What's New in BlueCat Gateway v22.4.1 - Platform - BlueCat Gateway - 22.4.1

Gateway Administration Guide

Locale
English (United States)
Product name
BlueCat Gateway
Version
22.4.1

The following features and functionality are new in BlueCat Gateway v22.4.1:

Improved TLS/SSL security

Gateway now restricts TLS/SSL security certificates to those using strong protocols and encryption ciphers. Certificates that use static key ciphers, cipher block chaining (CBC), or other weak protocols that are vulnerable to known decryption attacks will be rejected.
Note: After upgrading to BlueCat Gateway v22.4.1, you must replace TLS/SSL certificates that use weak encryption protocols. We recommend that all certificates employed on your system use strong Advanced Encryption Standard protocols, such as Elliptic Curve Diffie-Hellman (ECDH) with 128 bits of keyspace.

Upload of TLS/SSL certificates through the Gateway UI

You can now upload the gateway.crt and gateway.key certificate files (that Gateway uses for HTTPS communications) from the Certificates tab of Gateway's General Configuration page. You can still upload them directly to the certificates/server folder if you prefer.

Updated default theme

The default visual theme has been changed to align with other BlueCat products that Gateway works with.

Improved IPv6 support

Gateway is now fully validated and certified with Integrity 9.4.0's IPv6 Transport feature within an IPv6-only environment.

Entity export API wrapper

The new API wrapper export_entities supports the export of objects or entity details for general use.

API support for High Availability of BDDS

When using the following API wrappers to request properties from a BDDS server, you can now use the optional include_ha parameter to specifically include or exclude High Availability (xHA) information. Previously, xHA information was always included; excluding this information can improve response times.
  • custom_search
  • get_entities
  • get_entities_by_name
  • get_entities_by_name_using_options
  • get_linked_entities
  • get_entity_by_id
  • get_entity_by_name
  • get_parent
  • search_by_category
  • search_by_object_types

Dynamic deployment API support

The following API wrappers can now optionally indicate whether a user or group can perform a selective deployment of data to a managed server, dynamically deploying appropriately-tagged resource records with the dynamicUpdate parameter enabled:
  • add_access_right
  • update_access_right
  • add_zone

UDL management API support

You can now update a UDL link description when using the following API wrappers:
  • add_user_defined_link
  • update_user_defined_link
  • link_entities_ex
  • unlink_entities_ex

Encrypted communication API support

The following functions now let you optionally specify whether server communications are encrypted:
  • add_server
  • replace_server

Improved API security

When HTTPS and HTTP are not specified in a URL, the API client now assumes HTTPS by default.

Simplifications to the Environment and Platform classes

The class bluecat.gateway.platform.Platform is no longer initialized with an instance of Environment. Instead, it now uses an appropriate path-like object (such as str or Path).

The following classes have also been removed and replaced with StandardEnvironment:
  • DevelopmentEnvironment
  • ImageEnvironment

Internal package name change

The package internal has been renamed as _internal to comply with standard Python naming conventions for non-public items and objects.

Logger updates

The logger used for user-specific messages (g.user.logger) now strictly behaves as a LoggerAdapter from the standard Python library. For example, g.user.logger does not support the parameter msg_type.

BAM Python API Level 1 wrappers (Phase VI)

BlueCat Gateway continues the delivery of the BAM Python API Level 1 wrappers.

New in this release:

  • get_additional_ip_addresses

    Get a list of IPv4 addresses and loopback addresses added to the Service interface for DNS services.

  • export_entities

    Export an octet stream of specified object entities that can be transformed into JSON by an API client, saved as a file, or exported to a different system.

  • get_linked_entities_by_udl

    Return a list of objects detailing entities currently linked by a given UDL type, optionally qualifying results by source or destination entity ID.

  • purge_history_now

    Deletes historical data within a specified time period or after a specified timestamp.

  • get_discovered_device_networks

    Returns all networks of a specific device, discovered by running an IPv4 reconciliation policy.

  • get_discovered_devices

    Returns a list of Layer 2 or Layer 3 devices, discovered by running a specific IPv4 reconciliation policy.

  • get_discovered_device_arp_entries

    Returns all ARP entries of a specific device, discovered by running an IPv4 reconciliation policy.

  • get_discovered_device_hosts

    Returns all hosts of a specific device, discovered by running an IPv4 reconciliation policy.

  • get_discovered_device

    Returns the discovered device, discovered by running an IPv4 reconciliation policy.

  • get_discovered_device_interfaces

    Returns all interfaces of a specific device, discovered by running an IPv4 reconciliation policy.

  • get_discovered_device_mac_address_entries

    Returns all MAC address entries of a specific device, discovered by running an IPv4 reconciliation policy.

  • get_discovered_device_vlans

    Returns all VLANs of a specific device, discovered by running an IPv4 reconciliation policy.

Experimental GraphQL support

This release includes an experimental GraphQL API support. Harness the power and flexibility of GraphQL to fetch Address Manager data simply and efficiently. While this functionality is not intended or planned for large data set retrieval, it can improve efficiency in the retrieval of small but relevant data.

Important: This feature is experimental, in incubation, and is expected to change in the future. Feedback is welcome!