MIB Explorer Pro 5.0.0 Release

Announcements
1

After more than two years of development, MIB Explorer 5.0.0 has been released 2020-07-12T22:00:00Z. This new release includes major new features, like full TLS (up to v1.3) and DTLS (v1.2) support, but also a complete revision of the Target configuration.
A lot of stuff has been updated and refreshed behind the scenes. MIB Explorer Pro already exists for more than 15 years and is now ready for the next 10 - at least :wink:.

With version 5.0 and later, SNMPv3 target configurations can be created in three ways:

  • SNMPv3 /USM
    The well know classic option to first create an user description in the User Based Security Model (aka “user list”) and then referencing it by a target by the user profile name.
  • SNMPv3 /direct
    That is the new stuff! Create a target and specify any user credentials (security name, protocols, and keys) directly with the target. That simplifies handling and makes sure, your target information is independent to other targets.
  • SNMPv3 /(D)TLS
    No need to create USM keys from passwords and to specify authentication and privacy. That can be handled by TLS certificates and privacy protocols centrally and avoids and target specific security configuration. This option is exclusively available for SNMP entities/targets with (D)TLS transport.

The Diffie Hellman key exchange adds the last feature that was missing from the SNMP protocol world in MIB Explorer.
Some features like the built-in HTML (standalone) server and the SQL based DB monitoring have been removed, because too few users nowadays are actually using such features.
MIB Explorer will be developed in the future to enhance its SNMP debugging and testing capabilities. Extended PDU analysis and manipulation will be delivered with version 5.1 this year.

The dialogs for SNMPv3 key (password) updates have been fully revised and extended too. Updating and creating users is much easier and even safer now:

  • If a new SNMPv3 user is created, the VACM configuration of a target can be updated too (optionally), in order to inherit the same access rights as the operational user running the user creation.
  • For key updates, lookup dialogs provide information about existing users and security protocols.
  • Key localisation is now transparent and comprehensive.

The new update mechanism and the OS installer support for MacOS and Windows with the recent OpenJDK 14.0.1 are capable to check for updates even behind enterprise proxies and execute the updates in-place for a JAR file installation or with the matching OS installer on request.

MIB Explorer Lite will be discontinued, but still available in the shop until end 2020-09-29T22:00:00Z. If you want to upgrade from a Lite version to a MIB Explorer Pro 5.x edition, please contact sales@agentpp.com for a quote.

Prerequisite

  • Java 9 or later (because of the DTLS support in Java 9) - not required if using OS installer!

Changes

  • Added [MXP-83]: New DTLS support with Java 9 or later dependency based on SNMP4J 3.4.2.
  • Added [MXP-81]: MIB Explorer now supports online software updates which updates MIB Explorer in place.
  • Added [MXP-84]: Added Diffie Hellmann key change and kickstart support.
  • Added [MXP-85]: Instant search for packet analysis.
  • Fixed [MXP-80]: Search MIB Repository dialog fails to search with NullPointerException with option “All”.
  • Added [MXP-78]: Packets panel Save As operation is now able to save (selected) decoded packets as text file.
  • Improved [MXP-76]: When new packets are analysed, then the first of those should be selected.
  • Improved [MXP-63]: Check if a SNMPv3 user already exists in target before trying to create the user.
  • Added [MXP-55]: Trap Receiver panel should allow configuring a delay for INFORM responses, which allows to test/debug agent performance on simulated slow networks.
  • Added [MXP-86]: Copy cell content support using Ctrl- in Packets panel’s packet list.
  • Added [MXP-87]: Create VACM group entry in agent automatically as copy of current user when
    new user is created as option.
  • Fixed [MXP-78]: Tree icon for OBJECT NAME MIB objects changed to instance icon in some cases.
  • Removed: Monitor DB support, internal HTTP server and command line monitoring functions
    because there were too few users actually using it.
  • Fixed: Transport protocol display for DTLS and TLS in Packets analyzer.
  • Added: Hide passwords in SNMPv3 user creation/modification panel.
  • New: Target editor with direct SNMPv3 user support (now there is no need to create an USM user and link it to a target, instead SNMPv3 user credentials can be directly saved with the target. This additional approach simplifies password handling - especially when targets are using the same security name but different passwords.
  • Fixed: Nimbus LF class to be compatible with Java 9 or later.
  • New: Log panel with better performance and easier log copy access.
  • Removed: Log4j dependency (including email sending support for log events) and replaced it by Java logging.
  • Added: Packet panel can be now configured using -Click on Capture button to start capturing packets on application start.
  • Added: TLSv1.3 support.
  • Improved/Fixed: TLS support.
  • Improved [SFJ-208]: Performance of AuthGeneric.passwordToKey can be improved by using 1MB HMAC buffer instead of 64 bytes.
  • Improved [SFJ-209]: Improve MPv3Cache performance for high load multi-threaded message processing. Cache now scales with O(2) instead O(n) where n is the number of concurrently pending requests.
  • Fixed [SFJ-189]: Race condition in ThreadPool which could block task execution.
  • Fixed [SFJ-190]: DefaultUdpTransportMapping throws exception and blocks ListenThread shutdown on incoming packet after shutdown.
  • Fixed [SFJ-191]: TLSTM does not reassemble TLS fragments sent as more than one TCP packet correctly (i.e. SSLEngine BUFFER_UNDERFLOW not handled correctly)
  • Fixed [SFJ-192]: TLSTM is not able to parse fragmented TLS packets if two or more fragments are received in one TCP packet.