The OpenNMS Group announced the release of OpenNMS Meridian 2022. With this next major release, the fully open source Meridian product,
which is the optimized and stable version of the OpenNMS platform
curated by The OpenNMS Group for production environments, now features
enhanced security among other improvements.
"As
a leading open source network monitoring platform leveraged by some of
the largest companies across all industry sectors, OpenNMS is dedicated
to delivering a first-class enterprise solution that can be securely
deployed to meet the security and compliance requirements these
organizations demand," said David Hustace, CEO of The OpenNMS Group.
"Our investment in cybersecurity risk assessments and penetration
testing for our products further demonstrates this commitment. We are
proud to release this new version of Meridian and continue our mission
of providing best-in-class, open source network monitoring for our
customers."
Major updates to Meridian include:
- Improved security by removing requirements for privileged access.
Running as a non-root user limits the potential access that malicious
code can gain to system resources, thereby reducing risk in the event of
a system compromise.
- Improved analytics through enhanced flow processing. Updates
to the NetFlow component allow users to add business metadata to flow
records. This update also enables Meridian 2022 to classify network
conversation data at speeds up to 30x faster than in previous releases.
- Simplified Minion communication. Minions now
communicate with the Meridian core simply via the message broker, no
longer requiring access to the core REST API. This single communication
simplifies securing the Meridian platform and supporting firewalls
policies.
- Enhanced geolocation with IP addresses. Users can now specify and/or query a node's location using its IP address with the new GeoIP provisioning adapter.
- An expanded set of REST APIs. Users
can integrate Meridian with their internal systems and customize it to
fit their business needs and goals. APIs have full documentation in
compliance with OpenAPI/Swagger.
Meridian is a subscription-based platform that includes the most stable and secure features from Horizon,
OpenNMS' community-driven distribution. The platform features
inventory, performance, fault, and traffic management, business service
monitoring, remote data collection, BGP Monitoring Protocol (BMP)
support, and application perspective monitoring. Known for its
reliability, adaptability, and scalability, Meridian allows users to
customize the platform so it fits the unique needs of their business. A
new major version of Meridian is released annually and updates are
issued monthly, to maximize the platform's value and minimize the effort
required to maintain it.
OpenNMS
has adopted penetration testing as a key aspect of our development and
release processes for both the current products and forthcoming cloud
services. In addition, The OpenNMS Group is improving its processes to
align with the ISO 27001 security framework. This will help to ensure
that the appropriate people, processes, and technologies are in place to
assess cybersecurity risks and implement the measures necessary to
protect, remediate, or recover from those risk events. The OpenNMS Group
is also working towards becoming part of the Common Vulnerabilities and
Exposures (CVE) system's Numbering Authorities (CNA) program to augment
its CVE reporting capabilities.
For more information about OpenNMS Meridian 2022, please visit: https://www.opennms.com/meridian-2022/.