Skip to content

Controller / UI Release: 22.12 - December 15, 2022

Features

  • Discover and Deploy
    • GWLB Endpoint Discovery
    • Azure DS_V5 Instance Type
    • Terraform Data Sources
    • Gateway Auto-Update Maintenance Version
  • Security and Segmentation Policy
    • Dynamic Overlapping CIDR Policy (Gateway 22.12 or later)
    • Custom URL Response Message (Gateway 22.12 or later)
    • URL Filtering for Ingress
    • Dynamic GCP Service Endpoint Policy
    • WAF and IDS/IPS Enable/Disable Operations
  • Management
    • Log Forwarding Group
    • MS Sentinel Log Forwarding
    • MS Sentinel Alert Forwarding
  • Workflows and Usability
    • Workflow enhancements
    • Mega Menu
  • Miscellaneous
    • Performance improvements
    • Controller operation improvements
    • Bug fixes and stability improvements

Enhancements

  • Enhancement:: Updated default column display settings for Traffic Summary Logs and Security Events views. The updated defaults are a more common set of initial columns to expose to help with awareness and troubleshooting. The default columns displayed can be changed as desired.
  • Enhancement:: Adds support for Azure MS Sentinel as a destination in a Log Forwarding Profile for receiving Traffic Summary Logs and Security Events
  • Enhancement:: Adds support for viewing System Logs Details by clicking on the Date and Time, similar to other Logs and Events views
  • Enhancement:: Changed the Discovery -> Topology menu item to remove the Preview qualifier. The feature is no longer in preview.
  • Enhancement:: Added support for specifying the action to be taken for no FQDN in packet for an FQDN Filtering Profile Group. When an FQDN Filtering Profile is a member of a Group, the Group setting will take precedence over any setting specified in each of its members.
  • Enhancement:: Added a System Log error message when a Gateway delete operation failed to delete the AWS GWLB associated with the Gateway
  • Enhancement:: Adds support for onboarding the same Account/Subscription/Project more than one time. This operation requires configuration by Valtix. If required, please contact Valtix Support.
  • Enhancement: Adds support for specifying a custom HTTP message as a response to a deny of a URL Filtering Profile (requires Gateway version 22.12 or later)
  • Enhancement:: Adds support for using a URL Filtering Profile in an Ingress Policy Ruleset Rules to allow or block different URL/URIs and methods
  • Enhancement:: Adds support for disabling of Trustwave and Custom WAF Rulesets. Only one can be disabled at any given time. The CRS WAF Rulesets cannot be disabled.
  • Enhancement:: Adds support for disabling of Talos and Custom IDS/IPS Rulesets. Only one can be disabled at any given time.
  • Enhancement:: Adds support for Log Forwarding Profile Group to accommodate sending Discover and Traffic Summary Logs, and Security Events to more than one destination.
  • Enhancement:: Adds support for mega menus that are accessible from the top-level tabs (Discover, Investigate, Manage, Report) to launch into the various sub-sections that are part of the top-level tab
  • Enhancement:: Enhances the display of Address Object Groups and Standalone to show the members of the Group and the Group a member is part of
  • Enhancement:: Adds support for sending Traffic Summary Logs and Security Events to multiple destinations using a Log Forwarding Profile Group
  • Enhancement:: Adds support for using GCP Service Endpoints in an Address Object
  • Enhancement:: Adds support for displaying the use of a discovered Network ACL in a discovered Subnet
  • Enhancement:: Adds support for Azure MS Sentinel as a destination in an Alert Profile for receiving System and Audit Logs
  • Enhancement:: Adds support for configuring auto-update of Gateways through the UI. The auto-update only applies to maintenance releases and can be configured to delay the update by a certain number of days and to schedule a particular time window when the update should occur.
  • Enhancement:: Updated the toggle buttons through the UI more clearly represent the toggle operation
  • Enhancement: Adds support for protecting traffic in an AWS environment where the VPCs have overlapping CIDRs. This architecture can only be accommodated using AWS GWLB and use of Dynamic VPC Address Objects. (requires Gateway version 22.12 or later)
  • Enhancement:: Adds support for Azure DS_V5 instance types (2-core, 4-core and 8-core)
  • Enhancement:: Adds support for saving up to 10 advanced search strings for quick selection and reuse

Fixes

  • Fix: Fixes the API Key display for API Key Lifetime to include the units (days)
  • Fix: Fixes an issue where deploying a Gateway when toggling between CSP Managed and CMEK for EBS/Disk Encryption causes error when attempting to deploy a Gateway
  • Fix: Fixes an issue where the Gateway Details page does not show the GWLB Endpoints orchestrated as part of the Gateway deployment
  • Fix: Fixes an issue with the display of the Zurich Region in AWS when selecting the Region for various resources. Zurich is a new region recently added by AWS and is supported by Valtix for Ingress and Egress using NLB in distributed (Edge) deployment mode only. AWS does not support the TGW or GWLB for the Zurich region as of yet.
  • Fix: Fixes an issue where the ADMINISTRATION -> Management -> Users Details page would not close
  • Fix: Fixes an issue with the display of System and Audit Logs where the output would only display 20 entries across 2 pages
  • Fix: Fixes an issue where an empty row in an FQDN Filtering Profile group could not be deleted
  • Fix: Fixes an issue where the UI would not enforce setting an IDS/IPS Profile version when configured in manual mode
  • Fix: Fixes the error message reported when a Policy Ruleset that uses a Customer Ruleset Profiles is pushed to a Gateway that does not support Custom Rulesets
  • Fix: Fixes an issue in the Discovery for Network ACLs where the search would hard-code a To Port number that could not be changed
  • Fix: Fixes some UI issues related to the new Threat Research pages made available through three separate selections
  • Fix: Provides a display of the current Gateway version when choosing a new Gateway version during a Gateway upgrade process
  • Fix: Fixes an issue where the instance types were not properly displayed when switching between different CSPs during the Gateway creation workflow
  • Fix: Fixes an issue where the session count and session rate metrics displayed in Network Stats were showing values that were an order of magnitude greater
  • Fix: Fixes an issue where the formatting for Azure regions was displayed improperly for certain regions
  • Fix: Fixes an issue when viewing the Details of an IDS/IPS Profile where the tabs where not being displayed
  • Fix: Removed Gateway-level SNAT setting as this feature is no longer supported and has been deprecated
  • Fix: Fixes an issue where the URL Filtering configuration is not shown in the URL Filtering Details view
  • Fix: Fixes various display issues with FQDN Filtering Profile Group workflows
  • Fix: Fixes an issue where comparing previous and new configuration when applying a Policy Ruleset change was not properly displaying the changes
  • Fix: Fixes an issue where the Policy Ruleset Status could show Updating even though the Policy Ruleset has been fully updated
  • Fix: Fixes a display issue where the URL Filtering Categories configuration
  • Fix: Fixes a display issue with the WAF Profile creation page where part of the display was cut off
  • Fix: Fixes consistency issues in security Profile Details views
  • Fix: Redesign of the API Key UI page
  • Fix: Fixes an issue with the Alert page in the toolbar to not display the alerts badge when there are no new Alerts
  • Fix: Fixes an issue when clicking on the View from within a WAF or IDS/IPS Profile to launch into the Threat Research. This was launching into an old view that has been deprecated.
  • Fix: Fixes some UI-based alignment issues for Spoke VPC/VNet Protection
  • Fix: Fixes an issue with the Is Logged In view for users when a user is logged in as both SSO and Local
  • Fix: Fixes an issue where a user with RW permissions was not able to delete a Local user
  • Fix: Fixes an issue where the VPC ID column is missing in the Traffic Summary Logs view
  • Fix: Fixes various search operations in Threat Research view
  • Fix: Fixes an issue where the Address Objects that are members of an Address Object Group are not showing the Policy Rulesets that they are indirectly applied to
  • Fix: Fixes various display issues in the Discovery Summary page
  • Fix: Fixes an issue where a leading or trailing whitespace could be added to a Policy Ruleset Rule and stored in the DB resulting in issues when exporting and importing via Terraform
  • Fix: Updates to display of the WAF Profile Details page
  • Fix: Provides more tooltip information for enabling or change the settings for EBS/Disk Encryption when deploying a Gateway
  • Fix: Fixes the displayed error message when attempting to delete a VPC that has dependent resources
  • Fix: Fixes an issue where System and Audit Logs where sent as JSON encoded string rather than a first-level JSON structure
  • Fix: Fixes an issue where a user assign a Reverse Proxy Target Address Object to a Forward Proxy Policy Ruleset Rule
  • Fix: Fixes an issue where the Event JSON sent EventText as base-64 encoded instead of ASCII encoded