Release Notes Archive

This section lists the features, enhancements, bug fixes, and components available in the past versions of SonicWall Cloud Secure Edge (formerly Banyan)

  • Updated on Nov 19, 2024

Refer to the current release notes here for the latest Cloud Secure Edge (CSE) Product features, enhancements, and bug fixes.

Generally Available Features

  • New Open Virtual Appliance Install available for the Connector:

    • Admins can now install the CSE Connector on a virtual image using one of various VMware deployment tools (e.g., ESXi, VSphere, VMware Fusion).
    • Virtual images compatible with Hyper-V and KVM deployments are available upon request.
  • Support for macOS Sequoia:

    • Desktop app registration now automatically installs certificates on devices using macOS Sequoia.

Enhancements

  • Upgraded Docker and Ubuntu packages to reduce known vulnerabilities during Access Tier installation.

  • Read Only admins can now view System Logs (with sensitive information redacted).

Bug Fixes

  • IDP configurations for user authentication were not functioning for admins that were previously using the Banyan IDP for device registration.

  • Admins were unable to add or edit the Registry Check trust factor.

  • Tunnel access policies were not editable when CIDR entries were empty.

  • MASQUERADE rule was only being used for the default user interface.

  • In Access Tier versions greater than 2.4.2, using a hosted website with two services using the same frontend domain but different dns_names caused the browser name resolution to fail.

Generally Available Features

  • Simplified Entra ID config for end user authentication:

    • Admins can now use the metadata URL to automatically configure Entra ID (using SAML) as an IDP for end users.
    • The metadata URL updates daily, so any changes made in CSE are transferred to the IDP.
    • Admins can now upload the certificate if manually configuring Entra ID using SAML.
  • New Filter for Unauthorized Access Attempts via Service Tunnels:

    • Admins can now view end users’ unauthorized access attempts via a Tunnel Policy.
    • Admins can also filter access attempts by Service Tunnel.

Enhancements

  • User Attributes are now Collected by CSE Services:

    • Used for infrastructure services and hosted websites; admins can create one service and use the user attribute as a variable to set up user-specific host domains.

Bug Fixes

Remove API key after Access Tier install package.

New hosted web services erroring out due to certificate issues.

Generally Available Features

  • New Cloud Secure Edge License Management:

  • Support for a Windows-based Connector:

  • Enhanced Connector Install and Details page:

    • Simplified UI flow for Connector install via all methods.
  • Enhanced Service Tunnel Policy:

Enhancements

  • ReadOnly admins can now view everything with sensitive details redacted.

Bug Fixes

Connector status reporting was showing the incorrect status colour.

Custom remediation messaging was not being shown in Linux.

Read only admins were unable to view Access Tier details.

Identity Providers were prompting authentication twice in certain scenarios.

Internet connectivity issues encountered when devices were waking from sleep.

Generally Available Features

  • New Cloud Secure Edge Licensing:

  • Name Resolution Policy Table (NRPT) Setting for Windows devices:

    • Name Resolution Policy Table (NRPT) rules tell end users’ (Windows) devices where to send traffic.
    • We recommend that admins enable this setting when the Cisco Umbrella Roaming Client is installed on end users’ devices.

Bug Fixes

Serial number casing changed, which made the app unable to recognize registered devices.

The app was facing technical issues calculating Trust Level directly after a device awakened from sleep.

Generally Available Features

  • Event Geolocation Setting:

    • Event Geolocation is now an org-level setting available for admins to configure in the Command Center.
    • This setting allows admins to collect end users’ geolocation data for Event logs, if necessary for their company’s privacy standards or security practices.
  • New Geolocation Trust Factor:

    • The Device Geolocation Trust Factor assesses whether devices are in admin-blocked countries.
    • Admins can use this Trust Factor if your org has specific legal, compliance, or expected use requirements that mandate user access be blocked in specific countries.

Generally Available Features

  • Define File Properties for RDP Services:

  • Trusted Network Detection:

    • Admins can configure Trusted Networks for end users in their org.
    • A Trusted Network can be configured to automatically disconnect end users from Service Tunnels when Trusted Networks are available.

Enhancements & Updates

  • Enhanced Event Chart UI for Troubleshooting:

    • Collapsible UI to enhance visibility for troubleshooting purposes.
  • Search Domains: Domain names and FQDNs are now case insensitive.

Bug Fixes

Service Tunnels with certain configurations were not appearing in the Service Tunnels list.

Generally Available Features

  • Search Domains:

  • Admins can now configure search domains so that end users can use a short-hand search (i.e., a hostname) to navigate to an FQDN, enabling easier use of file sharing.
  • Admins can set search domains in order of priority; users are navigated to top priority search domains first. (Last updated April 18th, 2024)

  • New Service Tunnel UI:

    • Service Tunnel features a new long-form configuration.
    • Global and Private Edge routing is now configurable via one Service Tunnel.
  • Connect on Login:

    • End users can auto-connect to admin-configured Service Tunnels upon app login.
    • Admins can prevent users in their org from changing the auto-connected Service Tunnel.
  • System for Cross-Domain Identity Management (SCIM):

    • SCIM can tell the Command Center which users exist at any given time, keeping the list of created and deleted users up-to-date.

Early Preview Features

  • Connector Open Virtual Appliance (OVA) Install:

    • An OVA file is available within a Linux-based operating system, with the Connector pre-installed.
    • Admins can run the Connector for their end users via a simple configuration.
  • Geolocation Visibility Events:

    • End user location logs are now available in Events log.
    • Access Event Logs can contain geolocation data including city, country, latitude, and longitude.
    • This event is enabled via an API; Work with Banyan to enable it.

Enhancements & Updates

  • Global Edge Troubleshooting:

    • When a device is connected to a Service Tunnel, the Device Details page (in the Command Center) will indicate which point of presence (POP) the device is connected to (under the Device Information tab).

Bug Fixes

Admins were unable to create a Service Tunnel for public traffic only without selecting a Connector. (Last updated April 19th, 2024)

Early Preview Features

  • Enable URL Filtering:

  • Admins can now inspect host URLs within domains that are not considered a threat.
  • Admins can configure URL filtering within ITP settings using a PAC file that contains URL inspection rules.

  • Event Charting:

    • Admins can now view trends related to user access and service usage within Banyan.
    • Event charting provides a visualization of events within the Command Center.

Enhancements & Updates

  • Active Roles in Internet Threat Protection (ITP) Policies:

  • Roles used in ITP policies now show as Active.

  • Terraform Exemptions:

    • Terraform now supports exemptions within service configurations.

Bug Fixes

  • Private domain names were not working as expected in L4 policies in Global Edge deployments.

Early Preview Features

  • Create a Custom Public App:

  • Admins can now define public apps that Banyan has not already pre-populated in the App Discovery list in the Command Center.
  • This new feature allows admins to easily surface, secure, and monitor apps that are critical to their business.
  • Support for Oracle Linux in the OS Version Trust Factor:

Enhancements & Updates

  • Simplified Silent Cert Authentication:

    • Silent cert authentication now works directly through the API in orgs that have the silent cert auth flow configured; Admins no longer need to maintain the mdm-config file in order for this flow to work.

Bug Fixes

  • Authentication issues for devices with ITP enabled in orgs that use JAMF mdm (macOS devices only).

Generally Available Features

  • Cloud Command Center User Interface (UI) Re-design:

  • Banyan’s Command Center UI has been re-designed for improved usability.
  • New navigation categories include Private Access, Internet Access, and Trust.

Early Preview Features

  • Silent Cert Authentication for User Sessions:

  • Admins can now configure silent certificate user authentication for Mac and Linux devices.
  • With this configuration, users will no longer need to manually accept a certificate prompt each time they authenticate.
  • This configuration works for any IDP that supports OIDC or SAML.

Enhancements & Updates

  • Improved Netagent performance by lowering overall CPU usage.

Bug Fixes

  • Banyan app was still using previously configured (outdated) remediation links.

  • Zero touch install script (deployed through Kandji) was failing to execute and timing out.

  • App login sessions were not refreshing when users selected the Re-Login button.

  • AI-assisted admin search was indefinitely loading.