OpenNMS Meridian 2022 helps enterprises reduce potential security risks
The OpenNMS Group, a subsidiary of NantHealth, released OpenNMS Meridian 2022 with enhanced network monitoring and security capabilities.
With this next major release, the fully open source Meridian product, which is the optimized and stable version of the OpenNMS platform curated by The OpenNMS Group for production environments, now features enhanced security among other improvements.
“As a leading open source network monitoring platform leveraged by some of the largest companies across all industry sectors, OpenNMS is dedicated to delivering a first-class enterprise solution that can be securely deployed to meet the security and compliance requirements these organizations demand,” said David Hustace, CEO of The OpenNMS Group. “Our investment in cybersecurity risk assessments and penetration testing for our products further demonstrates this commitment. We are proud to release this new version of Meridian and continue our mission of providing best-in-class, open source network monitoring for our customers.”
Major updates to Meridian include:
- Improved security by removing requirements for privileged access. Running as a non-root user limits the potential access that malicious code can gain to system resources, thereby reducing risk in the event of a system compromise.
- Improved analytics through enhanced flow processing. Updates to the NetFlow component allow users to add business metadata to flow records. This update also enables Meridian 2022 to classify network conversation data at speeds up to 30x faster than in previous releases.
- Simplified Minion communication. Minions now communicate with the Meridian core simply via the message broker, no longer requiring access to the core REST API. This single communication simplifies securing the Meridian platform and supporting firewalls policies.
- Enhanced geolocation with IP addresses. Users can now specify and/or query a node’s location using its IP address with the new GeoIP provisioning adapter.
- An expanded set of REST APIs. Users can integrate Meridian with their internal systems and customize it to fit their business needs and goals. APIs have full documentation in compliance with OpenAPI/Swagger.
Meridian is a subscription-based platform that includes the most stable and secure features from Horizon, OpenNMS’ community-driven distribution. The platform features inventory, performance, fault, and traffic management, business service monitoring, remote data collection, BGP Monitoring Protocol (BMP) support, and application perspective monitoring.
Known for its reliability, adaptability, and scalability, Meridian allows users to customize the platform so it fits the unique needs of their business. A new major version of Meridian is released annually and updates are issued monthly, to maximize the platform’s value and minimize the effort required to maintain it.
OpenNMS has adopted penetration testing as a key aspect of our development and release processes for both the current products and forthcoming cloud services. In addition, The OpenNMS Group is improving its processes to align with the ISO 27001 security framework.
This will help to ensure that the appropriate people, processes, and technologies are in place to assess cybersecurity risks and implement the measures necessary to protect, remediate, or recover from those risk events. The OpenNMS Group is also working towards becoming part of the Common Vulnerabilities and Exposures (CVE) system’s Numbering Authorities (CNA) program to augment its CVE reporting capabilities.