Enhancements
This section lists enhancements added to this branch of the software.
Software enhancements are listed in reverse-chronological order, with the newest on the top of the list. Unless otherwise noted, each software version listed includes all enhancements added in earlier versions.
Version |
Software |
Description |
Category |
---|---|---|---|
16.10.0024 |
WB |
No enhancements were included in version 16.10.0024. |
NA |
16.10.0023 |
WB |
No enhancements were included in version 16.10.0023. |
NA |
16.10.0022 |
WB |
Added support to configure the size of the EAP-TLS fragments sent from the switch to the RADIUS server. Configuring EAP-TLS fragment size based on the MTU of the network avoids IP fragmentation in the network, and thus, the fragmented packets will not be dropped by the firewall or gateways. Added a MIB to indicate the maximum size of the EAP-TLS fragment sent to the RADIUS server. Refer to the Aruba 2920 Access Security Guide for AOS-S Switch 16.10 and Aruba MIB and Trap Support Matrix for AOS-S Switch 16.10 for more information. |
EAP-TLS Fragmentation |
16.10.0022 |
WB |
The IP Auth manager feature has been added to close a TCP connection from an unauthorized client by sending a TCP RST immediately after receiving a TCP SYN packet, rather than allowing a complete three-way TCP handshake and then sending a TCP RST.
When an unauthorized client connects via the OOBM port, the existing behaviour remains unchanged.
|
Security |
16.10.0021 |
WB |
No enhancements were included in version 16.10.0021. |
NA |
16.10.0020 |
WB |
No enhancements were included in version 16.10.0020. |
NA |
16.10.0019 |
WB |
No enhancements were included in version 16.10.0019. |
NA |
16.10.0018 |
WB |
No enhancements were included in version 16.10.0018. |
NA |
16.10.0017 |
WB |
TCP timestamps are an extension to the original TCP stack, that was introduced to identify and reject old duplicate packets (PAWS) and to improve round-trip-time measurement. Using a scanner or other tool, an attacker can observe the TCP timestamp and determine the system uptime to gain information about the operational state of the system. To avoid such risks, a new command A MIB has also been added to enable or disable the randomization of TCP timestamp offsets. Refer to the Aruba 2920 Management and Configuration Guide for AOS-S Switch 16.10 and Aruba MIB and Trap Support Matrix for AOS-S Switch 16.10 for more information. |
Security |
16.10.0016 |
WB |
No enhancements were included in version 16.10.0016. |
NA |
16.10.0015 |
WB |
No enhancements were included in version 16.10.0015. |
NA |
16.10.0014 |
WB |
No enhancements were included in version 16.10.0014. |
NA |
16.10.0013 |
WB |
No enhancements were included in version 16.10.0013. |
NA |
16.10.0012 |
WB |
No enhancements were included in version 16.10.0012. |
NA |
16.10.0011 |
WB |
No enhancements were included in version 16.10.0011. |
NA |
16.10.0010 |
WB |
No enhancements were included in version 16.10.0010. |
NA |
16.10.0009 |
WB |
Added support to configure probe delay for the IP Client Tracker:
Refer to the Access Security Guide for more information. |
Probe Delay for Client Tracker |
16.10.0009 |
WB |
Added support for the following RADIUS enhancements:
Refer to the Access Security Guide for more information. |
RADIUS Enhancement |
16.10.0008 |
WB |
Version 16.10.0008 was never released. |
NA |
16.10.0007 |
WB |
Refer to the Management and Configuration Guide for more information. |
CLI |
16.10.0007 |
WB |
Added the following REST enhancements:
Refer to the REST API Guide for more information. |
REST |
16.10.0007 |
WB |
Added support for the new activate endpoint devices-v2.arubanetworks.com which has the following two major differences compared to the old endpoint device.arubanetworks.com:
Zero Touch Provisioning (ZTP) improvements were made to deal with situations such as unresponsive DNS servers. Refer to the Management and Configuration Guide for more information. |
Zero Touch Provisioning |
16.10.0006 |
WB |
Version 16.10.0006 was never released. |
NA |
16.10.0005 |
WB |
No enhancements were included in version 16.10.0005. |
NA |
16.10.0004 |
WB |
Version 16.10.0004 was never released. |
NA |
16.10.0003 |
WB |
No enhancements were included in version 16.10.0003. |
NA |
16.10.0002 |
WB |
No enhancements were included in version 16.10.0002. |
NA |
16.10.0001 |
WB |
No enhancements were included in version 16.10.0001. |
NA |