Skip to content

Controller / UI Release: 22.08 - September 7, 2022

Features

  • Orchestration and Integration
    • Log Forwarding to S3 Bucket
  • Security and Segmentation Policy
    • TLS minimum version restriction
    • TCP Reset on Deny for all Security Profiles
  • Miscellaneous
    • Performance Improvements
    • Controller Operation Improvements
    • Bug fixes and stability Improvements

Enhancements

  • Enhancement: Provides support for limiting TLS to a minimum version. IMPORTANT: The same minimum version must be used consistently throughout the Policy Rules associated with a Policy Ruleset (Standalone or Group). Otherwise the minimum version applied cannot be predetermined.
  • Enhancement: Adds support for forwarding Events/Logs to an S3 Bucket using a Log Forwarding Profile
  • Enhancement: Adds TCP Reset on Deny support for all Security Profiles applicable to Forwarding Rules
  • Enhancement: Adds support for changing the selection for default Cipher Suites in a Decryption Profile
  • Enhancement: Enhances the Gateway auto-scaling behavior for memory-related scale in and scale out demands
  • Enhancement: Adds a custom time range selector in the Investigate -> Network Analytics -> Stats page
  • Enhancement: Adds a filter capability for Enable Traffic Visibility workflow to prune down list of VPCs/VNets

Fixes

  • Fix: Fixes an issue related to an operation in the Topology view that could cause the UI to produce a fault
  • Fix: Fixes an issue related to display of management subnet when deploying a Gateway in GCP
  • Fix: Fixes an issue where all Spoke VPCs could not be selected in Manage Spoke VPCs table
  • Fix: Fixes an issue where the us of an internal ALB for a Reverse Proxy Target Address Object would throw an error during configuration
  • Fix: Fixes an issue with Audit Log display when the query to the Controller results Audit Log messages that are large in size
  • Fix: Makes the FQDN and URL Filtering Profile more intuitive when adding new rows
  • Fix: Added validation to ensure FQDN and URL Filtering Profile limits are validated during configuration and save operations
  • Fix: Fixes a display issue with Traffic Summary Logs where the Inbound connection for an Ingress session shows as East/West
  • Fix: Fixes an issue where spaces where leading and trailing spaces were allowed in Policy Ruleset Rule names
  • Fix: Fixes display issues in Dashboard related to Security Consideration information
  • Fix: Fixes a display issue for External ID instructions when onboarding an AWS account
  • Fix: Fixes an issue where a change to the Packet Capture Profile assignment to an Active Gateway would not trigger a change
  • Fix: Fixes a display issue with Policy Ruleset selection when deploying a Gateway
  • Fix: Removes the display of Availability Zone information when creating a Service VNet in an Azure Region that does not have any Availability Zones
  • Fix: Fixes issues related to advanced search string specification in Logs and Events
  • Fix: Fixes an issue where the advanced search would not accept a valid search string
  • Fix: Fixes an issue with the time required to update a Policy Ruleset to very large Gateway deployments
  • Fix: Fixes various Policy Ruleset checkbox UI visual issues
  • Fix: Fixes an issue when deploying a Gateway into GCP where the Gateway uses Tags with spaces
  • Fix: Fixes various Policy Ruleset Group compatibility issues when the Policy Ruleset group is applied to multiple Gateways running different versions
  • Fix: Fixes an issue where a Policy Ruleset name is changed, but does not take effect
  • Fix: Fixes a display issue for a Service Object Details view to contain the proper table title for the configured services
  • Fix: Removes the ECDHE-RSA-AES256-SHA as a default selected Cipher Suite
  • Fix: Fixes an issue where the Connections Rate in Network States graph view was shown incorrect values
  • Fix: Adds user input to confirm changing the Policy Ruleset for an active Gateway
  • Fix: Fixes an issue where deployment of a Gateway into a NAT Gateway-enabled Service VPC would be incorrectly blocked due to EIP limits
  • Fix: Fixes an issue where the UI would not allow an empty IP/CIDR/FQDN for Source / Dest Address Object
  • Fix: Fixes an issue where URL Filtering Profile rule values could not be modified
  • Fix: Fixes various UI issues related to Tags, Resource Groups and VPC/VNet within the Topology View
  • Fix: Fixes an issue where the Security Group matching expression was not being shown in a dynamic Address Object
  • Fix: Changes the display icon used to show/hide password field
  • Fix: Fixes an issue where the TGW name was not being pre-populated when creating a Service VPC
  • Fix: Fixes an issue where refreshing the Address Object would not refresh the sub-Objects
  • Fix: Removes the Gateway-level SNAT configuration when deploying a Gateway in GCP. This feature has been deprecated.