Bugfix Release: This release fixes a PostgreSQL incompatibility for versions lower than PostgreSQL 16. Using those older versions, the WiFi BSSID page in Nzyme did not load.

No need to upgrade from alpha.16 if you did not encounter this issue.

Thanks to @trevorbryant for the quick bug report.

Release blog post: https://www.nzyme.org/blog/project/2025/04/10/release-v200-alpha-16

Breaking Changes

• New migrate command must be executed after update. See Upgrade Procedure below.
• New required nzyme-tap configuration option

[protocols.uav_remote_id]
pipeline_size = 1024

Important Changes

• The data retention configuration is now tenant-based and can be found on the "Database" page of each tenant. Before this, it was globally defined under "System". An automatic migration applies the previous global configuration to each tenant during upgrade.

Other notes

• There are new system event types that trigger when MFA was disabled for a user.

Upgrade Procedure

nzyme-node

If you are upgrading from a previous version, you can simply run dpkg -i on the new release package, execute database migrations and restart the nzyme-node service. Always upgrade nzyme-node before nzyme-tap unless instructed otherwise.

Debian-based systems:

sudo systemctl stop nzyme
sudo dpkg -i nzyme-node_[version].deb
sudo nzyme --migrate-database
sudo systemctl daemon-reload
sudo systemctl start nzyme

nzyme-tap

If you are upgrading from a previous version, you can simply run dpkg -i on the new release package and restart the nzyme-tap service. Always upgrade nzyme-node before nzyme-tap unless instructed otherwise.

Debian-based systems:

sudo systemctl stop nzyme-tap
sudo dpkg -i nzyme-tap_[version].deb
sudo systemctl daemon-reload
sudo systemctl start nzyme-tap

Release Blog Post: https://www.nzyme.org/blog/project/2024/11/01/release-v200-alpha-15

Note that the Ethernet functionality is still extremely limited!

Upgrading: nzyme-node

Order is important.

sudo systemctl stop nzyme
sudo apt install openjdk-17-jre-headless 
sudo dpkg -i nzyme-node_x.x.x.deb
sudo apt purge openjdk-11-jre-headless 
sudo systemctl daemon-reload
sudo systemctl start nzyme

Upgrading nzyme-tap

If you are upgrading from a previous version, you can simply run dpkg -i on the new release package and restart the nzyme-tap service after adding the new required configuration documented below.

Breaking Changes

• We upgraded to Java 17. See nzyme-node upgrade notes above.
• Package file names changed. Please update them in your automation systems if you use any.
• The experimental bluetooth subsystem is now disabled by default. Enable it for your tenants if you want to use it. (Subsystems Documentation)
• New required configuration for nzyme-tap: (Context retention documentation)

[protocols.dhcpv4]
pipeline_size = 1024

[misc]
context_mac_ip_retention_hours = 36 
context_mac_hostname_retention_hours = 36

Please read the release blog post for a list of all new features and improvements.

Release blog post: https://www.nzyme.org/blog/project/2024/08/16/release-v200-alpha-14

Note that the Ethernet functionality is still extremely limited!

Upgrading

If you are upgrading from a previous version, you can simply run dpkg -i on the new release packages and restart the nzyme and nzyme-tap services after adding the new required configuration documented below.

Breaking Changes

• GeoIP and OUI databases now provided by nzyme Connect
• New required configuration for nzyme-tap:

[protocols.udp]
pipeline_size = 16384

[protocols.dns]
pipeline_size = 4096
entropy_zscore_threshold = 3.0

[protocols.ssh]
pipeline_size = 1024

[protocols.socks]
pipeline_size = 1024

[protocols.arp]
pipeline_size = 1024

Please read the release blog post for a list of all new features and improvements.

Release blog post: https://www.nzyme.org/blog/project/2024/05/02/release-v200-alpha-13

Note that the Ethernet functionality is still extremely limited!

Upgrading

If you are upgrading from a previous version, you can simply run dpkg -i on the new release packages and restart the nzyme and nzyme-tap services.

Breaking Changes

• New required configuration for nzyme-node: (You can most likely keep the default setting at 2)

performance: {
  # How many threads work on processing incoming tap reports.
  report_processor_pool_size: 2
}

Other Important Changes

• We improved the 802.11/WiFi channel hopping mechanism and you may notice a difference in the number of recorded frames. You may have to re-tune your alerts if you alert on any threshold.

Please read the release blog post for a list of all new features and improvements.

Release blog post: https://www.nzyme.org/blog/project/2024/04/08/release-v200-alpha-12

Note that the Ethernet functionality is still extremely limited!

Upgrading

If you are upgrading from a previous version, you can simply run dpkg -i on the new release packages and restart the nzyme and nzyme-tap services.

Breaking Changes

• None

Other Important Changes

• None

Please read the release blog post for a list of all new features and improvements.

Release blog post: https://www.nzyme.org/blog/project/2024/04/02/release-v200-alpha-10

Note that the Ethernet functionality is still extremely limited!

Upgrading

If you are upgrading from a previous version, you can simply run dpkg -i on the new release packages and restart the nzyme and nzyme-tap services.

Breaking Changes

• The nzyme-tap configuration file requires the following additional configuration setting. You can leave the default settings as they are until TCP processing officially supported and you start using it.

[protocols.tcp]
pipeline_size = 16384
reassembly_buffer_size = 1048576
session_timeout_seconds = 60

Other Important Changes

• The first start of nzyme-node after the upgrade may take a little longer than usual because we added indices to some potentially large tables.

Please read the release blog post for a list of all new features and improvements.

Release blog post: https://www.nzyme.org/blog/project/2024/01/10/release-v200-alpha-9

Note that the Ethernet functionality is still extremely limited!

Upgrading

If you are upgrading from a previous version, you can simply run dpkg -i on the new release packages and restart the nzyme and nzyme-tap services.

Breaking Changes

• The WiFi SSID security suite string now includes information about protected management frame (PMF) status like CCMP-CCMP/PSK+PMF_DISABLED. You have to update the expected security suite strings in your monitored network configurations or a "Unexpected Security Suites" alert will be triggered.

Other Important Changes

• The disconnection anomaly monitor in monitored WiFi networks no longer has the "Disabled Anomaly Detection" algorithm option but follows the "enable/disable" procedure of other monitor alerts. A migration will automatically update your configuration to the new configuration method without any impact on operations.

Please read the release blog post for a list of all new features and improvements.

The next v2.0.0 alpha release, alpha.6, was just published. It comes with a lot of important improvements as well as the brand-new Context functionality.

Release blog post: https://www.nzyme.org/blog/project/2023/12/08/release-v200-alpha-6

Note that the Ethernet functionality is still extremely limited!

Upgrading

If you are upgrading from a previous version, you can simply run dpkg -i on the new release packages and restart the nzyme and nzyme-tap services.

Breaking Changes

• None

The nzyme v2.0.0 release train continues and version alpha.5 just arrived. It comes with a lot of new functionality around WiFi deauthentication/disassociation activity as well as several other improvements.

Release blog post: https://www.nzyme.org/blog/project/2023/11/04/release-v200-alpha-5

Upgrading

If you are upgrading from a previous version, you can simply run dpkg -i on the new release packages and restart the nzyme and nzyme-tap services.

Breaking Changes

• None