Skip to content

Controller / UI Release: 22.02 - March 2, 2022

Features

  • Security
    • Enhanced Threat Research View
    • Client Certificate Forwarding (Mutual TLS)
    • Ingress Forwarding with SNI
    • FQDN Filtering Enhancements
  • Policy
    • Segmentation using Load Balancer Tags
  • Integrations and Exports
    • Resource Export to Terraform - Phase II
  • Miscellaneous
    • Controller Operation Improvements
    • Enhanced Troubleshooting
    • Bug Fixes and Stability Improvements
  • Public Preview
    • Enhanced Visibility Topology Dashboard

Enhancements

  • Enhancement: Enhancement: Enhanced the Threat Research table to show the Gateways where each rule associated with the Security Profile ruleset is applied
  • Enhancement: Added a CVSS ratings in Threat Research for each rule that contains a rating
  • Enhancement: Enhanced the IDS/IPS Profile Action view to show the multi-layer user override configuration using a Profile-specific Threat Research view accessible from the Profile
  • Enhancement: Added Forward and Reverse Proxy support for client certificate forwarding (mutual TLS)
  • Enhancement: Enhanced the Reverse Proxy Service Object to allow use of SNI when a decryption profile is not specified
  • Enhancement: Added an FQDN Profile Action for traffic processed by a Profile that does not have an FQDN (HTTP/S) or SNI (non-HTTP encrypted)
  • Enhancement: Added support for Load Balancer (ALBs, NLBs) User Defined Tags as part of the Src/Dest Address Object
  • Enhancement: Completed the Terraform Export capability to add the ability to export resources to Terraform for all remaining resources
  • Enhancement: Enhanced the Discovery views to add a new Topology dashboard. This is an initial release as a Public Preview where continued enhancements will come over time.
  • Enhancement: Added Src Instance Info column for all Security Event logs
  • Enhancement: Updated Valtix Controller Role (valtix-controller-role) permissions to facility better real-time inventory orchestration
  • Enhancement: Added a default private IP (RFC-1918) Address Object
  • Enhancement: Changed the default time view to 1 day for Traffic Summary and Security Events views
  • Enhancement: Changed the Destination field in a Policy Ruleset to be enabled by default
  • Enhancement: Added Src Instance Info to Event Table to retain context of what source instance is responsible for a security event
  • Enhancement: Enhanced the Inventory Search to accommodate searching across all displayed fields
  • Enhancement: Added Application ID detection for Azure PaaS services (Blob, Event Hub, MySQL)
  • Enhancement: Added a UDP Forwarding Rule in the sample Egress Policy Ruleset
  • Enhancement: Added support for creating user defined tags for Service VPC creation

Fixes

  • Fix: Fixes an issue where Gateway and CSP Account fields in Traffic Summary were not searchable using freeform search
  • Fix: Fixes an issue where a failure to create a VPC results in a rollback operation that tries to delete the VPC that wasn’t able to be created
  • Fix: Fixes an issue where the Message field in System Log is difficult to read if the message is long
  • Fix: Fixes an issue where Inventory IAM Role was required for existing AWS Accounts. The Role is required for onboarding new accounts, but it is not required for existing accounts. If the Inventory is not specified for an existing account, real-time inventory will not be enabled.
  • Fix: Fixes an issue where an IDS/IPS Event shows a URI string that is incorrect and scrambled characters
  • Fix: Fixes an issue to honor the Azure Vnet peering name length enforced by Azure to be no longer than 80 characters
  • Fix: Fixes an issue in Investigate -> Network Analytics -> Stats where the statistics could show incorrect connection rate values
  • Fix: Fixes an issue where the Policy Ruleset Description field could not be edited
  • Fix: Fixes an issue where the Top CSP Services widget in main Dashboard did not show data
  • Fix: Fixes an issue where a user with role admin_read-only modify Action for a Rule in a Policy Ruleset
  • Fix: Fixes an issue with displaying Message and Rule Content fields in Threat Research
  • Fix: Fixes an issue for Easy Setup to display success for the corresponding operation performed
  • Fix: Fixes an issue where searching on predefined values in Threat Research did not function properly
  • Fix: Fixes an issue where successfully creating or editing a Security Profile would not retain the Profile view, but rather take the user back to the Profile listing view
  • Fix: Fixes an issue in the main Dashboard view where Malicious domain categories and ports with Malicious traffic were not being properly colored (red) to signify a concern
  • Fix: Fixes an issue where initial Valtix tenant login Easy Setup view does not have a “Skip” button to bypass the setup
  • Fix: Fixes an issue with the Discovery Log display to limit to the 7-day duration which Discovery Logs are maintained
  • Fix: Fixes an issue where searching on Resource Name in Audit Logs was not possible
  • Fix: Removed “Propagated” column in Spoke VPC/Vnet protection route table orchestration
  • Fix: Fixes an issue where the Controller AWS Account was not auto-populated when onboarding a new AWS Account
  • Fix: Fixes an issue where a Gateway creation operation that references a Policy Ruleset that uses an AWS Secrets Manager stored private key that does not exist will result in the Gateway remaining in Active Pending state with no actionable error messages