Highlights

An overview of the most impactful changes in this release.

Web CLI terminal component replacement

In line with our unwavering commitment to security, we have replaced the legacy library powering the web user interface (UI) command-line interface (CLI) shell. This urgent update was prompted by a critical security finding, and our security policy required immediate action, even if that meant releasing without full feature parity.

The new web CLI terminal now supports:

  • Error feedback for unknown commands
  • ? or help to display available commands (when the application programming interface (API) can retrieve them)
  • Up- and down-arrow keys to scroll through previous commands
  • Copy icons to make it easy to copy commands and outputs
  • Output duration displayed for commands that take more than 100 ms
  • Limits of 100 scroll-back and 30 history items

We acknowledge that some CLI functionalities previously available are not available in this release. This was a conscious decision. Maintaining a secure environment takes precedence over all other considerations, and we could not delay the update until every feature was ready.

Features not currently supported include:

  • Highlighted command output
  • Listing help among available commands
  • The clear and history commands
  • Persistent history across sessions
  • Keyboard shortcuts other than arrow-up and arrow-down

We understand the impact of these changes and are actively collecting feedback to guide the reintroduction of missing features in future releases. Thank you for your patience and support as we work to restore and enhance CLI functionality with security as our highest priority.

Physical network mapping

Guardian now delivers real-time visibility for physical cable connections across your infrastructure. By leveraging Smart Polling (simple network management protocol (SNMP), link layer discovery protocol (LLDP)) and integrations such as Cisco ISE, users can see exactly how devices are wired together, down to the switch and port. This is done through new tabs and visualizations in these pages:

  • Network
  • Graph
  • Alerts
  • Assets

Physical link data is automatically discovered and updated, providing live and historical views of device-to-switch connections.

New table and graph views allow users to trace cable-level topology, investigate incidents, and locate assets quickly.

To enable reporting and documentation, you can export:

Physical network mapping complements logical link mapping, and enables:

  • Faster troubleshooting
  • Smarter investigations, and
  • Improved situational awareness

Port configuration and management improvements in N2OS v25.5.0

As part of our ongoing commitment to flexibility and robust network management, we are introducing several enhancements to port configuration and management. These updates deliver these new capabilities:

Multiple management ports now supported

  • Nozomi Networks Operating System (N2OS) now officially supports configuring multiple management (mgmt) interfaces
  • Easy addition, removal, and display of mgmt ports using the ‎n2os-netconf command suite
  • Only management ports expose web UI (port 443) and secure shell (SSH) (port 22), maintaining a secure separation from operational ports

Enhance port role definitions: With version N2OS v25.2.0 and above, N2OS distinguishes between four port types

  • Primary management
  • Management
  • Active
  • Passive

For more details, see Port configuration.

Unnamed port management: N2OS can now manage ports that are not explicitly named in the system configuration. This ensures that you can manage all physical ports that the operating system (OS) detects. For example, via ‎ifconfig.

Unified IPv4/IPv6 configuration: The ‎n2os-netconf supports Internet Protocol version 4 and Internet Protocol version 6 configurations for seamless assignment and management of either protocol on supported ports.

How to use these features:

  • Use ‎n2os-netconf ports --show to view all available ports, including unnamed ones
  • Add, remove, or display management ports with simple commands. The CLI will provide help and prevent configuration errors.

Best practices and considerations:

  • Only primary management ports should be used for administrative access
  • Ensure a primary management port is always defined
  • Avoid leaving the default gateway unset, because doing so can cause connectivity issues, or isolate the sensor

It is also important to note that no action is required for existing configurations unless you want to take advantage of these new features. We appreciate your feedback and look forward to hearing how these improvements enhance your N2OS experience.

For more details, see the related sections of the technical documentation.

For additional support, contact your support representative.