Version 2023.3
    • 25 Aug 2023
    • 5 Minutes to read
    • Contributors
    • Dark
      Light
    • PDF

    Version 2023.3

    • Dark
      Light
    • PDF

    Article Summary

    Overview

    These release notes are for Nectar Foundation APM. For more information, contact Nectar Support (support@nectarcorp.com).

    Foundation APM

    WARNING

    The Derby database version was upgraded in release 8.3. This makes downgrade impossible. Customers MUST back up the database directory BEFORE upgrading to release 8.3 or higher.

    • It is not possible to use Remote Software Upgrade on a Linux platform to upgrade from a version prior to r8.6.

    • RIG Client requires Oracle or OpenJDK JRE 1.8 and above.
      Note: Runtime version will be enforced before RIG Client JAR files are downloaded.

    • Before upgrading to r2023.3, your existing installation must be at r5.6.2.x or later, licensed, and started successfully. If you attempt to upgrade directly to r2023.3, then the installer will display the following message:

    Selected installation’s main version is earlier than r5.6.2 required for upgrade.

    For the server to start successfully, the port number specified for the serverport property of the server. properties file must not be in use. If the port is already in use, change the port number to an unused port number to correct the issue. The default port number is 80.

    Technical Notes

    NOTE

    Apache Log4j Critical Vulnerabilities (CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, CVE-2021-44832). Foundation APM uses Log4J versions 2.17.1 and 2.12.4 for all components in release 2021.3 or higher that contain fixes for all known security vulnerabilities.

    JREs used by existing RIGs will be updated as part of the upgrade process. If modifications have been made to the java.security config file, those changes will need to be manually transferred to the updated JRE. TLSv1 and TLSv1.1 are disabled by default by the JRE configuration. To learn how to enable this, go to the Nectar Foundation APM Installation Guide, or to review the instructions go to: https://www.java.com/en/configure_crypto.html.

    Upgrade Requirements

    The database migrations started with release 2021.1 and will make it difficult to downgrade to Foundation APM releases 8.7.1 and below. We strongly advise customers to back up the RIG database before upgrading to r2023.2 and later.

    NOTE

    Nectar Foundation APM supports only the following Linux distributions: CentOS Stream 8/9 and RHEL 8/9.

    Cisco UCM VKM

    • When upgrading RIGs from a release prior to r8.0 that are monitoring Cisco UCM systems, additional time will be required based on the number of historical call detail records (CDRs) to perform database migration following restart.

    • If the Cisco UCM VKM module is enabled on a system when upgrading to r2023.2 from a pre-7.x release, the Installer will detect it and display a warning message, informing the user to offboard any existing Cisco UCM systems before proceeding with the upgrade. For more information on offboarding, see Cisco UCM VKM Configuration Guide.

    • Once the Cisco UCM system(s) has been offboarded, the user can re-run the upgrade process and select the Module Override to complete the upgrade.

    Cisco Meeting Server VKM

    For licensing, a status is received for each type of license (no-license, activated, or expired). If a no-license case, a WARNING event is generated. However, if the customer does not want to see these no-license events, they can disable the associated poller(s).

    Cisco Expressway VKM

    When onboarding Cisco Expressway VKM, use the same username and password across all cluster peers.

    Microsoft Skype for Business VKM

    Customers who upgrade to r2023.2 have the option to continue using the Legacy SfB module. However, to access the new SfB features available since r8.0, you must:

    1. Offboard the Legacy SfB system.

    2. Enable and onboard the new SfB VKM and system.

    Avaya Call Management System (CMS) VKM

    As of r8.1, Nectar no longer supports Avaya CMS r16 (and earlier). CMS r16 uses the 256-bit Diffie-Helman encryption algorithm, which is considered a security risk and has been deprecated. It is no longer supported in current SSH-2 implementations.

    If you accept this CMS security vulnerability, you can maintain CMS r16 monitoring with Nectar using a Nectar version prior to v8.1.

    Avaya System Manager VKM

    If you onboard Avaya System Manager with invalid credentials, you must delete the incorrect entry and re-onboard the System Manager. For more information, see Avaya System Manager r7.1 and above.

    IMPORTANT 

    Starting with Nectar release 2022.2, Avaya System Manager 6.x is no longer supported. Nectar uses the Avaya WSDL for collections on this platform. System Manager has to be 7.x and above. Session Manager collections are through the System Manager. SNMP V2/V3 is used for platform environments.

    IP Office VKM (r10.1 and above)

    Nectar leverages Avaya’s Service Monitoring Web Services API to monitor IP Office r10.1 and above. If you are currently monitoring an IPO r10.1 or above with Nectar r7.3 and prior, you can migrate to Nectar’s new API support by following these steps:

    • Disable and remove the existing monitoring.

    • Delete any IP Office traps in the Receiver module.

    • Disable the previous module and enable the new module using RIG > Module Configuration.

    • Restart the RIG.

    For more information, see Avaya IP Office r10.1 and above Deployment Guide.

    Mother Module

    The Mother Module must be enabled for Perspective deployments. For more information, see Mother Module RIG Guide.

    Properties File

    After upgrading to r2023.2, if you have or plan to manipulate a properties file that uses a file path or directory, then you must verify that you are using the proper backslash (\) or forward slash (/):

    Windows: 

    • Use double backslash (\\), for example, <drive>:\\<folder>\\<folder|file>
      or

    • Use single forward slash (/), for example, <drive>:/<folder>/<folder|file>

    Linux/iOS:

    • Use single forward slash (/), for example, /<folder>/<folder|file>

    General Data Protection Regulation (GDPR)

    You must upgrade to ‘Version 7.2 or later’ (CIP, EIP, RIG, Perspective Agent/Controller as well as the Nectar Foundation Client) to enable the new General Data Protection Regulation (GDPR) audit logging. Logging is enabled by default but can be customized to suit your specific auditing needs. The Apps\<partner name>\etc\log4j2.xml file is used to enable that customization after the upgrade to ‘Version 7.2 or later’.

    The upgrade to ‘Version 7.2 or later’ will back up your existing log4j2.xml file before installing the new version of that file.

    If you have previously customized the log4j2.xml file, you will have to manually migrate those changes to the new log4j2.xml file. Your previous version can be accessed by navigating to Apps\<partner name>\rollback\etc\log4j2.xml AFTER you have upgraded.

    New Features, Improvements, and Bug Fixes

    New Features

    • N/A

    Improvements

    • CMP-10193 - Cisco Video Module: When users edit a video endpoint directly there is a credential indicator set. This means that the endpoint will no longer be changed by a bulk edit for TMS or a change in the UCM discovery mechanism. In order to revert this credential indicator a menu item labeled "Clear Credentials Updated" has been added to the UI. Once the "Clear Credentials Updated" menu item has been selected then the credential indicator will clear and the bulk edit for TMS or a change in the UCM discovery mechanism will affect the video endpoint again.

    Bug Fixes

    • CMP-10844 - Skype for Business /Lync Module: There was an error indicating the SSL certificate could not validated. In order to fix this problem, you can add mssql.parameters = encrypt=true;trustServerCertificate=true; to the etc/sfbModule-module.properties or etc/lyncModule-module.properties

    • CMP-10865 - Rig Client: If customers upgrade the JRE used to run RIG Client to version 1.8.0_381 or later, then they must use RIG Client release 2023.3 client or later. That is because JRE 1.8.0_381 added limitations on how large the manifest file can be in a signed JAR file used to load an application via JNLP.

    Documentation

    The documents below were updated as per the release of 2023.3.


    Was this article helpful?

    What's Next
    Changing your password will log you out immediately. Use the new password to log back in.
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    ESC

    Eddy, a super-smart generative AI, opening up ways to have tailored queries and responses