New Points of Presence (PoP) Management:

• Admins can now select geographic locations in which they want to provision points of presence (PoPs).
• PoP selection is available for new orgs (created after March 27th, 2026) with SPA licensing.

Event Hooks for Post-Connection Scripts on Windows devices:

• Admins can now use events generated by user connection to Service Tunnel as hooks to scripts that can automate various aspects of their workflows.
• Event hooks are only supported on Windows devices with CSE desktop app version 4.10.0 or later.

New app-generated sessions for multi-user Service Tunnels:

• Now, when the CSE desktop app detects a user switch, it triggers a new session.

Force re-authentication support for SAML:

• Admins can now use a toggle in the SAML IDP settings to enable force re-authentication.
• When enabled, users must re-enter credentials (i.e., password and MFA) each time they log into the CSE app or access a federated SaaS app.
• Hosted Websites will require authentication only once per active session.

Cloud Secure Edge support for MacOS 26.3.1:

• The CSE App must be upgraded to v4.0.1 before upgrading to MacOS 26.3.1.

Cloud Secure Edge desktop app re-branding:

• Code signing certificate is now SonicWall branded
• App executable names, package names, service names, and directory names are now SonicWall Cloud Secure Edge branded.
• For Zero Touch installations on desktop app v. 4.0.0 or later, admins should use this desktop app installer for mdm.

New CORS toggle:

• Admins can now enable a CORS toggle to secure authorization requests on hosted websites.

New Firewalls tab:

• Admins can now view a comprehensive list of Gen7+ firewalls inside the CSE Command Center.
• The firewalls displayed can be used to configure the CSE Connector.

Gemini Log Summarizer:

• Admins can now view an AI summary of logs and events in the CSE Command Center.