Highlights

An overview of the changes in this release.

Nozomi Networks Operating System (N2OS) 24.3.1 is an important maintenance update that addresses a migration issue identified in our recent N2OS 24.3.0 release. In N2OS 24.3.0 we have identified a problem that affects sensors with invalid UTF-8 characters in their n2os.conf.gz configuration file. The problem prevents them from successfully applying the migration intended for cleaning up this configuration file and successfully completing one of many migrations that constitute a full sensor firmware upgrade.
Important: All other database migrations required for the full sensor upgrade are completed correctly and this error does not affect the functionality of your sensors.

To understand if your sensors have been affected, look for a fully functional Guardian/Central Management Console (CMC) sensor that displays the migration error message on the top banner of the user interface (UI). In multi-level architectures, look for CMC sensors that complete their upgrade procedure to N2OS 24.3.0 and do not propagate the firmware updates to their downstream sensors. This intentional behavior protects downstream sensors during the upgrade to N2OS 24.3.0, by preventing the propagation of the upgrade when it detects migration issues. You can check the migration logs to further diagnose sensors that show these symptoms. The logs will indicate migration issues due to invalid byte sequence in UTF-8.

As mentioned above, the root cause of this problem was improper handling of non-UTF-8 characters in the migration procedure, and the solution is to upgrade to N2OS 24.3.1. This update will address the migration issue, ensuring the final migration is applied correctly and preventing future occurrences of this problem.

In case the upgrade to N2OS 24.3.1 is not possible at this time, and because the specific order in which migrations are applied doesn't impact the sensors' functionality, the following steps are recommended to complete the final missing migration for all sensors:

  1. Identify downstream sensors with a configuration file (n2os.conf.gz) containing non-UTF-8 characters, and for each affected sensor follow these steps.
  2. Stop all services using the n2os-stop-all command.
  3. Execute the following commands:
    cd /data/cfg
cp n2os.conf.gz n2os.conf.presanitization.gz
gzcat n2os.conf.gz | ruby -ne 'puts $_.encode("UTF-8", invalid: :replace, undef: :replace, replace: "?")' | gzip > n2os.conf.sanitized.gz
chown n2os-ids:n2os n2os.conf.sanitized.gz
mv n2os.conf.sanitized.gz n2os.conf.gz
  4. Start the PostgreSQL service:
    service postgresql start
  5. Manually trigger the pending migration execution:
    n2os-migrate > /data/log/n2os/n2osmigrate.log
  6. Restart all services using the n2os-start-all command.