Skip to content

Controller / UI Release: 23.12 - December 14, 2023

Features

  • Orchestration
    • User-supplied NLB IP for Gateway creation in GCP
    • GCP health check CIDRs in datapath Firewall rule
  • Policy
    • Apply ICMP policy to Gateways across CSPs
  • Integrations
    • Multiple Syslog Servers in Log Forwarding Group
  • Usability
    • Additional fields for Filtering and Advanced Search
    • SNAT configuration display in Policy Rule Set
  • Miscellaneous
    • Performance improvements
    • Operational improvements
    • Bug fixes and stability improvements

Enhancements

  • Enhancement: Adds fields to Advanced Search that were initially not available
  • Enhancement: Enhances the Gateway creation in GCP to allow a user-provided IP resource to be used as the load balancer frontend IP. This can only be supplied when using Terraform.
  • Enhancement: Adds display of the Service Object SNAT setting in the Policy Rule Set view
  • Enhancement: Relaxes the hard requirement for a CSP to support ICMP to apply an ICMP policy to a Gateway that is deployed in that CSP. A Policy Rule Set that contains an ICMP policy can now be applied to any Gateway that resides in any CSP, whether or not the CSP supports ICMP.
  • Enhancement: Adds support for more than one Syslog Server configuration in a Log Forwarding Group
  • Enhancement: Adds GCP Health Check CIDRs when orchestrating datapath Firewall Rule

Fixes

  • Fix: Fixes an issue where the Log Forwarding Profile for Splunk was showing unreachable even though the Splunk endpoint was reachable
  • Fix: Fixes an issue where de-orchestrating an AWS Service VPC would not fully clean up all VPC resources, including the VPC itself
  • Fix: Fixes an issue where all Address Objects would be displayed when a user is creating or editing a Reverse Proxy Service Object. Only Reverse Proxy Target Address Objects are now being displayed.
  • Fix: Fixes an issue where the Controller was using an incorrect Project ID when orchestrating a Gateway into a GCP shared VPC scenario
  • Fix: Fixes an issue where the list of Address Objects was not showing in the drop down when creating or modifying a Group Address Object
  • Fix: Fixes the typeahead search for CSP Account in the create Gateway workflow
  • Fix: Fixes an issue when adding a Rule within the Policy Rule Set to improve the performance and ensure the operation is quick
  • Fix: Fixes an issue where adding an AWS Account via CDO page could result in a timeout
  • Fix: Fixes the count issue for FQDN Match and FQDN Filtering Objects. The counts were representing both types of Objects in each view.
  • Fix: Fixes various Advanced Search and Filter issues
  • Fix: Fixes an issue where deploying a Gateway into Azure when Azure has no available capacity would fail deployment and not clean up the created resources. When Azure has no capacity, it does not inhibit creating a virtual machine and its associated resources. It creates the VM, but brings up the VM in a failed state with an error message. This scenario needed to be handled in a specific way to ensure that it is recognized, the proper action is taken to clean up the resources and the user is made aware of the CSP issue through a System Log message.
  • Fix: Fixes an issue where the CSP resource and capacity information is not displayed when deploying a Gateway in Azure
  • Fix: Improves the performance of displaying the list of Rules in a Policy Rule Set
  • Fix: Fixes an issue where deleting the GCP-based CSP Account would not delete all of the inventory objects related to inventory discovery
  • Fix: Addresses an issue with Gateway instance per-zone rows that would inhibit a user from removing the first row. This only applies to scenarios where the Gateway is deployed into a user-managed VPC or VNet.
  • Fix: Fixes an issue where deploying a Gateway into GCP would not orchestrate the egress route into the orchestrated Service VPC
  • Fix: Fixes an issue where orchestrating spoke VPC protection could fail
  • Fix: Corrects an issue where the SNI and L7 DOS Profiles would not be displayed when editing a Reverse Proxy Service Object
  • Fix: Fixes an issue where a UI change operation to the Assign Public IPs settings could trigger an unnecessary blue/green Gateway replacement
  • Fix: Fixes an issue where orchestrating a Gateway into multiple GCP regions could result in a race condition that would inhibit the Gateway from becoming active
  • Fix: Fixes an issue where a new Gateway deployment would become immediately inactive due to an internal error
  • Fix: Fixes an issue where a Forwarding or Forward Proxy Policy Rule Set Rule that was created via Terraform would be displayed in the UI as a Reverse Proxy Rule
  • Fix: Fixes an issue where Rules could not be reordered when editing a Policy Rule Set
  • Fix: Fixes an issue where a Service Object that contained more than 20 rows would be accepted and pushed to the Gateway resulting in a Gateway crash. The Service Object is now limited to 20 rows. This limit validation is performed by both the Controller and Gateway.
  • Fix: Fixes an issue to ensure the Gateway Details page displays the date modified and data created times
  • Fix: Fixes an issue with proper sorting for views containing Objects and Profiles that span multiple pages
  • Fix: Improves performance of various object creation pages
  • Fix: Improves the user experience through fixes and enhancements throughout the UI
  • Fix: Ensures the user-specified time setting of Local or UTC is honored across views and persists across portal invocations. The persistence across portal invocations is achieved by storing this setting in the browser cache.
  • Fix: Fixes a UI issue where the tooltip information was missing for Custom Managed Encryption Key Gateway configuration
  • Fix: Ensures the Controller generates System Log messages when the Gateway fails to become active due to CSP errors