CyberEdge Version 0.16
0.16.5
Available 18th April, 2024
Enhancements
Feature |
Description |
|---|---|
| System | Improvements to the logging performance and memory utilisation of syslog |
| CLI | The system healthcheck CLI command has been expanded to provide additional feedback to the system administrator. More information can be found here |
| Authentication | Improvements to the Authentication system have been implemented to increase the performance of authentication session creation |
| Proxy | Improvements to proxy performance under peak load conditions |
Resolutions
Feature |
Description |
|---|---|
| Authentication | Resolved an issue where flushing the authentication groups cache did not work as intended when the associated authentication AD provider was configured to use nested groups |
| Authentication | Resolved an issue that could result in group names not being listed correctly in Authentication > Flush Auth Caches if the authentication configuration was migrated from the legacy CyberHound platform |
| Reporting | Resolved an issue with reporting event data filters that would prevent results being returned when specifying a number in some fields |
| Block Page | Resolved an issue that could result in a block pages not being displayed correctly on YouTube blocks where YouTube analytics is enabled |
| Block Page | Resolved an issue where the block page may not be shown correctly for some blocked HTTPS connections |
0.16.4
Available 6th March, 2024
Enhancements
Feature |
Description |
|---|---|
| Port Forward | Introduced warning mechanisms during the creation of port forwarding rules (DNAT) that are set up to utilize destination IP addresses not associated with any network connection |
| Reporting | The Network Administrator Report connection health components has been enhanced to add data including Timestamp, Connection Name, Event Type, and [optionally] Reason (eg. Connection reset by ISP) |
Resolutions
Feature |
Description |
|---|---|
| Proxy | Resolved an issue that could result in intermittent periods of slow internet or the possibility of loss of Internet access requiring a proxy reload (Important) |
| Proxy | Improvements to the proxy certificate generation process to reduce memory utilisation and improve the performance of serving block pages |
| YouTube Analytics | Resolved an issue that could prevent the YouTube analytics service starting correctly when first enabled |
| YouTube Analytics | Resolved an issue where the video hyperlinks in YouTube analytics results did not link to the YouTube video as intended Proxy Improvements to the proxy certificate generation process to reduce memory utilisation |
| System Updates | Resolved an issue that could cause only one node in a High Availability (HA) pair to receive updated firmware during an update |
| Content Scanning | Resolved an issue that could result in the slow performance on sites subjected to content scanning, such as Google and Bing searches |
0.16.3
Available 29th January, 2024
Enhancements
Feature |
Description |
|---|---|
| Networking | TCP MSS clamping can now be configured for PPPoE connections when there is a need for a smaller maximum segment size |
| High Availability | The procedure for joining the high availability cluster has been enhanced to improve the configuration experience for the user |
| RoamSafe VPN | RoamSafe VPN (always on vpn) now supports Microsoft Windows 10/11 |
| RoamSafe VPN | RoamSafe VPN now supports multiple VPN connections from a single source IP address. This is typically required where multiple devices behind a NAT |
| Content Scanning | Content scanning now supports group exclusions in addition to exclusions based on network criteria |
| Reporting | Minor improvements have been made to the reporting user interface to enhance usability |
| System | Improvements have been made to the CyberEdge configuration change history feature, enabling system administrators to view data over extended retention periods |
| Wonde | The synchronization time for Wonde timetable data can now be configured by the network administrator. Previously, this task was automatically scheduled to run at 12:00 AM. |
Resolutions
Feature |
Description |
|---|---|
| IPSec VPN | Resolved an issue for Internet over IPSec where the remote gateway was not recognized as available, preventing any data transmission |
| IPSec VPN | Resolved an issue that could prevent the automatic failover of Internet over IPSec connections |
| Content Scanning | Resolved an issue with Duck Duck Go and Bing instant search with content scanning and reporting |
| YouTube Analytics | Resolved an issue where involuntary ad views were being recorded, while legitimate views on some platforms were not being accurately reported |
| YouTube Analytics | Resolved an issue with the YouTube analytics service that could result in YouTube data not being enriched as expected |
| Wonde | Resolved an issue that could result in the Wonde sync with AD providers not working as intended |
| NAT | Resolved an issue with hairpin NAT affecting more traffic than is necessary |
0.16.2
Available 8th January, 2024
Enhancements
Feature |
Description |
|---|---|
| Proxy | CyberEdge now supports Upstream/Connect proxy configurations for networks that require proxy chaining to access the Internet. To configure an Upstream/Connect proxy connection go to your WAN Connection > Edit > Add Upstream proxy configuration |
| Routing | U-Turn/Hair Pin NAT has been implemented to allow internal users to reach internal hosts using the external public IP address assigned to the host |
| Routing | SNAT rules now support source and destination network (CIDR) configurations in addition to network zones and connections |
| Reporting | Enhancements to the CyberEdge reporting user interface to significantly improve the overall usability of the application |
| Reporting | The reporting application now offers a variety of pre-defined queries for each data source, facilitating quick access to commonly viewed data |
| Reporting | Users can now create and save their own reporting data queries for re-use at any time |
| Reporting | Event data can now be downloaded to CSV file from within the reporting application. Currently this is restricted to a 5000 row export |
Resolutions
Feature |
Description |
|---|---|
| Proxy | Resolved an issue with the proxy that could result in TLS Connection failures occurring on some HTTPS websites |
| Firewall | Improvements to the New Connection rate limit system (DDoS) have been implemented, enhancing the precision of connection counts to mitigate instances of incorrect IP bans |
| Authentication | Zone authentication will fall back to query by Distinguished Name in the event that no UPN data is returned by the provider (this would block providers configured as SAM or UPN) |
| Authentication | Resolved an issue with Cisco ISE Passthrough Authentication service that could prevent authentication sessions being created successfully |
0.16.1
Available 7th December, 2023
Major Enhancements
Feature |
Description |
|---|---|
| Classroom Control | CyberEdge now supports an integration with Wonde for the purpose of accessing timetabling data for use in Classroom Control. Wonde integration is accessible for Education licensed customers only |
| Classroom Control | For the CyberEdge to access timetabling data, you must complete the Wonde enrolment process. To setup Wonde integration go to LiveZone > Wonde Integration |
Enhancements
Feature |
Description |
|---|---|
| Authentication | A new Flush Group Authentication Cache option has been added allowing administrators to manually flush Microsoft AD group caches where user group changes are required to be reflected immediately. To flush group cache go to Authentication > Flush Auth Cache |
| Classroom Control | Classroom Control now supports an Allow All web filtering override option. Note, Allow All web filtering is still subject to the Classroom Control Access Policy ordering |
| Classroom Control | Within Classroom Control, “Active Lessons” has been renamed to “Today’s lessons” to provide a better experience for the user |
| Classroom Control | Manage Students popup in Classroom Control now displays all users in a joined lesson, even if that user is from a group not managed by the user |
| Classroom Control | A new permission has been added to enable access to Allow All web filtering override into Classroom Control |
| Classroom Control | When Classroom Control is enabled, the CyberEdge block page now supports the ability to enter Classroom Control join codes to access lesson content. No additional authentication steps are required |
| Permissions | User with Can administer all LiveZone lessons permission enabled can now restrict sessions in LiveZone, extend and restart lessons and show QR code within Classroom Control |
| LogViewer | Proxy logs have been extended to provide user, group and authentication provider information. In addition, the log format has been updated to improve readability |
Resolutions
Feature |
Description |
|---|---|
| IPSec VPN | Resolved an issue that could result in the IPSec Site-to-Site tunnels status page not displaying correctly |
| Classroom Control | When adding URL content into the domain field during lesson creation, the UI will now only display the matching categories of the domain being entered rather than list all categories associated to its parent category |
| LiveZone | Resolved an issue that could prevent the Certificate Check within LiveZone from correctly detecting if the HTTPS inspection certificate is installed |
| Reporting UI | Resolved an issue where NOT query filters in the reporting application was not working correctly in all cases |
| Networking | Resolved an issue where auto negotiate could be incorrectly applied on 10G network interfaces |
| Generated Reports | Resolved issue where multiple rows for the same user were being shown in the leadership report |
| Generated Reports | Resolved issue where group filters were not being applied correctly to the leadership report |
Note: - The Wonde integration and setup guide can be found here
0.16.0
Available 9th October, 2023
Major Enhancements
Feature |
Description |
|---|---|
| Classroom Control | Introduction of the new CyberEdge Classroom Control module within LiveZone, providing enhanced Internet management tools for licensed Education customers |
| Classroom Control | Classroom Control now supports L7 Applications, Web Category and Domain Overrides where permitted by an administrator |
| Classroom Control | ClassroomAPI is now available for third party applications to allow dynamic Domain Overrides of restricted content |
Enhancements
Feature |
Description |
|---|---|
| Schoolbox | CyberEdge ClassroomAPI Schoolbox lesson integration allowing dynamic Domain Overrides when accessing content from within Schoolbox |
| Permissions | New role based permissions have been added to manage access to Classroom Control |
| Content Filtering | Added support in both Youtube Restricted Mode and Safe Search configurations to allow exclusion by IP address range. To view the configuration go to Security Centre > General |
| Authentication | User authentication cache default timeout has been modified from (10mins to 60mins) to reduce load on MS Active Directory providers |
| Authentication | Users authentication session cache can now be manually refreshed by an administrator. This can be used where a users group change needs to be reflected immediately |
| Classroom Control | Backend framework for the upcoming release of CyberEdge's Wonde integration with Classroom Control |
| LiveZone | Small enhancements to the LiveZone user interface |
| IPSec VPN | IPSec VPN now supports Dynamic DNS (DDNS) which can be used where one or both sides of the IPSec tunnel utilize Dynamic IP addresses |
| System | Packet Capture files generated by the CyberEdge can now be downloaded from the Management User Interface |
| System | Performance improvements the CyberEdge HA cluster join process, reducing the time taken to create a cluster |
Resolutions
Feature |
Description |
|---|---|
| Authentication | Resolved an issue with the FortiGate Authentication Service that could prevent syslog messages being parsed correctly |
| Authentication | Resolved an issue with 802.1x auth where replies to proxied RADIUS accounting records did not include the Proxy-State attribute |