Session Management and Recording The new session management and recording capabilities give administrators full control and visibility over remote access. Sessions can now require explicit approval before being established, ensuring only authorized and verified activity takes place. Every session can be automatically recorded for auditing and compliance, with flexible storage options including seamless integration with S3 storage for scalable, long-term retention.
Layer 2 VPN The new on-demand Layer 2 VPN provides real-time layer 2 network access to remote resources exactly when it’s needed. A user or operator can connect to a remote network as if they were on-site, enabling seamless troubleshooting, support for SCADA or legacy protocols, and transparent access without persistent tunnels.
Improvements
Session Management Improvements Improve the session management by adding email functionality for session approvers. Other sanitization and API improvements were added.
Update Web Portal Software This update will provide enhanced RDP clipboard and file support, automatic prompting for remote desktop credentials and many more fixes and improvements.
Sync RDP Drives to S3 and Handle Deletion RDP drive files should be managed the same way as recordings — synced to S3 and cleaned up on deletion. [SB-3815]
Allow Organizations to Override S3 Settings Adds the ability for individual organizations to provide their own S3 configuration, overriding the platform-level defaults. [SB-3828]
Remove References from Non-English Translations Remove references that appear in translated UI strings that should not include them, or should be removed altogether. [SB-3842]
Suitable Error Returned When Local Network Connection Denied by ACAP When ACAP policies deny a local network connection, the system should return a meaningful error rather than failing silently. [SB-3841]
Create Report API for Switchboard Users and Permissions Adds a new Report API endpoint that lists Switchboard users alongside their assigned permissions. [SB-3826]
Hide Internal API Endpoints from Swagger UI Internally-used API endpoints should not be exposed in the public-facing Swagger UI documentation. [SB-3811]
Enable Allow Downloads/Uploads in Session Policies Adds the ability to configure download and upload permissions as part of session policies. [FE-584]
Improve Session Management and Recording Tech Docs Updates and expands technical documentation covering session management and recording functionality. [SB-3813]
Bug Fixes
EMC Routing & Firewall Fixes Fixed issues related to the restart of specific firewall and routing rules for EMC. [EMC-346]
Improve Endian Network Validation Ensure consistent Endian Network validation across all areas of the Switchboard. [SB-3779]
Resolve Endpoint SSH Compatibility Issue Fixed an issue with endpoint compatibility using Web SSH on endpoints running OpenSSH version >= 8.2 [SB-3335]
Session Management Fixes Resolved a few session management regressions involving session disconnections and terminations. [SB-3806]
Switchboard New Popup Issue Fixed an issue where a user cannot start an application after connecting to the device. [FE-579]
Resolve Sanitization Issue for OAuth Fixed an issue for OAuth providers with spaces in the name. [CORE-5819]
Resolve an issue with getStatistics API Fixed an issue with a JSON error when using this API endpoint. [SB-3775]
Resolve Authentication Daemon Sync Issue Fixed an issue regarding OpenVPN syncing as it relates to the authentication daemon. [SB-3793]
Onboarding Cleanup Fixed a minor issue regarding onboarding of existing users and the way their fields get updated. [SB-3790]
Deleted Gateways Showing on Dashboard Fixed an issue where deleted gateways can still be shown on the dashboard. [SB-3787]
Fix SMR Mailing for Root Organization SMR (Session Management Request) emails were not being handled correctly when triggered from the root organization. [SB-3809]
MongoDB Auto-Restart on Crash MongoDB was crashing without being automatically restarted. The service is now configured to restart automatically on failure. [SB-3857]
RDP Incompatibility with Ubuntu Server 2024 Fix RDP connections via Web Portal when the target machine (endpoint) is running Ubuntu Server 2024. [SB-3773]
Session Attribution Based on Device Instead of User Sessions were being attributed to organizations based on the user rather than the device, causing incorrect organization assignment. [SB-3832]
Fix Wrong API Link in Session Management Request Access Modal The Request Access modal in Session Management was referencing an incorrect API endpoint. [FE-599]
Portal Apps Unreachable with Local Network Gateway Apps become unreachable with a traceback error when the gateway has a local network configured. [SB-3843]
Traceback When Listing Sessions for Deleted Gateway Fix API traceback issue associated with listing sessions associated with a gateway that has been deleted. [SB-3831]
Disconnect Button Removes Manual Endpoint Disconnect Ability The fix for the Switchboard dashboard disconnect button inadvertently removes the ability to disconnect from a manually initiated endpoint connection when both manual and local network connections are active. [FE-596]
Suppress Disconnect Prompt on "Connect to Local Network" The disconnect-from-gateway prompt should not appear when the user initiates a local network connection. [FE-593]
Fix Materialized Connection Issue Fix for the materialized connection manager, causing connection handling regressions. [SB-3855]
ACAP Policies Blocking EMI Applied ACAP policies are incorrectly blocking EMI traffic, which should be permitted. [SB-3799]
Inconsistencies After ACAP Policy Application Applying ACAP policies results in inconsistent system state across related components. [SB-3788]
Products Affected: 4i (Edge V, XL, XL Plus)
Bug Fixes
Serial Communication Broken After Kernel Upgrade Serial communication functionality stopped working following a kernel upgrade. [EOS-2511]
Products Affected: All (4i, UTM, Switchboard)
Improvements
Upgrade Kernel to 6.6 LTS The kernel was upgraded to 6.6 LTS (Long-Term Support) which provides numerous driver, application and performance improvements. [CORE-5098]
Certificate Key Display Added a column on the Certificates page to show if the certificate has a key inside. [FE-568]
Upgrade Go to 1.24.6 Updates the Go toolchain to version 1.24.6, bringing in language improvements, standard library updates, and bug fixes. [EOS-2507]
Add Channel Configuration Override for en-client Adds the ability to override per-channel configuration settings within the Endian Network client. [ENTERPRISE-3082]
Migrate UI Packages Upgrades and migrates outdated frontend UI packages to current supported versions. [FE-520]
Upgrade tmux and Add to Appliance Updates tmux to a newer version and includes it in the appliance image. [CORE-5829]
Update Appliance Login Background Updates the background image displayed on the appliance login screen. [EOS-2527]
Bug Fixes
Fix HA issue Due to the new kernel, an issue was resolved related to HA traffic flows. [ENTERPRISE-3069]
Fix Provisioning Auto Registration Issue Resolved an issue in the auto registration timer related to provisioning an appliance. [ENTERPRISE-3055]
Fix Wizard Expiration Redirect Update the wizard redirect to use the new login and frontend pages to avoid device bricking. [ENTERPRISE-3029]
SMTP Domain Editing Issue Resolved a labeling issue when editing an SMTP domain. [FE-573]
VPN Portal Inaccessible Due to 500 Error in Cert Management The VPN portal returns a 500 internal server error caused by an issue in certificate management. [UTM-3219]
Cannot Enter /32 Subnets in VPN User Details The VPN user details form does not accept /32 subnet notation, blocking valid configurations. [FE-587]
Fix efibootmgr Recipe to Use Correct Branch The efibootmgr recipe was referencing the wrong branch, causing build failures. [EOS-2525]
Fix PV for Packages in 6.9 Package version identifiers (PV) were incorrectly set for packages in the 6.9 release. [EOS-2523]
Fix Manifest Repo References for Build System The manifest repository references for the build system layers were pointing to the wrong locations. [EOS-2529]
Fix efw-httpd Package Version The efw-httpd package version was set incorrectly and needs to be corrected. [CORE-5839]
Fix Code Tests and Linters Failing code tests and linter errors needed to be resolved to restore CI integrity. [CORE-5821]
Fix autoupdate.sh Syntax Error A syntax error in the autoupdate.sh script was causing update failures. [CORE-5760]
Bump PV for Packages Fixed in 6.8.8 for Upgrade Visibility on 6.9 Package version identifiers are bumped so that fixes backported to 6.8.8 are correctly recognized as upgrades when running 6.9. [EOS-2521]
Fix Wrong Pattern in Code An incorrect regex or matching pattern in the codebase was identified and corrected. [CORE-5823]
Fix Incorrect Coverage Number Collection Test coverage metrics were being collected incorrectly, skewing reported numbers. [CORE-5826]
Products Affected: UTM
Bug Fixes
Upgrade Bitdefender Engine to 3.10.1.346 Updates the Bitdefender antivirus engine to version 3.10.1.346, incorporating the latest threat definitions and engine improvements. [ENTERPRISE-3024]
Comments