Cytracom ControlOne: ControlOne Platform Release Notes

Topic

This article lists release notes for the ControlOne Platform.

Environment

  • Cytracom ControlOne

Description

Index

Releases

<h2" id="h_01HVPC5JCP46321JGDPPPQBZJ6">2024 releases

ControlOne Platform 24.15.1

April 12 2024

What's new

  • Increased the speed and reliability of configuration changes for a smoother, faster platform management experience.
  • DNS activity and reporting will now appear on the Dashboard for any new events as of 4/12/2024. This will only apply to events recorded after that date.
  • Improved session log data searches for faster response and better results.

Bug fixes

  • Fixed a bug in which customer information wasn't being populated in the DNS activity

ControlOne Platform 24.11.1

March 13 2024

What's new

  • Simplified Agent user management by adding a safeguard against adding more agent users than there are available IP addresses. ControlOne will show a warning message stating “The number of Agent users exceeds the available IP addresses. Please remove some Agent users or allocate more IP addresses to the zone.
  • Examining a failed device posture check is now easier. Clicking on the “Failed Device Posture Check” alert no longer takes you to the event list. Rather it takes you directly to the event that caused the posture check failure.

Bug fixes

  • Various bug fixes and improvements

ControlOne Platform 24.10.2

March 6, 2024

What's new

  • CEF SIEM Integration: You can now view SIEM syslog information in RocketCyber and other SIEM integrations that use the CEF format. This provides complete visibility into your ControlOne Syslog from your main security dashboard.
  • Enhanced flexibility in firewall and NAT rules: You can now specify port ranges and non-contiguous ports in firewall and NAT rules.
  • Simplified DNS static host records. 

Bug Fixes

  • Various improvements and bug fixes

ControlOne Platform 24.10.2

February 20, 2024

What's new

ControlOne Platform 24.7.1

December 14, 2023

Bug Fixes

  • Various improvements and bug fixes

2023 releases

ControlOne Platform 23.50.1

December 14, 2023

Bug Fixes

  • Various improvements and bug fixes

ControlOne Platform 23.45.1

November 7, 2023

Bug Fixes

  • Various improvements and bug fixes

ControlOne Platform 23.44.1

October 31, 2023

Bug Fixes

  • Various improvements and bug fixes

ControlOne Platform 23.42.1

October 20, 2023

Bug Fixes

  • Fixed an issue causing Agent Teleport to time out.

ControlOne Platform 23.31.1

August 15, 2023

What's new

  • The new Agent Teleport tool gives MSP Partners and their customers a way to securely access multiple networks directly from the ControlOne Agent, without using a VPN. See Cytracom ControlOne: The Teleport feature for more information.

ControlOne Platform 23.26.1

June 28, 2023

What's new

  • Reports have been reindexed and now display in a new format.

ControlOne Platform 23.25.1

June 21, 2023

What's New

  • We now allow WAN port /31 mask as well as network and broadcast address on sites.

ControlOne Platform 23.24.1

June 13, 2023

What’s New

  • Improvements to the Reporting pipeline and SIEM export, more transport options to follow.

ControlOne Platform 23.23.1

June 7, 2023

Bug Fixes

  • Fixed an issue where search bars would only search the current displayed page
  • Fixed an issue where the Speed & Duplex radio buttons were not functioning properly for LAN settings.

ControlOne Platform 23.21.3

May 28, 2023

Bug Fixes

  • Fixed an issue where disabling or deleting a partner user would break the Azure sync.

ControlOne Platform 23.21.2

May 25, 2023

Bug Fixes

  • Fixed an issue that could occasionally cause an agent to log out unexpectedly.

ControlOne Platform 23.20.1

May 15, 2023

What’s New

  • Configuration sync failures are now indicated by a warning banner at the bottom of the screen instead of a pop-up.

Bug Fixes

  • Fixed an issue where Microsoft Entra ID (formerly Azure Active Directory) directories were not syncing. ControlOne partners who have already connected Microsoft Entra ID  directories will need to re-consent for Azure sync capabilities to continue functioning.
  • Fixed an issue that caused the agent download buttons to be hidden on some systems.
  • Fixed an issue where the logout button did not always correctly log the user out.
  • Fixed an issue where zone assignments inherited from Microsoft Entra ID groups would take longer than expected to apply.

ControlOne Platform 23.18.1

May 4, 2023

Bug Fixes

  • Fixed an issue where some Microsoft Entra ID (formerly Azure Active Directory) directories with long group names or descriptions would fail to sync with ControlOne.

ControlOne Platform 23.17.1

April 26, 2023

What’s New

  • ControlOne now allows for better control over Agent license assignment for users synced from an Microsoft Entra ID (formerly Azure Active Directory) directory.

Bug Fixes

  • Fixed an issue that prevented Microsoft Entra ID (formerly Azure Active Directory) groups from appearing immediately after initially connecting ControlOne to an Azure AD directory.
  • Fixed an issue with Microsoft Entra ID groups not updating correctly when disconnecting and connecting an Microsoft Entra ID directory.
  • Fixed an issue that prevented some ControlOne gateways from geolocating to the correct service location.
  • Fixed an issue with Azure sync jobs not being re-queued after connecting if we had 5 sync failures.

ControlOne Platform 23.16.1

April 21, 2023

Bug Fixes

  • Fixed an issue where Agent Control Policies were not correctly applied to Microsoft Entra ID (formerly Azure Active Directory) users who were assigned to a zone by their Entra ID group.

ControlOne Platform 23.15.1

April 13, 2023

Bug Fixes

  • Fixed an issue that occasionally caused problems saving certain settings on the Admin Settings page.

ControlOne Platform 23.13.1

March 31, 2023

What’s New

  • The permissions structure has been updated to allow partners with multiple companies more granular control of which companies can be viewed by a delegate user.

ControlOne Platform 23.12.1

March 23, 2023

What’s New

  • Gateway addresses are now registered with ARIN (American Registry For Internet Numbers) to allow online services to deliver data from more optimal locations, which should improve performance when using those services through ControlOne.
  • Partners can now control user-facing options in agent, such as the agent's settings and behavior.

ControlOne Platform 23.9.1

March 2, 2023

What’s New

  • Added the ability to choose a time for when automated network upgrades will be performed.

Bug Fixes

  • Improvements to the internal information flow between ControlOne components should result in a significant increase in loading speeds in the portal.

ControlOne Platform 23.8.1

February 24, 2023

What’s New

  • ControlOne Agent devices can now be assigned an IP address reservation within the User Zone so that the device will have the same IP at all times. Once a device has connected, it can be selected in DHCP -> Reservations under the Zone settings.
  • Support has been added to IPSec connectors for host-to-host routes (/32) and routing traffic towards non-rfc1918 IP Addresses.
  • Increased throughput for systems running the ControlOne Agent when connected from Site Zones through ControlOne Bridge devices.

Bug Fixes

  • Invalid ARP and DHCP entries would prevent new entries from being displayed in the "Bridge Connected Devices (ARP)" panel.

ControlOne Platform 23.6.1

February 16, 2023

What’s New

  • Advanced DHCP Options can now be set for Site Zones connected through a ControlOne Bridge.
  • Introduced a log scale display option improved the accuracy of dashboard graphs.

Bug Fixes

  • In some situations, inter-router ICMP messages were being sent from the ControlOne platform with a non-routable source IP Address, limiting the ability of path detection from internet sources.

ControlOne Platform 23.3.1

January 19, 2023

What’s New

  • The assigned Zone can be specified or updated Agent Users by uploading a CSV in the the User's panel.

  • Device posture rules for OS Requirements always displays both Windows 10 and Windows 11 major releases, to facilitate configuration of the minimum version for each.
  • Real-time SIEM Integration now supports custom HTTP Headers for stream authentication, customer / tenant ID correlation, or other general purpose metadata sent to external SIEM collectors.

Bug Fixes

  • Changing a Site Zone's subnet to be smaller than a previously configured DHCP range that is larger than the subnet would cause a configuration failure.
  • A Site Zone could be saved with a valid but unusable network IP address where it required a host IP for the interface, causing a configuration failure.
  • Creating or updating a DHCP reservation with a duplicate IP or MAC address would cause an error when attempting to save the reservation.
  • Fixed situations where a catchall “Something went wrong” was displayed when navigating or clicking between Sites and Zones panels.

2022 releases

ControlOne Platform 22.49.1

December 9, 2022

What’s New

  • The Real-time sync of reporting data to an external SIEM (structured JSON over TLS) is now in preview. Contact your account rep today to request a trial.
  • DHCP Reservations can now be quickly created directly from the device row of the "Bridge Connected Devices (ARP)" panel.

Bug Fixes

  • Traffic from internal originating hosts towards port forwards on the same account / zone (NAT hairpin) would not function as desired. 
  • Removed a CA certificate validity check that interferes with Windows Update.

ControlOne Platform 22.45.3

November 9, 2022

What’s New

  • Optimized user registration and password reset flows for users on mobile device browsers or smaller screens.
  • UX enhancements to the network map based on partner feedback, including CBR port numbers and WAN port statuses, CBR connected clients count, more information on hover and expanded options within each options menu.

Bug Fixes

  • Client devices running the Agent that are non-compliant and placed in quarantine, then later become compliant with a policy could take up to twice (2x) the configured check interval for the system to acknowledge the compliance check and allow the client device back onto its configured zone.
  • DNS filtering could interfere with normal telemetry and control traffic from the Agent.

ControlOne Platform 22.42.1

October 17, 2022

What’s New

  • Support for non-rfc1918 addresses in legacy networks that overlap “public” IP space, and need to be routable within a ControlOne network topology.
  • Management and configuration access to the ControlOne management portal can now be delegated to a third party MSSP.

Bug Fixes

  • Removed an incorrect error message that could appear on the login page when no password was submitted or if the browser was offline.

ControlOne Platform 22.39.1

September 28, 2022

What’s New

  • The Security and Audit Event reporting panel now enables easy retrieval of data within a custom date and time range, in addition to the time span presets within the top panel.
  • Device Posture compliance check failures displayed within the main dashboard now deep-links directly to the event detail view, allowing rapid evaluation and remediation of the cause for the compliance failures from Devices running the ControlOne Agent. 
  • ControlOne Bridges now isolate traffic between Zones assigned to ports by default. Network traffic is now allowed between Zones set in the "Connected Zone" option within the Network Map or within each Zone configuration. Previously this was enabled on a per-request basis.
  • Cloud Connector / IPSec configurations now support use of an empty or null IPSec Peer Identification field, expanding interoperability and with more legacy IPSec router configurations.

ControlOne Platform 22.37.2

September 15, 2022

What’s New

  • Devices running the ControlOne Agent have been relocated to the "Client Devices" tab of a new top level "Devices" panel.
  • DHCP Leases issued to client devices from ControlOne Bridges are now displayed within the "Bridge DHCP Leases" tab of the new "Devices" panel. Lease data for DHCP includes the IP + MAC address, device hostname, DHCP ID reported by the client, lease expiration, and whether the device is is currently online.
  • Locally connected devices detected on the LAN by ControlOne Bridges are now displayed within the "Bridge Connected Devices (ARP)" tab of the new "Devices" panel. 
  • User sessions within the management portal are now logged out after 30 minutes of inactivity, with a warning prompt appearing after 5 minutes of inactivity. Any management action, browsing activity, or clicking "continue" to the warning prompt will prevent automatic log out.
  • Devices running the ControlOne Agent can now be updated from the management portal. Updates can be pushed to all Devices by the button at the top of the Client Devices list. individually by selecting a device and then using the "Update Agent" button within the detail panel. If a device is offline, the update will be installed the next time a device has internet connectivity.mceclip0.pngmceclip1.png
  • Various UI and UX improvements, including more helpful tips when creating top level objects (Cloud Gateways, Zones, Sites, Policies) within an instance.

Bug Fixes

  • Network interfaces on ControlOne Bridges can no longer be set to the network or broadcast addresses of the subnet configured for the interface.

ControlOne Platform 22.35.1

August 31, 2022

What’s New

  • Device Posture Check policies now allow selection of an alternate zone for compliance failures. Devices running the ControlOne Agent can be redirected to a "Quarantine" zone for remediation purposes while the device is non-compliant with the posture policy.
  • Security and Audit events can now be synchronized in real time to third-party SOC / SIEMs over http(s). Please contact your account rep for details.
  • Various UI and UX improvements, including helpful tips within empty pages to facilitate easier initial setup of networks and policies.

ControlOne Platform 22.34.1

August 25, 2022

What’s New

  • ControlOne Bridges can now be assigned to individual customer accounts in the new "Bridge Inventory" panel. Customer accounts with co-management access to the ControlOne management portal can only see or manage ControlOne Bridge devices that are assigned to the respective customer account. Partner accounts can also assign Cold-Spare Bridge devices from inventory for use with a customer instance.
  • Cloud Connector / IPSec configurations now have an "auto" mode and presets for the Local and Remote Peer-ID options.
  • Expanded support for IPSec key exchange algorithms has been added to the DH-Group options.
  • A primary action button for creating objects (Cloud Gateways, Zones, Sites, Policies) has been relocated to the top of the screen, improving the setup experience across all pages.
  • Account service address settings have been moved from Site configuration panel to the Cloud Gateway detail view to allow accounts more flexibility with hybrid on-premise and fully-remote deployments.

Bug Fixes

  • When a site Zone had a security policy with the blocked applications mode set to "high", systems running the ControlOne Agent behind that Zone could not connect to the ControlOne Platform.
  • Local DNS services running on a ControlOne Bridge would not work when a Zone's DNS mode was set to "advanced" and the cache mode setting was inconsistent on adjacent Zones.

ControlOne Platform 22.31.1

August 4, 2022

What’s New

  • Reporting of status activity events about devices running the ControlOne Agent are now available within the reporting panel. A new event type, "Agent Event" tracks connection attempts, disconnections, and failures of Device Posture Check on a user and device level.
  • The management portal now reports when a configuration change has been synchronized across the platform. Additionally, the ability to force a re-sync is available within the admin settings panel.
  • Security and Device Posture policies can now be created from places where selection of a policy was possible, reducing the round trip through another page.
  • Device Posture Check is now a top level option within the navigation pane with improvements to usability throughout the policy editor. Posture requirement options have all been updated with examples and explanations of the Posture rule's use.
  • Devices are now labelled as "Compliant" or "Non-Compliant" within the device list when a Device Posture Policy is enabled on a Zone.

Bug Fixes

  • When inviting users to ControlOne, the invite button would appear to be disabled while entering an email address.
  • Cloud Connector / IPSec would sometimes erroneously report a Connector's status as "offline" when it was in fact "online", connected to a remote peer endpoint and capable of passing traffic.
  • Traffic for some ControlOne Agents was arriving at the Cloud Gateway as NAT'd from the Cloud Zone's Interface IP instead of the Agent system's assigned IP address.

ControlOne Platform 22.29.1

July 20, 2022

What’s New

  • The Windows and macOS options available for minimum Operating System requirements are now presets within the Device Posture Check policy editor.
  • User accounts that have been deleted or disabled are now hidden by default from the users list. Similarly, agent devices that have been inactive for 30 days are now hidden by default. A toggle at the top of each list allows the respective entries to be displayed.

Bug Fixes

  • Data for the dashboard would not always load on the initial render of the dashboard page, and would require the selection of a different time span in order to view the metrics on the page.

ControlOne Platform 22.27.3

July 8, 2022

What’s New

  • Systems running the ControlOne Agent can now be evaluated for compliance at the time of connection and conditionally allowed or prevented from connecting to the ControlOne network with Device Posture Check. Posture Requirements can bet set for Full Disk Encryption status, Device Geolocation / Geofencing, local program or process running like an RMM or xDR executable, or presence of a local file or registry key.

Bug Fixes

  • Conditional DNS forwarding across Zones within an instance would use an SDN fabric IP address as the source address for the DNS traffic towards the configured DNS server, which would then be ignored or dropped by the DNS server in most cases.

ControlOne Platform 22.20.1

May 20, 2022

What’s New

  • Zones are now differentiated for use with ControlOne Agents or for use with a ControlOne Bridge, with the corresponding settings appearing within the Zone panel.
  • SD-WAN Link Optimization can now be set to run once at a scheduled time in the future. Ideal for performing this off-peak hours maintenance task without having to login later.
  • Accounts that exist within the Partner Portal accounts can now be invited to an instance for use with the ControlOne Agent.
  • Uses are now sent an email notification when account setup is complete, prompting them to install and log into the agent if they have not already done so.

Bug Fixes

  • ZTNA Device Posture Check policy names will no longer be rejected on create / save if the name is in use by another account
  • All top level configuration objects (Cloud Gateways, Zones, Sites, Policies) now require typing the object name to delete, preventing unintended disruption of an ControlOne account.
  • The web app will no longer display an "all white" screen if an unexpected error occurs.
  • Changing the Light / Dark theme settings now take effect when clicking on the save button, instead of when the option is selected.

Known Issues

  • Zones that are changed from Cloud to Site from the Network Map may disappear momentarily from the Map view.

</h2">

Was this article helpful?
1 out of 1 found this helpful