Early Preview Features

• Managed Service Provider (MSP) console:

• New console for MSP admins to manage their customer orgs as well as admins to their customer orgs.

Enhancements & Updates

• Kubernetes config file now updates by default:

• By default, Banyan’s desktop app updates (instead of regenerates) the kube config file when end users connect to a Kubernetes service, retaining previous configuration used by kubectl.

Bug Fixes

• Connection test was failing for hosted web services with capitalized Access Tier names.

• Okta group name was preventing services from publishing to end users.

Generally Available Features

• App-based routing for Service Tunnel:

• Admins can now configure specific apps to tunnel through or block from their Service Tunnels.

Early Preview Features

• Security Actions for Public Apps:

• Discovered public apps now offer guidance on Security Actions admins can take; Security Actions are specific to the app.

• Security Actions include guidance on configuring ITP policies, DLP policies, Banyan IDP federation, and routing via Service Tunnel.

• AI-Assisted Admin Search:

• Admins can now use Banyan’s AI-assisted admin search in the Command Center to perform quick searches related to the Banyan product.
• This feature leverages a large-language model (LLM) trained to Banyan’s documentation and website.

Enhancements & Updates

• Let’s Encrypt Wildcard Support:

• Admins can now protect multiple hosted websites with a single wildcard Let’s Encrypt certificate, procured and managed by Banyan.

• Terraform Import Tool:

• A command-line utility that allows admins to import existing resources from the Banyan API and generate Terraform configuration files for managing those resources.
• This tool simplifies the process of managing Banyan resources through Terraform, making it easier for admins to automate infrastructure setup.

Bug Fixes

• (Discover Public Resources) Accessing the same FQDN resource using a second Service Tunnel was not updating the tunnel information on the list page or in the “Last Reported” status.

• The admin-server did not have access to the http proxy on the user context for the desktop app. The app now supports HTTP proxy setting consistently across app components (including the admin server).

• dns-names was failing to update when the user changed the URL or cloned a service; now, if dns-names matches the spec, it will update accordingly.

Generally Available Features

• Private Resource discovery:

  • Admins can now view a comprehensive list of private resources (including domain name, IP address, and port) accessed via Service Tunnel by users in their orgs.

• Zero Touch install for Chrome Browser Extension:

  • Banyan now supports zero touch installation for the new Chrome Browser extension.

Enhancements & Updates

• Refreshed TrustScoring on reawakening devices:

  • Trust Levels are now refreshed when devices reawaken from sleep.
  • Trust factors are sent as soon as the device reawakens.

Early Preview Features

• Chrome Version Trust Factor (for Banyan Chrome Extension):

  • Banyan’s Chrome Version Trust Factor is designed to help admins keep their end users’ devices on the latest Chrome browser versions, to reduce security risk and protect resources.
  • This Trust Factor assesses whether the device’s Chrome version is equal to the admin-configured version.

Enhancements & Updates

• Trust Scoring and Internet Threat Protection (ITP) without the desktop app running:

  • Banyan’s Trust Scoring and ITP policies now work without requiring end users to run their desktop apps.

• Authorized Connection events were removed from hosted web services in Netagent.

• Support for non-standard websockets (like socket.io), enabled through a new API option:

  • Set enable_websocket_duplex to true via Access Tier’s local config API call (PUT).

Bug Fixes

• [Resolved] End users were receiving a ‘Could not fetch devices’ error when switching networks on the desktop app.
• [Resolved] Access Tiers were collecting stale certificates from outdated services.
• [Resolved] Admins were unable to view or access select policies.
• [Resolved] Command Center does not show API key (mdm_config) after using patch API (/v2/orgs/{id}/mdm_config) to update fields.

Generally Available Features

• Netagent Health Check:

  • New health check endpoint that provides a real time indicator for the status for the Netagent and preliminary stats that can be used to evaluate performance.

Enhancements & Updates

• Session Expiration Timer

  • Renew your session early to avoid losing work due to expiration.

• Added Trust Factor information in Log Events

  • View passed and failed trust factors in each Trust scoring log event

Generally Available Features

• Service Tunnel Active Connections:

  • Admins can view how many users are actively connected to a given Service Tunnel via the Command Center. Device details, including OS, Trust Level, associated Trust Profiles, and Last Login, are easily viewable.

• Internet Threat Protection - Exclude Users:

  • Admins can now exclude users from all ITP policies by applying specific roles to the default Excluded Devices policy.

Early Preview Features

• Clientless Chrome Browser Extension:

  • The Banyan Chrome Extension is a lightweight browser extension that offers users access to internal websites and provides Device Trust Verification (DTV).

Bug Fixes

• [Resolved] Enabling ITP was misrouting DNS in Ubuntu.
• [Resolved] Error when attempting to pull user details in the Command Center.
• [Resolved] The WireGuard config file was rendered unreadable due to a recurring error.

2023-06-14 Release Highlights

Generally Available Features

• New Trust Factor: Enhanced OS Version

  • OS Versions can now be configured by the “Last x version(s)”. This frees admins from having to update the Trust Factor configuration with every new OS version release. Previously, admins had to configure and continually update specific OS version numbers.

• New Trust Factor: CrowdStrike Registered With

  • The Registered With factor validates that the device at hand is registered with the CrowdStrike environment. Registered With is derived from a CrowdStrike API endpoint.

• Branding Customization

  • Admins can now use customized branding for any Banyan browser error and success pages with their organization’s own logo and brand colors.

Enhancements and Updates

• Event Log Viewer for Service Tunnel Activity:

  • Admins can now find Service Tunnel activity under the Service filter in the Event Log Viewer in the Command Center.

• Lookup Domain:

  • Admins can use the Lookup Domain to view which Content Category or Threat Category a given domain falls under.

• Service Tunnel Access Logs - blocked access attempts:

  • Admins can view blocked Service Tunnel access attempts (traffic rejected by Banyan L4 Policies). These can be viewed on the Access Tier.

• DNS filter in Captive Portal environments:

  • The Banyan client will use the host DNS server for any DNS requests until captive portal authentication is complete and internet access is available.
  • The Banyan client will periodically probe for well-known URLs to detect internet access. On detecting reachability to those URLs, it will start forwarding DNS requests to the DNS filter server for DNS filtering.

Bug Fixes

• [Resolved] Edit Access Tier parameters was removing Service Tunnel logging parameter (i.e., EnableServiceTunnelLog).

2023-05-25 Release Highlights

Generally Available Features

• Mobile Tunnel:

  • Banyan’s mobile app now allows end users to connect to Service Tunnels in addition to hosted websites.

• Enhanced Roles UI:

  • Simplified UI flow for creating a Role in the Banyan Cloud Command Center.
  • Roles can be configured based on Users, Devices, or Service Accounts.
  • Roles now support adding serial numbers.

Enhancements and Updates

• Internet Threat Protection – Policy Sync Status:

  • Banyan’s sync status indicates whether the ITP policies page in the Command Center is up-to-date or syncing is in progress.
  • If a sync is in progress, then an ETA will also be available, so that admins can expect when ITP policy updates will be reflected in the console.

Bug Fixes

• [Resolved] Launching the desktop app (from the Windows start menu) when the app was already running was causing the tunnel to disconnect.

2023-04-12 Release Highlights

Generally Available Features

• Self-Service Hosted Websites:

  • Simplified UI flow for registering a hosted website in Banyan.
  • Domains can be registered directly within the hosted web service registration flow.

• Service Tunnel - Exclude CIDRs:

  • Admins can now configure the exclusion of CIDRs during Service Tunnel registration.

Enhancements and Updates

• StatsD support for monitoring Service Tunnels:

  • Admins can now monitor the number of active clients, Tx rate, and Rx rate per Service Tunnel.

Bug Fixes

• [Resolved] Banyan app has migrated commands to PowerShell; the app no longer uses wmic commands.
• [Resolved] “User not found” error when adding a new local user in the console.

2023-03-08 Release Highlights

Important Notice: Banyan is releasing Access Tier v2, which features a guided installation flow and architectural updates. See Important Notices to learn more about the upgrade path from v1 to v2.

Generally Available Features

• Domain-Based Tunnel Policies:

  • Admins can now use Service Tunnel policies to define which fully-qualified domain names (FQDN) users can access.
  • This offers an alternative to defining access by IPs or CIDR ranges, which dynamically change.

• New Registry Key Check Trust Factor:

  • Admins can use this new Trust Factor to establish a list of keys with corresponding values required on devices in their organization.
  • This Trust Factor supports Windows devices only.

• Admin-Enabled Autorun:

  • Admins can now enable Autorun in Service Tunnel and infrastructure service specifications during service registration in the Cloud Command Center.
  • If enabled, end users no longer need to manually enable Autorun from their desktop app.

Early Preview Features

• Internet Threat Protection (DNS Filtering) Policies:

  • Admins can now create Internet Threat Protection (ITP) Policies.
  • These policies are designed to protect devices from accessing domains outside of acceptable use policies.

Enhancements and Updates

• Time-Based One Time Passcode for Local Admins:

  • A new Time-based One Time Passcode (TOTP) setting has been added to Admin Sign-on Settings (i.e., Enable TOTP). Please contact Banyan to enable this feature.
  • If enabled, all local admins that log into the Cloud Command Center will be required to set up and validate with TOTP.

2023-02-08 Release Highlights

Important Notice: Banyan is releasing Access Tier v2, which features a guided installation flow and architectural updates. See Important Notices to learn more about the upgrade path from v1 to v2.

Generally Available Features

• New Get Started guide in Banyan’s Command Center:

  • Banyan’s Command Center now offers a Get Started section, which contains guides related to onboarding and helps admins discover and enable new Banyan functionalities in their orgs.

• Self-Service Connector Installation flow:

  • Banyan is introducing a new guided Connector installation flow in the Command Center.
  • Connector installation can now be completed almost entirely through the Command Center UI, similar to our simplified Access Tier installation.

Enhancements and Updates

• Service Tunnel Access Logs:

  • Banyan can now collect all traffic events from end users through Service Tunnels, providing comprehensive logging.

2023-01-11 Release Highlights

Important Notice: Banyan is releasing Access Tier v2, which features a guided installation flow and architectural updates. See Important Notices to learn more about the upgrade path from v1 to v2.

Generally Available Features

• New Trust Factor – Property List Check:

  • Property List Check evaluates whether property list (plist) files’ keys match their defined values (on macOS devices).

Enhancements and Updates

• Refreshed Devices Page:

  • Updated UI and enhanced performance.

• Terraform Provider v1.1:

  • Now supports importing existing Banyan services, roles, and policies.

Bug Fixes

• [Resolved] Private domains (ipv6) were not resolving over Service Tunnel.