Teclib at NetEye User Group 2023 event in Germany!

We’re excited to share our experience from participation in the NetEye User Group event, which was organised by Teclib´ Gold partner in Germany Wüerth Phoenix on the 21st of September in Nuremberg. It was a day full of learning, networking, and, of course, fun! 

The program of the event included several speakers: 

  • Christoph Holz and his inspiring presentation about the profound changes that digital disruption is bringing to our working world.
  • Georg Kostner, Reinhold Trocker and Tobias Goller from the NetEye team and their valuable insights into the future development strategy in the areas of observability, AIOps, SIEM and network monitoring.
  • Gerfried Schweiger and Rainer Winter and  their insightful reports.
  • Thomas Edelmann and the team at agilimo Consulting, who highlighted the importance of SIEM technologies for the smooth running of a SOC. 
  • Wirk Römmelt from XM Cyber and his impressive insight into an attacker’s perspective and the explanation of automated cybersecurity defense through Attack Path Management.
  • Anna Kostrzewska (Channel Manager Teclib)  and Polina Marishicheva (Marketing & Communications manager at Teclib) with GLPI presentation. 

All slides are available in .PDF format on the website of the event: https://gravitate.eu/neteye-user-group/ 

Teclib was invited to talk about GLPI – the presentation was titled  “From Good to Great: GLPI’s Latest Enhancements in Asset Management and Ticketing – Achieving ITIL Compliance with Unified Monitoring Synergy”  and was a celebration of GLPI’s remarkable journey over the past 20 years. 

One of the standout features of GLPI is its ability to offer a wide range of functionalities within a single platform. Whether it’s asset management, ticketing, or user management, GLPI brings all these features together seamlessly.

The presentation also highlighted the platform’s commitment to improving, and staying at the forefront of IT asset management and ticketing solutions. Teclib’s role as the official editor of GLPI was acknowledged as a growing factor in this journey, emphasising the importance of collaboration, community, and open source in the world of IT management.

GLPI is constantly evolving, and the audience got a glimpse of what’s in store for the future. The commitment to staying up-to-date with industry trends is one of the priorities, we were happy to share work in progress. 

Teclib and Würth Phoenix are forging a strong partnership aimed at advancing open-source collaboration through the integration of GLPI into NetEye, creating an integrated unified system platform.

 This collaborative effort operates on several key fronts, including Research and Development, where both teams pool their expertise to improve the capabilities of NetEye. 

Additionally, the partnership places a significant emphasis on Security with a DevSecOps approach, ensuring that the integrated solution maintains the highest levels of data protection and resilience. Furthermore, their joint Customer Service Support and Delivery – Consultancy efforts ensure that clients receive appropriate  assistance and consulting services throughout their journey with the integrated NetEye platform. 

Users have the option to enhance their NetEye subscriptions by incorporating GLPI on-prem subscriptions, providing a comprehensive view of the extensive value-added services available within the integrated NetEye ecosystem.

With the support of its dedicated community and official partners GLPI is well-equipped to continue its journey from good to great in the world of IT asset management and ticketing.

GLPI 10.0.9

Following the last releases of 10.0.8, a few annoying issues has been detected:

  • Update script uses a SQL function incompatible with MySQL 5.7 (#15141)
  • Private follow-ups and tasks are invisible to users with appropriate rights (#15128)

In the same time, a moderate security advisory has been reported (SQL injection in dashboard administration – CVE-2023-37278) and fixed in this release.

We released a new version to address these bugs, you can download the GLPI 10.0.9 archive on GitHub.

Formcreator 2.13.6

This version is compatible with GLPI 10.0.

⚠️ This release contains a fix which solves loss of file uploads when a validator edits the requester’s answers before approval. This fix requires a patch for GLPI 10.0.7 or older. It is recommended to apply it. The patch is available here.

⚠️ This release contains a fix to prevent multiple form submission, causing requesters to submit several times their request. This fix depends on an other fix in GLPI 10.0.7 or older available here.

Full changelog and download: click here

New Silver partner in Mexico: Global Soft

We are happy to announce our new Silver partner in Mexico – Global Soft.
Company was created in 2007 in the city of Tabasco, the first mission was to manage the HR system for the oil industry. 

Later in 2008 they acquired a new competence, web services development, pentaho reports, Jasper reports, billing and ERP among others, and started the first phase of Framework.

In 2009 they closed projects in different states of the southeast region, D.F. , Monterrey and abroad. In 2010 moved to Monterrey and partnered with Getecsa, expanding into Latin America.

Two years later, Global Soft created the support centre: started product assurance area,  implemented Oracle times, Ten, BDD, Apex, Net Framework, Global Soft flow control, Microsoft Dynamics.

After that they renewed the mission, business strategy and image, acquiring new knowledge. Global Soft has consolidated itself as a custom software development company, based on free software solutions which currently supports clients with more than 300 development projects, apps and consulting.

Website: ​​https://bit.ly/43okoiu 

We are excited that the GLPI ITSM solution is becoming more and more represented all over the world and GLPI Network (our support offer for on-premises – get your IT Infrastructure secured) subscription service will be available for more customers through our new partners.

Our large partnership network is always open for new collaborations. If you are interested in representing one of our products in your country, get in touch with us: https://glpi-project.org/contact_us/

Being a partner means:

  • Having an a direct access to the Teclib´s tech expertise;
  • Get special discounts;
  • Access official support,
  • Many other tools which will help you to gain more customers and increase reputation on the market by adding open source ITSM to your portfolio.

Discover all benefits of being a partner here: https://glpi-project.org/partners/

GLPI news and work in progress (Fall 2022). 

The presentation is hosted by Alexandre Delaunay, in charge of the GLPI development team and the product owner for GLPI. 

In this video he talks about roadmap and some features development team wants in GLPI for the next major version. Here is the transcription:  

“To keep the presentation short, we will discuss only about: 

Major topics 

Or very graphical ones 

And I would like to insist on the fact that there is no promises of time regarding the delivery.  

We will try our best to add the features, but in function of how the year will go, some will be OK, others not.  

  1. Assets genericity. 

Now, we have in our marketplace 2 plugins to address generic adds: 

– Genericobject 

– Fields 

We want to add the possibility to let you customize each type of objects displayed in the Assets menu (at first). 

The first part of that is to let you define your types. 

We will provide a list of predefined types matching the current assets list and let you add new ones if you want. Like servers in addition to desktop or laptop computers. Or to do something completely different from IT management, e.g: cars, desks, etc. 

Some of the current types will still be not removable like Software, Rack, Cable, Cartridge and Consumable. The reason is their behavior, or their presentation differs from other assets. 

You will still be able to disable these if you want but deletion will be impossible. 

So, GENERICITY covers the creation of new asset types. 

  1. Assets composition 

In addition, on the same setup page, you will be able to define which capacity an asset type use. 

E.g. contracts, management, etc., COMPOSITION of an asset type, with some checkboxes to select capacities. 

This permits you to remove or add tabs to the object. 

Or if an object can be inventoried by an agent.

  1. GLPI Agent 

Let us talk a little about features related to the GLPI inventory agent. 

Remote inventory reminder. 

Before talking about roadmap, let us do a quick reminder about remote inventory feature 

This is a task you can set up for an agent to let it query other computers on your network to construct an inventory file for each. 

The single agent will aggregate all inventory files and send them in one pass to the inventory API of GLPI. 

So, the main purpose is to have only one deployed agent. 

We use SSH and WinRM protocols to achieve that.  

GLPI Agent – Roadmap (1/2). 

The first point we want to improve is to ease the inventory process of your network. 

We currently have two tasks: 

– discover which “ping” addresses in an IP range 

– network inventory, which takes the result of the discovery to do a full SNMP inventory for network equipment and printers. 

We will change the process, by: 

– adding remote inventory of COMPUTERS 

– and let discovery task directly doing a FULL inventory if it knows the type of the remote device. A SNMP query for network equipment, SSH or WinRm queries for computers. 

With one unified task and one setup, we aim to let you discover all your network devices. 

The two last bullet points describe things required by unified discovery. The new toolbox UI will receive forms: 

– to plan tasks for the agent. 

– to save credentials, like SNMP community, login password couple for Windows domain or public key for a SSH connection. In summary, any information to let the agent connect to a remote device. 

GLPI Agent – Roadmap (2/2) 

We thought about rewriting a large part of the agents, and we shortlisted Golang for that. 

The fact the agent is written with the language PERL. 

Recently, finding developers comfortable with this language has been hard. 

We will try a prototype within the year to measure our capacity to switch to this new language. 

We plan also to enforce exchange between agents and backend by adding authentication and registration flows. This will be recommended but you will be able to do simple exchanges if you prefer. 

And we still need to redo all forms to drive remotely the agent in GLPI UI. 

This is still planned. 

  1. GLPI  

Let us talk a bit about features related to the GLPI web application. 

High-level API (1/2) 

Firstly, we will add a new API, again. 

We observe that, despite the old one permits more usage, due to its low-level connection with the framework, it is hard to maintain its stability and avoid regression. 

We maintain an interface to address depreciation for this previous API, but it is getting harder and harder to do. 

So, a new API connected to a higher level with stabilized endpoints and parameters. 

And we took advantage to add some comfort features: 

– we have a dedicated UI based on Swagger UI to ease discovering and testing endpoints and their parameters 

– we also use RSQL, a common Query language for filtering API. 

High-level API (2/2) 

For the second slide, you can see in action a GET request to list users in GLPI database. 

  1. DCIM 

 We want to extend the datacenter features in the next version. Mainly about adding graphical views. 

DCIM – Network equipment’s panels 

 The first and the simpler one is graphical panel for network ports list in equipment forms. 

We will take the front and rear pictures defined in the model of the equipment and display them above the ports list. 

The user will get information about each port directly on the picture panel by hovering them. 

A single click on a port will scroll the page to the good line to get more information. 

In the model setup, you will have a new tab to draw each port’s position. 

DCIM – Graphical enclosures (1/2) 

In the same way, slots of an enclosure can be drawn and indexed to indicate to GLPI where sub items can be placed. 

DCIM – Graphical enclosures (2/2) 

On a rack view where an enclosure is inserted, instead of a single blank rectangle, slots will be displayed and usual controls available, like hovering or clicking to get more information. 

DCIM – Graphical connections 

Finally, for DCIM part, we will try to add some representation for network or power connections. 

The goal is to get links between equipment. 

This is early to talk about this, we have short specifications for this, and it requires more research to find a library, for example. 

Keep in mind the current screenshot does not represent any existing development. 

  1. Misc 

Workflows – Processes 

We have a functional prototype for this. 

A new view to let GLPI administrator’s set up their business processes. 

With steps, transitions, conditions and actions, a full toolkit to describe a full workflow. 

This aims to replace legacy rules. 

And for a start, it will be available for assistance objects like tickets or change. 

Nutanix inventory import 

 Another development currently in alpha is the connector to Nutanix API to get: 

– Clusters 

– Hosts 

– Virtual machines 

– Disks 

The module parses the distant API and sends them to the native inventory API of GLPI. 

The merger with existing devices is done with the rule engine as usual. 

SCIM 

 Another connector, GLPI will serve a SCIM endpoint for your Microsoft Azure instance. 

This protocol pushes changes of users from the directory to connected application. 

So instead of synchronizing the whole user’s database and matching everyone, any change in the directory will be immediately pushed to GLPI. 

  1. Security 

Now, a security feature, two factors authentication! 

Administrators can enforce users’ logins in the security setup to ask them to register an external application like Google Authenticator or Authy. 

Security – 2 factors (2/2) 

After a successful login, a new field will appear asking users to paste a pin code from the authentication application. 

Security – Oauth Server 

We will add an Oauth server to GLPI for 2 purposes: 

– connect applications to GLPI to delegate the login feature and identity management 

– secure our several API like inventory one or the general purpose one. 

Security – misc 

– Vulnerabilities management 

– Scanners integration (vuls, tsunamin) 

– CVE matching 

Some various points: 

In the management menu, a new entry to list vulnerabilities. 

The goal is, with the help of external scanners, like vuls or tsnunamin, as well as some API to get CVE and match them to known software’s to see if a host has some security vulnerabilities. 

Some dashboard cards and alerts will also be added to enhance reporting about this subject. 

Technical changes 

– Web root for the application will be `/public` 

– continue work on twig (removing legacy echo) 

– removal of legacy auto escaping 

– modularization of critical features 

– e-charts lib for dashboards 

Last slide to tell you we continue to improve the core of GLPI. 

The most impactful for you will be the move of the web root of the application. 

Now, it will be a sub-folder named /public. 

Thereby, all other sub-folders (like files for example) will not be available on the web when the webserver is not well set up. 

The next point is legacy codebase we need to clean. 

And to finish, we moved to a new charting library called e-charts. 

It is simpler to use on our side and you appreciate the new colors and its interactivity. 

Timeline? 

– Currently, finish stabilize 10.0 version 

– End of 2023, beta of next major version 

We are still working on bugfixing the 10 version. This last brought substantial changes, especially on the assistance part. 

But we aim to work on the incoming yearly results fully on the latest version.