Tag :: CVP 2024.2.0

You can now enable CloudVision to combine the authentication and authorization requests that it sends to a RADIUS server into a single request. When RADIUS is configured as the AAA provider, CloudVision will send separate authentication and authorization requests by default. This can cause issues with One-Time Password (OTP) users, as issued passwords are only valid for one request. Note: Non-OTP RADIUS systems will be unaffected by the change. To combine authentication and authorization requests, navigate to Settings > Access Control and enable the Combine Login Auth Requests checkbox.

This studio enables you to quickly configure access interfaces towards endpoint devices in your campus network. This configuration relates to the devices in Access Pods deployed using the Campus Fabric (L2/L3/EVPN) Studio. The studio consists of port profiles and campus networks. You can create port profiles, which contain configuration for attributes like speed and MTU, which you can then assign to device interfaces in a campus fabric. Editing the profile will then affect all interfaces that the profile has been assigned to. You can also configure individual interfaces.

A new role permission, Action Execution, has been introduced to control the execution of custom actions when they are run in isolation, such as via Studio Autofill actions and standalone executions in the Action editor. A custom action is a user-created action that has either been installed via a package or has been created using python script and arguments.

Use bearer tokens to provide custom applications or third-party applications, like Ansible, login access to CloudVision. Doing so will allow the application to make configuration changes to EOS devices. Bearer token login can be used with identity providers that issue bearer tokens and have an introspection endpoint. Okta and PingIdentity have been tested for use with CloudVision.

The Campus Dashboard provides an overview of your network state. Devices stream telemetry data to CloudVision in real time, giving you immediate and up-to-date insights into your network’s health. The timepicker can be used to view historic data of the network state.

Profiles are assigned to user accounts to customize their landing page on CloudVision and present information relevant to them. You can use built-in profiles or create custom ones. Profiles are assigned in Users to user accounts.

CloudVision allows users to maintain multiple login sessions simultaneously. However, to prevent account sharing, administrators can now limit the number of active login sessions a user can have and terminate a user’s open sessions if that have reached their limit and are unable to log in.

In order to minimize the volume of change control events, CloudVision has introduced a new event, Change Control Events. Change Control Events is generated when 2 or more of the following events are triggered for the same change control:

Use an External Certification Authority (ECA) to ensure secure communication and authentication with CloudVision..By default, Streaming Agent and other applications communicate with CloudVision using mutual-TLS certificates signed by a local certificate authority (CA). You now have the option to integrate CloudVision with Venafi,  an external CA, to sign and verify these certificates.

You can use the Access Interface Configuration quick action to assign configuration profiles to devices. The guided workflow will display an illustration of device front panels, which you can use to select interfaces from.

Port mirroring allows you to duplicate ethernet packets or frames on a source interface to send to a remote host, like DANZ Monitoring Fabric (DMF). The mirrored packets or frames can be sent via a SPAN interface dedicated for communication with the host or over an L2 Generic Routing Encapsulation (L2GRE) tunnel.

Provisioning Settings allows you to configure CloudVision's default behavior when pushing configuration and image changes to devices. Each setting relates to an action used in Change Control. Ordinarily you should only need to use the default settings, but you can alter them for more control over CloudVision and EOS interactions for devices in your network. 

CloudVision provides more than 20 overlay options to help you visualize the properties of network devices, interfaces, and links. Use the PTP overlay to visualize the topology of PTP enabled devices and their links. At a glance, you can see which device in a PTP domain is the grandmaster and which devices belong to a PTP domain.

The Software Management Studio is used to manage EOS images and extensions and assign them to devices. You’ll use the studio’s Software Repository to upload EOS images, Streaming Agents, and extensions. You’ll then  assign software from the Software Repository to devices using a new or open workspace.

The Static Configuration Studio is used to manage static configuration for devices, provide configuration not created by any other studio, and reconcile differences between CloudVision’s designed configuration and device running configuration. Devices are assigned to containers using tags that can identify one or more devices by hostname, role, or location in the network. Each container has configlets of EOS configuration, which are pushed to the EOS devices.