Third-party software versions
JRE Upgrade Overrides SSL/TLS Certificates in the Default Keystore
Support for server devices
Support for storage devices
Asset credential management
Welcome to Entuity v19.0. This migration guide covers important changes that should be considered by users migrating from earlier versions of the Entuity software to Entuity v19.0.
For further help on starting up Entuity, please also see these other sections in our guide:
- Installation Guide
- Data Backup
- Starting Entuity
- Discovering my network
- Navigating and viewing my network
Entuity multi-server environments:
If you use multiple Entuity servers to manage your network, and you group these together using a consolidation server, you must upgrade all servers in the group to the same version of Entuity.
If you use multiple Entuity servers to manage your network, independently of each other, then you may continue to operate these servers using different versions of the software.
System requirements and shipped software:
Entuity is only certified for use with the 64-bit English edition variants of:
- Red Hat Enterprise Linux ES version 7.
- Red Hat Enterprise Linux ES version 8.
- Oracle Linux 7.
- Oracle Linux 8.
- Windows Server 2016
- Windows Server 2019.
Minimum server specifications:
- Low: 400 devices and 25,000 ports.
- Intermediate: 800 devices and 50,000 ports.
- High: 1,000 devices and 70,000 ports.
|Minimum CPU Clock Speed||2.5GHz||2.5GHz||2.5GHz|
|Minimum Number of Cores||6||8||16|
|Windows Minimum Physical Memory||6GB||12GB||24GB|
|Linux Minimum Physical Memory||8GB||16GB||32GB|
Third-party software versions:
For information regarding third-party software versions used in Entuity, please see this article.
Note, for information regarding third-party software vulnerabilties (published CVEs), please see this article.
JRE Upgrade Overrides SSL/TLS Certificates in the Default Keystore:
This section is only applicable if users have implemented the Entuity external authentication using secure LDAPs.
The default keystore file entuity_home\install\JRE\lib\security\cacerts is overwritten during the JRE upgrade, which means that security certificates imported into that keystore are now lost.
To preserve your certificate setup, you can export them before migrating to Entuity, and import them after completing the migration. It is important to export and then import all security certificates in a certificate chain.
To retain imported SSL/TLS certificates:
- Before starting migration, export the security certificate chains using entuity_home\install\JRE\bin\keytool.
- Enter the keystore password. The default keystore password is changeit, although it may have been amended by a system administrator.
- After installing ENA, re-import the security certificates. Entuity provides a tool for this purpose, certtool. It is located in entuity_home\bin\certtool.bat (on windows) and entuity_home/bin/certtool (on Linux). certtool works by storing keys in a secondary keystore which persists across JRE upgrades. In the future, running configure will merge keys in the secondary keystore with the default JRE keystore.
- After you have imported all of the security certificates, you must ensure they are picked up by Apache Tomcat on the Entuity server. When Tomcat starts, it updates its security certificates. You do not need to stop ENA, you only need to stop Tomcat (which will automatically restart). For example, from entuity_home\bin, enter: stop tomcat
Note: when configured for external authentication via LDAPs, Entuity enforces hostname verification between certificates and the LDAP server. If your LDAP TLS certificates are non-compliant with hostname verification, then the LDAPs intgrations will stop working after installing Entuity.
Entuity recommend that users plan for new certificates before upgrading to Entuity v19.0. If you are unable to rebuild certificates, Entuity recommend that you contact Entuity Support for details of how to handle non-compliant certifications.
Entuity web UI system requirements:
The Entuity web UI is certified for use with:
- Microsoft Edge v44.
- Firefox 68 or later.
- Google Chrome 79 or later.
Entuity migration path:
The certified migration paths to Entuity are from the latest patch of ENA v17.0 and ENA v18.0. The current latest patch for these versions are as follows:
Click here for help on how to check the current version and patch level of an Entuity server.
Migrating to Entuity v19.0:
Migrating to and installing Entuity v19.0 is the same process whether migrating from ENA v17.0 P13 or v18.0 P06. If you are upgrading from Entuity 17.0 on Windows Server 2012, you can upgrade the OS and then ENA in the same migration.
- Stop the Entuity server and take a backup.
- (if you are running your original install on Windows Server 2012, upgrade the server from 2012 to Windows Server 2016 or 2019.)
- Run install to install ENA and install it on top of the existing install.
- Run configure and update the license file to point at the new install.
- Restart the Entuity server.
- Deploy the updated Event Management System (EMS) event project, or apply the changes within it to your current project.
For every possible migration path to Entuity v19.0 from ENA v17.0 or v18.0, please see this article.
Entuity v19.0 key changes
Please find below the key changes you will find in Entuity v19.0.
Replacement of Device Inventory page with new asset management functionality to provide more extensive and intuitive management of and insight into the process of discovering and managing assets on your network:
- new Asset Management page to summarise asset, license and credential information across all servers and specify details on individual servers.
- Managed Assets page replaces the existing Device Inventory page. From here, you can keep track of all managed assets and choose how to manage assets as appropriate.
- New Associated Assets page detailing the virtual machines, Meraki devices, Viptela devices and wireless APs that are discovered as associated assets to cloud controllers and VM platforms.
- New Discovered Assets page collates the latest asset discovery results of each auto discovery profile so that users can review new and unmanaged assets and determine asset management workflows.
- Updated Auto Discovery page allows you to create and manage discovery profiles, their progress and view their results.
Support for server devices
Addition of support for monitoring and reporting on server hardware (via SNMP or SSH polling), and server OS assets (via WinRM for Windows and SSH for Linux) and network adapters. Alongside existing support for Cisco UCS, server hardware monitoring is added for the following hardware platforms:
- Dell PowerEdge servers
- HP Proliant servers.
Addition of new Summary and Resources dashboards for server assets and network adapters, and new incidents and events specific to the management of servers and operating systems.
Support for storage devices
Addition of support for monitoring and reporting on storage devices, specifically for the following devices:
- EMC VNX, VNXe devices.
- Nimble devices.
- DataDomain devices.
Addition of new Summary and Resources dashboards for storage devices, and new incidents and events specific to the management of storage devices.
Asset credential management
Addition of a new Asset Credential Management page to provide a central location from you can manage common credential sets for multiple purposes. Each credential set is uniquely identified by name and credential type, and can be bulk-applied to multiple assets. Credentials can also be managed via the Entuity RESTful API.
Updated licensing model with the following license types:
- Full Device - provides full polling of devices including performance metrics (streams) and port management.
- Basic Device - provides ping-only management of devices, and basic SNMP management (no streams or performance data and no port management).
- Associated Device - covers VM/SD/AP devices associated with a VM platform, Wireless Controllers, or other type of controller or software-defined platform. You can pick and choose which associated assets to manage.
- Configuration Management Device - covers both Configuration Management and Configuration Monitoring, and is charged by device.
Addition of reporting style templates so that users can personalize the appearance of reports.