Release Notes for AM/AMM 2.17.1.1

1 Release Information

AirLink Manager (AM)/AirLink Mobility Manager (AMM) 2.17.1.1 is a minor release of the AirLink Manager Platform that introduces support for the AirLink MG90 5G and 5G Networks, incremental improvements to Security, Software Distribution, Configuration Management and Reports, introduces minor UI improvements and launches the first set of APIs for the AirLink Manager platform.

To continue to improve the security posture of the AM/AMM platform, we are enforcing the use of TLS 1.2 as the minimum version, deprecating support of the insecure TLS 1.0 and 1.1. Customers will need to upgrade all devices in the field to a supported version of the embedded software.

These release notes include the details for AM/AMM 2.17.1.1 and AMMER 1.0.6.

1.1 Officially Released Versions

These release notes are inclusive of all AMM R2.15.x+ versions.

AM/AMM 2.17.1.1 was officially released to General Availability on March 2, 2021.

1.2 Platform Support

AM/AMM 2.17.1.1 has been tested on Dell R240 and R630 servers and on VMWare ESXi.

1.3 Browser Support

AMM 2.17.1.1 has been tested on Google Chrome and Firefox. Users that attempt to use a browser that is not supported will get a warning and may experience some issues.

1.4 Sierra Wireless Gateway Support

The following table shows the minimum software version needed on the gateways to be used with AMM 2.17.1.1.

	4.2.0-20180608.1	3.15.0-20180206.2	ALEOS 4.4.9	ALEOS 4.9.4	ALEOS 4.11.1
MG90	✔
oMG2000		✔
oMG500		✔
LS300			✔
GX400			✔
GX440			✔
GX450				✔
ES450				✔
RV (All)					✔
MP (All)					✔
LX (All)					✔

Some features of AM/AMM 2.17.1.1 require later versions of the ALEOS or MG software.

2 Key Features and Enhancements

2.1 Support for the AirLink MG90 5G and 5G Networks

The release supports the new AirLink MG90 5G mobile router. In addition, numerous improvements have been made to AM/AMM to support display of 5G networks in the product.

2.2 AM/AMM API Beta

AM/AMM 2.17.1.1 introduces the initial APIs for AM/AMM. This is considered a “Beta” release for initial feedback from customers. This is a very limited release, and provides support for GETing the last known and history of a datapoint value for one Stat for a single gateway or a list of gateways .The intent is to have some customers start to use the APIs and provide feedback before we continue to define more APIs.

This capability is not enabled by default and must be activated on the AM/AMM server. Please contact Customer Support if you would like to use and provide feedback on the new APIs.

2.3 Security Improvements

AM/AMM 2.17.1.1 continues to improve the overall security posture for the platform. These changes affect all users, so please refer to the Release Notes for more information.

Enforce TLS 1.2: With this release, we are enforcing the use of TLS 1.2 as the minimum version, deprecating support of the insecure TLS 1.0 and 1.1. Customers will need to upgrade all devices in the field to a supported version of the embedded software.

All devices communicating with the AMM must be able to support TLS 1.2 to ensure secure communication between the device and the management system. Sierra Wireless upgraded all of the embedded software to support TLS 1.2 in earlier releases. To ensure compatibility, your devices must be running:

For MG90/oMG

Minimum:

oMG 3.15.0-20180206.2
MGOS 4.2.0-20180608.1

Recommended:

oMG 3.15.2-20200416.1
MGOS 4.3.0.1-20200220.1 or later

For ALEOS

ALEOS 4.4.9 or later (LS300, GX440, GX400)
ALEOS 4.9.4 or later (GX450, ES450)
ALEOS 4.11.1 or later (RV, MP, LX)

Any devices running older software will not be able to communicate with the Hosted AMM after the upgrade has been completed. If you have not already, we would encourage you to upgrade your software to the latest available version as soon as possible. If you cannot, please contact Sierra Wireless Customer Support and we will assist you with managing this upgrade.

User Password Policy: AM/AMM 2.17.1.1 improves the overall security of the system by introducing mandatory rules, including minimum password length and a check for weak passwords. Users that do not meet the requirement of minimum password length will need to update their password at first login after the upgrade. This release also introduces optional password policies, including composition rules, password rotation and history check.

User-Managed “Forgot Password” Feature: With this release, users can now trigger a “forgot password” process from the AM/AMM login page. This feature requires users to have an email address associated with their account, which may require some users to update their account details before this feature will function. To facilitate this, users without email addresses associated with their account will need to update on first login.

2.4 Software Distribution Improvements

AM/AMM 2.17.1.1 provide some incremental improvement for the software distribution capabilities of the platform.

Incremental Software Upgrade: With the introduction of a new Operations model in AM/AMM 2.17.1.1, the AM/AMM can now manage the upgrade path where a specific version of software is required, prior to the latest version (upgrade path). This allows the user to just select the target version and let the management system address the interim steps. This feature is available only for the AirLink MG90.

Automatic Gateway Software Upgrade: This feature allows for automatically triggering a software update when a user applies a template that requires a later version of the software.

2.5 Configuration Management Improvements

AM/AMM 2.17.1.1 continues the evolution of configuration management introduced in AM/AMM 2.17, with some minor enhancements to the product.

Device-Specific Parameters: This release adds additional device- specific parameters based on customer feedback. This extends the current capability, using an integrated CSV import/export through the configuration template wizard.

UI Process Flow Improvements: We have introduced some new UI elements that allow the user to enable/disable specific sections of configuration template for ALEOS devices.

Bulk Unlinking of Templates from Gateways: In the initial release, users had to do this one at a time. This release allows you to do this operation in bulk.

ACEmanager Template Integration: This new feature allows users to add stats to the AM/AMM dashboard to know the status of template deployment, both from ACEmanager and AMM. New template stats including name, apply time and last sync status. This feature requires ALEOS 4.14 or 4.9.6 or later.

2.6 Report Improvements

There are minor enhancements to reports in this release.

Coverage Trails Report: We have added a Signal Strength overlay to the Coverage Trails Report, giving users better insight into coverage levels.

Display Cellular Technology on Multiple Reports: We have added the ability to display the connected cellular display (3G/4G/5G) on the Cellular Technology Map, Availability Trend and Availability Details reports.

WAN Utilization Reports: Improvements have been made to the Link Utilization and VPN Utilization reports, based on Customer feedback.

2.7 User Interface Improvements

There are minor improvements made to the UI of the product this release.

Remember Node Tree Filter Options: There is an enhancement that allows the system to remember a user’s node tree filter preferences between logins.

AMM status for Multiple VPNs: This release provides an improvement to the Dashboard to display a status for each configured VPN (maximum of 5) that can show if the VPN is up or down, and to be able to alert on these VPNs.

New Filter: Added Cellular Technology (3G/4G/5G) filter in the Gateway Tree

Dashboard Enhancement: There is an improvement to the Dashboard table grid to make it more defined, making it easier to differentiate rows in the Dashboard. This feature is enabled by default, can be toggled on and off, and will be maintained when a user returns once logging out.

Operation Management: AM/AMM introduces a new Operations model that allows for multiple tasks to be linked together and executed in sequence. This allows for complex tasks to be automated. This feature allows us to introduce improvements like supporting gateway software upgrades and configuration template deployment in a more efficient manner. This feature also introduces a new main tab in the AM/AMM user interface.

3 Minor Feature Enhancements

There are many minor new features added in AM/AMM 2.17.1.1.

3.1 Support Windows 10 Edge (Chromium) Browser

AM/AMM 2.17 removed support for Internet Explorer. This release adds support back in for Microsoft’s browser.

3.2 Increase character limit on LDAP Config on AMMs

In previous releases, the LDAP fields had a character limit of 80 or less. This release extends the limit to 160 characters.

3.3 Changed the “Generate CSR” button to suggested “Generate Renewal CSR”.

Based on feedback from the field, we have changed the “Generate CSR” button to “Generate Renewal CSR” as it more accurately reflects the functionality.

3.4 Remove Insecure Options from Total Reach (MGOS)

When a user accesses AMM via HTTPS, it is expected that the communication between client and AMM to be secure. To ensure this, we needed to remove three options on the Total Reach page: Web, Web8080 and RTSP.

3.5 Display 2x2 vs 4x4 MIMO (# of Cellular Antennas) as a Stat

This feature allows the AMM to display a stat that specifies number of radio modules in the gateway. User can use this information to infer the number of antennas for MIMO. MGOS 4.4 can send report number of radio modules in the gateway so AMM can use this for a stat. This feature is only supported on MGOS 4.4 and later.

4 New ALEOS Application Framework (AAF) Applications

4.1 AMMER 1.0.6

AMMER 1.0.6 is an incremental update to the AMMER AAF application that is needed to support advanced features on the AM/AMM for ALEOS devices. There was one primary feature added in this release:

Collect stats for RSSI, RSRP, RSRQ and SINR from AMMER instead of the status report.

5 Addressed Problems

Customer Reported Field Issues

Reference	Problem Description
9468	The Link Utilization Report shows long periods of time for Expected Shutdown events.
9460	Cannot generate background report if under certain configurations.
9369	The Configuration Tracker menu is non-functional. It was removed.
9285	Device stuck on Pending (Sync to Device) following Configuration > Copy Action.
9174	Improve telemetry to handle the scenario where a GNX device is providing Engine RPM.
9073	AMM remained in “Pending” state after Revert ALEOS gateway, even though Revert had completed.
9053	ALEOS template importable field being updated when disabled and no CSV provided.
9034	Config template for ALEOS should not hide restricted IDs such as device name.
8983	AMM Master Config SMTPRelay setting incorrectly handling IP addresses.
8903	AMM config template synching behavior and UI display issues caused by password field with “NOTSET” as default value.
8877	Cannot generate configuration template for ALEOS devices on AMM if software package already existing in repository before upgrading to 2.17.
8844	Scheduled AMMER install/upgrade on AirLink LX60 gateway fails.
8833	Remote ACEmanager (via AMM) screen displaying different information than local ACEmanager.
8804	Tomcat restarts when MGOS 4.3.0.1 is being extracted.
8797	Configuration state - ammerconfig stuck in out of sync local state.
8656	AMM is not displaying the DPI field for “FirstNet SIM” events in Event Viewer report.
8633	AMM is ignoring the DPI field in the “FirstNet SIM Status” DELS message (339).
8565	Better Support Time Zone and DST rule changes.
7989	Addressed an issue where once an ALEOS device has started downloading software from the AMM, the software update feature can no longer be canceled from management server side. We are now able to command the device to abort the update while it’s downloading software, or its software is downloaded, or installation has started.
7358	Statistics graph has title “Engine Coolant Temperature (Fahrenheit)” when units are in Celsius.
6756	Heartbeat value in exported dashboard does not match HTML display.

Security Vulnerabilities

Each AMM release addresses any security vulnerabilities discovered since the previous release. This release addressed vulnerabilities as identified in 88 CVE tickets.

CVE-2020-12401 CVE-2020-12400 CVE-2020-11996 CVE-2020-11656 CVE-2020-11565 CVE-2020-10942 CVE-2020-10751 CVE-2020-10742 CVE-2020-10732 CVE-2020-10690 CVE-2020-14305 CVE-2020-13935 CVE-2020-13630 CVE-2020-13435 CVE-2020-13434 CVE-2020-12888 CVE-2020-12826 CVE-2020-12770 CVE-2020-12654 CVE-2020-12653 CVE-2020-12403 CVE-2020-12402	CVE-2020-9484 CVE-2020-9383 CVE-2020-8649 CVE-2020-8647 CVE-2020-6829 CVE-2020-5260 CVE-2020-2732 CVE-2020-1935 CVE-2020-1934 CVE-2020-1749 CVE-2019-20636 CVE-2019-20095 CVE-2019-20054 CVE-2019-19807 CVE-2019-19767 CVE-2019-19537 CVE-2019-19534 CVE-2019-19530 CVE-2019-19524 CVE-2019-19523 CVE-2019-19447 CVE-2019-19332	CVE-2019-19063 CVE-2019-19062 CVE-2019-19059 CVE-2019-19058 CVE-2019-19055 CVE-2019-19046 CVE-2019-18808 CVE-2019-18397 CVE-2019-17055 CVE-2019-17053 CVE-2019-17023 CVE-2019-17006 CVE-2019-16994 CVE-2019-16233 CVE-2019-16231 CVE-2019-15917 CVE-2019-15807 CVE-2019-15217 CVE-2019-14822 CVE-2019-13631 CVE-2019-13233 CVE-2019-12614	CVE-2019-12450 CVE-2019-11756 CVE-2019-11745 CVE-2019-11729 CVE-2019-11727 CVE-2019-11719 CVE-2019-11487 CVE-2019-9458 CVE-2019-9454 CVE-2018-20836 CVE-2018-20836 CVE-2018-20169 CVE-2018-19824 CVE-2018-7191 CVE-2018-1116 CVE-2017-18551 CVE-2017-12652 CVE-2015-2150 CVE-2015-1211 CVE-2015-1210 CVE-2015-0312 CVE-2010-3865

Outstanding Problems

There are a number of known issues discovered after code freeze that will be addressed in a future AM/AMM release.

Reference	Problem Description
9840	Viewing a Link Utilization Report generated in 2.17 causes error message in 2.17.1.1. Regenerate the report by clicking Edit and then Run Now
9820	Cloned MG90 template does not copy over passwords for LCI users.
9747	Initialized software upgrade operation does not display on the Software Distribution page for the MG90.
9735	AMM allows creation of an LCI user with an invalid password on MG90 running 4.3.1.
9693	The template deployment workflow becomes Completed while the gateway is offline.
9475	Coverage Trails stop icons have the same size regardless of stop duration.
9398	Dashboard right pane group selection doesn’t work.
9297	ALEOS devices report incorrect Satellites in Use information on AMM.
9290	Special character in zone name prevented zone maps from being displayed.
9273	Conflicting validation and help text for templates.
6523	Some gateways do not show up on the AM/AMM Dashboard due to pagination issues. When the page size is changed from 250 to a number greater than all of the gateways available, the devices will reappear.
6522	There is a known issue where inconsistent gateway data can be displayed when multiple LCI windows are opened to different MGOS devices. It is recommended that only one MGOS LCI screen be opened at a time.
6225	The Main Battery “link” on the dashboard does not allow you the flexible report change that the Statistical Graph report does.
5947	The Operational State should update based on the Ignition On event.
5718	Bandwidth consumption reports high data usage during daylight savings.
5647	Configuration audit shows different settings due to different Friendly Names.
5569	Audit report generates confusing/misleading VPN information..
4989	Stats Graph report: Certain graph titles should not show units.
8055	CVE-2016-5131
7980	CVE-2019-9893

Matching results