Versions Compared

Old Version 3

changes.mady.by.user Chris Smith

Saved on

compared with

New Version 4

changes.mady.by.user Chris Smith

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

HTML
<div id="google_translate_element"></div>
<script type="text/javascript">
function googleTranslateElementInit() {
  new google.translate.TranslateElement({pageLanguage: 'en'}, 'google_translate_element');
}
</script>
<script type="text/javascript" src="//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit"></script>

ProVision 7.1.0

ProVision 7.1.0 is a major release with new features, improvements and bug fixes.

...

Contact 6connect at info@6connect.com to schedule a demo or get more information.

New Features

APIv2 Documentation

Public APIv2 documentation is located at https://cloud.6connect.com/APIv2/

...

  • IPAM API 
    Includes actions for LIRs, IP aggregate and block management, VLAN, IP Rules, and SWIP.
  • Resource API 
    Includes actions for managing the ProVision Resource System
    The resource API provides CRUD endpoints for resources, resource attributes, resource attachments and resource backups.
  • DNS API
    ProVision DNS API allows you to manage DNS Zones, Records, Servers, Groups and ACLS.
  • Users API
    Includes actions for ProVision Users, permissions and actions.
  • Usergroups API
    Includes actions for ProVision Groups, permissions and actions
  • Scheduler API
    The API Allows you to easily schedule tasks.
  • API Composer Platform
    API Composer Platform (ACP) is an additional module in ProVision to help automate frequently used combinations of calls.


Approvals

CFR / IM - 2937: New Approvals Module integrated with DNSv3 - See Approvals.

...

Approvals-related updates include:

Admin Approvals Tab

A new "Approvals" tab has been added to the Admin area of ProVision, containing two sub-tabs - "Pending Approvals" and "Permission Groups", the primary areas from which to manage Approvals items.

...

  • Permission Groups Sub-Tab


    Expand
    titlePermission Groups Page Details...

    The Permission Group page contains areas to manage what type of Approval permissions each User Group has, and on what actions.  There are two tabs available under Permission Groups - Groups and Actions.

    There are two tabs available under Permission Groups - Groups and Actions.

    • In the Groups tab, each ProVision User Group is listed. Clicking the "Assign" button for a group brings up a checklist to select what policy to apply to the group for what Family and Actions (i.e. DNS Zone 'Add' or DNS Group 'Update'). 

    • The Actions Tab lists the group permissions organized by Family/Action type. Expanding a Family shows the available actions, and a matrix of how many groups are assigned under each policy. 

      For more information on the Approvals Permission Groups subtab, see Permission Groups


DNSv3 Approvals Updates

Updates have been made in DNSv3 supporting the Approvals system:

Expand
  • "Resources Awaiting Approval" module

A "Resources Awaiting Approval" module will now display in selected DNSv3 pages to Users with Admin / Approval permissions, if a change has been submitted on that page that is pending approval by the User's Approval Group. See DNS Tab and Approvals,

Scheduler Approvals Updates

Added two new scheduler tasks in support of Approvals:

Expand
  • Approvals - Process Subscription

The "Approvals - Process Subscription" task processes approval request events and handles the sending of notification emails to subscribed Approvals Groups. 

If Approvals are in use with notifications, it is recommended to create this task with a run time of "every 5 minutes" and no end date.

  • Approvals - Delete events older than 1 month

The "Approvals - Delete events older than 1 month" task deletes any Approvals history events older than 30 days. It is recommended to run this task monthly to clear out obsolete approvals items and reduce approvals page load time.

For more information, see Scheduler Tab and Approvals.

ACP ("Workflows") Gadget

CFR / IM - 3119: Added the ACP "Workflows" Gadget to the available Gadgets list for Resource Entry pages. See Gadgets.

The ACP Workflows Gadget allows users to specify and execute Workflows (created in the ACP product) on a ProVision Resource Entry page. 

Working with the ACP Workflow Form

The ACP Workflow Form is a Gadget add-on connecting 6connect's ACP (API Composer Platform) with the ProVision interface to run Workflows. 

...

Expand

Customers with an ACP license can select and add the "ACP Workflow Form" Gadget to a Section, containing fields to select the desired Workflow to Run, Title, and map input options. Multiple Forms may be added to a Section, in order to run additional Workflows or option settings.  When complete, click "Save".


Once enabled, the Gadget will show on the resource page of the section type. Input the field data necessary for the Workflow, and click "Execute Workflow" to process the chain of workflow calls. 

In this example, a "Customer Turn-Up" Workflow was selected (created in ProVision's ACP product) that performed six functions with one button click. The successful "Execute" for "Customer Turn-Up" created a new customer resource entry, assigned IPv4 and IPv6 blocks to them, created a DNS zone for the hostname, and lastly created 'A' and 'AAAA' records for the zone.


6connect ACP (API Composer Platform)

6connect ACP (API Composer Platform) is a separate plugin product that enables you to create and share API workflows via a graphical editor.

...

For more information, see https://www.6connect.com/acp/. To schedule a demo, visit https://www.6connect.com/demo/ or send an email to info@6connect.com.


Linked IPs Gadget

CFR / IM - 3066: Added a "Linked IPs Gadget" to the available Gadgets list for Resource Entry pages. See Gadgets.

The Linked IPs Gadget lists IP blocks assigned to Linked Resources (via the Resource Linkage Gadget).


SAML Authentication Support

CFR / IM - 3137: Added support for SAML login, and authentication settings to Admin→Admin Settings→ Authentication Options. See the Authentication section under Admin Preferences.

SAML is a Single Sign On (SSO) authentication method that uses an external identity provider to authenticate a user at their first login, saving a token to the user's browser that is then used for subsequent logins, so that the user does not need to re-submit credentials. 

SAML Setup

Before configuring SAML in ProVision, you must have an account set up with an Identity Provider (IdP) and ProVision users / groups set up in the IdP.

Expand
titleSetting up SAML Authentication

Set up the IdP

To use SAML authentication, you will need SAML set up for your instance with an Identity Provider (IdP), such as Microsoft ADFS, OneLogin, Elastic SSO, or others. You can view a list of available SAML IdPs at Wikipedia's SAML based products page.

Users and Permissions:

User credentials will need to be created and associated with ProVision permission group names via the IdP. All user creation, management and permissions handling occurs via the IdP, externally from ProVision.

Configure SAML in ProVision

ProVision setup for SAML is located in Admin →Admin Settings → Authentication Options.

Under SAML Configuration:

Enable SAML authentication by clicking the checkbox next to "Enable".

The following fields are required and will need to be obtained from the IdP:

  • User Attribute(Required):
  • Group Attribute(Required):
  • IdP Metadata(Required):

Under SAML Service Provider Configuration:

  • Sign logout request:
  • Sign redirect request:
  • Unencrypted Assertions from IdP Will be rejected:
  • Private Key:
  • Certificate (Required):

Links are provided below the configuration settings for the ProVision SP Metadata file in php and xml format, which will be needed to provide to the IdP.

You can test the configuration by clicking the "Test SAML Configuration" button, a new page will open giving health check information for your provided attributes.


SAML Login

Once the correct configuration has been established and users set up for SAML in the IdP, users will be able to use SAML logins.

Expand
titleLogging in with SAML


Info
titleDocumentation Note:

Depending on the IdP used, some screens may appear different from what is shown here.

Initial Login:

The initial login process occurs for the first time a user logs in, and anytime afterwards if the browser token is not present (e.g., cookies are cleared from the browser, the browser closed, or a new browser is used).

From the ProVision login page, select SAML from the authentication options dropdown - you do not need to enter Username or Password.

You will be redirected to the IdP site as set up in the Admin Configuration - here, we are using Microsoft ADFS (Active Directory Federation Services).

Log into the IdP site using your SAML credentials, and click "Sign In".

If the sign in is successful, you will be logged into the ProVision home page.

Subsequent Logins:

After the initial login via the IdP (as long as the auth token is present) users will be able to login to ProVision simply by selecting the "SAML" options from the ProVision login page without entering credentials.

The auth token may be destroyed or not available if browser cookies have been cleared, a different browser used, or the browser fully closed, depending on security settings. In these cases, the user will need to sign in again via the IdP.


DUO Mobile Authentication Support

SEC-14 / IM - 3200: Added support for DUO Mobile authentication options to Admin→ Authentication Options. See the Authentication section under Admin Preferences.

...

Enter those items into Admin→ Authentication Options → DUO Mobile Configuration, and click "Update" to save your changes. 


Peering Communications Page

CFR/ IM - 3261: Added Peering "Emails" Sub-tab to the Peering Tab (Accessible to Global Admins). See Peering and Peering Emails.

...

Info

The Peering→ Emails page is only accessible to Administrative users in the primary "Global Admins" User Group. Ensure that Peering Administrators using ProVision's Peering Emails area are included as members of that group for full access.



Additional Features / Improvements

DNSv3 Improvements

Multiple improvements have been made to DNSv3 areas:

...

  • IM - 3202: Added "Advanced Settings Inherited by the Zones" to DNS Group Default Parameters. New zones created from the Group will also inherit the Advanced Settings fields as set from the group defaults. 


    Expand
    titleUsing the "Advanced Settings" module...

    Open the "Advanced Settings Inherited by the Zones" module by going to any DNS Group and opening the "Group Default Parameters".

    The Advanced Settings module will be at the top of Default Parameters area. To expand it, click on the expansion arrow on the right side of the header bar.


    Once expanded, settings may be entered for DNSSEC, Dynamic Updates, Master-Slave Handling, Lists, and free lines.

    Note
    titleSave your changes!

    Important - to ensure that your changes are saved, click the "Save Group Defaults" button under the Default SOA Values section - this save button will save any changes made to Advanced Settings, Default Nameservers, or Default SOA Settings.


    For detailed information on DNS, see DNS TabWorking with DNS GroupsDNS Zones OverviewWorking with DNS Zones, and DNS Administration.


Scheduler Updates

New Scheduler Tasks

IM - 3104: Three new scheduler tasks have been added: Delete Archived Data, Approvals - Process Subscriptions, and Approvals - Delete events older than 1 month. See Scheduler Tab and Approvals.

...

The "Approvals - Delete events older than 1 month" task deletes any Approvals history events older than 30 days. It is recommended to run this task monthly to clear out obsolete approvals items and reduce approvals page load time.

Scheduler "Forever" Tasks Are Back

IM - 2422: "Forever" Tasks are once again able to be set in the Scheduler. See the Scheduler Tab documention.

To set a "Forever" task, just leave the "End Date" field blank when setting up the scheduler task.


IPAM Gadget Updates

The IPAMv2 Gadget has been updated to more closely match the functions available in IPAM Manage. See: Gadgets and IPAM Tab documentation.

...

To select multiple blocks in the IPAMv2 Gadget, left click on a single block, and the shift-click or cmd-click to select additional blocks. Once all desired blocks have been selected, right click to show the multi-block Action Menu. 

        


Log Updates

IM - 3107: Added a color-coded "Chart View" to Admin Logs. See: Log.

...

View log details by hovering the mouse arrow over an event box.

IPAM Regions Updates

IM - 3156: Updated IPAM Regions to support a Google Geocode API key setting (required for proper geolocation function of IPAM Maps).  See: IPAM Tab and IPAM Parameters.

...

Note
titleGoogle Geocode API Key Requirement

Due to changes in Google's licensing and Geocoding API, the previous geolocation method used in ProVision is no longer supported. IPAM Regions now requires a Google Geocode API Key in order for IPAM Maps to properly determine a Region's location.

6connect is exploring adding additional map integration options for ProVision. 

Any customers who require an alternative geocode option supported apart from Google Geocode API key, please contact us at feedback@6connect.com.

Applying a Google Geocoding API Key:

Expand
titleHow to Get and Apply a Google Geocoding API Key

Step 1: Obtain a Google Geocoding API Key

To get a Google Geocoding API Key, follow the instructions listed here:

How to get a Google Geocoding API Key

Note: In order to obtain a Google Geocoding API Key, a company must have a subscription enabled to Google Cloud Platform Console. 

Step 2: Assign the API Key to IPAM Regions

Once assigned a Google Geocoding API Key, paste the API key into the IPAM regions page under "Apply google geocode api key" and click the "Assign" button. 


IPAM 'Advanced' Button

CFR - 143: The IPAM "Advanced" button has been brought back, by popular demand. See:IPAM Tab

...

The IPAM "Advanced" Button opens the IPAM Manage screen for all blocks, under all aggregates. See Working with IP Blocks for more information on working in IPAM Manage. 



Bug Fixes/Minor Improvements

IM - 2524: Fixed minor console errors in the DNSv3 Server Settings page.

...