Short Supported Release
Instant AOS-8.12.0.0 is a Short Supported Release (SSR).
|
Ability to Specify Key Type When Using EST
|
A new option to select -4096 key length and certificates is available.
For complete technical details, see the Instant AOS-8 Guide.
|
Auto-assign an EST Provisioned Certificate to the Wi-Fi Uplink
|
Instant AOS-8.12.0.0 introduces the ability to auto-assign an EST received certificate to the Uplink features, such that it can be used to support an authentication.
|
Support for AP-584 Access Points Outdoor Operation in France and Israel
|
The information for AP-584 access points now complies with the regulatory guidelines that allow for outdoor operation in France and Israel.
|
Detection and Containment of Wi-Fi Direct Devices
|
New commands have been introduced to detect and contain devices associated with Direct groups under the profile.
- detect-wifi-direct-p2p-groups
- no detect-wifi-direct-p2p-groups
- protect-wifi-direct-p2p-groups
- no protect-wifi-direct-p2p-groups
- wifi-direct-network-quiet-time
|
Deprecation of SHA-1 Cipher Suites for RadSec Server
|
Instant AOS-8.12.0. allows users to include or exclude -1 cipher suites from the RadSec server. Th cipher suite can be configured using the newly introduced radsec-ciphers-level <all|high> parameter.
|
Enhanced Debugging Experience in the Radio Profile
|
The scheduler-mode parameter is being added to the radio profile in order to provide a better debugging experience. The parameter accepts two possible configurations, fairness and latency. The default parameter is set to fairness, which enables Traffic Allocation Framework (TAF) on the radio profile. The latency parameter disables TAF. It is recommended that Aruba support engineering is contacted in order to adjust the scheduler-mode configuration. Manipulating this configuration without guidance from Aruba support could cause fairness issues on the network.
|
Enhanced Information for Neighbor Devices
|
This enhancement enables users to access more detailed information about neighboring devices. The output of the show ap debug lldp info command has been updated to provide a richer set of data regarding neighboring devices. A new remote_system_description field in the command output now includes device information such as device model information, software version information, among others.
|
Enhancement for Configuring Non-DFS Channels
|
Starting with Instant AOS-8.12.0.0, when configuring access point control settings for the 5 radio, a new checkbox named Check All Non- Channels is available to select all Non- channels at once in order to remove them from the allow-channel list. In the WebUI, this new checkbox can be found under Configuration > > > Show advanced options > Customize valid channels > Valid 5 channels> Edit > Check All Non- Channels.
|
Enhanced Telemetry with New Radio, Client, and VAP Statistics
|
This release broadens our telemetry capabilities with the addition of new statistics for radios, clients, and virtual APs (VAPs). These new metrics provide deeper visibility into network performance, user experience, and the wireless environment. These new statistics are visible in the output of the commands show ap debug radio-stats, show ap debug client-stats, and show ap debug bss-stats.
|
Enhancements to the show audit-trail Command Output
|
This release introduces improvements to the show audit-trail command output to assist users in better diagnosing and understanding system events. The command now provides a more detailed and comprehensive output, offering deeper insights into system operations and changes. New output details:
- Member Receive Full Config Events
- Conductor Receive Delta Events
- Config Init Event with Reason
- System Time Change Events
- Capture Fail Reason for Command Execution.
- Reboot Event Logging
|
Enhanced Dongle Firmware Upgrade for SES-Imagotag SCD
|
This releases introduces an advanced feature for the SES-Imagotag SCD. This enhancement enables the capability for dongles to generate a Claim-ID, a critical component for establishing a secure connection to V:Cloud. This feature addresses the need for enhanced security in data communication between retail management systems and V:Cloud.
|
Port Bounce for Wired Clients on Instant APs
|
This release introduces a new feature for Instant Access Point(IAP) that automatically reinitiates requests following a change. This enhancement specifically affects wired non-802.1x clients in scenarios where there is a change in authorization events.
|
External Antenna Provision Support for 6 GHz
|
In Instant AOS-8.12.0.0, 6 external antenna provision configuration is available in the radio settings of APs. The external-antenna-6ghz and ant-pol-6ghz commands have been included as an option to properly configure 6 external antenna gain.
|
Firmware Synchronization Improvement in CoP for Instant AP Cluster with Different Models
|
Instant AOS-8.12.0.0 improves firmware synchronization in CoP for Instant AP cluster with different models.
|
Configuring WLAN Settings for an SSID Profile
|
In Instant AOS-8.12.0.0, an option to control QBSS Load Information Element has been implemented, it is activated with the ssid-profile <ssid-profile> qbss-load-enable command.
|
Configuring IDS
|
Instant AOS-8.12.0.0 implements an option to control parsing AWDL frames.
|
No Support for Air Slice in Instant AP Deployments
|
Starting with Instant AOS-8.12.0.0, Air Slice support will not be available. If Air Slice is enabled prior to the upgrade, it will be displayed as enabled in the configuration, but it will not take effect internally. The following commands have been impacted:
- show datapath session dpi
- show datapath ipv6 session
- show datapath
- show datapath acl-rule
- airslice-policy
- show ap debug airslice client-stats
- show ap bss-table
|
Number Added to the show activate status Command
|
Starting with Instant AOS-8.12.0.0, APs will display their number to identify themselves to Activate/Central if the number is shipped in flash.
|
Recovery Mechanism in the Event of Central Connection Failure
|
option 43 will now support an alternate IP address for data center redundancy. This will help customers with multiple data centers set up a backup server IP address for APs to switch to in case of a localized failure. This configuration can be applied through the ip dhcp pool option 43 command.
|
Support for 6 in
|
Instant AOS-8.12.0.0 supports 6 in , which includes the addition of radio-profile-6ghz, utb-filter-block and rf-zone , as well as new parameters in , channel and radio-state . It also adds Norma and Leo as platforms to the allowed list of upgrades.
|
Support for Authentication Mode
|
Instant AOS-8 allows users to configure Network Time Protocol () keys to authenticate servers. This feature can be configured through the using the following commands.
- ntp-authentication-key
- ntp-trustedkey
- ntp-server-key
The following commands list the details of the configured ntp authentication keys.
- show ntp authentication keys
- show running | include ntp
|
Tracking of Randomized MAC Addresses
|
This feature enables the tracking of probe requests from clients using randomized addresses, offering deeper insights into client presence within the network infrastructure. This update is pivotal for businesses seeking advanced analytics in environments where understanding visitor behavior and network usage patterns is essential. New commands laa-counter-msg and laa-counter-msg-interval are introduced. Counters are sent to using profile default-ale.
|
Virtual Access Point Configuration for 6 GHz in MBSSID Groups |
This release introduces support for up to 8 Virtual Access Points (VAPs) on the 6 radio. This update significantly expands the possibilities for network customization and segmentation, particularly beneficial for complex or high-density environments. The commands show mbssid-group-profile, show mbssid-group-profile <profile name>, mbssid-group-profile <profile name>, and no mbssid-group-profile <profile name> are introduced for visualizing and configuring MBSSID group profiles and their references to profiles.
|
Vendor Specific IE-based Containment
|
Instant AOS-8 allows users to configure exclusions for containment based on vendor specific IE information. This feature allows APs to be exempted from containment even when the devices use randomized addresses. This feature can be configures using the vendor-specific-ie-exclusion command.
|