Skip to content

Controller / UI Release: 22.04 - May 5, 2022

Features

  • Discovery enhancements
    • Log forwarding to SIEM
  • Investigate enhancements
    • Log search improvements
  • Manage enhancements
    • GCP Service VPC orchestration
    • GCP Spoke VPC protection orchestration
    • GCP Gateway hub mode orchestration
    • OCI Egress/East-West security (requires 22.04 Gateway)
    • Internet-based segmentation
    • Advanced security on XFF header (requires 22.04 Gateway)
  • Miscellaneous
    • Controller operational improvements
    • Bug fixes and stability improvements
  • Public Preview
    • Secure user access

Enhancements

  • Enhancement: Enhances orchestration by adding full support for orchestrating a Services VPC in GCP
  • Enhancement: Enhances OCI security by adding support for Egress / East-West protection
  • Enhancement: Enhances user-defined Action specification for Uncategorized domains in FQDN and URL Filtering Profiles
  • Enhancement: Enhances the Egress segmentation policy definition by allowing use of a pre-defined Internet Address Object (requires 22.04 or later Gateway)
  • Enhancement: Added support to display the unique Resource ID for all Valtix resources
  • Enhancement: Enhances SIEM integration by allowing forwarding of Discovery Logs (VPC Flow Logs and DNS Query Logs)
  • Enhancement: Changes the default value for Source NAT (SNAT) from disabled to enabled for a Forwarding Service Object
  • Enhancement: Adds checks for creating a Service VPC to ensure sufficient CSP resources are available for successful deployment
  • Enhancement: Adds a clipboard operator for all Gateway Instance fields in Gateway Details view
  • Enhancement: Adds support for advanced security to operate on XFF header IP information for GeoIP Address Object and Malicious IP Profile
  • Enhancement: Adds support for quick filtering on cloud platform types when selecting Accounts

Fixes

  • Fix: Fixes an issue to allow signature detection events to be filtered in Investigate logs
  • Fix: Fixes an issue where search operators were not consistent across VPC flow log searching
  • Fix: Added a Type field in Discovery and Investigate Logs to allow forwarding to a SIEM to distinguish between each
  • Fix: Fixes an issue where search operators for various numeric fields did not operate properly
  • Fix: Fixes an issue where invalid SNIs could be specified in a Service Object SNI field
  • Fix: Fixes an issue where creating a new Policy Ruleset was unable to be selected when deploying a new Gateway
  • Fix: Fixes an issue where the VPC name was missing in Discovery Topology view when filtering down to Account, Region and VPC
  • Fix: Fixes an issue where GCP Security Groups where not being updated when removed from instances or when instances were destroyed
  • Fix: Fixes an issue with VPC creation where AWS Availability Zones that do not support the Gateway instance type were able to be selected
  • Fix: Fixes an issue where more than one Forward Proxy rules for HTTP and HTTPS where allowed on the same port
  • Fix: Fixes various User-ID related issues to ensure proper operation
  • Fix: Fixes some UI-related issues when filtering on Account and Gateways for Investigate Logs/Events
  • Fix: Fixes an issue where the API engine for communicating with the CSP for orchestration would throw a fault under certain Gateway creation requests
  • Fix: Fixes issues with Tag-based searching in Inventory views
  • Fix: Fixes an issue where a WAF Profile Suppression List with many CIDRs was difficult to read
  • Fix: Fixes an issue where a Gateway could be in a constant restart state when a CA decryption profile is unintentionally specified in a Service Object
  • Fix: Fixes an issue where Tags on Azure instances could not be used when searching in Inventory views
  • Fix: Fixes an issue where the provided sample IDS/IPS Security Profile is listed as alert-only, but was not set to Alert
  • Fix: Adds UserID information in Policy Ruleset Rule Details view
  • Fix: Fixes an issue where the Subnet name was not displayed next to the Subnet ID in the Discovery Topology view
  • Fix: Fixes an issue with selecting dates when generating a new self-signed certificate
  • Fix: Added the Text field for Firewall events to enable as a column in the table view
  • Fix: Fixes an issue where searching on a Policy Name in Traffic Summary does not filter down properly to only sessions passing through the select Policy Name
  • Fix: Fixes an issue where a TLS Profile could be created with the wrong or invalid private key when using AWS KMS. The Portal now performs validation to confirm a correct private key is specified.
  • Fix: Corrects some behavioral issues with Actions buttons related to operations on various Valtix resources
  • Fix: Provides performance and behavioral improvements for Gateway auto-scaling
  • Fix: Fixes an issue where creating a Gateway in Azure in Hub mode does not assign the proper security groups
  • Fix: Ensures consistent support for the “Contains” search operator across all Search operations
  • Fix: Fixes search in Logs to allow freeform text for CVE and Event Text to quickly track down attacks
  • Fix: Fixes a title issue for a graph in CVR - Discovery Report