Zum Inhalt

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

Kompatibilitätsmatrix (Cisco ISE ↔ ISE‑Manager)

Legende: ✓ = unterstützt/verifiziert, – = nicht angegeben (siehe Hinweis).

ISE‑Manager Version ISE 2.4 ISE 3.2 ISE 3.3 Patch 4 ISE 3.4 - 3.4 Patch 3 Hinweise
5.0.0 - 5.0.1 - Explizite Unterstützung für <=3.4, Abwärtskompatibilität zu früheren ISE‑Versionen. Siehe Changelog „ISE API Compatibility“ (Added support for Cisco ISE v3.4).
4.4.0 (05.03.2025) API‑Kompatibilität mit ISE v3.2 durch korrekte Content‑Type/Accept Header und optionalen ERS‑Media‑Type; abwärtskompatibel zu ISE 2.4 sowie kompatibel mit ISE 3.3 Patch 4.
4.0.1 (06.03.2022) Tested support for ISE 3.2.
  • Für Releases ohne explizite Nennung im Changelog ist die Unterstützung nicht dokumentiert. Bitte Rücksprache mit AnyWeb aufnehmen, falls Sie eine andere ISE‑Version einsetzen.
  • Bei Upgrades (ISE oder ISE‑Manager) wird empfohlen, die Kompatibilität und erforderliche Header/Protokolle im Vorfeld mit einem AnyWeb Engineer zu überprüfen.

[5.0.1] - 18.11.2025

Fixed

  • LastSeen (UI): Endpoint list and detail views now display the actual LastSeen timestamp (awlastSeen / lastSeenDate) instead of the update timestamp (awlastSeenUpdated). (#415)

[5.0.0] - 13.11.2025

Added

  • MAC Address Copy Feature: Added a feature that allows users to copy the MAC address to the name field using a "Copy MAC" button.(#335)
  • LastSeen (Session Tracking): The LastSeen job now processes all session-eligible endpoints (states active and expired) while excluding disabled. It includes tiered prioritization (never-checked, severely-outdated, rotation), time-based chunk sizing (business vs. off hours), rate limiting with exponential backoff, retries, and detailed metrics/history tracking per endpoint. (#401)
  • Endpoint-Update: Enabled the possibility to update both the name and MAC address of an endpoint, ensuring reliable identification and modification of the target endpoint. (#406)

Changed

  • Documentation: Added public facing online documentation for customers. The old PDF-Documents are deprecated and moved to internal archive. From now on improvements will be performed to the documentation basis that is found online. A download button for offline availability will be added in the future. The documentation can be found here: AnyWeb ISE-Manager Wiki. (#389)
  • ISE API Compatibility: Added support for Cisco ISE v3.4 and hardened XML/JSON deserialization to ignore unknown attributes in API responses. Backward compatible with earlier ISE versions. (#408)
  • Form Layout (Create Endpoint): Adjusted the layout of the Create Endpoint form to position the "Copy MAC" button next to the MAC address input field for a more user-friendly interface. (#335)
  • Endpoint Data Model (JSONB): Endpoints now support a flexible, NoSQL-like data enrichment approach via JSONB for on-the-fly metadata. LastSeen / ISE-Session data are the first stored elements. (#401)

Deprecated

  • LastSeen Properties: The old LastSeen properties are deprecated and will be removed in future releases. Please refer to the new LastSeen documentation for updated configuration options. (#401)

Removed

  • Endpoint-Create / Update (#406): Temporarily removed Infoblox-specific logic from endpoint lifecycle paths. This integration will return later as a separate, opt‑in module.

Fixed

  • Log File Export: error when trying to export a log file (#402)
  • Endpoint-Create / Update (#406):
  • Duplicate protection now blocks create attempts early and safely, even when force‑delete settings are enabled.
  • No ISE deletion on database errors during create; external state remains unchanged if a local save fails.
  • Safer updates when changing name and MAC together; improved null‑safety and fallback identification.

[4.4.0] - 05.03.2025

Added

  • Environment Name Visibility: Added prominent display of environment name (e.g., PROD, DEV, TEST) throughout the UI including login window, headers, and confirmation dialogs using customizable properties to enhance user awareness and prevent actions in wrong environments. (#355)
  • Override of UI Properties: Added the ability to override UI properties in the "...\wildfly-XXX\standalone\configuration\customizations\custom-ui.properties" file to customize the UI for specific environments. (#355)
  • Session Management: Added CoA (Change of Authorization) disconnect feature when deleting endpoints with force_delete enabled, preventing immediate endpoint recreation due to ongoing sessions and making thus the delete process more robust. Also added UI options for Super-Admins to manage endpoint sessions. (#383)
  • Health Metrics System: Comprehensive system for collecting and displaying various health metrics including system performance, backup status, OS security, and certificate health. (#367)
  • Health Dashboard: New UI components for visualizing different metric types (Numbers, Counters, Tables, Text) providing operational insights. (#367)
  • Monthly Reporting: Automated generation of health reports in PDF format for system status documentation. (#367)
  • New Startup Configuration: Added 110_setup_statistics.jboss for metrics initialization during application startup. (#367)

Changed

  • Enhanced Backup System: Improved backup script with automatic cronjob creation for the wildfly user. (#367)

Fixed

  • AutoExpireAction: Delete could not handle endpoints that did not exist on ISE anymore and blocked other expired endpoints (#387).
  • getExistingEndpoint method should check for existance of mac or name but was checking twice by mac. (#393)
  • ISE API Compatibility: Fixed API compatibility with ISE v3.2 by using properly supported Content-Type and Accept headers (application/json|xml) and adding optional ERS-Media-Type header for version specifications, removing dependency on ise.version property. This causes no ERS-Content Type Headers errors to be thrown anymore by the ISE. It is also downward compatible with ISE 2.4 and also with ISE 3.3 Patch 4. (#156)
  • MAC Address Filtering: Fixed endpoint filtering by partial MAC address, allowing users to search for endpoints using just a portion of a MAC address rather than requiring the full address. (#390)

Security

[4.3.0] - 16.07.2024

Added

  • Sync (Scheduling): Allow a scheduled sync of Endpointgroups and Endpoints from ISE-Manager to Cisco ISE. (#362)

  • Backup and Restore: Added utility script for backup and restore of the application. It can be installed using the isemanger_utility_script.sh. (#366)

Changed

  • Wildfly: Add support for custom startup configuration scripts beginning with custom_* in the startup_configuration directory. (#365)

[4.2.0] - 20.06.2024

Added

  • REST-API: Added a new Field for the PUT-Method of endpoint called extendExpireDate=[true|false] to extend the expire date of an endpoint. Default is false. (#349)
  • Endpoint Creation: Allow the property-based force creation of an endpoint, even if it already is assigned to a static group in ISE. (#361)
  • Install-Script: Add support for RHEL 9 and SLES 15 SP4. (#350,#321)

Changed

  • AuditLog: The state-Field of an Endpoint is now logged in the AuditLog. (#302,#363)
  • Import: The Import Button is disabled whenever there are blacklisted headers in the import file or missing required headers. (#329,#363)
  • Login: The Buildversion and Buildtime are now displayed in the Login-Screen, as well as the error page. (#256)
  • Versioning: All sub-modules are now versioned with the same version as the main project. (#364)
  • CI/CD: The CI pipeline has been updated to include the new versioning for MRs and Tags. (#364)

Fixed

  • Import: Blacklisted illegal headers, that should be ignored from the import file. A corresponding error message is thrown. (#329,#363)
  • Edit Endpointgroup: Expire Offset was limited to max 365 days (the default) but only in edit mode. (#368)
  • MAC validator: Added a validator for mac addresses. Standardize encoding "UTF-8" for import. (#218)
  • Expire Date: During creation of an endpoint it uses group offset when the expire date is bigger than now() + offset. (#255)

[4.1.1] - 16.11.2023

Added

  • Documentation: Added public facing pages documentation for customers

Fixed

  • Role Concept: Role TenantAdmin was able to list Endpointgroups from other Tenants
  • REST API: REST API was not working correctly due to misconfigured authentication mechanisms

[4.1.0] - 09.06.2023

Added

  • Feature (LastSeen): Container Image, Dashboard View, Column in Endpoint-List, CSV-Export of Last-Seen Date
  • GitLab-CI: Added manually triggerable pipeline job for LastSeen-Container build

Changed

  • Utility Script (Install): User is installed with default remote connection ability (% instead of localhost). Needed for container Communication
  • Documentation (Wiki): Adjusted LastSeen-Section
  • Feature (LastSeen): Conditional Rendering in UI. Only when Feature is enabled

Fixed

  • Utility Script (Upgrade): Printenv is removed on upgrade (only used for container)

[4.0.3] - 2023-05-12

Fixed

  • LDAP (Wildfly): Use Recursive Search in Authentication

Changed

  • Endpoint Expiry Checker: The feature is active by default and can be overridden by setting the property
  • Default Property: The Change Properties UI property has been added to the sample ise.properties

Added

  • Install Script (renamed): Added Update Section

[4.0.2] - 2023-04-20

Fixed

  • Fix Sync: Sync was not working correctly
  • Pentaho LDAP: Trim mac on agroscope import (ldap)
  • Fix Dashboard: Issue with too many expired endpoints (200'000) in dashboard lead to application crash.
  • Fix Auth logging: Authentication error due to LDAP was not displayed
  • Memory size: Make memory sizing persistent using install script

Changed

  • Edit EndpointGroup: Make EndpointpGroup editable (but not rename)
  • Doc: AdminGuide doc update
  • Toggle LDAP Feature: Make LDAP-Feature toggleable, default behavior is "disabled"
  • serial number not unique: Remove unique serial number constraints
  • split mariadb setup: Split DB and user creation from content creation in install script.

Added

  • CI/CD improved: Add multiple environments (Development/Staging) as well as SAST & Security Checks

[4.0.1] - 2022-03-06

Added

  • Ciso ISE 3.2: Tested support for ISE 3.2
  • Debian/RHEL support: Install script with support for Debian/RHEL based systems
  • Docker-Swarm: Docker-Swarm configuration for deployment as alternative
  • VSCode DevContainer: Devcontainer added for better development
  • CI/CD Pipelien: Introduced pipeline for bundling of customer installations

[4.0.0] - 2022-12-19

Added

New Features:

  • Install script: Install script to deploy the application
  • Container support: Installation can be done now using a container. Currently using docker but in future will move to kubernetes.

Changed

  • Application Server: Switching to new Applicationserver version Wildfly 26.
  • MariaDB: Switching to minimal version 10.3=<.

[3.0.0] - 2022-12-12

Added

New Features:

  • Role Concept: New role concept with new roles was introduced. New Roles are:
  • ServiceDesk​
  • GlobalViewer​
  • TenantViewer​
  • Tenant​
  • TenantAdmin​
  • SuperAdmin
  • Synchronisation: Push EndpointGroups and Endpoints from ISE-Manager --> Cisco ISE.
  • Move: Move Endpoint between group and tenant.
  • Auditlog: Auditlog can be viewed now in GUI.
  • Infopage: New info page to download guide.
  • New fields: Introduce new fields vendor and serialnumber.

[2.0.0] - 2023-02-xx

Added

New Features:

  • Import: Preview and logging in browser
  • Check ISE: Check ISE connectivity
  • Dashboard: Linkable elements in dashboard.
  • Infoblox: Infoblox integration for Host and IP reservation.
  • Look n Feel: New Primefaces componente to change look n feel.
  • Move: New Primefaces componente to change look n feel.
  • Last Seen Integration: Integration of external data source to retriece 'last seen'.
  • Syslog Parser: Custom syslog parser to retrieve last seen informaiton from ISE Syslog.
  • BMC Remedy Integration: Integration of external data source BMC remedy.
  • ServiceNow Integration: Integration of external data source ServiceNow.
  • LDAP Integration: Integration of external data source using ldap.

[Unreleased]

Added

Changed

Deprecated

Removed

Fixed

Security