Beruflich Dokumente
Kultur Dokumente
14.10
Release Notes
IMPORTANT: Previously called Identity Manager,, the product has been renamed Meru Connect and
the skin colour changed.
Meru Connect (formerly known as Identity Manager) provides comprehensive answers to issues facing
IT pertaining to role management, policy management and reporting across the BYOD life-cycle.
Packaged in a simple, wizard driven application, all facets of managing IT workload in deploying BYOD
are addressed effectively:
Onboarding for web and 802.1X authentications, abstracted across multiple OSs and devices
(laptops, smart phones, tablets) with iOS, Android,
Android Microsoft Windows, Apple MacOS X,
Linux
Wired and wireless network vendor-agnostic user access, device onboarding, policy and access
management
Role (visitor, temporary user, employee) and device based policy management
Integrated reporting and auditing
Integration across vertical-specific
vertical
applications (property management systems, payment
gateways) for ease of deployment
Retrieval and verification of identity and group based policies across multiple identity stores
(LDAP, RADIUS, social networking identities, other databases)
Integrated policy and reporting across specialized
specialized policy enforcement devices like firewalls
Integration with leading MDM vendors to define policies based on device compliance
Enterprise grade clustering for scalability and high-availability
high
Tailored to run on Meru SA series appliances or virtualized environments
vironments running VMWare
Plus much more....
New Features
Single License Count - There are no longer two separate license counts, these have been removed
and replaced with one license count for all users whether they be internal or external Meru
Connect users.
Sponsor Reset Password - ability to allow a Sponsor to reset a users password manually for them.
Device Number Exceeded - ability to indicate to a guest when they have exceeded their allotted
number of devices on the network.
REST API Support - Implementation of REST APIs
iOS 8.1 Support
General Performance and scalability enhancements
Fixed Issues
BugID
45270
44876
44873
44870
44203
44202
44172
43975
43238
43757
43797
43490
43491
42982
42926
42928
Description
A vulnerability is found in the SSLv3.0 protocol and all implementations of
SSLv3.0 are affected. This vulnerability allows a man-in-the-middle attacker to
decrypt ciphertext using a padding oracle side-channel attack.
For more information about this vulnerability:
POODLE: SSLv3.0 vulnerability (CVE-2014-3566).
See http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566 for details
Underlying CentOS is vulnerable, updated BASH rpm to fix the issue.
See http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271 for details
Auto lowercase of the Realm name while adding RADIUS Authentication policy.
This patch allows Realm name to be saved in the same case as entered by the
admin user while configuring the policy.
Under certain circumstance if the Meru controller is unresponsive IDM will also
become unresponsive.
Successful Sponsor mappings are not recorded in the audit log when
doing SSO authentication, this is not consistent with other authentication
methods.
When the same AD server is used for both Guest and Sponsor authentication,
the AD SSO Mapping matching can fail leading to AD SSO sponsor authentication
failure.
Under some circumstances a Guest Portal doesn't show the Success Page option
under Portal Redirect Policy.
If the IP address of the appliance has changed the Automatic setup will still
use the previous IP address when configuring the controller.
When using IE9 the place holder text for form input elements is not displayed.
On SA2000 appliances upgraded from previous IDM versions (IDM 13.10 or older)
the disk space information reported only refers to the first hard drive.
In some circumstances an error occurs when handling an API response, causing the
authentication to fail.
Allow Admin user to specify shared secret and port number when configuring
RadSec authentication policy with eduroam support.
Several vulnerabilities were recently found in OpenSSL,
IDM patch 4 contains updated OpenSSL 0.9.8 RPM's to address these issues.
For details see: http://www.openssl.org/news/secadv_20140605.txt
However 4 of the vulnerabilities listed do not affect IDM:
1. DTLS recursion flaw (CVE-2014-0221)
2. DTLS invalid fragment vulnerability (CVE-2014-0195)
REASON: IDM currently not using OpenSSL as DTLS client/server:
3. SSL_MODE_RELEASE_BUFFERS NULL pointer dereference (CVE-2014-0198)
4. SSL_MODE_RELEASE_BUFFERS session injection or denial of service
(CVE-2010-5298) REASON: These only effect applications using OpenSSL 1.0.0/1
The OS X Smart Connect DMG filesystem is corrupted & prevents the client from
mounting the disk & running the Smart Connect app
Gmail / Google Apps authentication failure due to SSL certificates
on imap.gmail.com nodes containing CN's which differ from their hostnames.
Facebook authentication failure due to changed SSL certificates.
BugID
42647
42460
42645
41804
42008
42039
42214
42205
42293
Description
Also enabling Login Notification, security settings, on Facebook account causes
failure.
The SSL certificate used by the Twilio SMS server has changed.
The NTP service for date/time synchronisation did not automatically restart on
system boot.
In certain circumstances an error may occur when processing a user
authentication via the "Remember me" guest portal feature.
VRRP not behaving as expected in an L3 network configuration
[Client IP in subnet outside of IDM subnet].
Backup server responds to ARP contrary to VRRP RFC.
Increased time out value when establishing a connection to SMPP gateway
Changed "Identity Networks" to "Meru Networks" in description of Meru Networks
Responsive theme.
Allow My Account page to extend/reactivate accounts with no last name.
Fixed searching the guest account using an optional field as search filter.
In some circumstances IDM will default to the secondary RADIUS server
even though the primary is available.
VMWare
NOTE
ESX 3.5
ESX 3.5i
ESX 4.x
ESX 4.xi
ESX 5.xi
Server 1.0 or later
Microsoft Hyper V on Windows 2008 or later
Workstation 5.0 or later
Fusion 2.0 or later
Workstation and Fusion versions are only supported for evaluation or demonstration
purposes.
Users running versions prior to Meru Connect 13.10 must upgrade to 13.10 before
upgrading to 14.10 or later.
NOTE
All previous releases of Identity Manager must be upgraded to 13.10 before upgrading
to Meru Connect 14.10. If running from SSH do not close the session or lose network
connectivity as this will terminate the upgrade and cause potential issues. To avoid this
problem you can
n run the upgrade from the appliance console.
1. From the Meru Connect Admin select Server and click on Upgrades (1) as shown below.
For assistance, contact Meru Customer Services and Support 24 hours a day toll-free
toll
at 888-637-8952
(888-Meru-WLAN)) or at 650-385
385-3144.
3144. Send email to support@merunetworks.com.
Meru Customer Services and Support provide end users and channel partners with the following:
Telephone technical support
Software update support
Spare parts and repair service
RMA Procedures
Contact Meru Customer Services and Support for a Return Material Authorization (RMA) for any Meru
equipment. Please have the following available when making the call: