You can now schedule syslog pruning, which previously could only occur at midnight. Syslog enables isolation of the system that generates information and the system that stores the information. You can consolidate logging information and derive insights from the collected data. You can also configure syslog to log different types of events. To limit the amount of syslog data stored in the database, you can now specify the hour at which to purge syslog data.

You can now generate an audit trail that contains the Command Center's user name in addition to the device's user name. The user name indicates the user who logged in while an action performed on the virtual server or service such as disabling or enabling an entity.

To view this information, navigate to Monitoring > NetScaler. Expand the NetScaler node, and navigate to Vservers/Services/Service Groups > Audit Trails. In the table, you can see both user names i.e. Executed By (NetScaler user name), and System User (Command Center user name).

To manage the database, it is recommended that you monitor the Command Center database and configure an automatic database purge to reduce the database size when it has exceeded the set threshold value. The set default purge settings are visible after the user logins for the first time after deployment. You can change and apply different purge intervals, but this will not override the purge intervals configured for a specific feature.

This configuration is applicable only when the used database size exceeds the configured threshold. After a successful automatic purge, an SNMP event will be generated indicating the cleanup. If you have set up notification, an email will also be sent.

To set a database size to begin automatic purging, navigate to Administration > Database Management > Database Monitor Settings, and set a database limit.

You can also purge your database by using the following scripts using the CLI:

- Go to CC_HOME/bin

- Execute the script

For Windows: database_cleanup.bat

For Linux: database_cleanup.sh

Note: You can only run the script when the Command Center service is down.

Command Center now supports newly added SNMP traps that have been added in NetScaler version 11.0 and 11.1. Some of the newly added traps are - ipv6AddressDuplicated, IsnPortAllocFailed, haVersionMatched, partitionConfigEvent etc.

You can now view a list of reporting counters and their corresponding NetScaler SNMP counter details, that you can add to your devices running NetScaler versions 11.0 and 11.1.

The following NetScaler 11.0 and 11.1 counter are added in Command Center for Performance Reporting:

SSL

-TLSv11 transactions

-TLSv12 transactions

Services

- Current Server Connections

VPN

- STA Validation Requests on DTLS

- STA Validation Request Errors on DTLS

- STA Reconnect Ticket Requests on DTLS

- Successfull STA Validations on DTLS

- STA Validation Errors on DTLS

AAA

- Current ICA Only Connections

- Current ICA Connections

- Current AAA TM Sessions

- AAA TM Sessions

Interface

- Tx Total bandwidth(in megabits)

- Rx Total bandwidth(in megabits)

System Uptime columns for NetScaler SDX and Hypervisor are now available in NSSDX device inventory list. By default, these columns are not displayed. However, you can customize columns to display them in inventory list.

To view the status, navigate to Citrix Network > Device Inventory > NetScaler SDX Platform.

You can also export this data in PDF or table (CSV) format.

While installing Command Center, you can select either an Oracle Service Name or SID as a connection type. Previously, by default, the connection type selected was SID.

You can now export data and tables from Command Center for the following modules: Device Inventory, Fault Management, Certificate Management, and Monitoring. You can export the data in PDF format.

You can now reschedule already scheduled tasks on the Configuration tab.

To reschedule custom tasks

1. Select the Configuration tab and, in the left pane, under Configuration, click Scheduled Tasks.

2. Select the task you want to reschedule, and click Reschedule.

3. Enter the new schedule in the Schedule Details window.

4. Click OK.

You can now specify the number of days after which event data will be deleted from the Command Center server.

To configure an event purge interval

1. Navigate to Administration > Database Management.

2. In the right pane, under Database Management, select Event Purge Settings and enter the purge interval, in days.

3. Click OK.

An email notifications is now sent every time a built-in or custom task is executed. The notification reports the success or failure of the task, and the relevant details. The notifications are useful if, for example, you have scheduled a custom task in Command Center to perform specific configuration changes on a NetScaler appliance, and you want to know if the scheduled task has succeeded or failed, you previously had to log back on to Command Center to check.

To send email notification for a task

1. Navigate to the Configuration tab. In the left pane, under Configuration, click Custom Tasks.

2. Click Add.

3. After selecting the required custom task parameters such as the devices it must be run on, the schedule, and any comments you have, you will be directed to the View Summary page.

4. Select the E-mail the report checkbox to send an email notification when the task is executed by entering the following details:

From - The address from which the email is sent.

To - The addresses that you want to send the email report to.

User Name and Password - Mail server credentials. Enter the mail server name and IP address.

Note: Click Test Mail to check if the mail server credentials provided are accurate and if the mail server is accessible from Command Center server. If the connection to the mail server is successful, a test mail is sent to the specified email and the settings are saved.

The screen that appears when you click the Administration tab in the Command Center GUI now includes a Database Management section. In this new section, you can configure the following settings:

Change Database Password

Database Retry Settings

Database Monitor Settings

Event Purge Settings

Syslog Purge Settings

Performance Data Purge Settings

You can now configure database retry settings (reconnection parameters) from the Command Center GUI.

To configure database retry settings

1. On the Administration tab, in the left pane, under Database Management, click Database Retry Settings.

2. On the Configure Database Retry Settings page, set the following parameters:

- Retry Attempts - Maximum number of times to automatically repeat an attempt to connect to the database if the first attempt fails. Default: 2.

- Retry Delay (in seconds) - Number of seconds after which a database connection attempt times out. Default: 15.

3. Click OK.

You can view the collected statistics in tabular format for virtual servers, services, and service groups on the Command Center. Some of the data displayed are - server connections, client connections, requests, responses, surge count etc.

To view statistics

1. Navigate to Monitoring > NetScaler. On the right pane, select any one of the following - virtual servers, services, or service groups.

2. Select any row and click Statistics.

3. In the Statistics page, you can view statistics for a particular entity in tabular format.

Note: If you don't select any row, clicking on the Statistics button will display data for all entities - virtual servers, services, and service groups.

The following improvements were made to the custom task commands pane's UI for better flow and ease of use.

- When a new command is added to the command list, the command pane stays at the bottom of the page to showcase the command entered.

- Alignment issues that used to occur while displaying larger commands have now been fixed.

- You can now move a command to a specific line by choosing the 'Move Command To' icon. On selecting the Move Command To icon, you can enter the line number that you want to move the command to and click OK.

You can perform a single-bundle upgrade of your NetScaler SDX using a built-in task 'NSSDXUpgradeSoftware' in Command Center. With this built-in task, you can upgrade the NetScaler SDX Management Service, XenServer hypervisor, and the supplemental packs and hotfixes for XenServer hypervisor.

To upgrade NetScaler SDX using Command Center

1. Navigate to the Configuration tab. Expand the Configuration node and select Built-in Tasks, and then execute the NSSDXUpgradeSoftware built-in task to upgrade your NetScaler SDX.

2. On the Execute Task window, choose the following options:

- Select Devices. Select the devices or device groups on which you want to perform this task.

- User Input. Provide file name(Single Bundle Image for NetScaler SDX) and add comments to the task. You can upload the files from your local machine as well as from machine where Command Center Service is running.

- View Summary. Review the data selected and the devices added and click Finish to execute the software update.

3. You can monitor the progress of the NetScaler SDX upgrade through a task log. During execution, you will be directed to the Execution Logs screen.

You can now configure ciphers from the Command Center GUI.

To configure cipher settings using the GUI

1. Navigate to Administration > Settings.

2. Under Settings, select Cipher Settings.

3. In the Configure Cipher Settings page, enter the ciphers separated by comma. This will replace the existing list of ciphers.

Note: Invalid cipher updates cause service startup failure when Command Center is restarted in the future after configuring cipher settings. Also, any changes made to cipher settings will only be effective only on restarting the Command Center server.

4. Click OK.

When geolocation is enabled on your NetScalers, you can see 'Top signature violations by geolocation' as a category on the AppFirewall dashboard. You can also generate reports for this category. With geolocation logging, you can see the geographical location of a specific request in the violation log.

To view and generate violations by geolocation report

1. Navigate to Reporting > AppFirewall > Dashboard to view graphs that indicate the Top signature violations by geolocation.

2. To export violations by geolocation data, navigate to Reporting > AppFirewall > Reports. Select the Top violations by geolocation report type and click View Graph.

3. Choose the Duration and the No. of top violations you want to represent on your graph. Click OK.

4. Click Export to export this data as well in graph format, table format (CSV), or both.

Alternately, you can also schedule reports by geolocation by navigating to Reporting > AppFirewall > Notification Settings > Schedule Report.

You can now add devices while creating a custom task. While scheduling or executing a custom task, your previously added devices are already pre-selected. You can choose to modify the list, to either add or remove devices before performing your task.

While creating a new custom task, you can select devices in the Add custom task page. Select the task you want to execute or schedule by selecting the chosen task under the Custom Tasks list; your previously added devices are already selected.

To add devices during custom task creation

1. Navigate to the Configuration tab. In the left pane, under Configuration, click Custom Tasks.

2. Click Add to do the following:

a. Custom Task Add Options - Define or import new commands.

b. Add Custom Tasks - Create a task by giving it a name, a description. Add devices. You can also configure devices based on their device family.

3. Click OK to create a custom task.

To view previously selected devices during scheduling or execution

1. From the custom tasks list, select a custom task and click Execute/ Schedule.

2. You will be directed to the Select Devices page, where your previously added devices are already selected.

You can now block email alerts for specific virtual servers. Typically, email alerts go out to the administrators/users when the server's status changes or if errors are generated on the servers. To disable email alerts when the device is in maintenance state, an option to exclude 'failedObject' is provided under Alarm/Event triggers. The user can exclude 'failedObject' by prefixing it with the '!' character.

To achieve multi-domain login using Global Catalog Server, the standard port is 3268 or the secure port is 3269. The Global Catalogue LDAP configuration has to be provided only in Command Center.

Note: LDAP referral is not supported currently for multi-domain login.

To configure LDAP with Global Catalog Server

1. Navigate to Administration > Authentication. Expand the Authentication node and select LDAP.

2. Click Add.

3. In the Create LDAP page, enter the server details.

4. Configure Global Catalog Server details by entering server port parameters as 3268 for Global Catalog Default and 3269 for Global Catalog with SSL.

5. Click Create to finish.

You can now sort audit logs on the server by the server's timestamp by clicking on their column headers. This option is particularly helpful if you have to sift through a large quantity of data and want to pinpoint and identify when a particular operation was performed on the server.

To sort audit logs, navigate to Administration > Security > Audit Logs. Click on the Time column to sort audit logs based on the time the operation was performed.

The Command Center server time is now displayed on the GUI to help you identify and map the time when traps were received, sylog events occurred, devices added etc.

You can now retrieve current ICA connections of your NetScaler devices from the Command Center performance reports. The ICA connections that can be retrieved now are AAA > Current ICA Only Connections.

The Command Center server supports a unified system of authentication, authorization, and accounting (AAA) protocols, including RADIUS, LDAP, and TACACS, in addition to supporting local servers for authenticating local users and groups. The unified support provides a common interface to authenticate and authorize all of the local and external AAA clients who are accessing the system. Command Center can authenticate users regardless of the actual protocols they use to communicate with the system.

Cascading external authentication servers provides a continuous non-failing process for authenticating external users. If authentication fails on the first authentication server, the Command Center server attempts to authenticate the user by using the second external authentication server, and so on. If you Enable fallback local authentication, then the authentication will fallback to local Command Center authentication server if all external authentication fails.

To enable cascading authentication, you need to add the external authentication servers to Command Center. You can add any type of the supported external authentication servers (RADIUS, LDAP, and TACACS). For example, if you want to add four external authentication servers for cascading authentication, you can add two RADIUS servers, one LDAP server, and one TACACS server, or all servers can be of RADIUS type. You can configure up to 32 external authentication servers in Command Center.

You can add any number of external authentication profiles in Command Center by navigating to Authentication > LDAP/RADIUS/TACACS.

To configure cascading external authentication servers

1. In Command Center, navigate to Administration> Authentication. In the right pane, click Authentication Settings.

2. On the Configure Authentication Settings page, select EXTERNAL from the Authentication Server drop-down list (only external servers can be cascaded).

3. Move the available external servers from the Available table to the Configured table to add them to your instance group. You can specify the order of authentication by using the arrow keys icon in the configured table to move the server up or down the configured list.

4. You can choose to use local authentication server in case external authentication fails by selecting the Enable fallback local authentication checkbox.

5. Click OK.

Now you can authenticate using the secure LDAP TCP port 636 to allow your Command Center to communciate securely with the LDAP server.

For the secure LDAP to work in Command Center, the LDAP Server certificate has to be exported from the LDAP server and imported to Command Center server certificate trust store. The process is as follows:

1. Export the LDAP server certificate from the LDAP server using any external tool or internal tool like certutil for Active Directory.

2. Once the certificate is exported from the LDAP server, copy the certificate under <CCHome>/Certs folder.

3. Run the batch file <CCHome>/bin/importLDAPSCertificate.bat with certificate file name (and extension) and Command Center TrustStore password (by default it will be commandcenter) as arguments

Example: <CCHome>/bin/importLDAPSCertificate.bat myldapscert.cer commandcenter.

After importing the certificate to your Command Center TrustStore, start the Command Center server and add your Secure LDAP profile and enable it as an active profile by navigating to Administration > Authentication > Authentication Settings. Your LDAP users are then authenticated safely in Command Center through the SSL layer.

You can schedule performance custom reports to show minimum, maximum & 95th percentile values. You can now see these values along with the graph generated sent to you as an email notification. To view reports with 95th percentile values, you must first create a custom report and then, schedule it to be emailed to you/your users.

To schedule reports showing the 95th percentile

1. Navigate to Reporting > Performance > Custom Reports.

2. Select the report you want to schedule from the list displayed, and click Schedule. Make sure you've selected the Graph option.

3. Select the E-mail the report checkbox to send an email notification when the task is executed by providing the necessary details.

4. The report emailed contains a graph that will depict the maximum, minimum, and their 95th percentile values.

You can now customize a report to include only hourly, daily, or current data. Previously, by default when a report was scheduled, a report containing all hourly, daily, that current data was sent to the user.

You can now sort logs in the Command Center in ascending and descending order for all columns containing data. You can sort them by date and time, size, and name.

To view and sort logs in Command Center, navigate to Administration > Diagnostics > View Logs. Click the column headers to sort logs in ascending or descending order.

You now have the flexibility to choose the presentation format of your performance report. You can choose to customize your CSV report to set device as a column or your instance as a column. This option is only visible for non-aggregated and current reports in CSV format that are generated when scheduling custom reports.

To customize your CSV report format

1. Navigate to Reporting > Performance > Custom Reports.

2. Select a report and click Schedule.

3. In the Schedule page, select the CSV as report format. Select the Customize CSV Report checkbox to further customize your report to choose:

-Device As Column

-Instance as Column

For services, you cannot create a custom view based on the "Last State Change" view.

You cannot generate a tech support file from the web GUI.

Workaround: Use CLI to generate the tech support file.

After you upgrade to Command Center build 45.4 from build 44.11 of release 5.2, you encounter a Bad Request error when you access the GUI for the first time.

Workaround:

Clear the bowser cache and files and access the login page again.

The retry interval and delay configured in FailOver.xml does not take effect for a Command Center appliance in a high availability setup.

You cannot use the Command Center CLI to access the database.

With this fix, you can access the database space in CLI mode as follows:

1. Go to CC_HOME/bin

2. Execute one of the following scripts

- database_space_check.bat (for Windows)

- database_space_check.sh (for Linux)

Command Center does not support Windows authentication mode for an MSSQL database. It only supports SQL authentication mode.

You might be unable to log onto Command Center after a fresh installation, because of a corrupted security configuration.

Workaround: After a fresh installation, reset the Command Center configuration by re-initializing it. To do so, run the reinitialize_nms.bat or reinitialize_nms.sh script, which is located in the CCHome/bin/ folder

The Replicate Configuration feature is not supported for a NetScaler cluster or for NetScaler devices in a high availability pair.

If you configure an alarm or event trigger for a Send Trap action to send SNMP traps to an SNMP manager, SNMPv3 traps are forwarded to the manager as SNMPv2 traps.

Rediscovery of a cluster device with an SNMP v3 profile fails after the Configuration Coordinator node restarts.

After you upgrade to Command Center build 45.4 from build 44.11 of release 5.2, you encounter a Bad Request error when you access the GUI for the first time.

Clear the bowser cache and files and access the login page again.

In the Authentication settings for Active Directory Group extraction, the option to retrieve the attributes from the Active Directory server and select the attributes from the retrieved list is not available in Command Center release 5.1 or later.

You cannot back up the configurations of NetScaler SDX devices that are accessed by using non-nsroot user credentials.

Workaround: Add NetScaler SDX devices that are accessed by using nsroot user credentials.

The restore configuration option on the details page for a device does not display the log information.

If you add a device to Command Center, sometimes, the discovery process might not proceed.

Workaround: Restart the Command Center server.

Rollback of commands in the DeployMasterConfig built-in task fails.

AES based encryption is not applicable for USMTable in SNMPv3 discovery.

NSSDXSoftwareUpgrade Built-in task displays the following log message: "Task not completed", even after successful upgrade, if NSSDX GUI is open on your local machine.

You cannot search for an execution log by specifying the status message that appeared when the task was executed.

Command Center accesses unknown DNS IP addresses.

Workaround:

Update the /var/cache/yum/addons/mirrorlist.txt file to remove the invalid DNS entries.

When you access Command Center from Internet Explorer 8, the Virtual Servers page under the Monitoring tab displays the following error message: "Stop running this script? A script on this page is causing your web browser to run slowly. If it continues to run, your computer might become unresponsive.”

Workaround: Use Internet Explorer 9, 10, or 11, Mozilla Firefox, or Google Chrome.

You cannot generate a tech support file from the web GUI.

Workaround: Use CLI to generate the tech support file.

On the Citrix Network > Device Inventory > NetScaler screen, the Command Center server does not sort the System Uptime column by date but by the string value.

The Device Inventory screen does not display the IP address, platform and hostname for the CloudBridge 800 platform.

The "NSSDXSoftwareUpgrade" built-in task does not work in NetScaler SDX release 10.5

The NetScaler dashboard always displays the CPU Usage (%) value as 0 for a NetScaler cluster.

You cannot generate a report by using the "RunningVsSavedconfiguration" audit policy on a NetScaler device if the device password contains a hash (#).

Workaround: Modify the device password.

On the graphical user interface (GUI), the Logs Settings page (Administration > Logging > Logs Settings) now displays the following details:

- Logger: Type of log file.

- Level: Level of log you want to generate. Select the log level for a file.

- Appender: A link to set the file appender details.

When you click on file name in the Appender column, you can modify the following settings:

- File Name: Name of the log file with which the appender is associated.

- Max Backup: Maximum number of files to be backed up when storing the logs. When this limit is reached, the log file is rolled back.

- File Size: Maximum size of the log file.

You can now track the configuration files downloaded during discovery of a NetScaler SDX device or a CloudBridge Advanced Platform (CloudBridge 400 or CloudBridge 800). You can back up the configurations of a device at any time.

On the SDX Device Properties page, you can now perform the following tasks:

- Backup Config: Initiate configuration backup.

- Refresh: Refresh the Archived Details section.

- Download: Download configuration and license files to your local system.

The following details are also available for each file archived during discovery, during intervals set by the user, or for the current time:

- Time: The date and time when the configuration and license files were archived.

- View Files: The list of files archived. To view the list of all the license and configuration files archived and stored in the database, click View Files.

- Comments: Details about when the files are downloaded (for example, File downloaded during discovery).

You can use the NetScaler Dashboard to view the status of all the NetScaler devices being managed by Command Center. You can view the name, CPU usage, memory usage, throughput statistics, and HTTP requests per second data for each discovered device.

You can now search the execution logs by task name, device, or status by using the search option on the Execution Log page.

The CloudBridge Advanced Platform (CloudBridge 400 and CloudBridge 800) can initiate discovery by Command Center, if you configure the IP address, port, and password of the Command Center server on the CloudBridge Advanced Platform (CloudBridge 400 and CloudBridge 800). The appliances then use NITRO APIs to send registration requests to Command Center. The Command Center server then automatically starts the discovery process.

You can now use Command Center to monitor and manage the states of servers across the NetScaler infrastructure.

You can now assign Execute task Action to filter the event and alarm triggers.

The Initial Configuration wizard enhances the first time user experience by helping you get started with Command Center efficiently and effectively, and by guiding you through the initial configurations. This ensures that you perform all the required configurations without having to navigate to GUI pages of different tabs in the Command Center GUI.

In this release, you can now use the following built-in tasks to execute configuration changes on CloudBridge devices:

- AddWCCPServiceGroup

- EnableWCCP devices

- DisableWCCP

- SetApplication

- SetTrafficShapingPolicy

- AddTrafficShappingPolicy

- AddService

- AddLink

For details, see http://support.citrix.com/proddocs/topic/command-center-52/cc-tasks-conf-repeater-builtin-tasks-tsk.html.

You can now perform the following tasks in Certificate Management:

- Display the SSL certificate links

- Link certificate(s) to CA certificates

- Unlink certificate(s) from CA certificates

For more information, see http://support.citrix.com/proddocs/topic/command-center-52/cc-mng-mon-sslcert-link-unlink-tsk.html and http://support.citrix.com/proddocs/topic/command-center-52/cc-mng-mon-sslcert-view-certs-tsk.html.

This release supports AES-based encryption of device credentials.

You can now search for a device by device name or status, after navigating to Citrix Network > Devices > Discovery Status.

Command Center can now discover ByteMobile Traffic Director. To begin monitoring the device, you must connect to the Command Center server and then add the ByteMobile Traffic Director for discovery. Command Center initiates the discovery process, which stores the ByteMobile Traffic Director related information in the Command Center server.

The Deployment Automation feature provides easy automation for deployment management when deployments are going through rapid changes. This module provides smooth migration of configurations across different deployments and exposes RESTful NITRO APIs with which you can automate the entire process. For details, see http://support.citrix.com/proddocs/topic/command-center-52/cc-tasks-devops-confmig-tsk.html

When you view the graph for a custom report, you can now click the auto-refresh button to refresh the graph.

Command Center now supports MSSQL 2012.

Command Center 5.2 supports MySQL 5.6 and the Red Hat Enterprise Linux (RHEL) 6.2 operating system.

You can now apply XenServer hotfixes on the Command Center hardware appliance. For details, see http://support.citrix.com/proddocs/topic/command-center-52/cc-admin-apply-xenserver-hotfixes-tsk..html.

If you have resolved any alarms, or if the alarms are no longer valid, you can either clear or delete all the alarms from the Citrix Network tab, depending on multiple severity levels.

The Configuration Management module in Command Center enables you to execute various configuration commands on multiple devices at the same time. You can create configuration profiles that are templates you can use to execute configuration tasks.

Progress of Executed Tasks

After you provide the details for executing a built-in task or a custom task, a pop-up screen appears, stating that the task execution is in progress. You are redirected to the Execution Log page that displays the progress of the executed task.

Command Center now supports CloudBridge Advanced Platform (CloudBridge 400 and CloudBridge 800).

If you create a CloudBridge Advanced Platform device profile, you no longer have to provide the CloudBridge profile and NetScaler details. Command Center internally creates CloudBridge and NetScaler profiles from the corresponding CloudBridge Advanced Platform profile.

Also, if you create a CloudBridge device profile, you no longer have to specify the file transfer details. Command Center internally assigns the default user name transfer and assigns the same password that you specify for device login.

The Invoke CLI button is now available on the header of the Device Inventory screen.

You can now select the columns to include in the tables on Command Center screens such as Device Inventory, Discovery Status, and Device Profiles, and you can rearrange the columns. Each user's changes persistent across his or her sessions.

Choose the column names from the Settings drop-down list next to the Search button.

The column customization settings drop-down list on the Device Inventory screen displays the SNMP Device Name, Description, and Location options.

The Execution Logs pane on the Configuration tab is now more intuitive and user friendly.

Command Center now supports the OpenLDAP as one of the authentication servers.

Command Center now has an autoconfiguration feature, which combines configuration profiles with the registration feature to automatically discover and configure one or multiple CloudBridge 400, 800, 1000 WS, 2000, 2000 WS, or 3000 appliances.

For details, see http://support.citrix.com/proddocs/topic/command-center-52/cc-pure-cs-citrix-network-auto-config-map.html.

Command Center now supports the following NetScaler SNMP traps:

*vridStateChange

*portAllocFailed

*lldpRemTablesChange

"Show Service Bindings" and "Show Service Group Bindings" are now on the Servers screen, which is on the Monitoring tab.

The reporting graphs are now enhanced to display the peak values and minimum values along with average values.

Command Center now supports sending audit logs to an external syslog server.

To add a syslog server, on the Administration tab in the details pane, under Security, click Syslog Server.

For more details, see http://support.citrix.com/proddocs/topic/command-center-52/cc-admin-conf-syslog-setting.html

You can now select the following properties when you apply the authorization settings on a group:

*Server IP address

*Server Name.

Command Center now applies a password policy to provide security against hackers and password-cracking software.

To apply a password policy, on the Administration tab, in the details pane, under Security, click Password Policy and specify the parameters.

Command Center now supports the following CloudBridge SNMP traps:

*invalidBridgeConfig

*invalidHttpCachingConfigFile

*qosEngineError

*MapiNtlmError

*EthernetCrcError

*qosLinkConfigWarning

*MaxUnacceleratedConn

*badHardware

*warning

*CheckServiceClass

*cachingEngineMajor

*cachingEngineMinor

*cachingEngineWarning

The Device Inventory screen on the Citrix Network tab now displays the nodes for device types.

You can now use the following built-in tasks to upgrade a CloudBridge Advanced Platform appliance and its instances:

*UploadSoftwareFile

*UpgradeSoftware

On the Configuration tab, in the navigation pane, navigate to Configuration > Built-in Tasks and, in the details pane, select CloudBridge Advanced Platform.

This feature is available on CloudBridge Advanced Platforms running version 124.1353.e or later.

For more details, see http://support.citrix.com/proddocs/topic/command-center-52/cc-tasks-upgrade-cb-adv-plt-builtin-con.html.

You can now enter administrator or user comments for any discovered device.

To include comments, on the Citrix Network tab, under Device Inventory, navigate to any of the device types, Then, in the details-pane, select the device, and from the Action drop-down list select Annotate.

Alternately, right-click the device, and then click Annotate.

If a custom task fails, you can now choose to ignore the command failure and continue with execution of the remaining commands.

Command Center now supports the following NetScaler counters:

*vsvrTotalServers,1.3.6.1.4.1.5951.4.1.3.1.1.65

*vsvrInvalidRequestResponse,1.3.6.1.4.1.5951.4.1.3.1.1.67

*vsvrInvalidRequestResponseDropped,1.3.6.1.4.1.5951.4.1.3.1.1.68

*vsvrEstablishedConn,1.3.6.1.4.1.5951.4.1.3.1.1.71

*vxlanTable,1.3.6.1.4.1.5951.4.1.1.81

*vxlanEntry,1.3.6.1.4.1.5951.4.1.1.81.1

*vxlanVNId,1.3.6.1.4.1.5951.4.1.1.81.1.1

*vxlanTotRxPkts,1.3.6.1.4.1.5951.4.1.1.81.1.2

*vxlanTotRxBytes,1.3.6.1.4.1.5951.4.1.1.81.1.3

*vxlanTotTxPkts,1.3.6.1.4.1.5951.4.1.1.81.1.4

*vxlanTotTxBytes,1.3.6.1.4.1.5951.4.1.1.81.1.5

You can now install Command Center on a named instance of MSSQL server 2012.

Command Center now supports the following built-in tasks for CloudBridge appliances:

-AddVideoCachingSource

-AddorRemoveVideoCachingPorts

-SetVideoCaching

-RemoveVideoCachingSource

-RemoveAllVideoCaching

-ClearVideoCaching

-VideoCachingState

-AddVideoPrePopulationNow

-AddorUpdateVideoPrePopulation

-VideoPrePulationState

For more details, see http://support.citrix.com/proddocs/topic/command-center-52/cc-tasks-conf-repeater-builtin-tasks-tsk.html.

If you use an RBAC server for authentication, Command Center groups are configured to match groups configured on authentication servers. When a user logs on and is authenticated, if a group name matches a group on an authentication server, the user inherits the settings for the matching Command Center group.

For more details, see http://support.citrix.com/proddocs/topic/command-center-52/cc-admin-conf-authntcn-settng-4-0-tsk.html#cc-admin-conf-authntcn-settng-4-0-tsk.

Command Center now displays the entity's IP address and port, along with the entity name, for all the SNMP event and alarm details for entity UP, DOWN, and OUT OF SERVICE traps.

You can now install Command Center on the Windows server 2012 R2 platform.

For details on operating systems, see http://support.citrix.com/proddocs/topic/command-center-52/cc-install-os-reqmnt-ref.html.

The Command Center appliance now monitors the following server conditions and generates an alarm if they occur:

-Memory usage greater than 90%

-CPU usage of 100%

-Page Fault more than 1

-Disk usage greater than 90%

-Interface Status of Down

-HA status

To display this information, on the Command Center appliance, navigate to Administration, and in the left pane select Information > Server.

You can configure an SNMP agent on the Command Center appliance, so that an external SNMP manager can monitor the appliance and query any of its Management Information (MIB) objects.

To configure an SNMP agent, on the Administration tab, under Security, click SNMP Agent Configuration.

For more details, see http://support.citrix.com/proddocs/topic/command-center-52/cc-admin-conf-snmp-trap-fwd-tsk.html.

You can now configure ciphers in Command Center.

For details, see http://support.citrix.com/proddocs/topic/command-center-52/cc-faq-gen-51-con.html.

You can now assign the views on the Monitoring tab to other users in a group by assigning administrator privileges to the view.

For more details, see http://support.citrix.com/proddocs/topic/command-center-52/cc-custom-view-group-assign-tsk.html.

You can now install Command Center on the 64-bit version of CentOS.

For details on operating systems, see http://support.citrix.com/proddocs/topic/command-center-52/cc-install-os-reqmnt-ref.html.

You can now specify the Administrator Base Domain Name if you configure either an Active Directory or an Open LDAP authentication server. The Administrator Base Domain Name is the administrator user name that is used to bind to the Active Directory or Open LDAP server. You can specify the Administrator Base Domain Name in the field Administrator Bind DN.

If you restrict a user group to an entity, then all the users in that group can access only that entity and the entities that are bound to that entity. For example, consider there are three virtual servers configured on a NetScaler device, V1, V2, and V3, and virtual servers V1 and V2 are bound to service S1. If you restrict usergrp1 to only service S1, then all users in the group usergrp1 can access only service S1 and virtual servers V1 and V2. Users in usergrp1 cannot access virtual server V3.

To restrict a user group to only an entity and it's bound entities, on the Administration tab, navigate to Security > Groups, select a group, and then click Advanced Settings. In the Property Name list, select an entity, and then select the Apply on bound entities also option.

This functionality is applicable to the following entities:

-Virtual Server Name

-Service Name

-Service Group Name

-Server IP address

Note: If you select the Apply on bound entities also option for the entities services and service groups, the servers abound to these entities might not be accessible.

Command Center now supports SNMPv3 traps. Command Center receives SNMPv3 traps once a NetScaler device is discovered with SNMPv3 credentials. SNMPv3 traps are supported for only NetScaler devices.

You can now download the sample template file and the input file for the DeployMasterConfig task from the NetScaler Built-in Tasks lists page.

On the Configuration tab, navigate to Configuration > Built-in Tasks, select DeployMasterConfig and click Download Sample Template. A zip file containing both the sample template file and the input file is downloaded to your local machine.

You can no longer download the sample template file and the input file from the Downloads section of Command Center.

You can now preview the master configuration, which is generated from the configuration template and the input file provided by the user during DeployMasterConfig task execution, before it is executed on the selected device.

This feature allows an external user to log on to Command Center even though the configured external authentication server is down or unreachable. Command Center administrator must identify the users and enable Fallback Authentication User for those users. By default, this option is disabled for all users. Note that the default password for fallback users is public.

To enable Fallback Authentication User for multiple users, on the Administration tab, under Security, click Fallback Authentication User, and select the user for whom you want to enable this setting.

To enable Fallback Authentication User for a user, on the Administration tab, navigate to Security > Users, select the user and click Edit. In Configure User, select the Fallback Authentication User option.

If you configure a task to be executed sequentially and select the Ignore and Continue option, you can now select either of the following options:

-Execute on current device only. Execute the task on only the current device, even though the task has partially failed on that device.

-Execute on all selected devices. Execute the task on all the selected devices, including the current device that experiences a partial failure.

You can now enable or disable the SNMP alarm filters and schedule them (Fault> SNMP> Alarms> Triggers > Schedule a Filter.)

The Execution Log screen (Configuration> Configuration> Execution Log) now includes a Status Message column, which provides details about the progress of task execution.

You can now discard obsolete syslog records by creating a filter.

To configure a Syslog filter, on the Fault tab, navigate to Syslogs> Filters, and click Add.

Command Center server now provides the option to enable or disable SSLv3 (Administration> Settings> SSLv3 Settings.) By default, SSLv3 is disabled on the Command Center server.

Command Center now supports SCP protocol to make configuration changes across NetScaler and CloudBridge devices.

You can now search for an execution log by specifying the Start Time, End Time and Execution time of a task.

The search by execution time works on the values displayed in the Start time and End Time columns.

You can now abort task execution, on one or more devices, by selecting the devices and clicking the Abort button.

Group extraction feature is now available for RADIUS authentication server.

Command Center now supports MSSQL 2014.

You can now discard obsolete AppFirewall or NetScaler Gateway syslog records by creating a filter.

To configure the AppFirewall filter, on the Reporting tab, navigate to AppFirewall> Filters, and click Add.

To configure the NetScaler Gateway filter, on the Reporting tab, navigate to NetScaler Gateway> Filters, and click Add.

Command Center now supports the UploadXVA built-in task to upload a XenServer Virtual Appliance (XVA) image to one or more NetScaler SDX appliances.

If any discovered NetScaler device has an SNMP manager configured, Command Center adds itself as an SNMP manager.

You can now use the DeployMasterConfig built-in task to configure parameter values across NetScaler devices by applying the global configuration template and an input file.

Command Center now supports NITRO APIs for custom views.

The search functionality in Command Center is now improved to display the filter names in the search option even after performing multiple search operations by using the same filter name.

You can now configure the syslog purge interval for different syslog messages.

To configure the purge interval, on the Administration tab, in the Settings group, click Syslog Purge Settings.

Command Center can now be configured to repeat email notifications at specified time intervals until an alarm is cleared. Navigate to Fault> SNMP> Alarms> Triggers> Add> Add Action to enable this option.

You can now export graphs and tables of Application Firewall violations from Command Center. You can choose to export either a graph or a table (CSV file), or both.

Command Center now supports deployment of RADIUS authentication with an Active Directory server. You must enable Group Extraction and specify the group vendor identifier and the type of group attribute.

You can now specify either the host name or the IP address to resolve an authentication server. In earlier releases, you could only specify the IP address.

You now have the option to enable and disable group extraction for a RADIUS authentication server. In earlier releases, group extraction could not be disabled.

The Auto rollback on failure option under Deployment Automation is now unchecked by default.

Command Center now supports TLSv1.1 and TLSv1.2 protocols.

To enable TLSv1.1 and TLSv1.2 protocols

On the Administration tab, navigate to Settings > SSL Settings and select the Enable TLSv1.1 or Enable TLSv1.2 option.

Note that the SSLv3 protocol is no longer supported.

If you want to replicate the complete existing state of a NetScaler appliance on another NetScaler appliance, you must replicate the configuration, license, and certificate files. By executing the DeployMasterConfig built-in task without customizing it, you can replicate only the configuration file.

You can customize the DeployMasterConfig built-in task to add additional commands, so that you can replicate license and certificate files to other NetScaler devices, and execute any other commands required for your configuration.

You can customize the DeployMasterConfig built-in task to do the following:

-Add additional commands

-Modify existing commands

-Add variables to commands

-Delete commands

-Change the order of commands.

Caution: Be careful when changing the order of commands in the DeployMasterConfig built-in task.

The compressed file (.zip) of a sample template of built-in tasks now includes the XML schema file (.dtd) for the input XML file.

All groups configured on Command Center now have read-only permissions by default. In earlier releases, the default group "Users" had no permissions.

As part of this enhancement, the Users group now has read-only permissions. A new external user is automatically added to the default Users group when that user is authenticated in Command Center. Since the Users group now has read-only permissions, the new external user does not experience an authorization failure.

You can now generate technical support bundles of the following types:

-Basic. A technical support bundle that includes log files, database information, and configuration settings.

-Advanced. A technical support bundle that includes log files, database information, configuration settings, thread dumps, and crash logs.

Command Center now stores the last ten previously generated technical support bundles. You can delete the ones that you no longer require.

Technical support bundles generated by Command Center appliances in a high availability configuration include the technical support files for both the primary and the secondary nodes.

To generate the technical support bundle by using the graphical user interface, on the Administration tab, under Diagnostics, click Technical Support.

A technical support bundle can also be generated from the Command Center command line interface. The default type is Advanced.

To generate the technical support bundle by using the command line interface, in the <CCHome>\bin directory, execute the generate_technical_support script.

On a Windows system, run the following command:

generate_technical_support.bat

Alternatively, you can double-click the generate_technical_support.bat file.

On a Linux system, run the following command:

sh generate_technical_support.sh

You can now view the following reports for NetScaler Gateway devices:

-Top users by sessions

-Top ICA applications by user access

-Top users by bandwidth

-Top client types

-Top users by EPA scan failures

-Top users by failed attempts

You can also export NetScaler Gateway reports from Command Center. You can export them as graphs, tables (CSV files), or both. You can also schedule the Reports.

To view NetScaler Gateway reports

On the Reporting tab, navigate to NetScaler Gateway > Reports, select the report you want to view and then click View Graph.

To schedule NetScaler Gateway reports

On the Reporting tab, navigate to NetScaler Gateway > Notification Settings, and then click Schedule Report.

You now have a single option, LDAP, for configuring either an Active Directory or an Open LDAP authentication server.

On the Administration tab, navigate to Security > Authentication Settings, and select LDAP. In the Server Type list, select either Active Directory or Open LDAP, and then configure the rest of the fields as required for the authentication server you selected.

You can now receive an SNMP trap if the size of the Command Center database reaches a configured threshold value. You can also receive an email notification.

By default, the size of the Command Center database is checked once an hour. You can specify the threshold value in MB, or as a percentage (%) of the disk space allocated to the database.

If you have configured the threshold value as a percentage, then the percentage of the used size is compared against the allocated database size and the notification is generated if the percentage exceeds the configured threshold value.

If you have configured the threshold value as a size (MB), then the used database size is compared against the configured threshold size and the notification is generated if the database size exceeds the configured threshold value.

This feature is supported for the following database servers:

-MSSQL

-MySQL

-Oracle

Note that this feature is not supported for the PostgreSQL database server.

To configure database monitoring

1. On the Administration tab, navigate to Settings > Database Monitor Settings.

2. Select the Enable Database Monitoring option and specify the threshold value as a percentage or as a size (MB).

3. If you also want to receive an email notification, select the Enable Email Notification option and then configure the email server from which to send email notifications.

You can now export syslogs from Command Center. For Application Firewall and NetScaler Gateway syslogs, you can export the recent syslogs that appear under Logs, and you can export syslogs for the views that you have configured under Views. You can also export the syslogs that appear on the Fault tab, under Logs and Views.

You can specify the criteria for exporting syslogs that appear under Logs. Different criteria apply to NetScaler Gateway and Application Firewall syslogs. You can limit the number of rows to be exported depending on your need. The default limit for the number of rows to be exported is 1000, and the maximum is 10000.

You can now export all graphs (image files) and data in tabular format (CSV file) from the Application Firewall dashboard.

Note the following changes in the Command Center graphical user interface:

1. Fault > Syslogs

- "Complete View" has been renamed to "Logs."

- "Filters" has been renamed to "Suppress Logs."

2. Reporting > AppFirewall

- "Filters" has been renamed to "Suppress Logs."

- "Recent Logs" has been renamed to "Logs."

- "Views" was under "Recent Logs" which is now under "AppFirewall."

- "Schedule Report" was under "Reports" which is now under "Notification Settings."

3. Reporting > NetScaler Gateway

- "Filters" has been renamed to "Suppress Logs."

- "Recent Logs" has been renamed to "Logs."

- "Views" was under "Recent Logs" which is now under "NetScaler Gateway."

The Management Service backup now contains only the Management Service configuration backup. This backup no longer includes the image of the NetScaler SDX appliance and NetScaler VPX instances, nor the configuration information for NetScaler VPX instances running on the NetScaler SDX appliance.

You can now view a graph of up to 40 top violations in Application Firewall reports. You can also schedule an Application Firewall report of up to 40 top violations.

The sorting option after performing a search on the Monitoring tab does not work.

On the Administration tab, after you configure the access setting values for server protocol and server port, and then upgrade Command Center, default server protocol and server port values are reset to their defaults.

The SoftwareUpgrade task fails to upgrade CloudBridge appliances.

You might not be able to configure a high availability (HA) setup after upgrading a Command Center hardware appliance to version 5.1 build 33.3.

On a Command Center hardware appliance running software version 5.1 build 33.3, a failover can cause the MYSQL replication to fail, which in turn can disable high availability (HA) functionality.

You cannot modify the device profile from the Citrix Network > Add Device > Modify icon.

Huge NetScaler configuration files cause high disk usage.

After you upgrade Command Center, you cannot change the Command Center password.

You might not be able to configure a high availability (HA) setup after changing the password of a Command Center hardware appliance.

On the Configuration tab, the task specific execution log does not display the Command Center user details.

On the Configuration tab, after you click Add Command to add a command while adding or editing a custom task, the Command field d does not provide a scroll option for long commands.

On the Configuration tab, when you edit a custom task and click Add Task Variable to add a variable task, some fields are not displayed.

If you use the Command Center graphical user interface (GUI) to change the database password for a high availability (HA) setup, the password change is not propagated to the secondary Command Center appliance.

When you add a device, the Device Profile drop-down list does not display all the available device profiles.

The Monitoring tab might not display the list of polled entities for a NetScaler HA pair.

When a secure FTP to a NetScaler device fails, an OutOfMemory (OOO) error occurs.

Event severity configuration changes roll back to their default configurations after a service pack installation.

When you generate a technical support file, the size of the stdout.txt file increases, causing an Out Of Memory (OOM) condition. As a result, Command Center fails to generate the technical support files.

If the licensing server fails, you cannot log on to Command Center.

An IE9 browser displays long overlapping commands in the ConfigurationChangeHistory built-in audit policy reports.

You can create duplicate groups through the 'Add Users' option.

In Command Center 5.2, you cannot modify the custom logs, such as ccapiout.txt, ccapierr.txt and ccagentout.txt.

If you upgrade Command Center to version 5.2, build 40.1, the SNMP community setting might become a blank string.

If you click on the Monitoring tab, Command Center throws an undefined error.

The refresh button on the Citrix Network > Maps page does not work.

If, While configuring the server settings on the Administration tab (Settings > Server Settings), you select host name as the Device label, the search functionality for host name does not work across the Command Center graphical user interface.

The custom task parameters are not preserved if you create a custom task by importing an xml file or if you export the custom task as an xml file.

The uninstall option functions on Command Center appliance.

If you configure the root user password of a Command Center appliance to include special characters, the root user cannot use SSH to connect to the Command Center virtual machine or the XenServer virtual machine.

After you upgrade a Command Center appliance, you might not be able to log on to Command Center if you have configured a syslog server with a port value other than the default.

After you install Command Center, you cannot add a CloudBridge 7.2.1 appliance to the Command Center inventory if the CloudBridge serial number is more than 50 characters long.

The Reporting tab for Application Firewall (Reporting> AppFirewall > Recent Logs) displays incorrect values for APPFW_MAX_UPLOADS.

If an existing custom task is open when you create a new custom task, the details of the new task are replicated in the existing task.

The following counters are defined as OCTET STRINGs in NetScaler SNMP MIB, but are actually Counter64 values and are not polled in Command Center for reporting.

-vserverTable_vsvrClientConnOpenRate

-nsTcpStatsGroup_tcpTotClientConnOpenRate

-serviceGroupMemberTable_svcGrpMemberRequestRate

-serviceGroupMemberTable_svcGrpMemberRxBytesRate

-serviceGroupMemberTable_svcGrpMemberTxBytesRate

-serviceGroupMemberTable_svcGrpMemberSynfloodRate

The entities displayed on the Monitoring tab disappear when the cleanup scheduler deletes the latest polled entities along with the older ones.

The AppFirewall Recent Logs Screen displays incorrect field values if the Signature category contains more than one hyphen in Signature Violations syslogs.

The Administration tab displays the following error message if Command Center does not receive enough database connections:

'Audit Log:{ "errorcode": 400, "message": "No Custom view found with the id "AuthAudit" for user <user_name>i"}

Workaround: Run the Update_Patch_Db.bat/.sh file file located in <CCHome>/bin/ path to solve the issue.

If Command Center is configured with a custom certificate that does not have a default password, the Command Center service fails to start during an upgrade.

If you configure the autoconfiguration feature and create a configuration profile with more than 675 lines of commands, the configuration profile is not listed in the configured profile list.

When OpenLDAP is used for Command Center authentication, a logon attempt with valid credentials fails.

Command Center service fails to start, because of JRE corruption.

You cannot export the device inventory details for CloudBridge Accelerator and NetScaler devices.

Appropriate error messages are not displayed in the execution logs if the DeployMasterConfig task fails.

Appropriate error messages might not be logged in the task execution logs if there is an error in the input XML file.

When OpenLDAP is used for Command Center authentication, a logon attempt with valid credentials fails.

Command center might display same host names for different devices.

User defined rollback commands are not displayed in the preview screen before task execution.

The default value of Event Cleanup Interval is now 30 days. In earlier releases, the default value was 180 days. If you had configured this value to anything other than 30 days before upgrading to the latest release, you must again set it to the value as per your need.

The arrow icon indicates that the records displayed in the Command Center graphical user interface are sorted in ascending order, but they are actually sorted in descending order.

Command Center service fails to start, because of JRE corruption.

You can now specify the device group in the input file to deploy the master configuration on a NetScaler device.The variable values defined in the devicegroup tag take precedence over the global variable values and the variable values defined in the device tag take precedence over the devicegroup variable values.

The DeployMasterConfig task fails if the input XML file contains standard comments.

The browse button to search users from Active Directory is now changed to a search icon.

If Command Center is configured with a custom certificate that does not have a default password, the Command Center service fails to start during an upgrade.

All entities bound to an entity might not be displayed if you restrict a user to that entity by using Advanced Settings.

If a NetScaler device is enabled with Common Event Format (CEF) logging for Application Firewall, Command Center fails to retrieve views for an alarm.

After you install or upgrade Command Center, the first attempt to connect to the MSSQL database fails.

The DeployMasterConfig task fails if the configuration template file contains HTML tags, because Command Center uses the characters "<" and ">" to enclose the variable name. You can now use the "$" character to enclose the variables (for example, $NS_IP$).

The Command Center logon page might take a long time to load.

Command Center displays an error message if you access NITRO APIs by using unsupported JRE versions.

The NetScaler dashboard (Monitoring > NetScaler> Dashboard) displays incorrect CPU usage percentage values for NetScaler MPX appliances.

When you search for Active Directory groups by specifying the group name characters, Command Center displays incorrect results.

If you sort the date columns on the Command Center server, the sort is based on the string, not the date value.

The NetScalerConfigChange trap is generated every time a NetScaler 10.5 appliance is rediscovered.

If a user is disabled on the Active Directory server, and a new user logs on to the Command Center server, the logs show that the user who is disabled on the Active Directory server is performing the actions of creating the new user on the Command Center server as part of authentication.

In an HA configuration, the data in the primary node is not synced with the secondary nodebecause of compression issues.

Your Command Center service account changes to a network service account after you upgrade to a release 5.2 build.

On the device inventory screen, if you right-click a device and click Alarms, the Command Center server displays the "Error in retrieving alarms" message.

It also does not function if you configure Command Center to display the Host Name column.

On the Citrix Device Inventory, the View Alarms operations does not function if you configure Command Center to display the Host Name column.

If an alarm is triggered when you assign the Execute Task action with an SNMP filter, the Command Center server displays the "Error in retrieving Alarm Trigger" error message.

The user credentials of external users who are authenticated over the RADIUS server are stored in the Command Center server.

If a user is present in both local server and RADIUS server, the user password gets overwritten on the Command Center server.

The Linux script EncryptPassword.sh throws a bad interpreter error because the script contains ^M characters.

The Customize button for all built-in tasks is now modified to "Save As."

If you upgrade a Command Center server to release 5.2, the Command Center service does not start. It displays the "No suitable driver found" error message.

If a scheduled report generates the "Too many data points to plot" error at the same time for two different charts, graphs are not attached in the email sent to the user.

Command Center now supports using the NITRO API to fetch a device list on the basis of device type.

In the NetScaler Gateway dashboard, the "Top 10 users by EPA scan failures" report displays invalid data.

The CLI commands to generate the technical support bundle have been updated as below:

On a windows system:

generate_technical_support.bat basic

generate_technical_support.bat advanced

On a linux system:

sh generate_technical_support.sh basic

sh generate_technical_support.sh advanced

If an Active Directory user that is a member of a group is reassigned to another group, the Command Center graphical user interface lists the user as part of the original group.

On the Monitoring tab, the search functionality fails if the user belongs to two groups and advanced authorization settings are configured.

The help text on the custom task creation screen now appears as a tool tip.

The Linux script EncryptPassword.sh throws a bad interpreter error because the script contains ^M characters.

If the Command Center logon password is longer than 15 characters, an attempt to log on to the Command Center GUI fails.

If you upgrade to this release and you have modified the default cipher list prior to the upgrade, then Command Center retains all the ciphers from the previous release.

If the GUI is not accessible after the upgrade, then you must replace the cipher list with the following strong ciphers and also add any additional ciphers that you might have previously added:

TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_256_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,TLS_EMPTY_RENEGOTIATION_INFO_SCSV

You must replace the ciphers in the following files:

* <CC_HOME>/apache/tomcat/conf/backup/server.xml

* <CC_HOME>/security_modules/https/apache/tomcat/conf/backup/server.xml

* <CC_HOME>/conf/transportProvider.conf

Command Center connections become stale because they are not refreshed.

In an HA setup of a Command Center server, SSLv3 status change operations (enable or disable) are not propagated to the secondary appliance

Workaround:

Enable or disable SSLv3 when the secondary appliance is UP.

With this fix, the following weak ciphers have now been removed from the cipher list:

TLS_DHE_RSA_WITH_AES_128_CBC_SHA and TLS_DHE_RSA_WITH_AES_256_CBC_SHA.

Command Center now supports the following strong ciphers:

TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_256_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,TLS_EMPTY_RENEGOTIATION_INFO_SCSV

When you navigate to Administration > Security > Groups to make edits to the group, the 'Apply on bound entities also' option under Advanced Settings is disabled.

At startup, the Command Center server does not attempt to reconnect the database server if the database server is not reachable or is in the process of restarting.

In a High Availability (HA) setup, when a Command Center force failover takes place, the new primary Command Center server does not receive syslogs from the NetScaler device.

When you try to add a NetScaler HA pair to Command Center, discovery fails if the syslocation name has more than 50 characters.

The upgrade processes of the primary and secondary servers in a high availability (HA) setup fail if their login, SSH, XenServer and database passwords are not synchronized.

If, when installing Command Center software version 5.2-44.11, you select Evaluation as the server-installation type, the Command Center service fails to start.

In a Linux environment, the host name for the NetScaler high availability cluster node is not displayed in the Device Inventory list.

After you upgrade to Command Center software version 5.2.44.11, "netScalerConfigChage" traps are generated for every rediscovery of NetScaler devices with SMNPv3 profiles, even if there is no change in configuration.

The Monitoring Load Balancing State icons in Command Center are not synchronized with the NetScaler Load Balancing State icons.

In a Command Center high availability setup, if you navigate to Administration > Security > Users to change the root password, the change is reflected only in the GUI and the database, not in the Command Center Appliance SSH interface or the SSH interface of the XenServer server hosting the Command Center instance.

NetScaler AppFirewall and NetScaler Gateway reports are not generated when the Command Center database is Oracle or MSSQL.

After you upgrade the Command Center software to version 5.2.44.11, the preview screen of DeployMasterConfig task displays junk characters.

When an Alarm/Event trigger is created, emails are not sent if mail server authentication is configured and enabled.

After you install or upgrade to Command Center software version 5.2.44.11, the Command Center agent service fails to start.

An exception occurs when accessing the Command Center GUI with an expired session.You are once again prompted to enter your credentials on the login page.

The NetScaler and CloudBridge dashboards are now on the Citrix Network tab.

Backup for NetScaler devices fails when the backup file size exceeds 50 MB.

After you upgrade a NetScaler device to release 11.0, the syslogs it generates for the gateway feature are not displayed in Command Center.

Backup for NetScaler SDX 11.0 builds is not supported.

When you login to Command Center through the NITRO API, the credentials are requested even though they are already present in the payload.