Product Documentation

What's New?

Oct 13, 2015

The enhancement and changes released in Build 44.11.


  • Support for Administrator Base Domain Name for Active Directory/Open LDAP Authentications Servers

    You can now specify the Administrator Base Domain Name if you configure either an Active Directory or an Open LDAP authentication server. The Administrator Base Domain Name is the administrator user name that is used to bind to the Active Directory or Open LDAP server. You can specify the Administrator Base Domain Name in the field Administrator Bind DN.

    [#557589]

  • Support for Fallback Authentication User

    This feature allows an external user to log on to Command Center even though the configured external authentication server is down or unreachable. Command Center administrator must identify the users and enable Fallback Authentication User for those users. By default, this option is disabled for all users. Note that the default password for fallback users is public.

    To enable Fallback Authentication User for multiple users, on the Administration tab, under Security, click Fallback Authentication User, and select the user for whom you want to enable this setting.

    To enable Fallback Authentication User for a user, on the Administration tab, navigate to Security > Users, select the user and click Edit. In Configure User, select the Fallback Authentication User option.

    [#537550]

  • Preview Master Configuration Before Execution

    You can now preview the master configuration, which is generated from the configuration template and the input file provided by the user during DeployMasterConfig task execution, before it is executed on the selected device.

    [#549991]

  • Downloading a Sample Configuration Template from Built-in Tasks

    You can now download the sample template file and the input file for the DeployMasterConfig task from the NetScaler Built-in Tasks lists page.

    On the Configuration tab, navigate to Configuration > Built-in Tasks, select DeployMasterConfig and click Download Sample Template. A zip file containing both the sample template file and the input file is downloaded to your local machine.

    You can no longer download the sample template file and the input file from the Downloads section of Command Center.

    [#553617]

  • Restricted Access to Entities and its Bound Entities

    If you restrict a user group to an entity, then all the users in that group can access only that entity and the entities that are bound to that entity. For example, consider there are three virtual servers configured on a NetScaler device, V1, V2, and V3, and virtual servers V1 and V2 are bound to service S1. If you restrict usergrp1 to only service S1, then all users in the group usergrp1 can access only service S1 and virtual servers V1 and V2. Users in usergrp1 cannot access virtual server V3.

    To restrict a user group to only an entity and it's bound entities, on the Administration tab, navigate to Security > Groups, select a group, and then click Advanced Settings. In the Property Name list, select an entity, and then select the Apply on bound entities also option.

    This functionality is applicable to the following entities:

    -Virtual Server Name

    -Service Name

    -Service Group Name

    -Server IP address

    Note: If you select the Apply on bound entities also option for the entities services and service groups, the servers abound to these entities might not be accessible.

    [#535029]

  • Continue Task Execution after Failure

    If you configure a task to be executed sequentially and select the Ignore and Continue option, you can now select either of the following options:

    -Execute on current device only. Execute the task on only the current device, even though the task has partially failed on that device.

    -Execute on all selected devices. Execute the task on all the selected devices, including the current device that experiences a partial failure.

    [#549686]

  • Support for SNMPv3 Traps for NetScaler Devcies

    Command Center now supports SNMPv3 traps. Command Center receives SNMPv3 traps once a NetScaler device is discovered with SNMPv3 credentials. SNMPv3 traps are supported for only NetScaler devices.

    [#555734]

  • Enhanced Technical Support Bundle

    You can now generate technical support bundles of the following types:

    -Basic. A technical support bundle that includes log files, database information, and configuration settings.

    -Advanced. A technical support bundle that includes log files, database information, configuration settings, thread dumps, and crash logs.

    Command Center now stores the last ten previously generated technical support bundles. You can delete the ones that you no longer require.

    Technical support bundles generated by Command Center appliances in a high availability configuration include the technical support files for both the primary and the secondary nodes.

    To generate the technical support bundle by using the graphical user interface, on the Administration tab, under Diagnostics, click Technical Support.

    A technical support bundle can also be generated from the Command Center command line interface. The default type is Advanced.

    To generate the technical support bundle by using the command line interface, in the <CCHome>\\bin directory, execute the generate_technical_support script.

    On a Windows system, run the following command:

    generate_technical_support.bat

    Alternatively, you can double-click the generate_technical_support.bat file.

    On a Linux system, run the following command:

    sh generate_technical_support.sh

    [#496921, 423211, 445750]

  • Default Read-Only Permissions for All Groups

    All groups configured on Command Center now have read-only permissions by default. In earlier releases, the default group "Users" had no permissions.

    As part of this enhancement, the Users group now has read-only permissions. A new external user is automatically added to the default Users group when that user is authenticated in Command Center. Since the Users group now has read-only permissions, the new external user does not experience an authorization failure.

    [#537546]

  • XML Schema file Included in the Sample Template Compressed File

    The compressed file (.zip) of a sample template of built-in tasks now includes the XML schema file (.dtd) for the input XML file.

    [#583370]

  • Customizing the DeployMasterConfig Built-in Task

    If you want to replicate the complete existing state of a NetScaler appliance on another NetScaler appliance, you must replicate the configuration, license, and certificate files. By executing the DeployMasterConfig built-in task without customizing it, you can replicate only the configuration file.

    You can customize the DeployMasterConfig built-in task to add additional commands, so that you can replicate license and certificate files to other NetScaler devices, and execute any other commands required for your configuration.

    You can customize the DeployMasterConfig built-in task to do the following:

    -Add additional commands

    -Modify existing commands

    -Add variables to commands

    -Delete commands

    -Change the order of commands.

    Caution: Be careful when changing the order of commands in the DeployMasterConfig built-in task.

    [#586722]

  • Support for TLSv1.1 and TLSv1.2

    Command Center now supports TLSv1.1 and TLSv1.2 protocols.

    To enable TLSv1.1 and TLSv1.2 protocols

    On the Administration tab, navigate to Settings > SSL Settings and select the Enable TLSv1.1 or Enable TLSv1.2 option.

    Note that the SSLv3 protocol is no longer supported.

    [#571448]

  • The Auto rollback on failure option under Deployment Automation is now unchecked by default.

    [#600905]

  • Support for Enabling and Disabling Group Extraction

    You now have the option to enable and disable group extraction for a RADIUS authentication server. In earlier releases, group extraction could not be disabled.

    [#556544]

  • Support for Resolving an Authentication Server by Using the Host Name

    You can now specify either the host name or the IP address to resolve an authentication server. In earlier releases, you could only specify the IP address.

    [#586708]

  • Support for Deployment of RADIUS Authentication With Active Directory Server

    Command Center now supports deployment of RADIUS authentication with an Active Directory server. You must enable Group Extraction and specify the group vendor identifier and the type of group attribute.

    [#571655]

  • Support for Exporting Graphs and Tables of Application Firewall Violations

    You can now export graphs and tables of Application Firewall violations from Command Center. You can choose to export either a graph or a table (CSV file), or both.

    [#577318]

  • Support for Reporting for NetScaler Gateway

    You can now view the following reports for NetScaler Gateway devices:

    -Top users by sessions

    -Top ICA applications by user access

    -Top users by bandwidth

    -Top client types

    -Top users by EPA scan failures

    -Top users by failed attempts

    You can also export NetScaler Gateway reports from Command Center. You can export them as graphs, tables (CSV files), or both. You can also schedule the Reports.

    To view NetScaler Gateway reports

    On the Reporting tab, navigate to NetScaler Gateway > Reports, select the report you want to view and then click View Graph.

    To schedule NetScaler Gateway reports

    On the Reporting tab, navigate to NetScaler Gateway > Notification Settings, and then click Schedule Report.

    [#584651]

  • Single Option to Configure Active Directory and Open LDAP Authentication Servers

    You now have a single option, LDAP, for configuring either an Active Directory or an Open LDAP authentication server.

    On the Administration tab, navigate to Security > Authentication Settings, and select LDAP. In the Server Type list, select either Active Directory or Open LDAP, and then configure the rest of the fields as required for the authentication server you selected.

    [#571443]

  • Support for Monitoring the Command Center Database

    You can now receive an SNMP trap if the size of the Command Center database reaches a configured threshold value. You can also receive an email notification.

    By default, the size of the Command Center database is checked once an hour. You can specify the threshold value in MB, or as a percentage (%) of the disk space allocated to the database.

    If you have configured the threshold value as a percentage, then the percentage of the used size is compared against the allocated database size and the notification is generated if the percentage exceeds the configured threshold value.

    If you have configured the threshold value as a size (MB), then the used database size is compared against the configured threshold size and the notification is generated if the database size exceeds the configured threshold value.

    This feature is supported for the following database servers:

    -MSSQL

    -MySQL

    -Oracle

    Note that this feature is not supported for the PostgreSQL database server.

    To configure database monitoring

    1. On the Administration tab, navigate to Settings > Database Monitor Settings.

    2. Select the Enable Database Monitoring option and specify the threshold value as a percentage or as a size (MB).

    3. If you also want to receive an email notification, select the Enable Email Notification option and then configure the email server from which to send email notifications.

    [#449211, 446452]

  • Support for Viewing up to 40 Top Violations in Application Firewall Reports

    You can now view a graph of up to 40 top violations in Application Firewall reports. You can also schedule an Application Firewall report of up to 40 top violations.

    [#547522]

  • Support for Exporting Syslogs

    You can now export syslogs from Command Center. For Application Firewall and NetScaler Gateway syslogs, you can export the recent syslogs that appear under Logs, and you can export syslogs for the views that you have configured under Views. You can also export the syslogs that appear on the Fault tab, under Logs and Views.

    You can specify the criteria for exporting syslogs that appear under Logs. Different criteria apply to NetScaler Gateway and Application Firewall syslogs. You can limit the number of rows to be exported depending on your need. The default limit for the number of rows to be exported is 1000, and the maximum is 10000.

    You can now export all graphs (image files) and data in tabular format (CSV file) from the Application Firewall dashboard.

    [#403149]

  • Changes in the Command Center Graphical User Interface

    Note the following changes in the Command Center graphical user interface:

    1. Fault > Syslogs

    - "Complete View" has been renamed to "Logs."

    - "Filters" has been renamed to "Suppress Logs."

    2. Reporting > AppFirewall

    - "Filters" has been renamed to "Suppress Logs."

    - "Recent Logs" has been renamed to "Logs."

    - "Views" was under "Recent Logs" which is now under "AppFirewall."

    - "Schedule Report" was under "Reports" which is now under "Notification Settings."

    3. Reporting > NetScaler Gateway

    - "Filters" has been renamed to "Suppress Logs."

    - "Recent Logs" has been renamed to "Logs."

    - "Views" was under "Recent Logs" which is now under "NetScaler Gateway."

    [#577325]

  • Updated Management Service Backup

    The Management Service backup now contains only the Management Service configuration backup. This backup no longer includes the image of the NetScaler SDX appliance and NetScaler VPX instances, nor the configuration information for NetScaler VPX instances running on the NetScaler SDX appliance.

    [#526020, 526024]