Release Notes: September 2024
2024-09-03
ThousandEyes Physical and Virtual Appliances Now Run on Ubuntu 22.04 LTS
The base operating system for our ThousandEyes Physical Appliance (TEPA) images for Intel / ASUS NUCs and Raspberry Pi 4s, as well as our ThousandEyes Virtual Appliance (TEVA) images for VMware ESXi, VirtualBox, and Hyper-V, has been switched to Ubuntu 22.04 LTS.
With this change, we've also updated the appliance customization in the Add Agents dialog to produce images with an Ubuntu 22.04 LTS base.
This has no impact on existing installations. All new installations with the updated images will have the new base operating system.
2024-09-04
Security Protocol Enhancements and TLS Cipher Suite Update
As previously announced in the August 1st, 2024 changelog, we have updated the Transport Layer Security (TLS) protocols and cipher suites for all ThousandEyes services.
The following changes are now in effect for all ThousandEyes services:
Added support for TLS 1.3 protocols, enabling more secure and efficient cryptographic handshakes.
All Cipher Block Chaining (CBC) ciphers from the TLS 1.2 suite will be removed due to their susceptibility to specific vulnerabilities.
Updated supported Cipher Suites:
TLS 1.2: ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, and ECDHE-RSA-CHACHA20-POLY1305.
TLS 1.3: TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384, and TLS_CHACHA20_POLY1305_SHA256.
This update ensures compliance with the latest security standards and best practices, reducing the risk of exposure to known vulnerabilities associated with CBC ciphers. Clients and integrations must support the aforementioned cipher suites to maintain compatibility with our application.
Enterprise Agent Public IP Address Behavior Change
Previously, ThousandEyes Enterprise Agents have updated their associated public IP address on every check-in. However, this can cause the agent's IP to flap in some situations, so we have made a change to only update the public IP address of the agent when the prefix length differs or after a platform-configured time-to-live (TTL) value elapses.
SendGrid Email-to-SMS Disabled
Due to recent SendGrid policy changes, SendGrid no longer supports relaying messages to email-to-SMS addresses (for example, [email protected]). This change affects customers who use this method for alert notifications.
To ensure uninterrupted alert delivery, we recommend you explore alternative notification channels while we work on finding new options to support SMS notifications.
ThousandEyes for OpenTelemetry Introduces Data Model v2
ThousandEyes for OpenTelemetry now supports data model v2. As part of this update, ThousandEyes for OpenTelemetry now uses data model v2 as the default version. Both data model v1 and data model v2 remain available for use. For more details, refer to the ThousandEyes for OpenTelemetry Data Model documentation.
ThousandEyes for OpenTelemetry Data Model Now Streams the test.name Attribute for Endpoint Tests
The test.name metric attribute is now included in OpenTelemetry streams for all ThousandEyes tests, including Endpoint Agent tests. Previously, this attribute was only available for Cloud and Enterprise Agent tests. For more information, see ThousandEyes for OpenTelemetry Metrics.
2024-09-05
Add "optional" Field to the UserInput Model in Templates
A new boolean field named “optional” has been added to the UserInput model to mark a given user input as optional. You can now create or edit a template with optional user inputs.
Support for Monitoring OpenAI
Tests in a template can now target the OpenAI API (api.openai.com). If the consumer of a template has an OpenAI API key, they can provide that as a user input, which can be used in the template for the API tests. However, the field is optional and is not required for deploying the template.
Endpoint Agent Client Version 1.206.0
The following enhancements have been made to the Endpoint Agent client:
All Platforms
Previously, the agent only considered ICMP-based protocols for testing the AnyConnect underlay when the VPN used IPSEC-based connections. The agent will now consider TCP tests for such cases.
The compatibility of the Endpoint Agent Internet Explorer plug-in is improved when used with other third-party Internet Explorer plug-ins that use a different version of the Microsoft Visual C++ Runtime.
The agent has been updated to continue supporting the integration of Webex Control Hub with the latest Webex client release.
An issue has been resolved where the agent did not correctly consider the Zscaler PAC file and did not correctly identify bypassed targets.
Previously, when the agent conducted Webex calling dynamic tests, it could potentially use a different interface than the originally detected network flow. This has now been corrected, and the agent will consistently use the same interface for testing.
Improved error reporting has been implemented for scheduled tests that target an HTTPS server via a proxy. If the proxy returns an HTTP error code, it is now reported as an "HTTP" error instead of a "Receive" error. Additionally, the HTTP error code reported by the proxy, along with the request and response headers, are now accessible for inspection.
2024-09-05 Bug Fixes
Fixed an issue where the step indicator caused an unexpected scroll behavior by pushing the navigation buttons.
2024-09-18
Alpine Linux 3.20 Images Now Available
We have now released updated Docker for Linux container images that are based on Alpine 3.20. Moving forward, all container-based installation types for the ThousandEyes Enterprise Agent will be built against an Alpine base instead of an Ubuntu base. This conveys numerous advantages for customers, primarily due to the reduced size of the base image, which improves the performance of installation and upgrades, reduces the security footprint, and enables us to improve velocity for our engineering teams.
This has no impact on existing installs. New installations with the updated images will have the new base.
Configure Splunk HEC Exporter in ThousandEyes for OpenTelemetry
You can now configure the following fields in the Splunk HEC exporter stream: token, source, sourceType, and index. For more details, visit the Splunk integration guide.
With the new capability to configure the Splunk HEC index, you can choose whether to export ThousandEyes telemetry data as events or metrics to Splunk. Learn more here.
Additionally, setting the Splunk HEC token in customerHeaders["token"] is now deprecated. The token should be specified in exporterConfig.SplunkHec.token going forward. This functionality will be removed in 3 months.
2024-09-18 Bug Fixes
An issue that was incorrectly showing interface metrics data in the Endpoint Agent view has been resolved. In particular, due to a misalignment in the data, sometimes we were showing data even when the agent was offline. The problem has been addressed, and now the data is properly shown.
An issue that was incorrectly associating Endpoint Agents with Endpoint labels when the submission of the agent data was delayed (e.g., agent loses connectivity to the Internet) has been resolved.
2024-09-25
Cloud Insights Limited Preview
Cloud Insights offers new capabilities for monitoring and troubleshooting cloud native and hybrid cloud environments. These new capabilities include:
Extending test path visualization with display of the discovered cloud network topology.
Tracking cloud network configuration changes correlated with performance and availability measurements.
Visualizing cloud traffic flow information over time. Cloud Insights currently supports AWS hosted applications and is available for evaluation until December 2024. For more details, please see Cloud Insights.
2024-09-26
Introducing Endpoint Agent Views 2.0
We are pleased to announce Endpoint Agent Views 2.0, an upgrade designed to streamline troubleshooting and enhance the user experience. From help desk technicians to network engineers, this new view allows everyone to access comprehensive information related to a specific agent, enabling efficient resolution of end-user issues.
Key Features and Enhancements:
Segmented Visualization: Quickly identify where the problem lies by segmenting the end-to-end path based on its owner, helping technicians to quickly locate, escalate and resolve problems.
Segment Scores: Provides a simplified view of network health, allowing users to assess the impact of issues at a glance.
Per-Process Information: Offers detailed insights into CPU and memory usage by specific applications and processes, enabling targeted action to resolve performance issues.
This new version is available for all users in a limited preview and is labeled as Endpoint Agent Views 2.0. The existing version is labeled as Endpoint Agent Views 1.0, and users can toggle between the two versions.
See Endpoint Agent Views 2.0 for more information.
Updated PAC File Loading Behavior
PAC files are cached for a limited time, and reloaded on a five minute interval.
If the PAC file is updated with invalid content, the Enterprise Agent may fail (even if it was previously working). In this case, the agent will continue to fail until the PAC file error is corrected and the agent reloads the valid file.
SAML-JIT Provisioning for ThousandEyes
We are pleased to announce the release of SAML just-in-time (JIT) provisioning for ThousandEyes. This feature allows for on-the-spot user creation and authentication using SAML, streamlining user management and ensuring up-to-date records. For detailed setup instructions and more information, please refer to the SAML JIT provisioning documentation.
Enterprise Agent Public IP Address TTL Set to 30 Minutes
As previously announced, we have changed how ThousandEyes Enterprise Agents update their associated public IP addresses to avoid IP flapping. Agents now only update the public IP address of the agent when the prefix length differs, or after a platform-configured time-to-live (TTL) value elapses.
The TTL value is now set to 30 minutes.
Last updated