, we are implementing changes to the license expiration process aimed at improving clarity and alignment with industry best practices. These changes will affect how license expiration status is communicated within the Nozomi Networks Operating System (N2OS) interface.
Future Behavior
- When your license is more than three months away from expiration, no status indicators will be displayed in the UI
- Within three months of expiration, a status indicator will indicate that your license is Expiring. Additionally, the notification on the Updates and Licenses page will show your license status as Expiring along with the expiration date
- When the expiration date is reached, a banner message and a status indicator will indicate that your license is Expired, accompanied by a message indicating whether you are in the grace period
- Once the grace period is over, your security system will cease its main functions, allowing users access only to historical data
Additional Information
- We will proactively reach out to customers to initiate discussions on license renewals before any expiration messages show
- We advise against waiting for license expiration warnings to begin the process of procuring new licenses
If you have any questions or concerns, please contact your Nozomi Networks representative.
Consolidation of data concerning MITRE ATT&CK®
N2OS exposes MITRE ATT&CK® related information in the alert properties
mitre_attack_for_ics
and mitre_attack_enterprise
. The
same information is also included in the legacy alert fields
mitre_attack_techniques
and mitre_attack_tactics
, and in
the legacy alert property mitre_attack/techniques
. These legacy fields and
properties are now deprecated and will be removed in a future version of N2OS.
Deprecation warning for ESXi versions lower than 8.0
- The last minor release of N2OS in 2024 will include an internal component version that will not be officially supported by VMWare virtual machine hardware version < 20.
- Official support for the internal component's current version ends January 2026; We are then forced to upgrade it by the end of 2024 to be able to provide our customers with one year of fixes - without falling out of vendor's support.
- Support for ESXi 7 will be dropped and migration to ESXi 8 is required by the end of 2024; We urge customers to prepare for implementing all required measures to run N2OS on ESXi 8 by the end of 2024.
Guardian and CMC reports
Starting with N2OS 24.3.0, it will no longer be possible to export portable document format (PDF) reports that contain a network graph. This is because of an internal component that will no longer be maintained.
Deprecation warning for /data UFS Filesystem support
Starting from N2OS v25.0.0, N2OS
will no longer support using the UFS filesystem for /data
. The only
supported filesystem for /data will be ZFS. Therefore, upgrades attempts to upgrade sensors
using the UFS filesystem for /data
to N2OS v25.x will be blocked.
To facilitate N2OS upgrades, it is necessary to upgrade the
sensor to the latest N2OS v24.x version, perform a full backup,
execute the n2os-datafactoryreset
, and then proceed with the restoration
process.
Refer to the official Nozomi Networks documentation for more information
regarding the backup, restore, and n2os-datafactoryreset
procedures. Ensure
a backup is downloaded from the sensor and saved on safe storage.
For virtual machine sensors: the Add a secondary disk to a virtual machine procedure
can be used to move /data
from the UFS filesystem to the ZFS. Follow Do a full backup from a shell console and ensure a
backup is downloaded from the sensor and saved on safe storage. Make sure the needed space
is available on the destination disk. The procedure may take a long time depending on the
virtual infrastructure hardware, its speed, and the size of the /data
folder. Interrupting the procedure can cause damage to the virtual machine and data
loss.
Customers must refrain from performing the above procedures on sensors that are not within the supported versions and must always upgrade the sensors following the supported update path.
Consolidation of Smart Polling database structure
Starting with N2OS 24.3.0, the field
connection_established
of the sp_node_executions
query
source will be removed. Its usage is to be replaced with the field
connection_state
, which contains more detailed information about the
outcome of a Smart Polling execution.