This article lists release notes for the ControlOne Platform.
- Cytracom ControlOne
ControlOne Platform 23.45.1
November 7, 2023
Various improvements and bug fixes
ControlOne Platform 23.44.1
October 31, 2023
Various improvements and bug fixes
ControlOne Platform 23.42.1
October 20, 2023
Fixed an issue causing Agent Teleport to time out.
ControlOne Platform 23.31.1
August 15, 2023
The new Agent Teleport tool gives MSP Partners and their customers a way to securely access multiple networks directly from the ControlOne Agent, without using a VPN. See Cytracom ControlOne: The Teleport feature for more information.
ControlOne Platform 23.26.1
June 28, 2023
- Reports have been reindexed and now display in a new format.
ControlOne Platform 23.25.1
June 21, 2023
- We now allow WAN port /31 mask as well as network and broadcast address on sites.
ControlOne Platform 23.24.1
June 13, 2023
- Improvements to the Reporting pipeline and SIEM export, more transport options to follow.
ControlOne Platform 23.23.1
June 7, 2023
- Fixed an issue where search bars would only search the current displayed page
- Fixed an issue where the Speed & Duplex radio buttons were not functioning properly for LAN settings.
ControlOne Platform 23.21.3
May 28, 2023
- Fixed an issue where disabling or deleting a partner user would break the Azure sync.
ControlOne Platform 23.21.2
May 25, 2023
- Fixed an issue that could occasionally cause an agent to log out unexpectedly.
ControlOne Platform 23.20.1
May 15, 2023
- Configuration sync failures are now indicated by a warning banner at the bottom of the screen instead of a pop-up.
- Fixed an issue where Azure AD directories were not syncing. ControlOne partners who have already connected Azure AD directories will need to re-consent for Azure sync capabilities to continue functioning.
- Fixed an issue that caused the agent download buttons to be hidden on some systems.
- Fixed an issue where the logout button did not always correctly log the user out.
- Fixed an issue where zone assignments inherited from Azure AD groups would take longer than expected to apply.
ControlOne Platform 23.18.1
May 4, 2023
- Fixed an issue where some Azure AD directories with long group names or descriptions would fail to sync with ControlOne.
ControlOne Platform 23.17.1
April 26, 2023
- ControlOne now allows for better control over Agent license assignment for users synced from an Azure AD directory.
- Fixed an issue that prevented Azure AD groups from appearing immediately after initially connecting ControlOne to an Azure AD directory.
- Fixed an issue with Azure AD groups not updating correctly when disconnecting and connecting an Azure AD directory.
- Fixed an issue that prevented some ControlOne gateways from geolocating to the correct service location.
- Fixed an issue with Azure sync jobs not being re-queued after connecting if we had 5 sync failures.
ControlOne Platform 23.16.1
April 21, 2023
- Fixed an issue where Agent Control Policies were not correctly applied to Azure AD users who were assigned to a zone by their Azure AD group.
ControlOne Platform 23.15.1
April 13, 2023
- Fixed an issue that occasionally caused problems saving certain settings on the Admin Settings page.
ControlOne Platform 23.13.1
March 31, 2023
- The permissions structure has been updated to allow partners with multiple companies more granular control of which companies can be viewed by a delegate user.
ControlOne Platform 23.12.1
March 23, 2023
- Gateway addresses are now registered with ARIN (American Registry For Internet Numbers) to allow online services to deliver data from more optimal locations, which should improve performance when using those services through ControlOne.
- Partners can now control user-facing options in agent, such as the agent's settings and behavior.
ControlOne Platform 23.9.1
March 2, 2023
- Added the ability to choose a time for when automated network upgrades will be performed.
- Improvements to the internal information flow between ControlOne components should result in a significant increase in loading speeds in the portal.
ControlOne Platform 23.8.1
February 24, 2023
- ControlOne Agent devices can now be assigned an IP address reservation within the User Zone so that the device will have the same IP at all times. Once a device has connected, it can be selected in DHCP -> Reservations under the Zone settings.
- Support has been added to IPSec connectors for host-to-host routes (/32) and routing traffic towards non-rfc1918 IP Addresses.
- Increased throughput for systems running the ControlOne Agent when connected from Site Zones through ControlOne Bridge devices.
- Invalid ARP and DHCP entries would prevent new entries from being displayed in the "Bridge Connected Devices (ARP)" panel.
ControlOne Platform 23.6.1
February 16, 2023
- Advanced DHCP Options can now be set for Site Zones connected through a ControlOne Bridge.
- Introduced a log scale display option improved the accuracy of dashboard graphs.
- In some situations, inter-router ICMP messages were being sent from the ControlOne platform with a non-routable source IP Address, limiting the ability of path detection from internet sources.
ControlOne Platform 23.3.1
January 19, 2023
The assigned Zone can be specified or updated Agent Users by uploading a CSV in the the User's panel.
- Device posture rules for OS Requirements always displays both Windows 10 and Windows 11 major releases, to facilitate configuration of the minimum version for each.
- Real-time SIEM Integration now supports custom HTTP Headers for stream authentication, customer / tenant ID correlation, or other general purpose metadata sent to external SIEM collectors.
- Changing a Site Zone's subnet to be smaller than a previously configured DHCP range that is larger than the subnet would cause a configuration failure.
- A Site Zone could be saved with a valid but unusable network IP address where it required a host IP for the interface, causing a configuration failure.
- Creating or updating a DHCP reservation with a duplicate IP or MAC address would cause an error when attempting to save the reservation.
- Fixed situations where a catchall “Something went wrong” was displayed when navigating or clicking between Sites and Zones panels.
ControlOne Platform 22.49.1
December 9, 2022
- The Real-time sync of reporting data to an external SIEM (structured JSON over TLS) is now in preview. Contact your account rep today to request a trial.
- DHCP Reservations can now be quickly created directly from the device row of the "Bridge Connected Devices (ARP)" panel.
- Traffic from internal originating hosts towards port forwards on the same account / zone (NAT hairpin) would not function as desired.
- Removed a CA certificate validity check that interferes with Windows Update.
ControlOne Platform 22.45.3
November 9, 2022
- Optimized user registration and password reset flows for users on mobile device browsers or smaller screens.
- UX enhancements to the network map based on partner feedback, including CBR port numbers and WAN port statuses, CBR connected clients count, more information on hover and expanded options within each options menu.
- Client devices running the Agent that are non-compliant and placed in quarantine, then later become compliant with a policy could take up to twice (2x) the configured check interval for the system to acknowledge the compliance check and allow the client device back onto its configured zone.
- DNS filtering could interfere with normal telemetry and control traffic from the Agent.
ControlOne Platform 22.42.1
October 17, 2022
- Support for non-rfc1918 addresses in legacy networks that overlap “public” IP space, and need to be routable within a ControlOne network topology.
- Management and configuration access to the ControlOne management portal can now be delegated to a third party MSSP.
- Removed an incorrect error message that could appear on the login page when no password was submitted or if the browser was offline.
ControlOne Platform 22.39.1
September 28, 2022
- The Security and Audit Event reporting panel now enables easy retrieval of data within a custom date and time range, in addition to the time span presets within the top panel.
- Device Posture compliance check failures displayed within the main dashboard now deep-links directly to the event detail view, allowing rapid evaluation and remediation of the cause for the compliance failures from Devices running the ControlOne Agent.
- ControlOne Bridges now isolate traffic between Zones assigned to ports by default. Network traffic is now allowed between Zones set in the "Connected Zone" option within the Network Map or within each Zone configuration. Previously this was enabled on a per-request basis.
- Cloud Connector / IPSec configurations now support use of an empty or null IPSec Peer Identification field, expanding interoperability and with more legacy IPSec router configurations.
ControlOne Platform 22.37.2
September 15, 2022
- Devices running the ControlOne Agent have been relocated to the "Client Devices" tab of a new top level "Devices" panel.
- DHCP Leases issued to client devices from ControlOne Bridges are now displayed within the "Bridge DHCP Leases" tab of the new "Devices" panel. Lease data for DHCP includes the IP + MAC address, device hostname, DHCP ID reported by the client, lease expiration, and whether the device is is currently online.
- Locally connected devices detected on the LAN by ControlOne Bridges are now displayed within the "Bridge Connected Devices (ARP)" tab of the new "Devices" panel.
- User sessions within the management portal are now logged out after 30 minutes of inactivity, with a warning prompt appearing after 5 minutes of inactivity. Any management action, browsing activity, or clicking "continue" to the warning prompt will prevent automatic log out.
- Devices running the ControlOne Agent can now be updated from the management portal. Updates can be pushed to all Devices by the button at the top of the Client Devices list. individually by selecting a device and then using the "Update Agent" button within the detail panel. If a device is offline, the update will be installed the next time a device has internet connectivity.
- Various UI and UX improvements, including more helpful tips when creating top level objects (Cloud Gateways, Zones, Sites, Policies) within an instance.
- Network interfaces on ControlOne Bridges can no longer be set to the network or broadcast addresses of the subnet configured for the interface.
ControlOne Platform 22.35.1
August 31, 2022
- Device Posture Check policies now allow selection of an alternate zone for compliance failures. Devices running the ControlOne Agent can be redirected to a "Quarantine" zone for remediation purposes while the device is non-compliant with the posture policy.
- Security and Audit events can now be synchronized in real time to third-party SOC / SIEMs over http(s). Please contact your account rep for details.
- Various UI and UX improvements, including helpful tips within empty pages to facilitate easier initial setup of networks and policies.
ControlOne Platform 22.34.1
August 25, 2022
- ControlOne Bridges can now be assigned to individual customer accounts in the new "Bridge Inventory" panel. Customer accounts with co-management access to the ControlOne management portal can only see or manage ControlOne Bridge devices that are assigned to the respective customer account. Partner accounts can also assign Cold-Spare Bridge devices from inventory for use with a customer instance.
- Cloud Connector / IPSec configurations now have an "auto" mode and presets for the Local and Remote Peer-ID options.
- Expanded support for IPSec key exchange algorithms has been added to the DH-Group options.
- A primary action button for creating objects (Cloud Gateways, Zones, Sites, Policies) has been relocated to the top of the screen, improving the setup experience across all pages.
- Account service address settings have been moved from Site configuration panel to the Cloud Gateway detail view to allow accounts more flexibility with hybrid on-premise and fully-remote deployments.
- When a site Zone had a security policy with the blocked applications mode set to "high", systems running the ControlOne Agent behind that Zone could not connect to the ControlOne Platform.
- Local DNS services running on a ControlOne Bridge would not work when a Zone's DNS mode was set to "advanced" and the cache mode setting was inconsistent on adjacent Zones.
ControlOne Platform 22.31.1
August 4, 2022
- Reporting of status activity events about devices running the ControlOne Agent are now available within the reporting panel. A new event type, "Agent Event" tracks connection attempts, disconnections, and failures of Device Posture Check on a user and device level.
- The management portal now reports when a configuration change has been synchronized across the platform. Additionally, the ability to force a re-sync is available within the admin settings panel.
- Security and Device Posture policies can now be created from places where selection of a policy was possible, reducing the round trip through another page.
- Device Posture Check is now a top level option within the navigation pane with improvements to usability throughout the policy editor. Posture requirement options have all been updated with examples and explanations of the Posture rule's use.
- Devices are now labelled as "Compliant" or "Non-Compliant" within the device list when a Device Posture Policy is enabled on a Zone.
- When inviting users to ControlOne, the invite button would appear to be disabled while entering an email address.
- Cloud Connector / IPSec would sometimes erroneously report a Connector's status as "offline" when it was in fact "online", connected to a remote peer endpoint and capable of passing traffic.
- Traffic for some ControlOne Agents was arriving at the Cloud Gateway as NAT'd from the Cloud Zone's Interface IP instead of the Agent system's assigned IP address.
ControlOne Platform 22.29.1
July 20, 2022
- The Windows and macOS options available for minimum Operating System requirements are now presets within the Device Posture Check policy editor.
- User accounts that have been deleted or disabled are now hidden by default from the users list. Similarly, agent devices that have been inactive for 30 days are now hidden by default. A toggle at the top of each list allows the respective entries to be displayed.
- Data for the dashboard would not always load on the initial render of the dashboard page, and would require the selection of a different time span in order to view the metrics on the page.
ControlOne Platform 22.27.3
July 8, 2022
- Systems running the ControlOne Agent can now be evaluated for compliance at the time of connection and conditionally allowed or prevented from connecting to the ControlOne network with Device Posture Check. Posture Requirements can bet set for Full Disk Encryption status, Device Geolocation / Geofencing, local program or process running like an RMM or xDR executable, or presence of a local file or registry key.
- Conditional DNS forwarding across Zones within an instance would use an SDN fabric IP address as the source address for the DNS traffic towards the configured DNS server, which would then be ignored or dropped by the DNS server in most cases.
ControlOne Platform 22.20.1
May 20, 2022
- Zones are now differentiated for use with ControlOne Agents or for use with a ControlOne Bridge, with the corresponding settings appearing within the Zone panel.
- SD-WAN Link Optimization can now be set to run once at a scheduled time in the future. Ideal for performing this off-peak hours maintenance task without having to login later.
- Accounts that exist within the Partner Portal accounts can now be invited to an instance for use with the ControlOne Agent.
- Uses are now sent an email notification when account setup is complete, prompting them to install and log into the agent if they have not already done so.
- ZTNA Device Posture Check policy names will no longer be rejected on create / save if the name is in use by another account
- All top level configuration objects (Cloud Gateways, Zones, Sites, Policies) now require typing the object name to delete, preventing unintended disruption of an ControlOne account.
- The web app will no longer display an "all white" screen if an unexpected error occurs.
- Changing the Light / Dark theme settings now take effect when clicking on the save button, instead of when the option is selected.
- Zones that are changed from Cloud to Site from the Network Map may disappear momentarily from the Map view.