Portal v4.11.0-v4.13.x

Zorus Portal Release Notes for version 4.11.0 through 4.13.X

v4.13.1 - June 6, 2024

Upcoming New Features

  • Partner APIs: Implementing essential backend modifications to enable API access later this month

Interface Improvements

  • Mandatory MFA Enhancements
    • Added the ability to bulk enforce MFA or change MFA methods across users from the User Management page
    • Revamped My Account tabs and improved user management of MFA settings
    • Implemented lockouts for failed password or MFA code attempts
    • Added a setup code copy option on the Authenticator App configuration page for cases when the QR code cannot be used
    • Included an "About this Page" help link on the User Management and My Account pages
  • ZNS Network Filtering Billing Modifications
    • Set Query per Seat limit to 150,000 Queries Per Month (QPM)
    • Implemented automatic seat increment based on QPM consumption, with detailed audit logging
    • Enabled allocation of seats below 5 for failover networks
    • Removed the ability to delete a Network WAN if it was active in the current month
  • Miscellaneous Enhancements
    • Removed the Active Directory Sync tab from the Customer Settings options
    • Added License ID to the Endpoint Traffic Logs CSV export
    • Enhanced Endpoint selectors with the ability to search for logged-on usernames

Bug Fixes

  • Fixed an issue where password complexity requirements were not properly enforced by the API
  • Fixed an issue where the Log Level showed "Unknown" instead of "Debug" on fresh installation of the agent
  • Fixed an issue where users were unable to search for an Endpoint in the Traffic Logs or the Report Manager
  • Fixed an issue where "Browse > Endpoints > Go To Traffic Logs" did not pre-populate the selectors
  • Fixed an issue where Unblock Requests could not be viewed in the navigation with Customer Configuration permission
  • Fixed an issue where that allowed Guest Users to have multiple customer assignments simultaneously
  • Fixed an issue where changing MFA options could result in an incorrect configuration type at the subsequent login

Dad Joke

Why did the artist go broke? Because he didn't have enough Monet!

v4.13.0 - May 16, 2024

New Features

  • Introducing Administrative Enforced Multi-factor Authentication! Now, easily mandate and track MFA requirements for each user with ease
    • Added MFA support options for Authentication Apps and Email, alongside Authy. Stay tuned for the Bulk Action feature in the next release
    • Added a new grid column to the User Management table, providing instant visibility into the current MFA status of users
  • User Management just got a major upgrade! Get ready for the all-new User Management Add/Edit screens, optimized for seamless permission management and enhanced usability

Interface Improvements

  • Deployments surpassing 75% will now only show warnings on the Billing page. However, the 'Overdeployed' banner for deployments over 100% will still show on every page
  • Enhanced password complexity requirements for increased security for both new and existing users during password changes
  • Added warning message to highlight that whitelisting websites in a Policy bypasses all security and threat protection measures
  • Active Directory Sync Plugin has reached its end of life and is no longer available for new installations. It has been removed from the Download Center
  • Introduced CyberSight Bundle package available for purchase in GBP and Euro currencies
  • Implemented currency support on Billing Seat Management and Invoice pages, ensuring the display of the correct currency based on user settings
  • Added hover hyperlink functionality to Customer names on Browse: Endpoints and Customer grids for quick access and navigation
  • Backend enhancements made to Customer Group architecture in preparation for upcoming API integration

Bugfixes

  • Fixed an issue where the CyberSight: Endpoint selector would not load for customers with a large number of endpoints at one site
  • Fixed an issue where the WAN selector in Network Logs was not alphabetically ordered
  • Fixed an issue where the Browse: Endpoint selector was not sorted in alphabetical order
  • Fixed an issue where the Unblock Request page would load for users assigned a customer with zero permissions applied
  • Fixed an issue where the "Go to Data" on Endpoint Traffic Logs report routed you to Customers instead of Browse: Traffic Logs
  • Fixed an issue where Report History: Export to CSV exported as .txt instead of .csv
  • Fixed an issue where a Customer that had an Isolation Session at any point could not be deleted
  • Fixed an issue where deleting a Customer that was integrated with PSA would break the integration page

Dad Joke

Why did the computer break up with the internet? There was no connection.

v4.12.1 - May 1, 2024

Interface Improvements

  • Updated all "Create Customer" paths to align with upcoming Partner-facing APIs
  • Implemented functionality to import/export Allowed Addresses for Isolation
  • Enhanced Active Isolation tab to allow direct device isolation
  • Introduced bulk device isolation feature accessible from the Browse: Endpoints section
  • Improved Save/Discard changes process for the revamped White Labeling page
  • Implemented restriction on running duplicate report requests while a previous one is in progress
  • Disabled CyberSight activation when no CyberSight seats are available on the account
  • Clarified the text regarding service stop prevention to specify it applies to administrators only
  • Adjusted Traffic Logs to reset to Page 1 upon Quick Filter switches

Bugfixes

  • Fixed an issue where users could alter permissions via direct URL paths in user management

Dad Joke

Wimbledon will now offer 'quiet' tennis for those with noise sensitivity. Same game but without the racket.

v4.12.0 - April 18, 2024

New Features

  • Introducing Smart Logs! Explore what occurred 5-15 seconds before and after when filtering for a specific event or encountering a blocked page. This feature provides essential context for diagnostics and timeline analysis at the click of a button, making it particularly valuable for understanding obscure website unblock requests and user activity leading up to the event
    • Traffic Logs: Effortlessly grasp contextual events by swiftly activating Smart Logs from the hover options of filtered or searched events in Traffic Logs
    • Unblock Requests: Review events surrounding the block event to determine the root cause swiftly. Quickly discern whether the request should be allowed or denied
      • Note: Depending on when the user submitted the Unblock Request, viewing the Full Log may be necessary. This action jumps you from the Smart Logs modal to the 15-minute period when the request occurred
    • Smart Logs incorporates our latest feature of CyberSight Full URL records, enhancing its capabilities for comprehensive activity monitoring
  • Zero Trust Device Isolation Manual Override Passphrase: Set a passphrase when isolating a device that enables you to release isolation locally if the device loses connectivity to allowed inbound and outbound addresses. It's a convenient way to release devices that can't access needed resources without on-site intervention.
    • Set Passphrase: The passphrase can either be automatically generated by the system or manually set at time of isolating the device
    • Retrieve Passphrase: Portal users can retrieve the passphrase either from the Endpoint grid or the newly introduced Isolation Activity page
    • Release Isolation Locally: End users enter passphrase on Web Access Restricted page to bypass device isolation locally. Note: Requires Agent v4.2.1.0+ (coming soon!)

Interface Improvements

  • Created new 'Service Center' option in the navigation menu for agents, which includes features for handling Unblock Requests and Isolation Activity
  • Added Isolation Activity pages to consolidate active isolation session management and history in one place
  • Improved the performance of data queries for interactive dashboards, including Customer Overview, CyberSight Overview, and CyberSight Weekly Activity
  • Modernized the White Labeling page layout and updated the text to clarify available option sets

Bugfixes

  • Fixed an issue where the Billing page would become unresponsive, displaying 'Saving Subscription' indefinitely when an account is more than 1 month overdue, preventing the update of the payment on file
  • Fixed an issue where legacy Partners were incorrectly billed for previously licensed CyberSight seats at list price during any billing update because the previously licensed seats were not zeroed out prior to deletion

Dad Joke

I hired a handyman and gave him a to-do list. When I got home only items 1, 3, and 5 got done. Turns out he only does odd jobs.

v4.11.0 - April 3, 2024

New Features

  • Introducing Full URL Context in Traffic Logs: Utilize the CyberSight Browser Extension to gain precise visibility into the websites accessed by users, enhancing troubleshooting and security forensics in incident response
    • Traffic Logs Toggle: Enable or disable Full URLs in your Traffic Logs, including Quick Filter searches. (Requires CyberSight Browser Extension installation)
    • Export to CSV: Full URL records from CyberSight are seamlessly integrated into your Traffic Logs export, labeled as Event: CyberSight; Allow/Block: URL Event
    • Use Cases:
      • Troubleshooting: Identify and address issues like broken links or slow-loading pages swiftly by pinpointing the exact paths users took, facilitating the determination of root causes
      • Context: Enhance incident response forensics by tracing user paths through websites, aiding in the identification of malicious domains or resources. Gain a clearer understanding of the incident's scope, attack vectors, and implement effective countermeasures to mitigate future risks

Interface Improvements

  • Added ability to report miscategorized websites directly from the Unblock Requests Active grid
  • Added column to view Unblock Request actor details conveniently in the History grid
  • Further optimized performance on the Browse menu, particularly for larger accounts

Bugfixes

  • Fixed an issue where Allowed Addresses were not updating if the Endpoint was in active Isolation mode
  • Fixed an issue where Unblock Request Date/Time stamp was not sorting properly
  • Fixed an issue where deleting an Endpoint would not release the license back to the available seat count

Dad Joke

Dad, can you tell me what a solar eclipse is? No sun.