GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite

Release Notes v5.14.00

Updated: February 4, 2022

Document Version: 2.0 ( Change Notes )

Table of Contents
What’s New........................................................................................................................... 2
Fixed Issues.......................................................................................................................... 8
Known Issues ..................................................................................................................... 12
Platform limitations .............................................................................................................. 27
Deprecation Announcements .............................................................................................. 27
System Requirements ......................................................................................................... 28
Support and Compatibility ................................................................................................... 32
Installation and Upgrade ..................................................................................................... 33
Documentation .................................................................................................................... 36
Additional Information ......................................................................................................... 40
Change Notes ..................................................................................................................... 41
Addendum: SSH Version Requirements ............................................................................. 42

IMPORTANT: GigaVUE-FM 5.14.00 ships with Log4j 2.17.0, the latest version of Log4j library that
addresses all the reported vulnerabilities.

These Release Notes describe the new features and enhancements, resolved issues, and known issues
for GigaVUE® software version 5.14.00, including:

Product Summary

GigaVUE® HC Series and With a web-based interface and a powerful command-line interface (CLI), the
TA Series Visibility Visibility Platform can replicate, filter, optimize and selectively forward network traffic
Fabric™ Nodes to monitoring, management, and security tools. GigaVUE-OS can be used in
conjunction with GigaVUE-FM to provide extended visibility fabric management and
reporting capabilities.

G-TAP A Series 2 Securely manageable active network taps that mirror network traffic and utilizing the
“Always-On” architecture.

GigaVUE® Fabric With a web-based interface, GigaVUE-FM provides high-level visibility, reporting, and
Manager (GigaVUE-FM) management of both the physical and virtual traffic visibility nodes that form the
Gigamon Visibility and Analytics Fabric™.

GigaVUE® Cloud Suite The GigaVUE Cloud Suite provides consistent visibility into data in motion in cloud-
based environments such as AWS, Azure, Kubernetes, Nutanix, OpenStack, and
VMware.
The GigaVUE Cloud Suite extends GigaVUE traffic distribution principles to
containerized and virtualized environments, allowing users to filter, monitor, optimize
and forward traffic in private and public clouds environments to monitoring and
analysis tools.
GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

To learn more about GigaVUE-OS, GigaVUE® Fabric Manager (GigaVUE-FM), GigaVUE® Cloud Suite, and
other products, visit www.gigamon.com.

What’s New
This section describes the new features and improvements introduced in the 5.14.xx releases.

DOCUMENTATION NOTE: For the complete online documentation for this release, visit the
GigaVUE 5.14 Online Documentation. No login required. View What's New in the online documentation
to access quick links to topics for each of the new features.
To download PDFs, check out the new Documentation Library site and select PDF Downloads >
GigaVUE 5.14 Guides.

New Features and Improvements in 5.14.00

Product Area Feature Summary PDF Guide

Cloud Customer Orchestration of Traffic Acquisition for Azure GigaVUE Cloud Suite for
Azure Guide
You can now configure GigaVUE Cloud Suite components such
as G-vTAP Controllers, G-vTAP agents, and V Series nodes
through an external orchestrator like Azure Portal. The deployed
fabric components can be monitored from GigaVUE-FM for
traffic acquisition, processing, and forwarding.

GCB Log Level Settings Gigamon Containerized

Broker Guide
With the GCB Log Level Setting, you can change the log level,
modify the GCB log file size, and add miscellaneous log
configuration messages for better logging and troubleshooting.

Geneve Decapsulation for AWS GigaVUE Cloud Suite for

AWS Guide
You can now choose the Geneve application from the
GigaVUE Cloud Suite for AWS Monitoring Session canvas to
acquire and strip Geneve headers. To route the traffic through
the third-party network appliances seamlessly, the AWS
gateway load balancer adds Geneve header to packets as
they enter the VPC and strip these headers as the traffic leaves
the VPC back into the servers. The third-party network
appliances are expected to process traffic with these Geneve
headers. When the GigaVUE-FM acquires the customer traffic,
the packets are encapsulated in tunnels that are terminated in
V Series nodes.

Cloud AMI/AFI Enhancements GigaVUE Fabric

Management Guide

2/4/2022 What’s New 2

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

Product Area Feature Summary PDF Guide

You can now deploy multiple GigaVUE V Series nodes in a

solution and use V Series Node API Proxy Server (VPS) to scale
and manage multiple V Series nodes.

Red Hat Certification of GCB on OpenShift Gigamon

Containerized Broker
The GCB images are now "Red Hat Certified" for Red Hat Guide
OpenShift platform. The Red Hat supported base images of the
GCB applications are built on the top of Red Hat Universal Base
Image or Red Hat Enterprise Linux Image.

Supports AWS Outposts

GigaVUE-FM now supports AWS Outposts. AWS Outposts is an
on-premises extension of the AWS infrastructure, which
allows you to make direct calls to AWS services (e.g., S3,
EC2) from this solution.

Embedded Flexible Inline Arrangement is now Supported in GigaVUE-TA200 GigaVUE Fabric

Management Guide
Flexible Inline arrangement functionality is now supported in
GigaVUE-TA200. Due to the absence of BPS module and
GigaSMART card Physical Bypass and Inline SSL functionality will
not be supported. The Inline Bypass Solution
(Classic)incompatibility remains same in GigaVUE-TA200.

Support Flexible Inline for Clustered GigaVUE HC Series Nodes GigaVUE Fabric
Management Guide
The GigaVUE HC Series nodes that can be now clustered with
Flexible Inline solution for the following Flexible Inline features:

• Resilient Inline Arrangement

• Network Link Aggregation Group (LAG)
• Asymmetrical Hashing

Single Tag vs Double Tag VLAN mode for GigaVUE-TA25 GigaVUE

Administration Guide
GigaVUE-TA25 can now configure the VLAN tag mode to be
single tag or double tag at the chassis level. Single tagged
mode will be the preferred mode of operation when the
deployment environment needs the visibility of just untagged
and single-tagged packets.

2/4/2022 What’s New 3

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

Product Area Feature Summary PDF Guide

GigaVUE-FM Topology Visualization Enhancements: GigaVUE Fabric

Core Management Guide
• Port Discovery page: Allows bulk configuration of
discovery protocols such as GDP, CDP and LLDP.
• Recently Viewed: Provides a list of recently viewed
topologies. Click on a link to navigate to the topology.
• Manual Network Nodes and GTAP nodes: New options
added in smart layout topology.
• View Option: Option to show and hide the external
network nodes and tools.
• Edit Option: Ability to edit the topologies.

Fabric Health Analytics Enhancements: GigaVUE Fabric

Management Guide
New system dashboards and corresponding visualizations have
been added:
• Port Flapping
• GigaSMART Core Crash
• Fabric Map statistics (Physical)
• Port Capacity Planning
• Ability to navigate from FHA Alarms and Events
dashboards to GigaVUE-FM Alarms and Events pages
(with filters applied).

Fabric Health Analytics for Cloud Enhancements: GigaVUE Fabric

Management Guide
New system dashboards and corresponding visualizations have
been added:
 App (Virtual)
 Tunnel (Virtual)
 End Point Virtual

Enhancement to existing dashboards with the addition of

Aggregate Summary panel
 Daily App Usage
 Daily Bundle Usage
 App Usage Summary
 Bundle Usage Summary

2/4/2022 What’s New 4

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

Product Area Feature Summary PDF Guide

Dynamic Increase in GigaVUE-FM HA Instances GigaVUE Administration

Guide
Until software version 5.13.00, GigaVUE-FM High Availability
group was restricted to one active GigaVUE-FM instance and
two standby GigaVUE-FM instances providing a scaled and
resilient environment. As GigaVUE-FM is scaled up to manage
large number of devices, higher computing and memory
resources are required for the following reasons:

• Longer data retention period (up to 13 months).

• Better search performance with more horizontal
distribution of Elastic Search for features such as Fabric
Health Analytics (FHA), Topology Visualization.
• Better indexing performance with the number of
instances collecting various statistics on the configured
components.

Therefore, the number of Elastic Search instances has to be

increased in the HA group for scalable performance of the
various features in GigaVUE-FM. GigaVUE-FM now allows you to
add more than three GigaVUE-FM instances to the HA group.
You can add any number of instances to the HA group as
required.

Port Packet Drop and Error Thresholds GigaVUE Administration

Guide
GigaVUE HC series and TA series devices generate SNMP traps
for packet drops and packet errors that occur in the port for
both ingress and egress traffic. The traps are sent to GigaVUE-FM
based on which alarms are often triggered even for a single
packet drop or error. You can now configure threshold values for
port packet drop/error based on which the number of traps can
be controlled.

Alarm Suppression GigaVUE Administration

Guide
GigaVUE- FM allows you to suppress alarms that are raised
during maintenance operation of a specific resource, cluster, or
node. You can suppress an alarm or alarms for a specific period
or indefinitely by:
• Suppressing from Alarms page
• Suppressing from Physical Nodes page

You can also configure auto-suppression of alarms for certain

GigaVUE-FM triggered operations on device such as
Configuration Restore, Device Reboot, Image Upgrade on a
cluster or node., and Cluster Creation Operations.

2/4/2022 What’s New 5

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

Product Area Feature Summary PDF Guide

Support SNMP Traps for GigaVUE-FM Alerts GigaVUE Administration

Guide
GigaVUE-FM sends SNMP v2c/v3 Trap notification for the
GigaVUE-FM events such as Image Upgrade Status, Backup
operation Status, etc., to the configured SNMP trap receivers.

GigaSMART Optimized Elephant Flow processing for AFI GigaVUE Fabric

Management Guide
Application Filtering Intelligence detects and handles the
elephant flows in the traffic. The feature is supported on the
following GigaSMART modules:

• HC1-X12G4
• SMT-HC3-C05
• SMT-HC0-Q02X08

Supported Applications on Gen3 HC3 GigaSMART GigaVUE Fabric

Management Guide
The following GigaSMART applications are supported on the new
SMT-HC3- C08 module:
 Masking
 Packet Slicing
 De-Duplication
 Adaptive Packet Filtering (APF) –– Supported without RegEX
 Application Session Filtering (ASF)
 Application Filtering Intelligence (AFI)
 Application Metadata Intelligence (AMI)
 GTP Whitelisting –– Non-CUPS GTP Correlation only
 GTP Flow Sampling –– Non-CUPS GTP Correlation only
 Load Balancing (Stateless)
 Load Balancing (Stateful)
 Tunnel Encapsulation
 Tunnel Decapsulation)

Hardware New Gen3 HC3 GigaSMART Module GigaVUE-HC3 Hardware

Installation Guide
The SMT-HC3-C08 module is the 3rd generation GigaVUE-HC3
GigaSMART module. This module is compatible only with Control
Card version 2 (CCv2) and has two GigaSMART engines which
have increased performance over the SMT-HC3-C05 module

2/4/2022 What’s New 6

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

Product Area Feature Summary PDF Guide

New 400G Link Traffic Aggregator GigaVUE TA Series

Hardware Installation
The GigaVUE-TA400 product consists of a 1RU, rack-mountable, Guide
32 x 400G QSFP- DD/QSFP28/QSFP+ ports, dual hot-pluggable
AC/DC power supplies, seven hot swappable fan modules, a
serial console port, and a 10M/100M/1G management port. The
following features are not supported in 5.14 release:

• Clustering
• Stacking
• The outer VLAN tool port filter cannot be used to match
ingress VLAN tag that is configured on the source port.
• IP fragmentation tool port filter.
• VXLAN Header Stripping
• MPLS Header Stripping
• Layer 2 Generic Routing Encapsulation (L2GRE) Tunnels
• Virtual Extensible LAN (VXLAN) Tunnels

Documentation Inclusive Language Updates

and UI
Gigamon is adopting inclusive language standards and is in
the process of updating all our content to remove
exclusionary language wherever it exists, whether that be in
Gigamon products and documentation, public-facing
marketingmaterials, or internal communications. As we make
these changes, we will announce updates to our terminology
in our release notes and product documentation.

For more information, refer to Inclusive Language Initiative.

Inline Bypass Solution (Classic) GigaVUE Fabric

Management Guide
The Inline Bypass Solution (Classic) feature documentation will v5.13
now be available only in earlier documents. Refer to Inline
Bypass Solutions in GigaVUE Fabric Management Guide v5.13 or
earlier.

V Series Quick Start Guide GigaVUE V Series

Quick Start Guide
In GigaVUE Cloud Suites, a GigaVUE V Series Node processes
network traffic and allows administrators to provide additional
functionality including forwarding, de-duplication, and NetFlow
generation.

The V Series Quick Start Guide provides a quick view of minimum

requirements, instance types, compatibility information, etc., for
various Cloud platforms that support V series nodes.

2/4/2022 What’s New 7

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

Fixed Issues
This section lists the issues that are resolved in each release in this branch.

Resolved in 5.14.00

Product Area Reference Issue Description

Alarm FM-39230 Added Alias to Email notification and Events page if the
Management corresponding port contains alias.

Alarm FM-41413 Icon mismatch with the status in the GigaStream Port status page.
Management

Alarm FM-42007 IP interface failure alarm shows insufficient details without ARP
Management resolution.

Alarm FM-41272 In GigaVUE-FM, the Maps quick view displays the icons without
Management, De description when the port is down.
vice Monitoring

API FM-40959 When the DNS server is down, for GigaVUE-FM certificates
generated through ACME, if the customer tried to revoke, the web
certificate will not change to self-signed.

API FM-41800 When the user has configured auto-renewal for GigaVUE-FM ACME
generated certificates, and if the auto-renewal fails for the first
time, the next auto-renewal date is ahead by two days instead of
one day.

API FM-42000 Currently, in ACME Global device configuration page, IP address of

the devices with ACME configured is not displayed.

API FM-42155 While adding the CA certificate to device at global level we need
to give max of 8 characters.
In addition to the user provided name GigaVUE-FM in backend
appends an extra 32 characters as suffix. As the device has a
limitation of 40 characters for storing certificate names, it is failing
to store the extra characters.

API FM-42169 Users must not delete certificates from GigaVUE-FM, before a cycle
of config sync on device is completed or rediscover is performed.

API FM-42895 If the ACME generated GigaVUE-FM certificate expires, the

certificate status still shows as “success”.

API FM-42896 ACME database does not store the FQDN. If the customer has
enabled DHCP during deployment of GigaVUE-FM, and if the IP
address changes, then the following issues are observed:
Issue 1: ACME-related certificate configurations like issue, renew
and revoke will fail.
Issue 2: Deleting an instance from the HA group will not remove the

2/4/2022 Fixed Issues 8

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

Resolved in 5.14.00

Product Area Reference Issue Description

instance from the ACME database, because the HA group is
created using FQDN,

Application HD-67481 After updating the networking port on the map config, packets are
Metadata not forwarded to the apps configured in the gsop when we have a
Intelligence second level map.

Application HD-67955 To scale AMI configuration, first set up gsgrp and gsparams
Metadata resource metadata buffers. And then set up the app intel solution
Intelligence to desired scale.

Cloud Suite VM-16839 When a Monitoring Session with the ATS rule VM tag is successfully
deployed, GigaVUE-FM will automatically monitor any new/existing
Virtual Machines when the tag is added to the Virtual machines.
However, if the tag is removed after the monitoring session is
deployed, GigaVUE-FM does not stop monitoring the Virtual
Machine.

Cloud Suite VM-18396 Users may see G-vTAP Controller registration issue when the user
deploys fabric nodes before GigaVUE-FM is ready.

Cloud Suite VM-18542 GigaVUE-FM not pushing the configuration properly after VSN
reboot.

Cloud Suite VM-18555 Upgrade Fabric option in Action button is not working for Azure V-
Series 1.0 solution.

Cloud Suite VM-18556 When there is an interruption in connectivity between the V Series
nodes and GigaVUE-FM, Dedup and DSSL solution may not be
deployed because the V Series nodes get unregistered.
Therefore, the monitoring session should be manually deployed
again to those V Series nodes that got un-registered and added
again if traffic is fed through a Tunnel (Tunnel as a source) or REP
(Raw End Point as a source)

Device Inventory FM-40612 GigaVUE-FM missing GDP info under neighbor port in search results
view.

Device FM-40621 The UI grid table that is displayed while searching for “Port” in the
Inventory, Device GigaVUE-FM global search does not support sorting based on the
Monitoring column “Hostname”. GigaVUE-FM throws an error if the user tries to
do so.

Device FM-39043 The ports page currently shows the minimum and maximum
Monitoring QSFP/SFP power level of a given port. In addition to that, we will be
displaying all the QSFP/SFP power levels for multiple channels of a
given port in 5.14.00.

Device FM-40514 Drop-down selection list in the Node overview page and the
Monitoring Chassis page are not sequentially sorted based on the box-id.

2/4/2022 Fixed Issues 9

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

Resolved in 5.14.00

Product Area Reference Issue Description

Device FM-41602 The global search of ports by alias is showing the incorrect health
Monitoring state reason as elastic DB entry does not unset the health state
reason

Device FM-42626 Physical nodes page does not pop up through Firefox/Chrome
Monitoring browsers for few users.

Device Upgrade FM-41989 The overall task is marked as success which is expected but in node
level status logic we are checking if all steps of the image upgrade
are completed, where the reboot false condition (do not reboot) is
not considered. So, the expected steps will not be equal to the
actual steps and node-level status is marked as a failure.

Flex Inline FM-40736 Edit of IN-Bundle throws Internal Server Error when INB is in Use.

Flex Inline FM-42523 Misaligned objects in status canvas,

Flex Inline FM-42791 RIA deployment on canvas is not working.

Flex Inline FM-43026 Deleting SSL App from RIA_SSL solution which is still not supported
due to the traffic impact in nodes.

FM Administration FM-38298 LDAP remote user group mapping is not supported for the devices.

FM Scale FM-41834 The device CLI supports uploading a certificate and adds it to its
CA list using crypto command, and uses that for several reasons
(LDAP, server certificate, etc.). The corresponding FM API support
to do the same was not there in GigaVUE-FM versions greater than
5.13.01.

GigaSMART – infra HD-65319 When the background traffic is running, and if gsgroup configs is
applied immediately after "no traffic all”, the primary process crash
is seen.

GigaSMART – HD-63839 The Application Metadata Engine performance with Subscriber

SAM Aware Metadata (SAM)enabled parameters slows to 9.5 - 9.8 Gbps
@ 1.6Mpps.

GigaSMART – HD-66495 Current value displayed for MCC/MNC needs preceding zeros.
SAM Value displayed is correct with today’s implementation, but for
consistency request is to have these values to be 3 digits.

GUI FM-40909 The table selection will be retained, until a state change/screen
navigation. On returning to the screen after a screen navigation,
the previously selected rows would be highlighted. The rows remain
highlighted until the next table operation which includes selection,
sorting, pagination, column resize, column reposition, column hide,
and resetting the table.

2/4/2022 Fixed Issues 10

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

Resolved in 5.14.00

Product Area Reference Issue Description

GUI FM-41840 In FMHA if the customer configures GigaVUE-FM certificates using
ACME by providing FQDN, further ACME certificate configurations
like issue, renew, revoke and deletion will fail.

GUI FM-41877 Currently in the ACME screen to configure certificates for all the
devices or configure for specific cluster/device managed by
GigaVUE-FM, filter and export option is not available.

GUI – Overview HD-61023 In GigaVUE-OS the code version and hostname are exposed at the
login page.

Infrastructure – HD-65187 Non-master nodes will enter safe mode, if map-group is deleted
Cluster and recreated with same alias through a batch file.

Infrastructure – FM HD-65337 Port-alias of network/tool port is not allowed as “src”/” dst” port for
map-creation is using DEVREST API.

Infrastructure – FM HD-65956 On installing GVOS license from GigaVUE-FM without configuring

cards throws false notification as “License is installed successfully” in
TA devices. Though the response in GigaVUE-FM is a success,
device will not have this license key.

Infrastructure – FM HD-66388 The power values for 100G BiDi and AOC optics are sometimes
displayed as single value in GigaVUE-HVUE and GigaVUE-FM
instead of min-max value pair.

Infrastructure – HD-67737 Individual CPU core usage in ‘show system-health’ is incorrectly

General displayed. This issue is applicable only on TA25 platform. There is no
functionality impact, and the rest of data like memory usage &
CPU usage of individual process is correctly displayed.

Infrastructure – OS HD-66519 TLS/SSL Server is using commonly used prime numbers.

PTP HD-67669 Netdevd process shows high CPU utilization when user configured
PTP is in the device.

Topology FM-41577 Links API fails when we click on a Gigamon device which has
connection to a manual network device and tool view is enabled
in Topology (Beta).

Traffic – Rx engine HD-65090 In a regular map and a pass-all map when sharing the same “from
port” and stack-link for their traffic, if the “from port” of regular map
is edited to a different port, sometimes traffic loss can be seen.

2/4/2022 Fixed Issues 11

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

Known Issues
Known Issues
The following table describes the customer-reported and priority known issues.
(*Indicates new Known Issues)

Known Issues

Product Area Reference Issue Description

Alarm Management FM-33247 When a port that is part of a map or GigaStream or PortGroup
gets admin disabled (from UI or using API), it takes a long time to
reflect in the status (after the next health computation happens)
and raise an Alarm condition.

Alarm Management FM-41607 GigaVUE-FM shows the wrong chassis view for some of the
GigaVUE-TA200 in the Cluster.

Alarm Management FM-42008 Map/Portgroup having admin disabled ports does not reflect
correct status when exclusion rule for admin disabled ports has
been enabled.

API FM-40406 This issue may happen to FM HA users when they try to restore a
backup.
Workaround: Restart the CMS service using the command “sudo
systemctl restart [email protected]"

API FM-40479 When a 5.12.01 device is added to 5.12.00, FM sees configuration

sync issues. Due to the addition of new SNMP traps in 5.12.01
device, 5.12.00 FM is not able to collect the new events.
For the newly introduced traps throttle is enabled by default, due
to which FM is not able to process all the traps. If any state
changes happen for the inline, networks/tools need to wait for
the configuration sync to happen to get the state changes in
Classic Inline and Flexible Inline.
Workaround: Disable SNMP throttling for the following traps on
5.12.01 device:
• Inlinenetforwardingstatechange
• Inlinenetlagforwardingstatechange
• Inlinetoolgroupoperstatechange
• Inlinetooloperstatechange
• Gsdumpstatus
• Gsappcrashnotification
The issue is resolved if you upgrade GigaVUE-FM to 5.12.01.

2/4/2022 Known Issues 12

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

Known Issues

Product Area Reference Issue Description

API FM-40656 If the ACME generated GigaVUE-FM certificate expires, the

certificate status will still show as success.
Workaround: Customers should monitor the expiry date as well as
the events page for any auto-renewal failures.
API FM-41020* When the auto-login is enabled, the Keychain password is not
reset even after reset factory all.
Workaround: Before resetting the device, disable the auto-login
to reset the keychain password.

API FM-41780 ACME database does not store the FQDN. If the customer has
enabled DHCP during deployment of GigaVUE-FM, and if the IP
address changes, then the following issues are observed:
Issue 1: ACME-related certificate configurations like issue, renew
and revoke will fail.
Issue 2: Deleting an instance from the HA group will not remove
the instance from the ACME database, because the HA group is
created using FQDN.
Workaround: For Issue 1: Customer should delete/clear the
certificates generated using ACME and issue new certificate
again.
For Issue 2: Deleted instance will remain as a stale entry.
However, you can add a new GigaVUE-FM instance to the HA
group.

API FM-42207* If upgrade fails, then node will be deleted from the VCenter,
and the status will be marked as Upgrade Failure in the
connection page. Then, the user should delete and redeploy
the node.
Workaround: Try upgrading the node again.

API FM-43010* If the V Series nodes are deployed through Environment ->
Connection page, the V Series nodes status may not be
immediately reflected on the Connection list.
Workaround: Refresh the connection page to display the
latest status of V Series nodes.
API FM-43270* If customers are planning to run Tenable scan immediately post
FM installation, then FM GUI won’t show up.
Workaround: Restart FM or run Tenable scan only after logging in
to FM GUI.
API HD-68204* "VPORT not allowed as source for this map" error would be
thrown when creating the second level/transit level map without
APF/filtering gsop.

2/4/2022 Known Issues 13

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

Known Issues

Product Area Reference Issue Description

API VM-18482* When using RHEL 8.2 hypervisors, the command "service gvtap-
agent restart" does not restart the process. It is recommended to
use "service gvtap-agent stop" followed by "service gvtap-agent
start"
API VM-19048* Monitoring Session in Azure fails when the node has a Public IP
address (no proxy).
Application Flow FM-42804* No provision to create New Tunnel under Edit Application
Intelligence, Device Intelligence Session.
Configuration
Workaround: Use Tunnel Specification under Resource in the left
navigation to create New Tunnel

Application Flow FM-42970* When the appIntel solution in AWS is being deployed, the
Intelligence – modification of node count through min/max number edit is not
Unification supported until solution is deployed to success state.
Workaround: User needs to wait to change the node number
until solution deployed to success state.

Application FM-24987 When editing the exporter template in Application Metadata

Intelligence Intelligence, if you change any of the non-editable fields
(Format, Record Type, NetFlow Version), the solution will move to
the "Failed" state because there is no dynamic edit support for
these fields on the device side.
Workaround: Reconfigure the original template to modify these
fields instead of editing the template in the exporter.

Application HD-63920 AMI packets are not accounted when they arrive before the GTP
Metadata tunnels are created. Fix has been made to process these GTPU
Intelligence packets.

Application HD-66172 Application Intelligence solution with AMI can only have
Metadata destination as NULL port and cannot have tool ports.
Intelligence Workaround: Create a Map from Network Port > Dedup >
Hybrid1, Tool Port.
Create AMI solution from Hybrid1 Port > Null port.

Application FM-43216* AppViz stats not shown in UI since logstash.service is not running.
Monitoring

Application HD-67694 The degradation is seen in v4, v6 rules on Prolonged PnS script
Metadata run.
Intelligence Workaround: We can use no-match-pass instead of v4, v6 rules.

Application FM-38228 With AppViz solution for cloud created, users are not expected
Monitoring to edit generated monitoring session directly.

Backup and Restore FM-30374 In GigaVUE-FM the backup status is not displaying the status
correctly for devices that failed in a successful backup creation.

2/4/2022 Known Issues 14

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

Known Issues

Product Area Reference Issue Description

Cloud Suite HD-65418 Network discovery (CAP/LLDP) are not supported.

Cloud Suite HD-66726 High traffic rate (>80%) GSR results in complete disruption of
traffic.
Workaround: >80% of 80G in GigaVUE-HC1 Gen3-GS
1. Until a fix is available keep traffic below the bandwidth
capacity.
2. Reloading the GS-card will restore traffic.
3. Maintaining the traffic less than <80% bandwidth capacity will
prevent the occurrence of the issue.

Cloud Suite VM-15216 If V Series node is not powered ON by GigaVUE- FM

automatically due to host reboot, then it needs to be manually
powered ON through vCenter.

Cloud Suite VM-17404 Few of the incoming packet i.e., < 1% packet might get
dropped, when V series node is running continuously. These
drops are happening during specific parts of day irrespective of
incoming packet rate. This issue is seen only on Azure platform.

Cloud Suite VM-17503 IPv6 DHCP functionality is impacted in the absence of IPv6 router
advertisement. This issue does not impact static IPv6 functionality
or where IPv6 teps which are explicitly configured and does not
rely on RA to determine GW when egress traffic needs to go to
network other than local network.
Workaround: Ensure that IPv6 RA are being broadcast by IPv6
router on network segment.

Cloud Suite VM-17706 After reboot of the OVS Agent Instances, the src/dst port of the
mirror session is not getting restored after the Instance is UP.
Workaround: Workaround is to “Undeploy and Redeploy the
Monitoring Sessions of the Rebooted Instances” after the
Instances are up from hard reboot. Now the ports are added to
the mirrors and traffic flow is also fine.

Cloud Suite VM-17800 During the monitoring session edit user may see an intermittent
issue with the following error "The following connection ID are
invalid: null".
Workaround: To remove the tapping of a GigaVUE-VM whose
tag is detached, you must first undeploy the MS and then deploy
the MS again.

2/4/2022 Known Issues 15

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

Known Issues

Product Area Reference Issue Description

Cloud Suite VM-17860 Un-provisioned idle Azure VM i.e., Monitoring Domain is created
but no monitoring session, exhibit problem in packet forwarding.
Forwarding plane programming (ibverbs call by mellanox driver is
failing) is getting affected when VM is left idle.
When you hit this issue, packet forwarding will not happen, and
you will see following errors msg in /var/log/syslog:

>> Aug 9 01:44:45 vmb085959373 gs_apps[10484]: [AppEnv.ERR]:

ehal_start_nicqueue - Error - ethdev(3) queue(0) start, err(-22)
>> Aug 9 01:44:45 vmb085959373 gs_apps[10484]: [AppEnv.ERR]:
ehal_start_nicqueue - Error - ethdev(3) queue(1) start, err(-22)

Workaround: Reboot V series node by using the command sudo

service vseries-node restart (re-deploy monitoring session after
service restart)

Cloud Suite VM-18258 When a user deploys a monitoring session with a first level traffic
map that contains an IP or MAC rule (and no other ATS rule), and
it doesn't match any of the G-vTAP Agent GigaVUE-VMs, then all
G-vTAP Agent VMs will be selected as targets. If a G-vTAP Agent
VM gets added later that does match one of the rules, then the
previous G-vTAP Agent VMs that were selected as targets and
the new G-vTAP Agent will all be selected.
Workaround: If the user wants only the new G-vTAP Agent that
matches the rules to be selected, the user can manually
redeploy the monitoring

Cloud Suite VM-18382 GigaVUE-FM does not bring up the interface which is selected
from the pop-up page for REP traffic.

Cloud Suite VM-18450* In Azure, launching the default instance type of Standard_d4s_v4
with a configuration on a single subnet, may cause the node to
fail and to boot consistently.
Workaround: It's suggested to either use a dedicated NIC for
data acquisition and egress tunneling. Using a larger instance
type of Standard_d8s_v4 may also help if only 1 subnet is used.

Cloud Suite VM-18479* G-vTAP Agent deployed in OpenStack sends the status as “OK”
back to the controller even though the interfaces are not
registered.

Cloud Suite VM-18491 When Passive SSL application is deployed multiple GigaVUE-VMs
(observed with 4 VMs) hosted on a single ESXi based hypervisor,
some packets may get dropped at hypervisor interface or v-
switch interface, causing few error codes and failure to decrypt
sessions whose packets were dropped.

Cloud Suite VM-18544 Persistent traffic which is bursty in nature can cause minimal
packet drops and recovers once the bursty traffic reduces.

2/4/2022 Known Issues 16

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

Known Issues

Product Area Reference Issue Description

Cloud Suite VM-18699* If NSX-T manager credentials are changed, FM will stop retrying
to establish a connection after 3 retries. This is to avoid NSX-T
manager from locking FM out.
Workaround: If NSX-T credentials provided to FM are changed,
then the user must provide the new credentials to FM.
Cloud Suite VM-18836* Crash observed on sending traffic for more than 4 hours on AWS
platform for AMI dpi application profile.

Workaround: Traffic resumes after node reload.

Cloud Suite VM-19052* Monitoring Session deployment fails in Tunnel Mode with error
'java.net.SocketTimeoutException: Read timed out', when traffic is
flowing through the V Series Node.
Workaround: Retry the MS deployment if it fails in first attempt with
back-ground traffic.
Cloud Suite VM-19081* Error creating Tunnel End Point on re-deploying the monitoring
session

Device Cluster FM-40512 As part of handling stack escape scenarios (FM-34808), FM

Management (>=5.11) removes the offline/faulty devices in the cluster.

Device Configuration FM-42454* When the default LDAP settings areconfigured/updated, the
bind password changes.
Workaround: Whenever the default LDAP settings are changed,
the bind password has to be re-entered.

Driver HD-60165 In G-TAP, when SFP+ SR and DAC cables are mixed and
interoperated with GigaVUE-TA10, SFP OIR on networks ports of
TA10 brings down ports of GigaVUE-TA10 connected to tool ports
of GTAP.
Workaround: Admin disable/enable the corresponding port
group(na,nb,ta,tb) ports in GigaVUE-TA10 side will bring up the
link.
SFP OIR on the down port (in GigaVUE-TA10 side) brings up the
link.

Fabric Health FM-40170 In Scaled FM-HA setup, changes made in device configurations
Analytics such as nodes, ports, maps, chassis, gigastream, gsgroup, gsop
and vport will get updated in FHA visualizations only after a
relatively long period of time (approximately 10 hours when FM
manages 3K+ nodes)
Fabric Health FM-41911* The Generated CSV reports does not have a few columns
Analytics included, if the selected fields have dot (‘.’) notation (e.g.,
resource.id.clusterId, port.rx.bitsRps, port.rx.octets, port.sfp.type)

2/4/2022 Known Issues 17

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

Known Issues

Product Area Reference Issue Description

Fabric Health FM-42302* Kibana visualizations should not use sum/average aggregations
Analytics on the counter fields, instead max aggregation should be used,
and average on the series aggregator to be used.
Fabric Health FM-42863* FHA Dashboard control filters do not list the exact cluster-ID if the
Analytics given cluster-ID is a substring of other cluster-IDs.
Workaround: “Add filter” in the dashboard can be used for
filtering instead of control filters. This is required for all fields used
for filtering.
Fabric Health FM-43188* After login, first-time FHA-dashboard navigation on the
Analytics
statistics dashboards takes more time to load the data in 3k
node setup for more than 1 day period. When FHA
dashboards launch for the first time, they take time to load
widgets, however on successive attempts by changing
cluster-ID and date, the widgets load quickly.
Fabric Maps FM-42316* The Status details shown in the tooltip in Fabric Map are
repeated and do not have line breaks.

Fabric Maps FM-42317* The expand icon is not positioned properly on the Edit page of
Fabric Map.

Fabric Maps – GUI FM-42685* When the fabric map and the flow map are created using the
same alias, using the same port as source or destination, in the
port quick view page, under the related maps section both the
fabric map and user created flow map are listed with the same
alias. There is no way to differentiate the fabric map and the flow
map and hence it looks like a duplicate entry.
Flex Inline FM-39982* When a user tries to add a flex inline map with a manual VLAN
which has been already used by other configured maps (both
auto and manual VLAN mode of user-configured map or
internally configured by FM), an error will be thrown.
Workaround: To use that particular VLAN, the user should delete
the other map which has that particular VLAN and configure this
map first. In case if that VLAN had been used in an internally
created map by FM for features like RIA, then the user should
delete the specific solution and add the needed map first and
re-configure the solution.

Flexible Inline Bypass HD-60634 When configuring a classic inline by-rule map followed by a flex
inline collector (inline-networks used in each map is different) at
a non-master node in a cluster, would impact the traffic on by
rule map.
Workaround: Create the flex inline collector is first and then
create the classic inline by-rule map.

2/4/2022 Known Issues 18

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

Known Issues

Product Area Reference Issue Description

Flexible Inline Bypass HD-62570 When there is only collector map configured with inline-netlag as
source port, the traffic will be impacted when enabling/disabling
LACP bypass. Also, reloading the box with this config may lead
to no traffic being sent to the inline tool.

FM Administration FM-40193 Issue: Backup/Restore Failure in FMHA setup

Symptom: Backup/Restore operation Fails with error saying no
permission to write to /var/lib/gigamon/restoreLog.
[admin@gigamon ~]$ ls -ltr /var/lib/gigamon/
drwxr-xr-x 5 root root 117 Jul 13 06:43 restoreLog
Analysis: File ownership got dynamically change for
/var/lib/gigamon/restoreLog folder during FMHA backup/restore
operation. This led to failure in backup/restore operation. The
scenario which it occurs is not clear.
Workaround: Manually change the ownership of
/var/lib/gigamon/restoreLog folder to tomcat user.
chown tomcat:tomcat /var/lib/gigamon/restoreLog

FM FM-39732 Multiple IP routes in a multiple NIC configuration are not restored

Install/Upgrade/Migra properly after an upgrade.
tion Workaround: The only workaround is to restore the default routing
table manually after completing the FM upgrade process.

FM Scale FM-39512 Config sync/Stats collection fails due to DNS resolution issue. This
could happen after a CMS restart when there are multiple
search domains configured.
Workaround: Configure the search domain in order such that,
search domain that are most likely to resolve comes first and
which are less likely to resolve comes next.

Gen 3 GigaSMART HD-61030 This issue is applicable to GigaVUE-HC1-GEN3 GS card only.

card (SMT-HC1-S) 1) During map reconfigurations, some packets are dropped in
the GS card, however, these packet drops are not accounted
for in RX drop counters for gsgroup
2) For tunnel encap GSOPS, occasionally some encapsulated
packets are dropped while enqueued for transmission. However,
these packet drops are not accounted for in RX drop counters of
these GSOPS.

GigaSMART HD-63690 Packets do not match the positive lookahead rule configured in
the second level Adaptive Packet Filtering (APF) map, if the map
containing positive lookahead regex rule is configured after a
second level map with the below specific rule "RegEx ((1[0-
9]{2}|[1-9][0-9]|[0-9])\\.){3}([0-9])".

2/4/2022 Known Issues 19

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

Known Issues

Product Area Reference Issue Description

GigaSMART HD-61058 When there are multiple maps with gsops sourcing from the
same network ports and you reconfigure one or more of the
maps (X) to a gsop map that is already in use (Y), packets from X
maps will briefly leak to Y during configuration.

GigaSMART - APF/ASF HD-65485 Second level Map statistics not updated properly.

GigaSMART - APF/ASF HD-65511 Header Stripping KPIs incurred degrade of up to 4.5% between
5.11 and 5.12 release in Gen2 Cards.
GigaSMART-Apps HD-68596* GTI is not supported on GigaVUE-HC1 devices due to failure of
initialization of infra set-up when insight sensor is enabled on
vport. However, GTI is supported on GigaVUE-HC1 for 5.13.01.

GigaSMART - Classic HD-65375 High traffic rate (>80%) GSR results in complete disruption of
Apps traffic.
Workaround: >80% of 80G in GigaVUE-HC1 Gen3-GS and >80% of
200G in GigaVUE-HC3 Gen3-GS.
1. Until a fix is available keep traffic below the bandwidth
capacity.
2. Reloading the GS-card will restore traffic.
3. Keeping the traffic less than 80% bandwidth capacity will
prevent the occurrence of the issue.

GigaSMART - Classic HD-62529 Random IfInErrors may be observed in smaller numbers on the
Apps 10G stack ports of PRT-HC3-X24 card in HC3v2 device, when
connected to the SMT-HC0-X16 card of HC2v1 device.
Workaround: Try disabling and re-enabling the port on HC3v2
device or on HC2 device; else, reload the node to recover from
the IfInErrors issue.
GigaSMART – infra HD-65041* In show gsgroup stats, for Gen3 cards, one second CPU utilization
value may vary at larger rate (20pprox. in the range of 20)
compared to one minute or five minutes (in the range of 5).
Workaround: For measuring CPU utilization, one minute or more
than one minute can be used as factor in Gen3.

GigaSMART - HD-66396 Found crash on GigaSMART while running traffic under live
Metadata network and sent report to Splunk.

GigaSMART - HD-66199 Timestamps for N11 records is in seconds.

Metadata

GigaSMART - NetFlow HD-58141 When two Netflow exporters are configured with one of the
exporters containing exporter filter (IP SRC and IP DST), then the
NetFlow records may not be exported.
GigaSMART- Passive HD-68722* For Gen3 GS cards running DSSL applications, after deleting and
SSL recreating gsgroup for around 50 times consecutively, the GS

2/4/2022 Known Issues 20

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

Known Issues

Product Area Reference Issue Description

card can go to the "DOWN" state. The only way to recover the
card is to reboot the card manually by card power cycle.
Workaround: In use cases where multiple gsgroup deletion
creation is to be done for cards running DSSL app, it is
recommended to regularly reload the GS card using FM or CLI.

GigaSMART - SAM HD-65163 Transaction records for some 3G sessions (UTRAN/GERAN) have
cell ID as 0.
GigaSMART – SAM HD-68650* GTP SAM sometimes misses S11 Mod Bearer event during inter-
MME intra-SGW handover.

GigaVUE-FM FM-31944 After configuring the remote server, the first two audit logs or the
set of audit logs without any sleep time should not be captured
in syslog.

GigaVUE-FM FM-33086 GigaVUE-FM RBAC stats are not restricted based on tags.

GigaVUE-FM FM-33865 To change the default port used by the GigaVUE-FM web
services, you must edit ‘/etc/httpd/conf.d/ssl.conf’ manually and
restart Apache.
Note: Changes made in this manner will not be carried over after
an update is applied to the installed version of GigaVUE-FM.
Workaround: Re-apply the change to ssl.conf after updating the
GigaVUE-FM version.

GigaVUE-FM FM-8937 After fresh deployment or upgrade, first-time access to GigaVUE-

FM might take longer (3 to 4 minutes) than expected.

GigaVUE-FM – Clusters FM-20156 Spine-to-Spine interconnect is not supported by the GigaVUE-FM

interface.
Workaround: Use the GigaVUE-FM API to create, update and
delete (core spine) cluster.

GigaVUE-FM – Clusters FM-21813 In a map with leaf-spine topology, if one GigaStream goes
down, then the traffic health state of the map is marked ‘Red’
instead of ‘Yellow’ (even though there is a path through another
spine to reach the destination).

GigaVUE-FM – FM-17363 The notification window does not appear when editing a cluster
Device/ Cluster by adding a stack link.
Management

GigaVUE-FM – GUI FM-17407 In GigaVUE-FM, when right-clicking in the Flex Inline workflow
view, the interface displays browser-specific options. This issue is
observed only in the Edge browser.
Workaround: Use a different supported browser.

2/4/2022 Known Issues 21

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

Known Issues

Product Area Reference Issue Description

GigaVUE-FM – GUI FM-20394 In GigaVUE-FM, printing list results that are multiple pages using
the browser print option is not supported on all list pages. This
issue was discovered on the Events page and the Physical Node
page.

GigaVUE-FM – Single FM-28712 If you are using the IPv6 address for GigaVUE-FM, the CMS
Sign-On & AAA service needs to be restarted. This only occurs in fresh
Service installations; not upgrades.
Workaround: Restart CMS Service.
Command: "sudo systemctl restart [email protected].

GigaVUE-OS HD-59357 503 error from Trustwave relay using SMTP over TLS causes HC
Series to drop the connection without sending a message.

GigaVUE-OS HD-63262 While having the IP interface and the TACACS server IP in the
same subnet and configuring the device to authenticate using
TACACS server, the route table on GigaVUE-HC2 is programmed
to point the IP interface, which results in authentication failure.

GigaVUE-OS – CLI HD-58332 In Gen3 GigaSMART-HC1 card, the temperature of the

GigaSMART card is not displayed in the "show environment slot
<slot id>" output.

GigaVUE-OS – Cluster HD-33681 In an out-of-band cluster, a GigaVUE-HC2 with Control Card

version 2 lost its chassis ID when its state changed from standby
to master.
Workaround:
Issue the cluster enable command on the GigaVUE- HC2 with
Control Card version 2 and wait for the state of this node to
change to master.
Issue the cluster enable command on the second node in the
cluster, a GigaVUE-HC2 with a lower cluster preference.
Activate all the cards on the standby node from the master
node.

GigaVUE-OS -Traffic - VM-8274 In Giga VUE Cloud Suite for Azure, any change in the proxy
GUI server (such as, password) requires editing both proxy server
information and the connection information in GigaVUE-FM.
Workaround: Update both the proxy server information and the
connection information in GigaVUE-FM.

GigaVUE-VM HD-47497 In GigaVUE-OS CLI, after editing a GigaStream port group

attached to a map in a map group, the CLI takes longer than
expected time to process the request and appear stuck. This
issue occurs in a scaled environment.
Workaround: Wait for the CLI to complete the process, which
may take up to 15-20 minutes.

2/4/2022 Known Issues 22

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

Known Issues

Product Area Reference Issue Description

GigaVUE-VM – Tunnel VM-4814 For NSX, the vMap traffic status is displayed as ‘Inconsistent’
Port Gateway when the VMs (Virtual Machine) are powered on, and end-to-
end traffic is flowing.

GigaVUE-VM Node VM-12264 Occasionally, not all GVMs power on after the host comes out of
Operations maintenance mode.
Workaround: Manually start the GVMs that do not start
automatically.

GUI FM-39884 IBO policy graph takes more than 350ms and the policy table is
not updated until a refresh.
Workaround: Refresh the browser page to see the updates in the
policy table.

GUI FM-40236 IBO pages are not loading properly after some operations.
Workaround: Refresh the page to load properly

GUI FM-42577* The Cluster Create / Edit progress notification window is not
shown in few pages which are not supported due to technical
challenges but will retain once the user navigates to the
supported pages.
GUI FM-42723* If more than 500 nodes are selected while exporting the nodes
from the inventory page, it makes the page unresponsive.
High Availability FM-42650* ES Node fails to join the cluster when rolling restart is performed.
Workaround: Restart the ES cluster.
To achieve the above workaround, users must log-on to all FM(s)
in HA and go into root mode (sudo su -) and issue the command
systemctl restart elasticsearch.service
The above restart command should be executed simultaneously
in all the FMs.

Infrastructure - Cluster HD-66296 There is an issue in TA200 which causes failure in sending
hwmod_change action to master node, which leads failure to
configure the chassis box-id for that particular node.
Workaround: Disjoin the affected node from cluster followed by
reload and rejoin back to cluster.
Infrastructure – FM HD-68384* FM reports “Node Unreachable” with incorrect Software version.
Workaround: Restarting rest api processes resolves this issue as in
the next config sync ugwd starts to respond back to the api
queries.
Infrastructure – FM HD-68536* Flex solution edit fails after a reload of the device with VLAN
duplication error in FM. In issue state, it will have discrepancies
between the VLAN Ids of the maps shown in CLI vs FM.
Workaround: Reach out to customer support.

2/4/2022 Known Issues 23

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

Known Issues

Product Area Reference Issue Description

Infrastructure - Mgmtd HD-63276 While performing multiple map rule operations (such as adding
and deleting a map rule) comprising of multiple rule types (such
as IPV4, IPV6, MAC) in a single edit operation, may result in traffic
outage.
Workaround: Perform two separate edit operations; one for
deletion of the map rules and the other for adding the map
rules.

Infrastructure - Mgmtd HD-66182 There is an issue in map rule edit, which creates a duplicate rule
object entry in non-master node map context. After deleting the
rule which was edited before leads to stale entry in non-master
node. The issue triggers when we add any new rule or edit any
existing rules in same map.
Workaround: Avoid map rule edits, instead delete the rule in
map followed by submit and then recreate the rule in map.
Infrastructure - Mgmtd HD-68624* When fabric port-group is configured (with circuit tunnels as port-
list) in the cluster and when one of the nodes leaves and joins
back the cluster, the node that joins back will hit mgmtd crash,
and the node will reboot and join back the cluster.

Infrastructure - Mgmtd HD-68742* In scaled configuration, when a node is added into the existing
cluster with the following sequence back-to-back, the standby
node of the cluster would go to safe mode.
1) cluster enable
2) cluster leader preference 100 (Tries to become leader of the
cluster)
Workaround: If cluster preference is changed before adding the
node into the cluster, the issue is not seen.

Inline Bypass - HD-65184 When flex inline solution is deployed along with PTP in a cluster,
NG/Flexible the VLAN resource usage output shows differential results during
non-master devices reload and cluster rejoin scenarios.

Inline Bypass - HD-68595* Deleting SSL App from RIA_SSL solution is not supported due to
NG/Flexible the traffic impact in nodes.
Workaround: Delete RIA_SSL solution and reconfigure the RIA
solution.

Insight Sensor FM-34624 After activating an Insight Sensor, generated gsgroup and VPort
are seen on device CLI but not on GigaVUE-FM GUI.
Workaround: Login as admin in GigaVUE-FM UI to see the
generated Virtual Port and GigaSMART group. Create Fabric
Map with generated VPort as destination in the first level map.

2/4/2022 Known Issues 24

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

Known Issues

Product Area Reference Issue Description

Insight Sensor FM-32196 When you do GigaVUE-FM backup and delete the Insight tool
from GigaVUE-FM and restore the GigaVUE-FM config from the
backup, the sensor data is lost. The auto generated VPort, and
GS group are not restored. Also, the Sensor status shows as
“disabled”. If the user enables the sensor, the sensor comes back
in the “Awaiting code” state instead of “Online”.
Workaround: After GigaVUE-FM restore, go to Tools > Insight
Sensor and enable the sensor. Get a new provision code from
Insight portal/ support and re-provision by selecting Provision
from the “Action” menu.

Intent Based FM-33987 The hybrid port used as a source outside IBO won’t be available
Orchestration in IBO both on source and destination.
Workaround: Delete the Legacy map and use the port in IBO.

Intent Based FM-36611 The first-level fabric map is not creating the cluster level maps
Orchestration properly.

Intent Based FM-40233 Source Port/Alias details are not shown in the table view of
Orchestration deployed IBO policy and in the exported csv/xls file, also unable
to filter policy with source alias.
Intent Based FM-43271*
A usability issue which will be seen while updating the policy
Orchestration
or while adding the policy with source overlapping.

Mobility FM-38113 Mobility Solution deployment failed because L4 port was

configured in the gsgroup. This was due to the multiple tool alias
attached in a Sub-Metadata Aggregator Function (SMAF)
configuration within the same SMAF server.
Workaround: Do not configure SMAF with multiple tool alsia in
the same SMAF server.

NSX-T VM-15206 When sending packets at a rate >= 536K packets per second, on
NSX-T platform, fewer packets are observed at the egress
interface than what gets reported by the application encap
module. The delta is in the order around ~1000 pkts.

NSX-T VM-12961 In GigaVUE-VM, OVFs are not certificate signed.

Workaround: for successful GVM deployment:

(1) Login to each NSX-T manager via SSH shell using the root
credentials.
(2) Open file :/config/vmware/auth/ovf_validation.properties
(3) Set the value for THIRD_PARTY_OVFS_VALIDATION_FLAG as 2
to disable certificate validation.
(4) Click Save and exit the file.

2/4/2022 Known Issues 25

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

Known Issues

Product Area Reference Issue Description

RBAC FM-34452 Audit Log of Role does not contain name of the Role. Also, there
is not audit log generated for any operations performed on
Group

RBAC HD-61614 Remote group mapping is not working with LDAP/LDAPS.

Single Sign-On & AAA FM-29022 When a user is not logged in and is trying to access GigaVUE FM
Service via internal page URLs will be redirected to Dashboard page
post login.
Workaround: If the users are already logged in, they can access
the internal page URLs of GigaVUE FM directly.
Software Licensing FM-40343* FM licensing page needs better grouping.

System Level FM-43282*

Logstash service is down after running tenable scan in GigaVUE-
FM.
Workaround: Once the log stash service stops, log into FM CLI
and restart the logstash service using sudo systemctl restart
logstash.service

ThreatINSIGHT Sensor HD-62758 Bro traffic analyzer may become stuck over time.
Auto-update does not work.

Topology FM-43320* Reset columns to Default option is not working in grid table in
Topology.
Workaround: The user needs to select the columns manually
instead of using Reset columns to default option in the grid.

Traffic HD-40239 For GigaVUE-HC2 with Control Card version 2, under certain
traffic configurations involving network, tool, and GigaStream on
the same PRT-HC0-X24 module, traffic on the GigaStream may
be affected after a hot swap of the module.
Workaround: Reload the GigaVUE-HC2 after swapping the PRT-
HC0-X24 module.

Traffic HD-64254 Backup/Restore (device config and RIA solution) from FM causes
traffic to fail in one node in RIA solution.
Workaround: Backup/Restore (device config and RIA solution)
from FM causes traffic to fail in one node in RIA solution.

Traffic - RX engine HD-66444 Multiple map edits using API in a script can cause map edit
failure. Not observed manually.
Workaround: Reload the node to recover from issue state.
Unification FM-43031*
After AppIntel solution is configured, FM does periodical
config syncs to V Series nodes, in certain rare cases, the sync

2/4/2022 Known Issues 26

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

Known Issues

Product Area Reference Issue Description

failures of V Series nodes may not be propagated back to UI
pages in AppIntel solution.

Unification FM-43125* AWS cloud environment is typically shared and dynamic. If you
launch V Series nodes and dynamically attach elastic IP
addresses to them, in rare cases, the elastic IP addresses that you
intend to use are taken by other cloud resources running in the
same environment, as AWS does not provide a true reservation
mechanism to ensure the availability of the elastic IP addresses.
Workaround: If V Series node launch fails due to unavailability of
elastic IP addresses, please delete the failed fabric and launch
again.

Platform Limitations
This section lists the platform limitation in this branch.

Product Area Reference Issue Description

Application HD-67714 Application Intelligence solution with AMI can only have
Intelligence destination as NULL port and cannot have tool ports.

FM Administration FM-43157 When importing devices using Excel spreadsheets that were
exported from FM version below 5.11.00, will throw an error in FM
version 5.11.00 and above.
Workaround: Change the Header Name from Node_IP to Node
Address in the previously exported xlsx file before importing it to FM
version 5.11.00 and above.

Deprecation Announcements
• The existing traffic threshold configuration settings have been removed and traffic health state
based on GigaSMART Engine Port utilization will not be visible.
• GigaVUE-TA1 is no longer supported as of GigaVUE-OS 5.9.00.
• Do not use the configuration delete-all command; it is not recommended and will be removed in a
future release. (ref: HD-18654)
• Rabbit MQ (RMQ) notifications support has been removed in GigaVUE-OS 5.12.01. (ref: FM-40265)
• SHA1 support has been removed in 5.13.xx to improve security. Refer to the instructions in
Addendum for details. (ref: HD-66203)

2/4/2022 Platform Limitations 27

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

System Requirements
GigaVUE-FM Memory and CPU Requirements
Memory and CPU requirements for GigaVUE-FM

Reference Memory CPU Devices GVMs2 QA Qualification

Default VM Configuration 16 GB 2vCPU 10-25 100 GVMs Qualified

GigaVUE-FM Hardware 1 12vCPU 300 100 GVMs Qualified
64 GB
Appliance
GigaVUE-FM Hardware 128 GB 32vCPU 300 100 GVMs Qualified
Appliance 2.0

1
The default memory for GigaVUE-FM Hardware Appliance is 16 GB. You can choose to add the memory based on your requirements. The
memory given in this table is required to manage the number of devices and GVMs specified.
2
GVM: GigaVUE-VM

NOTE: The disk size (/config) after a fresh installation of GigaVUE-FM is 40GB. When you upgrade from
previous versions, you must ensure that the disk space remains at 40GB. Otherwise, you must increase
the disk space to 40GB. Refer to the “Increasing Disk Size on a New or Existing GigaVUE-FM Installation”
section in the GigaVUE-FM Installation and Upgrade Guide for instructions on how to increase the disk
size.

Firmware/BIOS information the GigaVUE-FM Hardware Appliance

GigaVUE-FM Hardware Appliance GigaVUE-FM Hardware GigaVUE-FM Hardware Appliance

Appliance 2.0 1.0

Bios Version 2.9.3 2.11.0

iDRAC version 4.22.00.53 2.75.75.75

Raid Controller firmware PERC H740P - 50.9.4-3025 PERC H730 Mini - 25.5.7.0005

Broadcom Gigabit Ethernet (NIC) 21.60.16 21.60.16

GigaVUE Cloud Suite System Requirements

Note: For additional platform specific GigaVUE Cloud Suite requirements, please refer to the respective
platform documentation:
https://docs.gigamon.com/doclib514/514-gigadoc.html#GigaVUE_Cloud_Suites.html

Nutanix Requirements

Platforms Version

GigaVUE-FM 5.13.00 and 5.13.01

2/4/2022 System Requirements 28

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

Platforms Version

Acropolis Operating System (AOS) STS-5.19.1, LTS-5.15.1

Prism Central Environment Version 2021.1.0.1

Third-Party Notes for V Series

Minimum Virtual Computing Requirements

There is a minimum required number of ports for port groups of a Virtual Distributed Switch (VDS) used by
V Series deployments:
• In a single V Series deployment, 1 or 2 port groups can be used. The number of ports required is
calculated based on the number of port groups used.
• If you are using a single port group, then each V Series node uses 10 ports from the port group.
Therefore, the port group must support at least the number of V Series nodes deployed in that
port group multiplied by 10.
• If you are using two port groups in a single V Series deployment, the minimum number of
required ports changes for Management and Tunnel port groups as follows:
o Minimum ports for Management port group = # V Series nodes
o Minimum ports for Tunnel port group = # V Series nodes multiplied by 9

VMware Requirements

Minimum Hardware Requirements for GigaVUE-VM

Component Requirements

Hypervisor VMware ESXi (v5.5 and later)

CPU One 64-bit x86 CPUs with virtualization assist (Intel-VT or AMD-V) enabled

RAM 8GB

Disk Space 2GB shared or locally attached storage

Network At least one 1Gbps NIC

Minimum Virtual Computing Requirements

Component Requirements

Memory 2GB

Virtual CPU (vCPU) 2 vCPUs

Virtual Storage for Guest 2GB using virtual IDE

Virtual Network Interfaces 10 Network Adapters (3 in NSX)

Network Adapter 1: GigaVUE-VM Management Port

2/4/2022 System Requirements 29

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

Component Requirements
Network Adapter 2: GigaVUE-VM Tunneling Port
Network Adapter 3 – 10: GigaVUE-VM Network Ports

Supported Hypervisors for V Series 2

Tested Platforms
V Series 2 Supported Hypervisors
vCenter Server ESXi GigaVUE-FM

vSphere ESXi v6.7 v6.7U3 v6.7U3 v5.10.02, v5.11.01, v5.12.00,

v5.13.00, v5.13.01
v7.0 v7.0 v7.0 v5.10.02, v5.11.01, v5.12.00,
v5.13.00, v5.13.01, v5.14.00
vSphere NSX-T v2.5.1 v6.7U3 v6.7U3 v5.10.02
v3.0 v7.0 v7.0 v5.10.02
v2.5.2 v6.7U3 v6.7U3 v5.11.01
v3.0.2 v7.0 v7.0 v5.11.01, v5.12.00
V3.0.3 V7.0 V7.0 V5.13.00, v5.13.01, v5.14.00
v3.1.0 v7.0 v7.0 v5.11.01, v5.12.00
V3.1.2 V7.0 v6.7U3, v7.0U1 V5.12.00, v5.13.00, v5.13.01
V3.1.3 V7.0 v6.7U3, v7.0U1 v5.13.01, v5.14.00

Supported Hypervisors for GigaVUE-VM

Note: GigaVUE-VM is not released in 5.14.00, however GigaVUE v5.13.00 is still compatible with v5.14.00

Tested Platforms
GigaVUE-VM Supported
Hypervisors
vCenter Server ESXi GigaVUE-FM

vSphere ESXi v5.5 v5.5 v5.5 v5.7.02, v5.8.00

v6.0 v6.0.0a v6.0.0a v5.7.01, v5.8.00, v5.9.00
v6.5 v6.5 v6.5 v5.7.01, v5.8.00, v5.9.00, v5.10.01,
v5.11.00, v5.11.01, v5.12.00
v6.7 V6.7U2, v6.7U3 V6.7U2, v6.7U3 v5.7.01, v5.8.00, v5.9.00, v5.10.01,
v5.11.00, v5.11.01, v5.12.00, v5.13.00
vSphere NSX T v2.5.1 v6.5U2, v6.7U2 v6.5U2, v6.7U2 v5.8, v5.9.00
v6.7U3 v6.7U3 v5.10.01, v5.11.00, v5.11.01,
v5.12.00, v5.13.00

2/4/2022 System Requirements 30

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

Tested Platforms
GigaVUE-VM Supported
Hypervisors
vCenter Server ESXi GigaVUE-FM

vSphere NSX V v6.2.4 v6.0 v6.0 v5.7.01

v6.2.5 v6.0 v6.0 v5.7.01
v6.3.1 v6.5 v6.5 v5.7.01
v6.3.2 v6.5 v6.5 v5.7.01
v6.3.3 v6.5 v6.5 v5.7.01
v6.3.6 v6.5 v6.5 v5.7.01
v6.4.3 v6.5U2, v6.7U2 v6.5U2, v6.7U2 v5.7.01, v5.8.00
v6.4.4 v6.7U2 v6.7U2 v5.7.01, v5.8.00, v5.9.00
v6.4.6 v6.7U3 v6.7U3 v5.8.01, v5.9.00, v5.10.01, v5.11.00,
v5.11.01, v5.12.00
v6.4.8 v6.7U3 v6.7U3 v5.11.00, v5.11.01, v5.12.00, v5.13.00

v6.4.10 v7.0 v7.0 v5.13.00

Third-party Notes for GigaVUE-VM

GigaVUE-VM (GVM), which is built on CentOS 6, may contain some unresolved 3rd-party known issues.
The CentOS vendor, RedHat, has announced that it is no longer updating the platform; hence, the
following potential vulnerabilities are not expected to be addressed:
• EOL/Obsolete software: Apache HTTP server 2.2.x detected (VM-16137)
• Apache HTTP Server (“httpd”) ap_get_basic_auth_pw() authentication bypass vulnerability (VM-
16138)
• File permissions (passwd, shadow and group) are not properly zet (VM-16139)
• OpenSSH AES-GCM cipher remote code execution vulnerability (VM-16140)
• Linux kernel double fetch denial of service vulnerability (VM-16142)

Supported Operating Systems for G-vTAP Agents

Supported Operating Systems for G-vTAP Agent v1.4-1, v1.5-1, v1.6-1, v1.7-1, v1.8-1, v1.8-2,
v1.8-3, v1.8-4

Operating System Supported Version(s)

Ubuntu/Debian Versions 14-20 supported. All LTS versions since 14.

CentOS/RHEL/Fedora Versions 7 and above

(For older versions such as 5, 6, supported G-vTAP agent is v1.2)

2/4/2022 System Requirements 31

 GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

Operating System Supported Version(s)

Amazon Linux Versions 1 and 2

(For version 2, package iproute-tc must be installed first)

Windows Server Versions 2008 through 2019

• G-vTAP Agent version must be v1.7-1 for older releases where the kernel modules and packages required
are not officially supported.
• We support only G-vTAP Agent version v1.7-1 (for V Series 1.0) and v-1.8.4 (V Series 1.0 (for Azure and AWS),
V-Series 2.0 (All Supported Platforms)).

Support and Compatibility

GigaVUE-FM and GigaVUE-OS Compatibility
GigaVUE-FM 5.14.00 supports GigaVUE-OS 5.14.00 as well as earlier versions.

Supported Browsers
Supported Browsers for GigaVUE-FM
GigaVUE-FM supports the following browsers:

Browser Minimum Version

Mozilla Firefox™ 77.01

Microsoft Edge 83.0.478.54

Apple® Safari® Version 13.05

Google® Chrome® Version 83.0.4103.106

Internet Explorer 11 (IE11) is deprecated for security reasons and is no longer supported. IE users are
strongly encouraged to switch to Edge. (Ref. FM-25767, HD-55024, HD-55103)

Supported Browsers for GigaVUE-OS H-VUE (Classic mode) and GigaVUE-FM

GigaVUE-OS H-VUE and GigaVUE-FM support the following browsers:

OS Browser Minimum Browser Version

Windows® Mozilla Firefox™ Version 77.01
Microsoft Edge Version 83.0.478.54
Apple® Safari® Version 13.05
Google® Chrome® Version 83.0.4103.106
Internet Explorer® No longer supported (formerly, Version 11)

2/4/2022 Support and Compatibility 32

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

OS Browser Minimum Browser Version

Google® Chrome® Version 83.0.4103.106
Mac OSX Mozilla Firefox™ Version 77.01
Mac OSX Apple® Safari® Version 13.05
Microsoft Edge Version 83.0.478.54
Google® Chrome® Version 83.0.4103.106
Linux
Mozilla Firefox™ Version 77.01

Internet Explorer 11 (IE11) is deprecated for security reasons and is no longer supported. IE users are strongly
encouraged to switch to Edge. (Ref. FM-25767, HD-55024, HD-55103)

Supported Browsers for GigaVUE-OS H-VUE Secure Cryptography Mode

GigaVUE-OS H-VUE supports the following browsers when secure cryptography mode is enabled.

OS Browser Validated Browser Version in Secure Cryptography Mode

Windows® Mozilla Firefox™ Version 77.01

Microsoft Edge Version 83.0.478.54
Internet Explorer ® No longer supported (formerly, Version 11.0.120)
Google Chrome
® ®
Version 83.0.4103.106
Mac Mozilla Firefox 77.01
Only the stated versions have been validated. Higher versions may also be supported but are subject to change if the vendor
modifies the ciphers supported by their browser.
Internet Explorer 11 (IE11) is deprecated for security reasons and is no longer supported. IE users are strongly encouraged to
switch to Edge. (Ref. FM-25767, HD-55024, HD-55103)
When secure cryptography mode is enabled, only the following ciphers are supported:
• TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
• TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
• TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
• TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384

Be aware that not all browsers support these ciphers. Refer to Supported Browsers for GigaVUE-OS H-VUE
Secure Cryptography Mode for the list of validated and recommended browser versions to use for GigaVUE-OS H-
VUE when secure cryptography mode is enabled.

Installation and Upgrade

Complete installation and upgrade instructions can be found in the respective product documentation.
This section provides additional advice that is important to know before installing or that is specific to this
release.

2/4/2022 Installation and Upgrade 33

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

Installation and Upgrade Documentation

Product Refer to… Includes

GigaVUE-OS GigaVUE-OS Upgrade Guide instructions for installing the

bootloader and upgrading all
GigaVUE® HC Series and TA Series
Visibility Fabric™ Nodes and
Certified Traffic Aggregation White
Boxes as standalone nodes or
clusters.

GigaVUE-FM GigaVUE-FM Installation and Upgrade Guide instructions to install GigaVUE-FM

on VMware ESXi, MS Hyper-V, and
KVM.

GigaVUE-VM GigaVUE Cloud Suite for VMware Configuration instructions for installing,
Guide deploying, and operating the
GigaVUE® Virtual Machine
(GigaVUE-VM)
GigaVUE GigaVUE Cloud Suite AnyCloud Configuration instructions on configuring the
Cloud Suites Guide GigaVUE Cloud components and
GigaVUE Cloud Suite AWS Configuration Guide setting up traffic monitoring
GigaVUE Cloud Suite Azure Configuration Guide sessions for the respective Cloud
GigaVUE Cloud Suite Kubernetes Configuration platform
Guide
GigaVUE Cloud Suite Nutanix Configuration Guide
GigaVUE Cloud Suite OpenStack Configuration
Guide
Gigamon Containerized Broker

GigaVUE-OS Upgrade
To upgrade GigaVUE-OS, the recommended procedure is to back-up your settings on each node and
perform the pre-upgrade checks (default admin password, the maximum number of images, U-Boot
version, and Coreboot version) before installing the image. The upgrade path from previous versions of
the GigaVUE-OS varies depending on the current OS version and node type. It is recommended that
you plan your upgrade before performing any upgrade steps.
Support for SHA1
SHA1 support has been removed from 5.13.xx to improve security. Refer to the instructions in
Addendum for details.
Documentation: Refer to the GigaVUE-OS Upgrade Guide for the complete upgrade procedures.

GigaVUE-OS Upgrade Rules and Notes

• For supported upgrade paths for GigaVUE-OS refer to the GigaVUE-OS Upgrade Guide or the
5.14 online documentation topic GigaVUE-OS Upgrade Summary.
• If upgrading from GigaVUE-OS versions lower than 5.5.xx: While upgrading from any GigaVUE-OS
version lower than v5.5.xx, an association of more than one VPort to the same GigaSMART group
needs to be removed for any existing GTP GigaSMART operation.

2/4/2022 Installation and Upgrade 34

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

• If upgrading from GigaVUE-FM versions lower than 5.10.01: The size of the GigaVUE-OS image for
GigaVUE-HC1 increased in 5.10.01. Upgrading directly from a pre-5.9 release to 5.10.01 or above
is not supported. The following upgrade path is recommended: 5.9.00.04 or 5.9.01 → 5.10.01.

GigaVUE-FM Installation
Documentation:
• Refer to the GigaVUE-FM Installation and Upgrade Guide for the procedures or search for
“GigaVUE-FM Installation and Upgrade” from the Gigamon Community or from the Online
Documentation Library.
• If you are deploying a GigaVUE-FM Hardware Appliance 2.0, for initial configuration of iDRAC9,
refer to Dell PowerEdge - How to configure the iDRAC9 and the LifeCycle Controller Network IP.

Credentials for Admin Account for New Deployments

During new installations of GigaVUE-FM, you will be forced to create a new password that meets the
password criteria. The default password, ‘admin123A!’, can no longer be used after the first login.

GigaVUE-FM Upgrade
General GigaVUE-FM Upgrade Guidance
To upgrade GigaVUE-FM, the recommended procedure is to back up your current configuration and
perform the pre-upgrade checks (memory requirements, the maximum number of images) before
installing the image. You can upgrade via the GigaVUE-FM UI or CLI. It is recommended that you plan
your upgrade before performing any upgrade steps.
IMPORTANT: Intent-Based Orchestration (IBO) Policies are removed when upgrading from any
pre-5.11 version of GigaVUE-FM to version 5.11.00 or above. IBO Policies will need to be
recreated after upgrading to 5.11.00 or above. (Ref: FM-33169)
BEST PRACTICE: Before performing an upgrade, in addition to taking a backup of GigaVUE-FM,
also take a Sysdump, which provides valuable configuration information that is not captured
in the backup. You can use the Sysdump after the upgrade to troubleshoot any upgrade-
related issues with your configurations.

GigaVUE-FM Upgrade Rules and Notes

• Best Practice: Always upgrade your GigaVUE-FM instance before upgrading the GigaVUE-OS
nodes. You can upgrade the attached nodes from the device or from GigaVUE-FM. The latter is
recommended. Refer to “Upgrade Software on a GigaVUE Node or a Cluster from GigaVUE-FM”
in the GigaVUE-FM User’s Guide.
• Supported upgrade paths for GigaVUE-FM 5.8 and above:

o 5.8.01 > 5.10.02 > 5.11.01*

o 5.9.01 > 5.11.01*
o 5.10.02 > 5.11.01*
o 5.10.02 > 5.12.01**
o 5.11.01 > 5.12.01**

2/4/2022 Installation and Upgrade 35

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

o 5.11.01 > 5.13.01**

o 5.12.01 > 5.13.01**
o 5.12.01 > 5.14.00**
o 5.13.00 > 5.13.01**
o 5.13.00 > 5.14.00**
o 5.13.01 > 5.14.00**
*Password change is mandated for all passwords during upgrade.
**Password change is only mandated if the current password is using the default password

• If upgrading from GigaVUE-FM versions lower than 5.10.xx: You cannot directly upgrade your
GigaVUE-FM instance to release 5.10.00 from a release prior to 5.8. Refer to the GigaVUE-FM
Migration instructions in version 5.10 of the Online Documentation Library for details.
• If upgrading from GigaVUE-FM versions lower than 5.5.00: While upgrading from any version
lower than 5.5.00, an association of more than one VPort to the same GigaSMART group needs
to be removed for any existing GTP GigaSMART operation.
• If upgrading from GigaVUE-FM versions lower than 5.4.00: Be aware of the minimum memory
requirement changes between releases. Earlier releases specified 4GB of memory for the OVA
template; whereas versions after 5.4.00 require 8GB and versions after 5.7.00 require 16GB. If the
existing virtual or physical hardware running GigaVUE-FM is configured with less memory than
required, then increase the amount of memory available to the GigaVUE-FM machine. Refer to
GigaVUE-FM Memory and CPU Requirements in this document for details.

Line Card or Module Removal Procedure (Hot Removal)

Line cards or modules are hot-swappable – they can be installed or removed from the chassis with the
power on. To remove a card safely with the power on, you must follow the procedures defined in the
Hardware Installation Guide. Hot removal without following the steps defined in the respective
document can cause system instability and require a reboot.

Documentation
Online Documentation – No Login Required
All online product documentation is available without a login. Online product documentation provides
the content from all of the product guides for the release in a single, searchable, online format. Online
documentation also includes PDF Downloads, a video library, links to the online Troubleshooting Guide
and Gigamon Validated Designs.
• For the complete online documentation for this release, visit the GigaVUE 5.14 Online
Documentation. No login required.
• View What's New in the online documentation to access quick links to topics for each of the new
features.
• To download PDFs or find additional resources, check out the new Documentation Library site.
Bookmark this link for future reference.

2/4/2022 Documentation 36
GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

IMPORTANT: The online documentation does not include Release Notes. When upgrading to a
new release, first download the Software and Release Notes from the Software and Docs
page (login required) on the Gigamon Community, then click the Documentation Library option
to access the PDFs, online documentation, and additional resources.

How to Get the Latest Documentation—No Login Required

o Always view the Online Documentation for the latest updates.
o Visit the Documentation Library site to download the latest PDFs and find additional
resources.
o Additionally, you can find all published documentation from a simple search on the
Gigamon Community, even without a login. Click the Documentation tab on the Search
Results page to filter by release, doc type, or topic area.
o In the online documentation:
 Use the Search box to search across the whole doc set.
 Use the left navigation to peruse content from the full doc set in online format.
 Click the PDF Download button to visit the Documentation Downloads site.
 Check out the new Gigamon Validated Designs and Troubleshooting Guide as well!

How to Get the Latest Release Notes—Login Required

• To find the Release Notes for any release:
o Registered Customers can log in to the Gigamon Community. From the menu, select More >
Software & Docs to download software and documentation. In the search section, select the
Product and Release using the filters, enter "note" in the search box, and then click Go.

Replaced Terms in this Release

As part of the Inclusive Language Initiative, we have replaced certain terms in our descriptive text
throughout our marketing content and the 5.14 Online Documentation. Additional changes will be
made at the product level in subsequent releases.
The following terms are presently being adopted to describe Gigamon technology. This list is organized
by the functionality they describe:
Note: Some terms may be subject to further change at a future date based on the IEEE.

Decryption What to call the lists defining whether to decrypt or not to decrypt:
o decrypt list, meaning need to decrypt (formerly “blacklist”)
o no-decrypt list, meaning no need to decrypt (formerly “whitelist”)
Selective What to call the list that gets forwarded to network:
Forwarding
o forward list (formerly “whitelist”)
o drop list (formerly "blacklist")
PTP (Precision Time What to call PTP (precision time protocol) clock nodes:
Protocol)

2/4/2022 Documentation 37
GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

These terms are used to describe the relationship of node clocks with
regard to how they communicate time data to ensure clocks are
synchronized throughout a network:
o Primary source (root timing reference; transmits sync info to clocks in
its network segment) (formerly "grandmaster")
o Source/leader (leader in a bidirectional clock relationship) (formerly
"master")
o Receiver/destination/follower (follower in a bidirectional clock
relationship) (formerly "slave")
CLI (Command Line What to call the “master” in Command Line Interface:
Interface)
o source = leader in a bidirectional clock relationship (formerly
"master")
o leader = leader in cluster node relationship (formerly master)
What to call the “blacklist” in Command Line Interface:
o decryptlist, meaning need to decrypt (formerly “blacklist”)
What to call the “whitelist” in Command Line Interface:
o nodecryptlist, meaning no need to decrypt (formerly “whitelist”)
PKI (Public Key What to call the “master” key in Public Key Infrastructure:
Infrastructure)
o Root = Primary, root certificate, trust anchors (formerly “master”)
o CA or Subordinate CA, depending on context = sub-node,
subordinate certificate, certificate authority (formerly “master”)
o Leaf Node = leaf nodes, clients, users
o Refer to the x.509 standard for details
Example of PKI structure:

root
(root certificate)

| | |||
sub-node sub-node leaf nodes
(subordinate CA) (subordinate CA)

||| |
leaf nodes sub-node
(users) (subordinate CA)

|||
leaf nodes
(clients)

Available Documentation
Hardware Guides
• G-TAP A 2 Series Hardware Installation Guide
• GigaVUE-HC3 Hardware Installation Guide

2/4/2022 Documentation 38
GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

• GigaVUE-HC2 Hardware Installation Guide

• GigaVUE-HC1 Hardware Installation Guide
• GigaVUE TA Series Hardware Installation Guide

Software Installation, Upgrade, and Migration Guides

• GigaVUE-FM Installation, Migration, and Upgrade Guide
• GigaVUE-OS Upgrade Guide
• Gigamon Subscriber Metadata Aggregator Function (SMAF) Installation Guide

Fabric Management and Administration Guides

• GigaVUE Fabric Management Guide
• GigaVUE Administration Guide
Note: These guides include guidance for both GigaVUE-OS and GigaVUE-FM

Cloud Guides
• GigaVUE Cloud Suite for AnyCloud Guide
• GigaVUE Cloud Suite for AWS Guide
• GigaVUE Cloud Suite for AWS Secret Regions Guide
• GigaVUE Cloud Suite for AWS Quick Start Guide
• GigaVUE Cloud Suite for Azure Guide
• GigaVUE Cloud Suite for OpenStack Guide
• GigaVUE Cloud Suite for Kubernetes Container Guide
• GigaVUE Cloud Suite for Nutanix Guide
• GigaVUE Cloud Suite for VMware—GigaVUE-VM Guide
• GigaVUE Cloud Suite for VMware—GigaVUE V Series Guide
• Gigamon Containerized Broker Guide
• GigaVUE V Series Quick Start Guide

Reference Guides
• GigaVUE-OS CLI Reference Guide
• GigaVUE-OS Cabling Quick Reference Guide
• GigaVUE-OS Compatibility and Interoperability Matrix
• Gigamon Protocol Bundle Index (available in GigaVUE-FM and offline upon request)
• GigaVUE-OS, GigaVUE-FM, GigaVUE-VM, and GigaVUE® Cloud Suite Release Notes (this document)
• GigaVUE-FM API Reference Guide (available in the online documentation)

Documentation Feedback
To send feedback and report issues in our documentation, complete the short survey at the following
link: https://www.surveymonkey.com/r/gigamondocumentationfeedback

2/4/2022 Documentation 39
GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

Additional Information
Contacting Gigamon Support
Refer to http://www.gigamon.com/support-and-services/contact-support for Technical Support hours and
contact information. You can also email Technical Support at [email protected]. Refer also to the
Gigamon Community at https://gigamoncp.force.com/gigamoncp/.

Copyright
Copyright © 2021 Gigamon Inc. All Rights Reserved. No part of this publication may be reproduced,
transmitted, transcribed, stored in a retrieval system, or translated into any language in any form or by
any means without Gigamon’s written permission

Trademark Attributions
Gigamon and the Gigamon logo are trademarks of Gigamon in the United States and/or other
countries. Gigamon trademarks can be found at www.gigamon.com/legal-trademarks. All other
trademarks are the trademarks of their respective owners.

The Gigamon Community

The Gigamon Community is a technical site where Gigamon users, partners, security and network
professionals and Gigamon employees come together to share knowledge and expertise, ask
questions, build their network and learn about best practices for Gigamon products.
Visit the Gigamon Community site to:
• Find knowledge base articles and documentation
• Ask and answer questions and learn best practices from other members.
• Join special interest groups to have focused collaboration around a technology, use-case, vertical
market, or beta release.
• Take online learning lessons and tutorials to broaden your knowledge of Gigamon products.
• Submit and vote on feature enhancements and share product feedback. (Customers only)
• Open support tickets (Customers only)
• Download the latest product updates and documentation (Customers only)
The Gigamon Community is a great way to get answers fast, learn from experts and collaborate directly
with other members around your areas of interest.
Register today at community.gigamon.com
Questions? Contact our Community team at [email protected].

2/4/2022 Additional Information 40

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

Change Notes
Date Revision Change

01/13/2022 2.0 New Features and Improvements in 5.14.00 section is updated.

12/22/2021 1.0 The original release of this document with version 5.14.00 GA.

2/4/2022 Change Notes 41

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

Addendum: SSH Version Requirements

If you have an SSH client older than version 6.x, it is no longer supported as of GigaVUE-OS 5.13.00
default (classic mode) settings. If you are upgrading from a previous version of GigaVUE-OS, please
review the default SSH behavior and the required steps based on your current security settings.

What is the Default SSH Behavior After Upgrading to GigaVUE-OS

v5.13.00?
• If your current system is in Classic Mode, then Legacy Mode will be enabled by default after
upgrading to 5.13.xx.
o Legacy Mode leaves your existing SSH/TLS settings in place and your old client will still provide
connectivity after the upgrade. Be aware that security scans against the Gigamon
appliance will likely highlight risks from these legacy, deprecated algorithms and that
continuing to use them may expose you to risk.
o To get the new, more secure (recommended), settings, you need to disable Legacy Mode
and manually switch back to Classic Mode.
• If your current system is in Secure Cryptography Mode, then it will stay in Secure Cryptography
Mode.
o The existing client is expected to continue to work. For a list of the changes, refer to the What
Changed table.
o Switching from Secure Cryptography Mode to Legacy Mode is not supported (and not
needed).
 Neither Secure Cryptography mode nor FIPS mode can be set when Legacy mode is
enabled.
 Setting Legacy mode will be rejected if either Secure Cryptography mode or FIPS
mode is set.

What Post-Upgrade Steps Do I Need to Take?

• To support stronger defaults for SSH and TLS default configuration for our appliance-based products,
the following new CLI commands are available for checking and switching modes:
o “no system security legacy” will disable Legacy Mode and switch to the updated and more
secure (recommended) Classic Mode.
o "system security legacy" will re-enable Legacy mode, if any issues arise.
o "show system security" will have an additional line of display for Legacy mode. The "enabled"
status indicates that the system is using the older, weaker (not recommended) default
configuration for all applications. The "disabled" state indicates that the new [stronger]
default configurations are in use.

Troubleshooting
• If there are connection problems with the SSH client, upgrade the client to a more secure
(recommended) version.

2/4/2022 Addendum: SSH Version Requirements 42

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

• Although not recommended, if you need to revert to Legacy Mode, follow the instructions provided
under How to Disable Legacy Mode and Enable Classic Mode.

How to Disable Legacy Mode and Enable Classic Mode

To disable Legacy and return to the new (stronger) Classic Mode:

gigamon-1c000d (config) # show system security

Security configuration:
Current secure cryptography mode : disabled
Current secure fips mode : disabled
Legacy cryptography mode : enabled
Minimum password length : 8
Logging Martian packets : no

gigamon-1c000d (config) #
gigamon-1c000d (config) # no system security legacy
gigamon-1c000d (config) #
gigamon-1c000d (config) # show system security
Security configuration:
Current secure cryptography mode : disabled
Current secure fips mode : disabled
Legacy cryptography mode : disabled
Minimum password length : 8
Logging Martian packets : no

If you need to re-enable it, repeat the “system security legacy”:

gigamon-1c000d (config) # system security legacy

gigamon-1c000d (config) #
gigamon-1c000d (config) #
gigamon-1c000d (config) # show system security
Security configuration:
Current secure cryptography mode : disabled
Current secure fips mode : disabled
Legacy cryptography mode : enabled
Minimum password length : 8
Logging Martian packets : no

How does this impact your SSH settings?

BEFORE AFTER
5.11 Crypto SSH cc-mode scans of sshd using nmap:
$ nmap --script ssh2-enum-algos 10.115.182.26
PORT STATE SERVICE
22/tcp open ssh Starting Nmap 7.60 ( https://nmap.org ) at 2021-04-19
| ssh2-enum-algos: 14:37 PDT
| kex_algorithms: (4) Nmap scan report for 10.115.182.26
| ecdh-sha2-nistp256 Host is up (0.0011s latency).
| ecdh-sha2-nistp384 Not shown: 996 closed ports
| ecdh-sha2-nistp521 PORT STATE SERVICE
| diffie-hellman-group14-sha1 22/tcp open ssh

2/4/2022 Addendum: SSH Version Requirements 43

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

BEFORE AFTER
| server_host_key_algorithms: (1) | ssh2-enum-algos:
| ecdsa-sha2-nistp384 | kex_algorithms: (3)
| encryption_algorithms: (4) | ecdh-sha2-nistp256
| [email protected] | ecdh-sha2-nistp384
| [email protected] | ecdh-sha2-nistp521
| aes256-cbc | server_host_key_algorithms: (1)
| aes128-cbc | ecdsa-sha2-nistp384
| mac_algorithms: (3) | encryption_algorithms: (4)
| hmac-sha1 | [email protected]
| hmac-sha2-256 | [email protected]
| hmac-sha2-512 | aes256-cbc
| compression_algorithms: (2) | aes128-cbc
| none | mac_algorithms: (2)
|_ [email protected] | hmac-sha2-512
80/tcp open http | hmac-sha2-256
443/tcp open https | compression_algorithms: (2)
| none
|_ [email protected]
80/tcp open http
443/tcp open https
9090/tcp open zeus-admin

Nmap done: 1 IP address (1 host up) scanned in 0.30

seconds
5.11 Classic SSH classic mode - scans of sshd:

PORT STATE SERVICE $ nmap --script ssh2-enum-algos 10.115.182.26

22/tcp open ssh
| ssh2-enum-algos:
Starting Nmap 7.60 ( https://nmap.org ) at 2021-04-19
| kex_algorithms: (10)
12:01 PDT
| curve25519-sha256
Nmap scan report for 10.115.182.26
| [email protected]
Host is up (0.00084s latency).
| ecdh-sha2-nistp256
Not shown: 996 closed ports
| ecdh-sha2-nistp384
PORT STATE SERVICE
| ecdh-sha2-nistp521
22/tcp open ssh
| diffie-hellman-group-exchange-sha256
| ssh2-enum-algos:
| diffie-hellman-group16-sha512
| kex_algorithms: (4)
| diffie-hellman-group18-sha512
| ecdh-sha2-nistp256
| diffie-hellman-group14-sha256
| ecdh-sha2-nistp384
| diffie-hellman-group14-sha1
| ecdh-sha2-nistp521
| server_host_key_algorithms: (3)
| diffie-hellman-group14-sha256
| rsa-sha2-512
| server_host_key_algorithms: (2)
| rsa-sha2-256
| rsa-sha2-512
| ssh-rsa
| rsa-sha2-256
| encryption_algorithms: (3)
| encryption_algorithms: (3)
| aes128-ctr
| aes256-ctr
| aes192-ctr
| aes192-ctr
| aes256-ctr
| aes128-ctr
| mac_algorithms: (10)
| mac_algorithms: (2)
| [email protected]
| hmac-sha2-512
| [email protected]
| hmac-sha2-256
| [email protected]
| compression_algorithms: (2)
| [email protected]
| none
| [email protected]
|_ [email protected]
| [email protected]
80/tcp open http

2/4/2022 Addendum: SSH Version Requirements 44

GigaVUE-OS, GigaVUE-FM, and GigaVUE® Cloud Suite Release Notes v5.14.00

BEFORE AFTER
| [email protected] 443/tcp open https
| hmac-sha2-256 9090/tcp open zeus-admin
| hmac-sha2-512
| hmac-sha1
Nmap done: 1 IP address (1 host up) scanned in 0.25
| compression_algorithms: (2) seconds
| none
|_ [email protected]

N/A legacy mode - scans of sshd and httpd:

$ nmap --script ssh2-enum-algos 10.115.182.26

$ nmap --script ssh2-enum-algos 10.115.182.26

Starting Nmap 7.60 ( https://nmap.org ) at 2021-04-27

00:08 PDT
Nmap scan report for 10.115.182.26
Host is up (0.00078s latency).
Not shown: 996 closed ports
PORT STATE SERVICE
22/tcp open ssh
| ssh2-enum-algos:
| kex_algorithms: (6)
| ecdh-sha2-nistp256
| ecdh-sha2-nistp384
| ecdh-sha2-nistp521
| diffie-hellman-group14-sha256
| diffie-hellman-group-exchange-sha256
| diffie-hellman-group14-sha1
| server_host_key_algorithms: (3)
| rsa-sha2-512
| rsa-sha2-256
| ssh-rsa
| encryption_algorithms: (3)
| aes256-ctr
| aes192-ctr
| aes128-ctr
| mac_algorithms: (3)
| hmac-sha2-512
| hmac-sha2-256
| hmac-sha1
| compression_algorithms: (2)
| none
|_ [email protected]
80/tcp open http
443/tcp open https
9090/tcp open zeus-admin

Nmap done: 1 IP address (1 host up) scanned in 0.25

seconds

2/4/2022 Addendum: SSH Version Requirements 45