Current Production Release: 22.8.7
This is the current production release software version of NETLAB+. It applies to all users who have updated their
systems to version 22+.
NETLAB+ Version 22 is a major upgrade that is built on a new Linux distribution.
The focus of this upgrade is security hardening to meet the latest industry standards
and benchmarks. Version 22 has been validated by a third-party penetration testing firm.
Current NETLAB+ users of version 21.X.X and earlier:
Please see the NETLAB+ Data Transfer Utility Guide
for details on the required procedure to upgrade your NETLAB+ system to version 22.X.X.
### 22.8.7
* Released: **2024-08-03**
#### New Features
* NDG Support Service is an opt-in feature that allows NDG to service your NETLAB+ system without inbound firewall rules at your site firewall. You may also permit NDG to access your VMware virtual infrastructure. #D1132, #D1003
#### Bug Fixes
* Unused PCs are no longer skipped when assigning a runtime virtual host during pod initialization. This can cause problems if users switch to an exercise that use the PC within the same reservation. #1128
---
### 22.8.6
* Released: **2024-07-04**
#### New Features
* Data Transfer Utility supports transfer of NETLAB+ VE virtual machines from version 22.8.6+ to 24.0.X. See Data Transfer Guide for details. #D1099
#### Bug Fixes
* Updated Cisco ASA automation to handle new prompts requiring the enable password to be set before entering configuration commands. #D1113
* Enabling or disabling the NETLAB+ API now correctly updates the webserver configuration. #D1114
---
### 22.8.5
* Released: **2024-06-14**
#### Bug Fixes
* Improved handling of enhanced content completion errors. #1100
* Fixed a bug that could cause NETLAB+ to set empty cookies during the login process. Causes failure to authenticate with Firefox 127.0. #D1105
---
### 22.8.4
* Released: **2024-05-19**
#### New Features
* Course updates, available for installed courses, are now indicated by a badge on the Administrator dashboard. #D960
* Updated Let's Encrypt module to support recent changes to the ACME protocol. #D1071
* Modified the renew process to utilize an existing private key if one exists. #D1071
#### Bug Fixes
* Updated the HTTP verification error message to include application layer firewalls as a potential problem. #D1071
* Made corrections to prevent the default SSL certificate from being deleted, which aids in recovery should the active certificate expire. #1063
* The E_ENTITY_EXISTS exception will no longer be thrown when resubmitting connection stats for lab users. #D1061
* Made minor modifications to the alarms/alerts badge styles in an effort to generalize them for wider usability. #D960
* Made corrections to the request rate limit for static files. #1064
* Uppercase letters are now permitted in valid SSL certificate names. #936
* Modified reservations tables to prevent pod descriptions from overflowing the containing cells. #1075
* Fixed a bug that was preventing VMs for remote PCs from being shutdown when switching exercises in an active lab environment. #1074
* Datacenter monitor (vdcmon) can flood logs with errors such as E_INVALID_TASK_STATE. #D1076
* Fixed a bug that prevented virtual networking from being configured after switching exercises in a reservation without reverting the VMs. #1067
---
### 22.8.3
* Released: **2024-02-12**
#### Bug Fixes
* Fixed a bug that prevented WMKS based PC Viewers from resizing the remote resolution. PC Viewers now preserve the chosen resize mode between docked and undocked instances. #D1052
---
### 22.8.2
* Released: **2024-02-09**
#### Bug Fixes
* Updated LTI integration to handle [upcoming changes to 3rd party cookies](https://developer.mozilla.org/en-US/blog/goodbye-third-party-cookies/), allowing NETLAB+ to continue being launched from an iframe within an LMS. #D1022
* Improved the PC Viewer Screenshot feature so that it will no longer capture empty images of blank screens or uninitialized framebuffers. #D1041
---
### 22.8.1
* Released: **2024-01-17**
#### New Features
* Disk status is now available in the administrator web interface. #D1033
* Alarm added to warn of potential disk space issues. #D1033
#### Bug Fixes
* CSRF protection is now disabled by default. #D1029
* Re-enable it in the administrator web interface if needed for compliance.
* These checks may cause problems with some LMS/LTI integrations.
* Recent changes to Chrome's handling of third-party cookies may also cause problems if enabled.
---
### 22.8.0
* Released: **2024-01-03**
* Changes Since: **22.7.4**
#### New Features
* Added a device profile and interface translation for the Cisco 8200L-1N-4T router. Increase the maximum upload file size to handle the associated firmware image. #D963
* A software maintenance renewal link and button will now show up on the administrator dashboard 60 days prior to expiration. #D949
* Lab PC and CLI viewer clients now have new visual indications, that do not obstruct the displays, when input focus is lost. #D1019
#### Bug Fixes
* NETLAB+ should not create an LTI launch record for generic pod reservations. #D1007
* Remote PCs are now correctly observing lab design settings that should prohibit the use of the revert to snapshot action within associated lab exercises. #D1011
* Removed all instances of the deprecated JavaScript properties pageXOffset and pageYOffset within NETLAB+ sources. #1016
---
### 22.7.4
* Released: **2023-10-19**
#### Bug Fixes
* Fixed a bug that prevented the cloning of pods without attached VMs. #D994
* Updated the interface translation map for the Cisco 9300 so that the secondary interfaces do not interfere with the translation of the primary interfaces. #D980
* The mouse, once again, displays the pointer cursor when positioned over topology hotspots. #D985
---
### 22.7.3
* Released: **2023-09-22**
#### New Features
* Added advanced configuration directives in Pod Designer to delay the booting of virtual machines to handle interdependencies. #D187.
#### Bug Fixes
* Changed the default PC viewer display mode to scale to avoid resize issues with some guest operating systems. #D982
* Fixed an error caused by a missing date format module in the batch password set task. #D981
---
### 22.7.2
* Released: **2023-09-13**
#### Bug Fixes
* Pod cloning may fail on large VMs due to timeout. #D970
* Update moment.js library (CVE-2022-24785). #D965
* Course catalog package date should not wrap. #D971
* New pod and lab designer files are created with an incorrect identifier. #D979
---
### 22.7.1
* Released: **2023-08-31**
#### Bug Fixes
* Fixed a bug in the course manager that would cause an error when trying to update a course from the View Installed Course interface. #964
---
### 22.7.0
* Released: **2023-08-16**
* Changes Since: **22.6.4**
> This version has been withdrawn from distribution due to issue #D964.
#### New Features
* Added an administrative interface to change and test some time synchronization settings, allowing the administrator to choose their own NTP service hosts. #D240
* LTI Basic Outcomes can now be suppressed in the class settings to prevent outcomes from being posted back to an LMS. #D904
#### Bug Fixes
* Disabled unintentional navigation paths that could give the false impression that the Administrator account is editable outside of the profile settings interface. #D917
* The Enhanced Content viewer can now be undocked like any other viewer. The client's connection to the enhanced content service can now be assessed and PDF fail-back is now supported. #D920
* Fixed an issue where accounts without an email address would display a broken URL image instead of the default avatar image. #D933
* Expanded log records in the Administrator's insight log viewer can now be collapsed by clicking the footer at the bottom of the record. This allows the user to interact with the record's contents without unintentionally collapsing it. #D893
* Fixed a bug that prevented labs from launching if their associated pod contained ABSENT PCs. #D950
* Security updates applied. #D956
---
### 22.6.4
* Released: **2023-07-06**
> This version has been withdrawn from distribution due to issue #D950.
#### Bug Fixes
* Fixes to the software updater, now handles "held back" packages. #D928
---
### 22.6.3
* Released: **2023-06-28**
#### Bug Fixes
* Applied latest 3rd party security patches. #D962
---
### 22.6.2
* Released: **2023-06-27**
> This is an interim release to address a bug in the software update process. The software update process must install this version before higher versions are installed. The software updater should be run multiple times until no more updates are available. This version should not be used in production.
#### Bug Fixes
* Fixes to the software update process. This will be a mandatory upgrade version. #D912
---
### 22.6.1
* Released: **2023-06-08**
> This version has been withdrawn from distribution due to issue #D950.
#### New Features
* Improved display mode options for the newer PC viewer client:
* selected option is visually indicated
* selected option is maintained between tab changes
* remote aspect ratio is preserved in “Scale” mode
---
### 22.6.0
* Released: **2023-05-31**
> This version has been withdrawn from distribution due to issue #D950.
#### New Features
* Lab PCs can now be reverted to the state they assumed at the beginning of the lab by selecting the Revert option from the PC tab dropdown menu. #D309
* Added alarm framework with the following alarms. #D888
* Software update available.
* VMware VCSA license expiration.
* VMware ESXI license expiration.
#### Bug Fixes
* Fix resurfaced reservation event bug. #D816, #D899
* Improve PC viewer focus handling. #D898
* Minor UI spelling and grammar fixes. #D882
---
### 22.5.0
* Released: **2023-04-01**
#### New Features
* Added support for password expiration policies. #D867
* PC and CLI clients now clearly indicate when focus is lost with a translucent overlay. #D855
* Added console option to reset the SSL certificate to the default. #D875
#### Bug Fixes
* The pod cloning interface now notifies the administrator when the connection to the datacenter is lost and allows the process to be aborted. #D817
* Applied security updates. #D879
---
### 22.4.1
* Released: **2023-02-25**
#### New Features
* Auditd log records are now exportable under the netlab.audit tag. #D555, #D842
* Verified log export works with Fluent-bit 2.0 servers with Forward and Syslog input plugins. #D842
* Improved handling of input focus for MKS viewers in the lab environment. #D851
#### Bug Fixes
* Task logs stored beyond retention period. #D849, #D842
* Batch pod delete now issues a warning before pods with master VMs are removed - master VMs will remain in the inventory. #D782
* Fix some log rotation permissions and ownership. #D864
---
### 22.4.0
* Released: **2023-02-10**
>This version will be held back due to discovered defects and is replaced by 22.4.1. #D841
#### New Features
* Export system performance metrics to Prometheus and Grafana (beta). #D775
* Tested compatibility with the Cisco C1000 switch using the NETLAB+ universal control switch driver. #D803
* Added device profiles for the 24 and 48 port variants of the Cisco C9300 switch. #D804
#### Bug Fixes
* Remove expired DST_ROOT_CA_X3 certificate from Let's Encrypt chain. #D814
* Fixed a bug that hindered the administrator's ability to interact with installed courses and related user interfaces if the course catalog file was missing. #811
* Fixed a bug that broadcast reservation events to unintended targets. #816
* Apply latest security and package updates. #D796
---
### 22.3.1
* Released: **2022-12-07**
#### Bug Fixes
* Large account usage queries should no longer result in error 504 timeouts. #D344
* Fixed an incorrect method reference in the user.account.add method. #D783
* Removed the path-relative stylesheet import (PRSSI) from the NETLAB+ login page. #D784
* Do not allow license activation using a key/profile that does match the correct software distribution. #D785
---
### 22.3.0
* Released: **2022-11-17**
#### New Features
* The Course Manager now indicates which installed courses have updates and provides an administrative interface to update them. #140
#### Bug Fixes
* Fixed a bug that prevented administrator from being able to adjust course access after granting or revoking access to all communities. #177
* Fixed a bug that was causing the wrong dialog message to be displayed when a user ended a reservation. #762
* Inbound network test from console always fails for https port 443. #746
* Fix td-agent-bit log not rotating. #765
---
### 22.2.0
* Released: **2022-10-10**
#### New Features
* The log viewer will now display timestamps in the administrator's preferred date and time formats. Higher precision 12 and 24 hour time formats were added to better support log viewing. #D734
* A form item was added to the log viewer to allow it to display timestamps in UTC or the administrator's preferred time zone. #D734
---
### 22.1.0
* Released: **2022-09-21**
#### New Features
* Added multifactor authencation using Timed One-Time Password authenticators. #D292
* Added a button to the Datacenter UI that can be used to manually refresh NETLAB+'s local data for VM datacenters and managed hosts. #D732
#### Bug Fixes
* Fix Let's encrypt certificates not renewing. #D733
* Provided more time for the new window to initialize when viewing full-sized Remote PC screen captures from the Lab History Viewer. #D674
* The Lab Designer will now reflect changes to the names of installed pod types in labs that depend upon them. #D729
* Removed a redundant lab prefix from the title of the Lab Designer Edit Lab interface. #D729
* Applied security updates. #D736
* Testing the access server from the Control Devices interface no longer results in an erroneous Offline #D710
---
### 22.0.10
* Released: **2022-07-14**
#### Bug Fixes
* Applied package and security updates. #D706
* Fix continuous restarts of td-agent-bit if log export server is not reachable. #D686
* Postgresql must be started before td-agent-bit. #D684
* Lets Encrypt not properly configured by Data Transfer Utility. #D693
* Lets Encrypt cannot renew without contact email. #D711
* Firewall setup is not excluding inactive API keys. #D696
* Python SDK fails with ECC keys (workaround). #D697
* Webserver stops logging after log rotation. #D702
* Fix errors in td-agent-bit cgi.lua script. #D673
* Log rotation required for td-agent-bit log. #D700
* Fix permission for ve-logperm-check. #D685
* Suppress successive logging of vsphere connection failures. #D678.
---
### 22.0.8
* Released: **2022-06-23**
#### New Features
* Data Transfer Utility - feature allows new 22.0.X virtual machine to accept a one-time data transfer from a 21.4.X system. #D632
* Added an option under the Webserver Security interface, to enable and disable CSRF Protection. #D667
#### Bug Fixes
* Increased the duration that NETLAB+ will wait for Cisco serial interface modules to boot from 3 to 5 minutes. #2111, #D348
* Lab and pod designer not working, undefined subroutine message. Added a missing use declaration for Netlab::SysTable to Module.pm. #D677
* Made a few minor language corrections to the HSTS webserver security interface. #666
* Set Retry_Limit on td-agent-bit output plugins. #689
---
### 22.0.7
* Released: **2022-03-23**
#### New Features
* Align system configuration to meet CIS security benchmarks for Debian 10.
* Improve software update process for faster security updates.
* Support TLS 1.3 and update ciphers to meet government requirements.
* Overhauled logging system and log search capabilities.
* Ability to export system logs to external fluentd server (structured data) or syslog server (unstructured data).
* Ability to view logs in real-time.
* Implementation of auditd, instrusion detection (AIDE), and antivirus (ClamAV) per CIS guidelines.
* Ability to enable Strict Transport Security (HSTS).
* Local account usernames are now case insensitive.
* Administrator defined password policies for local accounts.
* Support IPv6 on public interface as required for government compliance.
* Disks are automatically sized to recommended values on OVA install.
* Serve all resources locally (do not rely on CDN for fonts, etc.)
* Updated Installation and Administrator guides.
#### Work In Progress
* Data transfer from version 21 to version 22 system.
* Multifactor Authentication for local accounts using TOTP (authenticators) and FIDO2 (hardware keys).
* Customizable time syncronization sources (NTP).
#### Upgrading from Version 21
NETLAB+ Version 22 is built on a new Linux distro and therefore requires a new OVA deployment.
* Version 22.0.7 is released only for testing of **new deployments** by designated beta testers.
* Version 22.0.7 **will not be capable of data migration** of data from NETLAB+ systems running 21.X versions.
* Data migration from NETLAB+ version 21.X systems will be available in version 22.1.0. This version will provide a one-time option to choose between a New Deployment or Data Migration from a 21.X system.
#### Caveats
* The NETLAB+ virtual machine is not FIPS 140-2 compliant as this requires testing against specific hardware. Version 22.0.7 is based on [OpenSSL 1.1.1](https://en.wikipedia.org/wiki/OpenSSL).
* NETLAB+ does not natively encrypt data at rest. However, the entire virtual machine can be encrypted. Please consult the VMware vSphere documentation.
---
Release Notes for Earlier NETLAB+ Versions
Please refer to Release Notes and Known Issues - NETLAB+ version 21.x.x and earlier.