New Features Update

December Feature Update

2min

We closed out 2024 with a host of new features that are designed to enhance our customer's ability to better leverage their Nile Access Service and built-in Nile Trust Service security capabilities. We’ve also ensured that many of these capabilities are automatically enabled, without the need for exhaustive software upgrades.
The goal is to provide better, more easily recognizable outcomes, such as security capabilities that are built-in to better secure your data, endpoints, and users. And troubleshooting features that are easy to use and greatly reduce manual interaction and cost of operations compared to legacy solutions. For example, the DFS capability below is completely automated. 
It is with pleasure that I announce the availability of Zscaler SSE integration. It’s a big step forward as customers adopt a Universal Zero Trust strategy that unifies the enforcement of policies for devices connecting remotely or when at corporate, branch, and affiliated sites. We automatically identify the location of the Zscaler instance, and tunnel traffic as part of our integration capability. It’s a big differentiation compared to other vendors that reduce costs. 
The remaining features highlight our ability to deliver on efficiency and ease of use objectives and customer’s needs. 
Video Highlights --> Click here﻿
﻿
Category
Feature/Capability
Outcome (Benefits)
1
Trust Service: Premium
﻿Integration with Zscaler SSE that allows the forwarding of specified Nile segments to the Zscaler cloud. 
· Simple integration that leverages existing WAN links
· Takes advantage of Nile’s native segment of one device isolation
· Unifies remote and on-prem policy enforcement without add-on appliances
IT can easily apply uniform security policies across remote and on-premises users.
﻿
For example, quickly apply a policy to forward all Internet bound traffic from the employee segment to Zscaler across the customer’s NSB instances. The SSE connectivity-as-a-service is fully automated based on intent and is designed for resiliency.
2
Trust Service:
Core
﻿IoT devices that do not support 802.1X can now use Nile’s unique PSK (uPSK) capability.﻿
Includes the ability to revoke access should the key be compromised. uPSK is more secure than PSK because each device is assigned its own unique key, preventing a single compromised credential from exposing the entire network.
IT can now securely onboard IoT devices (without RADIUS support) using unique passphrases for connecting them to the Internet.
3
Trust Service: Core
﻿Auth source support added for SSO/802.1X and MAC clients. We also show the status details. Some examples are : “SO Session expired”, “SSO initiated”, “Admin enforced SSO re-authentication”, “SSO User deactivated”, “SSO Pending”, “SSO Denied”, “SSO Approved”, “802.1X Approved or Denied”. An alert is also sent to the SIEM (if available).
IT can now quickly see information regarding authentication sources for any SSO/802.1X/MAC end users to understand details about the status of the user to quickly resolve authentication issues. 
4
Trust Service: Core
﻿We’ve enhanced support for silent/passive devices that do not initiate any traffic unless solicited. These devices are not detectable upon their first-ever connection to the Nile service as their MAC and IP address cannot be learned for onboarding. We can discover these devices automatically. This capability is automatically available once Nile software has been upgraded. 
IT can now quickly detect, approve and/or deny access for silent/passive devices, such as an IoT device that uses a static IP and remains passive unless solicited. This enhanced utility also runs a passive device discovery across the network, making migration to a Nile service a smooth transition for these devices. 
5
Trust Service: Core
This feature avoids showing rouge access point alerts in a one-off situation when dealing with endpoints that may exhibit a behavior on the wired connection that matches one of the signatures of a potential wired rogue access point.
﻿This is an enhancement to the existing WIDS wired Rogue AP detection logic.﻿
The capability automatically upgrades your security once Nile software has been upgraded. 
This reduces false positives and unnecessary rouge access point alerts due to wired endpoints matching the signature of a rouge access point. 
6
Access Service: Wireless
Devices that are not DFS capable will be detected and Channel Planner will influence channel allocations to APs that are a mix of DFS and non-DFS channels.
This capability automatically enhances the performance of your network once Nile software has been upgraded. 
Automatically improves the performance of non-DFS device with a new device capability based Smart DFS channel allocation can now handle situations where non-DFS devices struggled to find a good AP to connect to in the past.
7
Access Service: Setup
﻿As part of the Nile Service setup customers can now enter the exact address of sites. Previously, if the address did not match an automated verification performed by Nile there were issues. This capability overrides the automated verification.
Allow customers to easily enter their site/building address in the event the address cannot be automatically found by Nile.
Saves time and ensures all deployment locations(addresses) are accurate for time zone issues, shipping, and other requirements.
8
Access Service: Visibility
We continue to increase visibility and control capabilities to better display network behavior associated with end-user devices to debug and troubleshoot. AP details are now via the customer Control Center Portal. Some examples are 1) Tool tip on AP Maps shows the AP name, Serial Number, status of AP, and Channel Band and Utilization (per band) 2) Location of Nile Ethernet device and port on which the AP is connected 3) Ethernet uplink speed 4) Maps are updated to reflect the selected time chosen in the “events & status” section.
IT now has better data needed to troubleshoot end-device connectivity issues. For example: by quickly seeing AP details, the port that the AP is connected and ethernet link speed you can quickly rule out basic connectivity issues.
9
Access Service: Visibility
We now show the signal strength of an AP over a period from our coverage graph.
﻿
IT teams can now quickly root cause any service issues related to coverage.
Instead of relying on clients which may not always connect with the service, Nile uses its sensors to measure and report the coverage. 
10
Access Service: Visibility
Show the reason for wireless client disconnects such as “eap-reject” vs. “eap-timeout” when 802.1X authentication is used.
The information quickly shows the reason why a wireless client may be having disconnect issues for faster root cause analysis.
This saves time because detailed information is shown compared to a basic EAP authentication failure message without any reason.
11
Access Service: Alerts
﻿Alert content now includes a prominently displayed "For more information" link. This will direct admins to a dedicated troubleshooting page with relevant details and steps to help resolve an issue.
Quickly help IT resolve issues by linking to troubleshooting guides and other useful information, without the need to find information by searching online.
﻿
12
Access Service: Alerts
Trigger only one alert for Internet down condition as opposed to sending alerts for all affected devices such as switches, access points and sensors. 
Reduced alert noise during Internet or power or NSB down situations.. 
13
Access Service: Integration
﻿A simple user interface that enables quick integration between Snowflake and Nile so that IT can send end-user device events, alerts, and audit events to Snowflake.
The use of endpoint device events from Nile shared with Snowflake allows for better analytics, actionable insights, and reporting for customers to build and retain on their end
14
Nile AI Agent: Support
Customers receive quick answers and solutions from an AI support agent.  
They can view their support tickets in the same view as their support chats, review their chats and ticket history without navigating away from Nile Portal.
Instant resolution of queries about features and configuration settings or process with streamlined and intuitive chat experience. 
Customer will still have the  ability to open tickets via email to [email protected]


<iframe src="https://drive.google.com/file/d/1ONv_mI2QzCeM33WN3x6nRRaw6vBoswqY/preview" width="840" height="480" allow="autoplay"></iframe>
<iframe src="https://drive.google.com/file/d/1ONv_mI2QzCeM33WN3x6nRRaw6vBoswqY/preview" width="840" height="480" allow="autoplay"></iframe>
﻿
﻿

	Category	Feature/Capability	Outcome (Benefits)
1	Trust Service: Premium	Integration with Zscaler SSE that allows the forwarding of specified Nile segments to the Zscaler cloud. · Simple integration that leverages existing WAN links · Takes advantage of Nile’s native segment of one device isolation · Unifies remote and on-prem policy enforcement without add-on appliances	IT can easily apply uniform security policies across remote and on-premises users. For example, quickly apply a policy to forward all Internet bound traffic from the employee segment to Zscaler across the customer’s NSB instances. The SSE connectivity-as-a-service is fully automated based on intent and is designed for resiliency.
2	Trust Service: Core	IoT devices that do not support 802.1X can now use Nile’s unique PSK (uPSK) capability. Includes the ability to revoke access should the key be compromised. uPSK is more secure than PSK because each device is assigned its own unique key, preventing a single compromised credential from exposing the entire network.	IT can now securely onboard IoT devices (without RADIUS support) using unique passphrases for connecting them to the Internet.
3	Trust Service: Core	Auth source support added for SSO/802.1X and MAC clients. We also show the status details. Some examples are : “SO Session expired”, “SSO initiated”, “Admin enforced SSO re-authentication”, “SSO User deactivated”, “SSO Pending”, “SSO Denied”, “SSO Approved”, “802.1X Approved or Denied”. An alert is also sent to the SIEM (if available).	IT can now quickly see information regarding authentication sources for any SSO/802.1X/MAC end users to understand details about the status of the user to quickly resolve authentication issues.
4	Trust Service: Core	We’ve enhanced support for silent/passive devices that do not initiate any traffic unless solicited. These devices are not detectable upon their first-ever connection to the Nile service as their MAC and IP address cannot be learned for onboarding. We can discover these devices automatically. This capability is automatically available once Nile software has been upgraded.	IT can now quickly detect, approve and/or deny access for silent/passive devices, such as an IoT device that uses a static IP and remains passive unless solicited. This enhanced utility also runs a passive device discovery across the network, making migration to a Nile service a smooth transition for these devices.
5	Trust Service: Core	This feature avoids showing rouge access point alerts in a one-off situation when dealing with endpoints that may exhibit a behavior on the wired connection that matches one of the signatures of a potential wired rogue access point. This is an enhancement to the existing WIDS wired Rogue AP detection logic. The capability automatically upgrades your security once Nile software has been upgraded.	This reduces false positives and unnecessary rouge access point alerts due to wired endpoints matching the signature of a rouge access point.
6	Access Service: Wireless	Devices that are not DFS capable will be detected and Channel Planner will influence channel allocations to APs that are a mix of DFS and non-DFS channels. This capability automatically enhances the performance of your network once Nile software has been upgraded.	Automatically improves the performance of non-DFS device with a new device capability based Smart DFS channel allocation can now handle situations where non-DFS devices struggled to find a good AP to connect to in the past.
7	Access Service: Setup	As part of the Nile Service setup customers can now enter the exact address of sites. Previously, if the address did not match an automated verification performed by Nile there were issues. This capability overrides the automated verification.	Allow customers to easily enter their site/building address in the event the address cannot be automatically found by Nile. Saves time and ensures all deployment locations(addresses) are accurate for time zone issues, shipping, and other requirements.
8	Access Service: Visibility	We continue to increase visibility and control capabilities to better display network behavior associated with end-user devices to debug and troubleshoot. AP details are now via the customer Control Center Portal. Some examples are 1) Tool tip on AP Maps shows the AP name, Serial Number, status of AP, and Channel Band and Utilization (per band) 2) Location of Nile Ethernet device and port on which the AP is connected 3) Ethernet uplink speed 4) Maps are updated to reflect the selected time chosen in the “events & status” section.	IT now has better data needed to troubleshoot end-device connectivity issues. For example: by quickly seeing AP details, the port that the AP is connected and ethernet link speed you can quickly rule out basic connectivity issues.
9	Access Service: Visibility	We now show the signal strength of an AP over a period from our coverage graph.	IT teams can now quickly root cause any service issues related to coverage. Instead of relying on clients which may not always connect with the service, Nile uses its sensors to measure and report the coverage.
10	Access Service: Visibility	Show the reason for wireless client disconnects such as “eap-reject” vs. “eap-timeout” when 802.1X authentication is used.	The information quickly shows the reason why a wireless client may be having disconnect issues for faster root cause analysis. This saves time because detailed information is shown compared to a basic EAP authentication failure message without any reason.
11	Access Service: Alerts	Alert content now includes a prominently displayed "For more information" link. This will direct admins to a dedicated troubleshooting page with relevant details and steps to help resolve an issue.	Quickly help IT resolve issues by linking to troubleshooting guides and other useful information, without the need to find information by searching online.
12	Access Service: Alerts	Trigger only one alert for Internet down condition as opposed to sending alerts for all affected devices such as switches, access points and sensors.	Reduced alert noise during Internet or power or NSB down situations..
13	Access Service: Integration	A simple user interface that enables quick integration between Snowflake and Nile so that IT can send end-user device events, alerts, and audit events to Snowflake.	The use of endpoint device events from Nile shared with Snowflake allows for better analytics, actionable insights, and reporting for customers to build and retain on their end
14	Nile AI Agent: Support	Customers receive quick answers and solutions from an AI support agent. They can view their support tickets in the same view as their support chats, review their chats and ticket history without navigating away from Nile Portal.	Instant resolution of queries about features and configuration settings or process with streamlined and intuitive chat experience. Customer will still have the ability to open tickets via email to [email protected]

Updated 01 Feb 2025

Did this page help you?

November Feature Updates