Summary

The following information applies to the v12 release of Neverfail Continuity Engine.

What's New

Continuity Engine CLI Installer

1. EMS bundles a command-line installer (CLI) which may be used for installing, upgrading or uninstalling Continuity Engine on a specific node
   
2. Designed to be used in the scenarios where EMS-driven fully automated install/upgrade cannot be used. Contact Support for guidance.  

Neverfail for Mitel MiContact Center Enterprise Plug-in v201.5.1

1. Neverfail for Mitel MiContact Center Enterprise protects and proactively monitors Mitel MiContact Center Enterprise environment’s configuration data, services, and application data files.
   
2. Supports Mitel MiContact Center Enterprise 9.6

Access to Continuity Engine Utils-Addon Repository

1. Access Continuity Engine collection of utility scripts and add-ons designed to extend core features
2. Collaborate for enhancing and extending Continuity Engine functionality for specific scenarios 
   
3. Utils-addon repository may be accessed directly from EMS UI> Support> Add-ons

Neverfail Continuity Engine 12.0

What's New

Automated Split-Brain Avoidance Configuration Improvements

1. Split-Brain Avoidance auto-configuration task will execute only if automated failover is enabled.
2. Continuity Engine 12 monitors the management identity configuration and will automatically configure a set of ping routes which will be used to avoid potential split-brain situations when failover is initiated as a consequence of channel loss. The automatic configuration of split-brain avoidance requires a minimum of one management IP address defined on each Primary and Secondary nodes.  Split-brain avoidance works by pinging from the passive server to the active server across the client network. If the active server responds, the passive does not failover, even if the channel connection is lost. Ping routing configuration means defining ping routes between Primary and Secondary instances using existing/defined management IP addresses.
   
3. This feature is enabled by the updated version of Neverfail System Plug-in bundled with Continuity Engine 12.

SMBv1 Detection

1. Continuity Engine 12 installs a rule which checks for SMBv1 presence. If found, it warns user as this condition is unsafe and unsecure. For more information, please read The risks of using the deprecated SMBv1 feature on a Windows Server. Potential collisions with Continuity Engine functionality.
   
2. This feature is enabled by the updated version of Neverfail System Plug-in bundled with Continuity Engine 12.

More Secure

Core Security Enhancements

• Various security and code quality improvements to some of the core components. 

• Encryption updated to latest strongest standard commercially available today.

OpenJDK and Apache Tomcat version updated to latest

• Continuity Engine's objective is to keep your systems up, running, protected, and safe. Having the latest security updates, fixes and patches for the used open-source software is critical.

  • Continuity Engine 12 is updated to Azul Zulu 8.74.0.17 (JDK version 8u392-b08). 

  • Neverfail Continuity Engine 11 is updated to Apache Tomcat 9.0.82. Following link lists all security vulnerabilities fixed in released versions of Apache Tomcat.

Better User Experience

UI Fixes

1. [EN-6202]: Unsetting ISC ping routes via SBA leaves null value in properties which is seen as a leftover in UI
2. [EN-6163]: Autofill option for user/password in Password Manager
3. [EN-6134]: Protect server> Validating install > Wrong Acknowledge logic when multiple Warnings
4. [EN-6127]: Auto recloning> Ready to complete> Empty host. Wasn't changed to get target host from compute resource name
5. [EN-6013]: Protected Server> Monitoring> Application configuration> Reset rule trigger count after: Value is being automatically reset/refreshed with the one already configured
6. [EN-5967]: Some plugin rules have optional parameters which are considered mandatory in UI modal automatically reset/refreshed with the one already configured

Bundled Plugins Visibility

• The set all of the bundled plugins which offer out-of-the-box automated protection for client applications (specific versions) is linked directly from Engine Management Service UI support section
  

NFCMD Enhancements

1. New nfcmd command for configuring split-brain avoidance. This is documented in How to Use the NFCMD Command Line Utility.
   

Google Cloud Platform Support Enhancements - Solution Pack for streamlining hybrid deployments

• Streamlines on-premises (VMware vCenter Server) to Google Cloud  deployment process (prepare, migrate and configure DR standby node)

• Solution pack with documentation available here: Neverfail Continuity Engine Add-on for Hybrid Deployment to Google Cloud Platform
  

Patching Downtime Reduction with Passive Management Name

• Neverfail Continuity Engine's Passive Management Name feature enables the ability of patching of standby passive nodes in centralized update management environment.

• Following document lists all the Patch Management or Backup Software Solutions / Technologies proven to work or scheduled in the near future for interoping validation with Neverfail Continuity Engine's Passive Management Name feature: Patch Management Solutions / Technologies supported by Neverfail Continuity Engine's Passive Management Name
  

New Supported Versions

New or Updated Plugins

• Neverfail System Plug-in (new version): Split-brain avoidance autoconfiguration improvements. SMBv1 detection. And more.

• Neverfail for Mitel MiContact Center Business (new version): support for MiContact Center Business R10/SIP; Elasticsearch rule fix.

• Neverfail for Progress MOVEit 2023 Plug-ins Suite (new version): support for MOVEit 2023.0

• Neverfail for Neverfail for OpenText CX-E Voice Plugin Version 201.23.4 (new version): support for CX-E Voice version 23.4

• Neverfail for Clever Devices CleverCAD (new): protection for Clever Devices CleverCAD v9.9 and v10.15

VMware vCenter Server and VMware vCenter Converter Support

1. Supported - Neverfail Engine Management Service API Support for deployment using the latest versions of VMware vCenter Server 7.0 and VMware vCenter Converter 6.2.
2. Supported - Neverfail for vSphere Integration Plug-in Support for interoping with the latest versions of VMware vCenter Server 7.0
3. Coming soon - Neverfail Engine Management Service API Support for deployment using the latest versions of VMware vCenter Server 8.0 and VMware vCenter Converter 6.3.
4. Coming soon - Neverfail for vSphere Integration Plug-in Support for interoping with the latest versions of VMware vCenter Server 8.0

Licensing Updates 

Software Subscription Payment Awareness Improvements

1. Improved in Continuity Engine v12, the software subscription licensing mechanism is changed to be aware of software subscription's payment status. The changes are summarized in the below section extracted from Neverfail End-User Software Subscription License Agreement.

Term Software Subscription is ready to be consumed immediately upon fulfilment. Depending on the payment status, the right to use may or may not be limited a follows: (a) if the payment is pending when software subscription is being activated (consumed), a limited forty-five (45) days license key counted from the term software subscription start date will be generated; as soon as the payment is confirmed, the full term software subscription period is unlocked; relicensing with a full term license key will be performed automatically for online licensing; (b) if the payment is confirmed when software subscription is being activated (consumed) a full term license key will be generated. Similar payment status usability rules apply also in the case of license term software subscription renewal.

1. Continuity Engine 12 licensing model is built on top of v9.0 model which transitioned Engine from a perpetual model to a software subscription term and rental model. Engine Licensing Service (ELS) enables call-home features that power our software subscription based licensing. The new cloud service is free but is required for Term and Rental deployments.  For more information on how the licensing works and upgrade notes please read Continuity Engine Licensing Model. 
   

Backward Compatibility

Neverfail Continuity Engine 12 Management Service is compatible with older versions of Continuity Engine (i.e. EMS 12.0 manages correctly CE 9.x/10.x/11.x). 

1. If I upgrade to Continuity Engine 12, will my perpetual license cease? Yes! You are accepting software subscription's  requirements outlined in the new EULA for Term and Rental. Neverfail will generate new software subscriptions expiring the same day as the support was paid through. This means you will need to pay for support to continue software operations yearly or monthly depending on the type of subscription.

1. Can I upgrade using the Upgrade Wizard from older versions to Continuity Engine 12? Yes, the upgrade wizard is still supported. Keep in mind that Continuity Engine 6.7, 7.x and 8.x are currently End-of-Life (EOL). To ensure organization continued support, you must upgrade to the latest Continuity Engine version.
   

2. When will Continuity Engine EOL? Check End of Life Policy for Neverfail Continuity Engine/
   

3. Can I stay on previous versions of Continuity Engine? Yes, however, previous versions will eventually EOL and you will not be able to take full advantage of the new features of Continuity Engine v12. And evenly important, your systems will be more exposed to cyberattacks. For example:
   


1. CEv9.0
   
1. misses all the security fixes between OpenJDK 8u332-b09 (April 2022) and 8u382-b05 (July 2023)
2. misses all the security fixes between Tomcat 9.0.64 (May 2022) and 9.0.78 (July 2023)

Supported Deployment Infrastructure

• Server roles/applications for which protection will be installed automatically are:
  
  • SQL Server 2008 SP4, SQL Server 2008 R2 up to SP3, SQL Server 2012 up to SP4, SQL Server 2014 up to SP3, SQL Server 2016 SP2, SQL Server 2017, SQL Server 2019
    
  • Exchange 2010 SP3, Exchange 2013 up CU17, Exchange 2016, Exchange 2019
    
    • ForeFront for Exchange up v10 SP1
      
    • Symantec Mail Security up to v7.9
      
  • SharePoint 2007 SP2, SharePoint 2010 SP2, SharePoint 2013 up to SP1, SharePoint 2016, SharePoint 2019
    
    • Microsoft Office Online Server 2016
      
  • File Server including Windows Server 2022
    
  • Internet Information Server including v10 on Windows Server 2022
    
  • VMware vCenter Server 6.0 up Update 3c, VMware vCenter Server 6.5 up Update 1d, VMware vCenter Server 6.7
    
  • vCenter Server 5.1 Update 2, vCenter Server 5.1 Update 3, vCenter Server 5.5 Update 1a, vCenter Server 5.5 Update 2, vCenter Server 5.5 Update 3, vCenter Server 5.5 Update 3a, and vCenter Server 5.5 Update 3b
    
  • VMware View Composer 5.3, VMware View Composer 6.2.5, VMware View Composer 7.6
    
  • Progress MOVEit Central 8.0/8.1, MOVEit DMZ 8.1, MOVEit 2017, MOVEit 2018, MOVEit 2019.2, MOVEit 2020.1, MOVEit 2021.1, MOVEit 2022.1, MOVEit 2023.0: Automation, Transfer, Mobile Servers, Analytics Agent
    
  • MySQL Server 5.x, 8.x
    
  • MiContact Center Server v9.0, MiContact Center Business 9.3, MiContact Center Business 9.5
  • Any of the following SolarWinds Orion Network Management components: SolarWinds NPM v12.0.1, v12.1, SolarWinds APE v12.0.1, v12.1, SolarWinds NCM v7.5.1, v7.6, SolarWinds SAM v6.3.0, v6.4, SolarWinds NTA v4.2.1, v4.2.2
    
  • Oracle Database 19c, 18c, 12c, 11g
    
  • Oracle Management Agent v12, v13
    
  • System Center Operations Manager (SCOM) platforms: 2007, 2007 R2, 2012, 2012 R2, 2012, 2019 
    
  • Veeam Backup & Replication 9.5 U3 & U4
    
  • Atlassian Confluence 6.x versions 
    
  • Atlassian Jira 7.x versions
    
  • PostgreSQL 9.3, 9.4, 9.5, 9.6, 10.x versions
    
  • Apache Tomcat 8.x.x., 9.x.x
    
  • OpenText CX-E Voice (formerly xMedius/AVST CX-E/CallXpress) up to version 23.4
    
  • Clever Devices CleverCAD 9.9, 10.15
    
• Additional supported plug-ins
  
  • Neverfail CE for Business Application
    

Neverfail Engine Plug-ins

Note: Detailed information about each plug-in is contained in the plug-in's knowledgebase file that is available by clicking on the link.

Neverfail plug-ins provide protection for specific installed application configuration data, services, and application data files.  

The following plug-ins are included in this release of Neverfail Continuity Engine and are installed automatically if the application is present:

• Neverfail for Exchange Server (latest version released with v8.5 U6)
  
  • ForeFront (latest version released with v8.5)
    
  • Symantec Mail Security (latest version released with v8.5 U4) 
    
• Neverfail for File Server (latest version released with v8.5)
  
• Neverfail for IIS (latest version released with v8.5 U5) 
  
• Neverfail for SharePoint Server (latest version released with v8.5 U5)
  
  • Neverfail for Office Online Server (latest version released with v8.5 U3) 
    
• Neverfail for SQL Server (latest version released with v8.5 U6) 
  
• Neverfail for MySQL Server (latest version released with v8.5 U6) 
  
• Neverfail for vCenter Server 
  
• Neverfail System Plug-in  (latest version released with with v12) 
  
• Neverfail for vSphere 6.7 (latest version released with v8.5 U4)
  
  • VMware vCenter Server 
    
  • VMware Platform Services Controller 
    
  • VMware Authentication Proxy 6.0 
    
  • VMware Update Manager 
    
  • VMware vPostgres 
    
  • VMware Composer 5.x, 6.x and 7.x 
    
• Neverfail for Progress MOVEit  (latest version released with v12)
  
  • MOVEit Automation Server  
    
  • MOVEit Transfer Server  
    
  • MOVEit Mobile Server 
    
  • MOVEit Analytics Agent 
    
• Neverfail for SolarWinds Orion Network Management (latest version released with v8.5)
  
• Neverfail for Mitel MiContact Center Business (latest version released with v12) 
  
• Neverfail for Atlassian Confluence (latest version released v8.5 with U3) 
  
• Neverfail for Atlassian Jira (latest version released with v8.5 U3) 
  
• Neverfail for Oracle Database (latest version released with v9.0) 
  
  • Neverfail for Oracle Management Agent (latest version released with v8.5 U4) 
    
• Neverfail for PostgreSQL (new in v8.5 U3) 
  
• Neverfail for Veeam Backup & Replication 9.5 Plug-ins Suite (latest version released with v8.5 U3)
  
  • Veeam Backup & Replication
    
  • Veeam Backup Enterprise Manager
    
  • Veeam Availability Console
    
  • Veeam Backup Proxy
    
  • Veeam WAN Accelerator
    
  • Veeam Cloud Gateway  
    
• Neverfail for vSphere Integration (latest version released with v8.5 U4) 
  
• Neverfail for System Center Operations Manager (latest version released with v8.5 U5)
  
• Neverfail for Apache Tomcat (latest version released with v9.0)
  
• Neverfail for Neverfail for OpenText CX-E Voice (latest version released with v12)
  
• Neverfail for Clever Devices CleverCAD (latest version released with v11)
  
• Neverfail for Mitel MiContact Center Enterprise (new in v12)

Plugin Installation

Initial installations of Neverfail Continuity Engine Plug-ins must be performed using the Engine Management Service. Subsequent plug-in re-installations and upgrades may be performed using the Applications: Plug-ins tab of the Neverfail Advanced Client. However, Neverfail recommends that any subsequent plug-in repair installations or upgrades to be performed using Engine Management Service.    

To manually install a Neverfail Continuity Engine Plugin follow the How to install a Neverfail Continuity Engine Plugin using Advanced Management Client procedure.

Fixed Issues

1. [EN-6024]: [LogCollector] - LogCollector crashes when attempting to collect logs locally.
   
2. [EN-6012]: [CE10 UI]> Dashboard> Global catalog > Review number of total/protected nodes displayed.
   

Known Limitations

• Passwords starting and/or ending with space ( ) character(s) are not supported (EN-3935).
  
• (Re)cloning limitation: Disconnected Engine cluster after a cloning or recloning action: recloned node is connected to wrong port group. Workaround documented in Neverfail Continuity Engine Cloning and Recloning limitations: disconnected Engine cluster  (EN-3354)
  
• Recloning limitations when Neverfail Engine passive nodes when static routes are configured: these are listed in Neverfail Continuity Engine Recloning limitations when static routes are configured  (EN-3355)
  
• Neverfail Engine Localization limitations: following localized versions of Windows Server targets/topologies are supported for Engine installation: (EN-3221) 
  
  • any WS2008R2, WS2012/R2, WS2016 OS domain or workgroup member protected by HA, DR or HA+DR Engine topology having only alphanumeric chars in its hostname and AD domain name
    
  • any WS2008R2, WS2012/R2, WS2016 OS domain or workgroup member protected by HA or DR-with-same-Public-IP Engine topology having only alphanumeric chars in the AD domain name
    
• Engine Management Service will not uninstall a server with an expired license (EN-1315).
  
• Affects only vCenter Server 6.x protected by Engine v8.x (or newer) DR deployments with the DR-node configured with different IP address: Managed ESXi hosts appear as disconnected in vCenter Server/vSphere Client after making DR node active. (EN-2042).
  
• The Neverfail Continuity Engine .msi installer package is sometimes detected as having untrusted publishers (EN-969).
  
• The FileServer plug-in bundled with Neverfail Continuity Engine v8.5 (or newer) properly replicates DFS namespaces. The DFS Management Client does not load the namespaces correctly each time.
  
• Affects only MOVEit Central/Automation Server protected by Engine v8.5 (or newer): Local folders specified as source/destination in MOVEit Automation tasks require user-defined filters for protection. (EN-2879)
  
• Affects only Engine clusters upgraded from Ipswitch Failover 9.0/9.5 to Engine 8.5 (or newer) (when Create and maintain shadows automatically was not enabled): Progress Failover shadows are still visible as restore points in DRM after upgrading to Engine 8.5 (EN-2863)
  
• Affects only upgrades from Ipswitch Failover 9.0/9.5 to Engine 8.5 (or newer): Some Ipswitch Failover 9.0/9.5 log and configuration files are not deleted when upgrading to Engine 8.5 (EN-2820, EN-2861)
  
• [Applies to 9.0 (or newer) with Passive Node Management Identity configured] vCenter Inventory passive VMs are not detected as Protected nodes if management name is configured and webservices are stopped on the active. Dashboard's protected servers count in Global Inventory is also impacted. (EN-4647)
  
• conditions: Management name configured AND active server webservices stopped
  
• result: deployment.location is not available hence the clustername mechanism is used. that makes only the Active server to be reported as protected node (if VM). Passives cannot be determined as vmid is not available
  
• [CE HTML5 UI] When extending from pair to trio (add DR to HA pair) Secondary webservices require restart in order to serve (when made active) the updated deployment topology (trio instead of pair). This is known as the webservices are not restarted on S and S is the T's cloning source. (EN-4657)
  
• impact: only if S is made active before webservices restart: new HTML UI Datacenter info is not accurate on Tertiary. Possible Protected node count is wrong if management identity is configured on any of the passives.
  
• remediation: restart webservices on Secondary/Tertiary
  
• [AMFx]: User defined sponsor is not persisted in prefs till Engine service is restarted. Thus webservices don't know about it (till restart is done) (EN-4341)
  
• [CE HTML5 UI] Active compression type is shown as 'Standard' when there are no passive instances present in the replication chain. Workaround: This issue is purely cosmetic and it will correct itself once there are passive instances present in the replication chain. (EN-4855)
  
• [CE HTML5 UI] Data traffic value in serverlist API is not always accurate. (EN-4859)
  
• [CE HTML5 UI] Reconstruct pair: transform from pair HA to pair DR> HA cached configuration must be cleaned up before defining new DR config (EN-4915)
  
• [CE HTML5 UI] Startup Engine service may experience delay when unreachable nodes are selected for starting the service on. (EN-4949)
  
• [CE HTML5 UI] EULA accept is required all the time when Engine service is stopped (even if previously accepted). (EN-4958)

Known Issues

Engine Management Service

• With SQL Plug-in + SQL 2014 & In-Memory Tables may result in an OFFLINE DB state during "In Recovery" state (EN-329). 
  
• Trying to add a 6.7 pair/trio in EMS UI protected servers list fails with an error. 
  Workaround: Restart Neverfail Web Services on the active server. (EN-1354)
• Virtual Bytes rule triggered at every check (EN-859).
  
• The Engine Management Service MSI repair mode fails to operate properly (EN-1389).
  
• If the Engine is running, a new license is added to the list of licenses. If the Engine is stopped, it replaces the list of licenses (EN-902).
  

Install/Uninstall

• Neverfail Continuity Engine Secondary server deployment hangs at: Waiting for Secondary VM to complete auto configuration... Workaround: Neverfail Continuity Engine Secondary server deployment hangs at: Waiting for Secondary VM to complete auto configuration...   (EN-3380)
  
• Engine 8.5 (or newer) re-clone P->V doesn't fully reconfigure networks card on clone target (EN-3352)
  
• DHCP-set gateway and DNS servers present on Secondary-HA post-cloning/configuration (EN-1996).
  
• Neverfail Engine fails to uninstall on the Tertiary server (EN-1589).
  

Administration

• LogCollector - The process was terminated due to an unhandled exception (EN-2011).
  

Applies To

Neverfail Continuity Engine v12