Enhancement: [Private Preview] Adds support for site-to-site VPN. This includes VPN tunnel configuration, including IPSec and BGP. The VPN is terminated directly on the Gateway to process and protect traffic flowing across the VPN. This enhancement requires Gateway version 24.02 or later.
Enhancement: Adds support for orchestrating route tables in Spoke VPCs and VNets to ensure traffic originating or returning from the Spoke VNet/VPC and route to the Service VPC/VNet containing the Multicloud Defense Gateway. This enhancement includes a workflow for create route tables and route entries, and associating the route tables with Subnets.
Enhancement: Adds support for cross-Subscription Spoke VNet protection by orchestrating Spoke VNet Peering to route traffic from the Spoke VNet to the Services VNet containing Multicloud Defense. This ensures the orchestration in Azure is parity with similar orchestrations in AWS and GCP.
Enhancement: Adds support for orchestrating the Security Group / Network Security Group / Firewall Rules CIDRs related to health checks from the CSP Load Balancer (Azure, GCP, OCI) or Heath Check Service (GCP)
Enhancement: Adds support for enabling and disabling SSH from the Gateway Details page to accommodate reverse SSH using Teleport. Requires Gateway version 23.10 or later, which supports Teleport integration.
Enhancement: Adds support for upgrading the Gateway from the Gateway Details page
Enhancement: Adds the ability to cancel (abort) a Gateway upgrade
Enhancement: Reduces the disk size for all instances in all CSPs from 256GB to 128GB
Enhancement: Adds support to dynamically track changes to certificate objects where the private key is stored in the CSP and retrieved by the Gateway. When changes take place to the CSP resource, the Controller will instruct the Gateway to reread the private key from the CSP resource to ensure that it is accessible and the updated content is used. If there are any issues with accessing the certificate, a System Log message will be generated.
Enhancement: When selecting a Region for Gateway deployment, a Region friendly name should be displayed for all Regions along with the true Region name (lowercase name). This enhancement ensures that all Regions are displayed with both the friendly and true Region names.
Enhancement: Adds support for configuring the Controller to integrate with Azure Active Directory for authentication. Azure AD is a FedRAMP compliant SAML. This effort is part of the longer term objective for Multicloud Defense to be fully FedRAMP high compliance and certified.
Enhancement: Improves performance of various resource view pages to reduce number of API calls and improve overall load times
Enhancement: Adds pagination support for Traffic Summary page to improve performance
Enhancement: Adds pagination support for Stats page to improve performance
Fix: Fixes an issue where the Inventory/Discovery views would not display asset information if the Region does not include a Gateway deployment
Fix: Fixes an issue where deployment of an Ingress Gateway Azure would not be successful if the Ingress Policy Rule Set is empty
Fix: Fixes an issue where Log Forwarding to an S3 bucket would not work if the Log Forward Profile is used in a Group Log Forwarding Profile
Fix: Fixes an issue where deleting the Gateway from the UI does not fully delete the Gateway on the backend inhibiting deploying a replacement Gateway with the same name
Fix: Fixes an issue where disabling assign public IP addresses for a Gateway deployed in Azure performs a blue/green Gateway replacement, but does still assigns public IPs
Fix: Fixes an issue where the first Category / FQDN Row of an FQDN Filter Profile could not be deleted
Fix: Fixes an issue to ensure the Gateway names in the Gateway Filter are sorted alphabetically
Fix: Fixes an issue with export to Terraform for Account and Gateway resources where the resulting exported Terraform was empty
Fix: Fixes an issue where the Policy Rule Set Status would show as Updating even though the Gateway Policy Status is shown as Updated
Fix: Fixes an issue where a scale out would be unsuccessful due to a health check failure even though the instance is healthy
Fix: Changes the Health Check unhealthy time period to 120 seconds. When a new Gateway is deployed, the Load Balancer heath check or health check service will be orchestrated to evaluate an instance health over a 2 minute (120 second) period. The previous orchestration would evaluate over a 20 second period.
Fix: Fixes an issue to ensure the time zone select defaults to Local rather than UTC
Fix: Fixes an issue in the Stats page where CPU metric was always showing an order of magnitude less than what should be shown
Fix: Fixes an issue with deleting a Spoke VPC peering in GCP where the Spoke VPC would not be deleted. This issue occurs only when the VPC ID was used instead of the self-link.
Fix: Fixes consistency issues with the display of Last Modified information across resources
Fix: Fixes various UI-related resource links where the link would not redirect to the linked resource
Fix: Fixes various UI-related issues related to advanced search
Fix: Fixes various UI workflows to ensure proper behavior