October 1st 2020 Updates

Simplified Operations

Free trial for new organizations

Starting this week, any new organizations created will automatically gain a 90-day free trial to the following services: WiFi Management and Assurance, vBLE Engagement, Asset Visibility, Virtual Network Assistant, and Wired Assurance.  These subscription services will be free for you to use for 90 days starting from your organization creation date.  Dive into each of these features to get the full Mist experience! Please contact us if you would like to subscribe to any of these services after the free trial.

 

Documentation Suggestions in Support Tickets

When you open a Questions/Other type of support ticket, we will now automatically do a search in our documentation portal (https://www.mist.com/documentation/) to see if there are already written articles or FAQs relating to your question.  If you see what you are looking for in our documentation then you are all set! If you don’t see an answer for your question you may continue with opening a support ticket by clicking on I still need to create a ticket to continue.

 

 

Network Programmability

Site Variables

Previously, site variables could only be configured using API, but starting this week you will be able to manage them directly in our UI!  In your site settings page (Organization > Site Configuration), navigate to the Site Variables box to define variables for various use cases such as passphrase, SSID, and VLAN values.  Use site variables when setting up a universal template to be used across multiple sites.  Different sites have unique configurations for VLAN, SSID, and Passphrases, but with site variables you can set up a universal template using variables, and set the values of these variables for each individual site.  Make sure that you follow the format of {{VARIABLE}} when setting these up.

 

Use these variables when configuring a new WLAN.  Here, we are using our site variables for SSID, Passphrase, and VLAN.

 

From the WLAN List view settings, you can toggle between showing the variable names or the variable values on the page.

 

URL-redirect AVP (requires 0.7.x or newer firmware)

With our new URL-redirect AVP function, you can now configure a WLAN to redirect a user to a particular web page after 802.1X authentication has been successfully completed.  This web redirect can be configured to give the user either full or partial access to the network.  Use the URL-redirect function to perform compliance checks on clients with agents installed (check to see if the agent is off or not installed).  The RADIUS server will send an ACCESS-ACCEPT with url-redirect attribute to point the client to a quarantined portal for remediation.  Here, the client is restricted to DHCP/DNS, specific subnets, and the URL.  Only after the client completes the requested action at the redirect URL, can they get fully authorized and start passing traffic.

To configure a URL-redirect WLAN from the Mist side, set up an 802.1X WLAN and select enable in the 802.1X Web Redirect box.  Here you can specify the allowed subnets and hostnames accessible to the clients hitting the redirect.

 

 

New Marvis Actions

Gateways

We are excited to bring you the new Marvis Actions topic for gateways.  In this new topic, Marvis Actions will detect instances of Negotiation Mismatch and Bad Cable on your configured gateways and let you know the exact port where these errors are occurring.  For Negotiation Mismatch cases, please verify the interface configurations on the port and connected device.  If a bad cable is being detected, please try a different ethernet cable and test it again on the same AP and port.  If the issue is fixed, simply replace your cable.  Please note that Marvis will only detect these instances on SRX gateways.

 

Non-compliant AP

Earlier we announced the AP Upgrade functionality built into Marvis Actions under AP > Health Check.  We have moved this into its own subtopic called Non-compliant.  The usage is the same, where we will detect APs that are running an older firmware version compared to other APs with the same model on your site.  The firmware mismatch may have occurred during a mass AP upgrade where an AP may have been mistakenly left out.  With Marvis Actions, we detect these Non-compliant APs and give you the option of upgrading to the matching firmware straight from the Action Dashboard.

 

Select your AP, and click on Upgrade to bring up the pop-up modal.  Here, you will see the AP you are upgrading and the firmware version it will upgrade to.

 

 

Switches and Gateways

Dynamic port profiles

Use our new Dynamic Port Configuration feature to easily apply port profiles to ports based on the properties of connected clients!  Set rules based on the LLDP System Name, Chassis ID, or RADIUS Username.  You may specify where to check by either the segment of the name, or through a character offset.  Use dynamic port configurations to automatically apply each type of port profile you have – just create a rule to apply for each profile to speed up your process.  You can find the dynamic port configuration in the Switch Configuration section in your Switches page.

 

Show uplink ports

There is a new Up Arrow icon available on your switch configuration page (Switches > Select a Switch) to indicate uplink ports.  Following the same behavior as the other types of ports, hover over this uplink port to view more detailed information such as its hostname and IP address.

 

Additional Port Profile Configurations

Voice VLAN

You can now define VoIP Networks as an additional parameter in your port profile configuration.  Add new networks by giving a name and VLAN ID.  When creating a new port profile, select your newly created VoIP Network from the dropdown menu to apply those configurations.

 

MAC auth, guest network, and auth bypass

When setting up a port profile to use dot1x authentication, you now have the option of selecting additional configurations, including mac authentication, guest network authentication, and authentication bypass when the server is down.

 

Switch topology view improvements

View your switch setup in a topology view to better visualize the structure of your multi-level network.  On your switches page, select the Topology tab to toggle to the topology view.  Here, view switches, gateways, access points, wired clients, and wireless clients all on one page.  Hover over each individual element to see the details such as MAC address, Uptime, and Power Draw.

 

Gateway application visibility (requires WAN tag)

In your Gateway Insights page, you can now see Application visibility data, much like the Insights pages for Site/AP/Clients.  To access your Gateway Insights page, navigate to Monitor > Service Levels and select the Insights tab at the top.  Using the dropdown menu, select your gateway you wish to view.  The Applications section shows details such as App name, Total Bytes, Number of clients, and more.

 

 

Mist Edge

VM Model

This week we are including support for the VM model for users configuring a Mist Edge.  Simply select VM when creating a Mist Edge in the Model dropdown menu to set this up.  Mist Edge is accessed through Organization > Mist Edges. Mist Edge VMs support upto 1,000 tunneled Access Points in a cluster.

 

Other Announcements

Client SLE limited to VNA subscription

Client SLE has been a flagship feature of the SUB-VNA subscription. Starting this week, organizations with insufficient SUB-VNA subscriptions may be subject to entitlement  enforcement for Client SLEs.  If the number of devices exceeds the number of active SUB-VNA subscriptions, then Client SLE data may not be generated. In such cases, the “TROUBLESHOOT Client” Marvis search query would not return the full results.  We will be implementing a warning message on the UI (coming soon) providing an explanation if you ever run into this issue.