SOLIDserver Version 8.

x Release Notes
Copyright © 2000-2022 EfficientIP
All product specifications and information provided in this document are subject to change or update without notice and
should not be construed as a commitment by EfficientIP. EfficientIP assumes no responsibility or liability for any mistakes,
inaccuracies or omissions that may appear in this document. All statements and recommendations in this document are
believed to be accurate at the time they are drafted but are presented without any representation or warranty of any kind,
either express or implied, regarding their accuracy, completeness, performance, up-to-dateness or suitability for any
particular use or purpose, or with respect to the infringement of any right. In particular, EfficientIP makes no representation
or warranty that the results that may be obtained from your use of our products will be effective, accurate or reliable or
that the quality of the products will meet your expectations. Users must take full responsibility for their application of any
product.

This document aims at detailing EfficientIP proprietary solutions. As our solutions rely on several third-party products,
created by other companies or organizations, it may redirect readers to third-party websites and documentation for further
information. EfficientIP cannot be liable for or expected to provide said information regarding products maintained or
created by third parties.

In no event shall EfficientIP be liable for any special, punitive, indirect, incidental or consequential damages of any kind
including, but not limited to, loss of present or prospective profits or business, loss of data, business interruption, damages
to reputation or image, whether in an action of contract, negligence, or other action, arising out of or in connection with
the use, reliance upon or performance of the products provided by EfficientIP or any information contained herein.

All EfficientIP products and documentation are subject to separate licensing terms which users must agree to and comply
with in order to use such products and documentation.

November 23, 2022

The following is a PDF version of the Release Notes of SOLIDserver versions 8.x available on
EfficientIP Knowledge Base.

To prepare for the upgrade, please consider the following:

• If you are upgrading appliances from a version 7.x, please refer to the Important Notes on
Version 8.0, 7.3 and any other relevant intermediate version, all available at
https://downloads.efficientip.com/support/downloads/docs/.

1
 SOLIDserver Version 8.x Release
Notes

Release Notes on Version 8.2

This release of SOLIDserver includes the following enhancements.

Cloud Observer
Cloud Observer is a new discovery solution that gathers information from various cloud service
providers, allowing access to a near real time overview of the complex network connecting all
the enterprise services. Discovered information is stored in a coherent representation between
cloud providers allowing any IT team to get full visibility over provisioned resources.

Cloud Observer relies on a system of plugins to discover cloud service providers environments
The four biggest players (VMware vCenter, Amazon Web Services, Azure and Google Cloud)
are supported with this release, others will follow. Alongside these official plugins, an open data
format permits the injection of structured information from generic sources such as third party
plugins allowing the quick integration of data from other providers, discovery tools or even custom
solutions.

Network Object Manager

Network Object Manager is a repository solution designed to store information about any type of
network connected device (desktop, IoT, server, switch, router, …) to complement IPAM data.
Any network connection, including virtual ones, can be represented in Network Object Manager.
Using the SOLIDserver REST API, it becomes possible to interact with this repository to facilitate
the deployments and operations of any automation system leveraging the relevant data in the
provisioning process. Network Object Manager comes as a replacement for Device Manager
that will be discontinued in the next major release of the SOLIDserver.

2
 SOLIDserver Version 8.x Release
Notes

Release Notes on Version 8.1

This release of SOLIDserver includes the following enhancements.

Amazon/Azure Private Zones now Supported

It is now possible to centrally manage private zones on Amazon Route 53 or Azure DNS. This
feature significantly enhances existing DNS Cloud capabilities that already allow managing
public DNS zones hosted by these cloud providers. The management of complex DNS architec-
tures can therefore be performed directly from SOLIDserver, supporting the strong trend of multi-
cloud in organizations who are looking for robustness, service continuity and are trying to avoid
vendor lock-in.

Thanks to DNS Smart Architectures, this feature allows the hybrid management of multiple
solutions, even from different cloud providers. It suppresses the complexity of building architectures
for public authoritative DNS service and the need for using different cloud administration portals.
Everything is controlled and performed from SOLIDserver, thus avoiding mistakes and easing
up deployment of new zones and records on various DNS solutions.

Cloud IPAM Sync for Google Cloud Platform

Networks deployed on Google Cloud Platform (GCP) are now visible from the IPAM thanks to a
specific synchronization feature that was already available for Amazon AWS and Microsoft Azure
IaaS providers. Using consistent mapping between the networks and endpoints objects available
in the cloud infrastructure and the SOLIDserver IPAM objects, this offers complete visibility from
one single viewpoint. All list, filter, report and network automation functions already available in
the IPAM can therefore be extended to the network infrastructure deployed in a multi-clouds
context.

DNS Guardian Client Query Filtering (CQF)

DNS Guardian capabilities are extended allowing the implementation of a first level of network
segmentation within the Domain Name System itself, meaning before any information is exchanged
between the client device and the target endpoint.

This extends the common security model that applies the same filters to any device or user on
a network. CQF allows to leverage security levels. Users or devices (IoT) requiring a high level
of security can be easily restricted to a safe list of domains or applications, while the ones requiring
a lower security level can seamlessly perform their operations.

DNS scavenging
A new mechanism now allows to automatically delete stale DNS records that may appear and
stay in the zone forever in a Microsoft Active Directory environment. These records are created
via DDNS (Dynamic DNS) at the registration of a Microsoft device in the Active Directory domain
and stay until the workstation, the server or the DHCP server suppresses them.

SOLIDserver now tracks dynamically created records in order to be able to suppress them
automatically after a given period of inactivity when they become stale records, keeping DNS
zones up to date.

3
 SOLIDserver Version 8.x Release
Notes

Security Events Forwarding

This feature extends the existing event forwarder, it provides a simple way to forward relevant
security events either to a normalized endpoint using HTTP request, or to an enterprise service
bus. This offers the ability to automatically inform any ecosystem environment about important
security events observed by SOLIDserver such as the triggering of an RPZ rule, the arming of a
DNS Guardian trigger, etc.

IPAM Raw Data Import and Export

This implementation of the import/export feature allows IPAM users to easily transport data, in-
cluding relevant meta-data, from one IPAM to another. It also permits advanced users to manip-
ulate some of the data in order to perform mass updates.

4
 SOLIDserver Version 8.x Release
Notes

Release Notes on Version 8.0

This release of SOLIDserver includes the following enhancements.

DNS Cloud for Azure

Release 8.0 introduces the ability to centrally manage public DNS zones hosted in Microsoft
Azure. This feature significantly enhances existing DNS Cloud capabilities that already allows
managing public DNS zones hosted in AWS Route53. The management of various DNS service
providers can therefore be performed directly from SOLIDserver, supporting the strong trend of
multi-cloud in organizations who are looking for robustness, service continuity and try to avoid
vendor lock-in.

Thanks to DNS smart architectures, this feature allows the hybrid management of multiple solu-
tions, even from different cloud providers. It suppresses the complexity of building architectures
for public authoritative DNS service and the need for using different cloud administration panels.
Everything is controlled and performed from SOLIDserver, thus avoiding mistakes and easing
up deployment of new zones and records on various DNS solutions.

IPAM Synchronization for Azure Enhancements

The IPAM synchronization for Azure IPAM data is now able to handle multiple virtual networks
and resource groups with a powerful filtering based on a regular expression. The vast panel of
configuration allows to tailor the synchronization to have full visibility over your Azure resources,
or only take into account specific ones. Last but not least, it is now possible to add several rules
and synchronize the content of multiple Azure subscriptions within a single IPAM space.

Undo on IP addresses and IP aliases deletion

Deleting an object from the IPAM can be performed by mistake and can have various impacts.
Release 8.0 redefines this helpful feature in order to undo actions performed on IP addresses
and aliases directly from the page User tracking in the module Administration.

DNS Resource Record Meta-Data in the GUI

Meta-data were already available on the DNS resource records via API. You can now manage
these meta-data directly from the GUI. This allows to ease migration from pure DNS solutions
where data are associated with records and also to link to other kinds of data in the IT ecosystem
through simple addition of meta-data. This information is not exploited directly nor visible inside
the DNS service itself, but DDI automation can leverage the presence of these meta-data to en-
hance some processes and enable some new ones.

Guardian Enhancements
DNS Guardian security engine comes with enhanced capabilities allowing even more diversities
of security policies, supporting more views, new ways to identify DNS clients depending on the
context and introducing the ability to exclude some clients and/or domains from the policy enforce-
ment. In addition, it is now possible to directly filter out some DNS record types from the recursion
engine to even further limit the attack surface (e.g. IoTs should probably not get access to MX
or DKIM records).