Welcome to December 2021
Welcome to our support newsletter!
Missed an earlier Newsletter? Previous newsletters are located here.
In addition to the support newsletter, be sure to follow us on your favorite social media channel, LinkedIn, Twitter, or Facebook. We provide product-related updates, pertinent articles, webinars, and videos there. This newsletter is targeted at existing customers and provides general product-related updates. There is still a lot more to know about us!
Table of Contents
- Popular FAQs
- Middleware Performance Benchmark
- XRay COVID-19 Data Lake
- Nastel's Webinars & TechTalks
- Keeping up with Nastel
- Our Blog
Our products support IBM MQ 9.2.4, the latest CD release on all supported platforms and the MQ Appliance.
Nastel response to Log4j vulnerabilities
There has been a lot of discussion around Log4j V2 due to the recently discovered security vulnerability (CVE-2021-44228).
Your usage of our products is not impacted by this vulnerability in Log4j V2. We do not log information in the way that would be required to leverage the vulnerability.
As a follow-on to this, many customers have asked about our usage of Log4j V1, since that offering is at end-of-life. As noted above, our usage of Log4j is limited to logging data from our components and does not expose risks in usage.
However, to mitigate both of these concerns, we have defined the following plan to address our usage within the products.
- Code that does not use Log4j
- No changes are planned at this time.
- Code that uses Log4j V2
- These will be updated.
- Code that uses Log4j V1
- We are reviewing use of the Log4j bridge as an alternative to V1.
- We will review complete conversion in a future release as appropriate.
- In addition to our code, we also include a number of 3rd party offerings that use V1/V2.
- Where applicable, we will update to versions or configurations that support, or are patched for, V2.
- If the product supports it, we will use Log4j bridge, if required.
- If the 3rd party software only supports V1, it may be necessary to remove it or configure it to prevent specific vulnerabilities at possible loss of function.
Note that to address the specific vulnerability, there are methods to mitigate it, such as setting system property "log4j2.formatMsgNoLookups" to “true” or removing the JndiLookup class from the classpath.
You can get the latest updates here.
2. Popular FAQs & Articles
It is possible to know the last time a user logged into Navigator
The Domain Server maintains the last login time for each account. However, in some cases, the requirement is to get data specific to Navigator. This is possible via several methods. See this FAQ for the options available.
Navigator User Views
The functionality described in this article is available in Navigator versions 10.3 and greater.
With User Views, you can group related dashboards into views. You can switch between views at any time.
A User View is a container for a set of dashboards. Initially, each user starts with a single User View called the “Main View.”
See this FAQ for more information on User Views.
Updating your expiring XRay license
Licenses are configured with an expiration date; XRay will no longer start after your license expires. See the steps here on how to retrieve and install a new license.
3. Middleware Performance Benchmark
What’s the best performing messaging platform for your application and workload?
This is a question that can take immense effort to analyze and answer.
Whether you are building a new app, upgrading existing, or moving workloads to the cloud, this report will help you make the right decision.
We have done extensive performance testing under varying workloads and configurations to compare messaging middleware platforms.
This report compares the performance of these commonly used messaging middleware platforms:
- IBM MQ
- Apache Kafka
- ActiveMQ Classic
- ActiveMQ Artemis
The report also includes methodology, environment, the performance of tests, the results, and the conclusions.
4. XRay COVID-19 Data Lake
We have pulled together multiple COVID-19 datasets from CDC, Johns Hopkins University, and several others into a single interactive data lake on which you can do the following:
- Run your own queries & computations
- Create analytics & web dashboards
- Share your charts & graphs in web apps
The data lake is updated daily with the latest COVID-19 stats from around the world. View the dashboard live, no registration required!
5. Webinars & TechTalks
Click HERE to see our library of other on-demand sessions.
6. Keeping up with Nastel
On Thursday, December 16th, 2021 we announced Nastel Products Are Not Affected by Log4j Vulnerability Issues. Here is the press release that discusses how Nastel Technologies customers will not be exposed to any risks from this vulnerability, but enterprises are encouraged to check with their Cloud and other solution vendors to protect themselves and their data:
We want to ensure you and your colleagues can easily find all our recent press releases and other news, so here is the Nastel News archive for your convenience.
Click HERE to read Nastel news.
7. Our Blog
Our blog is one way we are working to raise the profile of teams that work on IBM MQ, messaging middleware, and the entire Integration Infrastructure Management (i2M) layer of the IT stack. Read and share these recent blogs to help spread the word:
- Nastel Products Are Not Affected by Log4j Vulnerability Issues
- Log4j gets added to the code “wall of shame.”
- Black Friday Requires Dynamic Integration Infrastructure Management
- Enterprises Just Got an Integration Infrastructure Management (i2M) Upgrade, Intelligence from Their Integration
Click HERE to read our blog.