What's New
 Release 22.7R2.10
Release 22.7R2.10
                                            | Product Version | Build | 
|---|---|
| ICS 22.7R2.10 | 5367 | 
| ISAC 22.8R4 | 38767 | 
| Default ESAP | 4.3.8 | 
New Features
•Multi-Factor Authentication Support for REST API: Users authenticating via the REST API now benefit from MFA. Depending on realm configuration, both primary and secondary authentication steps are enforced for increased security, see Realm-based Authentication.
•SFTP Archiving Support on Gateways: ICS Gateways now support SFTP for archiving. Archived data can be securely transferred to remote SFTP servers, improving both data protection and storage flexibility, see Archiving Servers.
•OAuth Enhancement: Proof Key for Code Exchange (PKCE) Support: Proof Key for Code Exchange (PKCE) can now be enabled or disabled for each OAuth authentication server, giving administrators granular control over OAuth flows, see Configuration on ICS.
•Maximum SAML Response Size: A new UI option has been added to configure the XML Buffer size. By default, the XML Buffer is set to 1 MB, see Configuring Miscellaneous Security Options.
•Enhancements in End User Portal
•Global Search Functionality: Users can quickly find content across the portal using the new global search, available in Block View and List View.
•Custom Tooltip for Bookmark Titles: For bookmark titles with long text, a custom tooltip is displayed when hovering over the title. This ensures that users can view the complete title even if it is truncated in the interface.
 Release 22.7R2.9
Release 22.7R2.9
                                            | Product Version | Build | 
|---|---|
| ICS 22.7R2.9 | 4757 | 
| ISAC 22.8R3 | 35577 | 
| Default ESAP | 4.3.8 | 
New Features
•Package Installation Status: Service package installation status page now gives start and end time stamps, and software version being installed, during upgrade and downgrade scenarios from 22.7R2.9 onwards, see Software Upgrade Status Page.
•End User Portal: Improved search functionality and with pagination on Admin Users page.
Addition or deletion of users on end user admin page are displayed on ICS Admin logs.
•Azure Qualification: ISA-V deployment on Azure supports DdV5 and DdsV5 series VMs.
• Increase ISA-V log size (Event/User/Admin): ISA-V log size is now increased up to 400 MB from existing 200 MB, see Log Events Settings Configuration Page.
To know more on unsupported features, refer to Unsupported Features.
It is mandatory to see Noteworthy Information
 Release 22.7R2.8
Release 22.7R2.8
                                            | Product Version | Build | 
|---|---|
| ICS 22.7R2.8 | 4471 | 
| ISAC 22.8R2 | 33497 | 
| Default ESAP | 4.3.8 | 
New Features
•End User Portal: Enhancements to the appearance and interface in the end-user portal, which includes:
•Shows Snackbar (popups) when a bookmark is added or removed from Favorites.
•Collapsible notification message with "Read more" and "Read less" option on the end user interface in landing page".
•The "welcome message" input text box in the admin UI is expandable for better usability. This aids admins in a flexible way to add and edit welcome messages of varying lengths
•Multi Factor Authentication: Multi Factor Authentication can be configured for the Realm(s). It is recommended to configure Multi Factor Authentication for enhanced Security. View Admin Realms and User Realms to review the configuration, see Authentication Realms.
The notification banner is added on the following pages:
•Dashboard Page
•Administrator Authentication Realm Page
•User Authentication Realm Page
Sample Notification Banner
                                                     
                                                
•Rest API Support for External ICT: Supports external Integrity Checker Tool (ICT) Automation using Rest API, which allows the admin to run scans and download the snapshot generated by the ICT tool. The API response include anomaly information too, see Run External ICT Scan.
Only one External ICT scan can run at a time, whether triggered via Admin UI or API.
 Release 22.7R2.7
Release 22.7R2.7
                                            | Product Version | Build | 
|---|---|
| ICS 22.7R2.7 | 4377 | 
| ISAC 22.8R1 | 31437 | 
| Default ESAP | 4.3.8 | 
New Features
This release includes bug fixes. There are no new features.
 Release 22.7R2.6
Release 22.7R2.6
                                            | Product Version | Build | 
|---|---|
| ICS 22.7R2.6 | 3981 | 
| ISAC 22.8R1 | 31437 | 
| Default ESAP | 4.3.8 | 
New Features
•Debug Log Size: The debug log file size in Virtual Appliances has been increased to 1024 MB for HDDs, which are 80 GB or larger, see Using the Debug Log and Supported Virtual Appliances. Hardware devices already have this capability.
•End User Portal: Enhancements to the appearance and interface in the end-user portal, which includes:
•Option to enable a background color, see Configuring Sign-In Pages.
•Confirmation dialog box, which is displayed before the deletion of a bookmark.
•Increased Logo height on the landing page for better visibility.
• In file browsing after uploading five files, the file upload button is disabled. Only five files can be uploaded at a time.
•For file browsing SSO, when the user enters invalid credentials, an error message is shown.
•Logging Enhancement: The user access log displays the country name for geo-location based restriction rules within the user realm, see Logs.
 Release 22.7R2.5
Release 22.7R2.5
                                            | Product Version | Build | 
|---|---|
| ICS 22.7R2.5 | 3793 | 
| ISAC 22.7R4 | 30859 | 
| Default ESAP | 4.3.8 | 
New Features
This release includes bug fixes and security fixes. There are no new features.
 Release 22.7R2.4
Release 22.7R2.4
                                            | Product Version | Build | 
|---|---|
| ICS 22.7R2.4 | 3597 | 
| ISAC 22.7R4 | 30859 | 
| Default ESAP | 4.3.8 | 
New Features
This release includes only bug fixes and there are no new features.
 Release 22.7R2.3
Release 22.7R2.3
                                            | Product Version | Build | 
|---|---|
| ICS 22.7R2.3 | 3431 | 
| ISAC 22.7R4 | 30859 | 
| Default ESAP | 4.3.8 | 
New Features
•TOTP Server: Strengthening the TOTP server by adding password authentication checks for importing and exporting a configuration file, with corresponding changes made to the Rest APIs, see Exporting/Importing TOTP Users and APIs.
•Hard Disk Monitoring: Implementing new REST APIs to retrieve disk usage information and perform disk cleaning, see Disk Usage Monitoring and Disk Cleanup.
•XML Import/Export: Strengthening the XML config file import/export process with password authentication checks, and updating Rest APIs accordingly, see Exporting an XML Configuration File and Importing an XML Configuration File.
•SNMP Polling: Improved SNMP functionality to monitor the status of the Power Supply and Fan in ISA 8000 and ISA 6000 devices, see Displaying Hardware Status.
•SNMP: Improvements have been made to SNMP to retrieve results showing the current VPN ACL count, see Configuring SNMP.
•End User Portal: Enhancements to the appearance and interface in the end-user portal include:
•Collapsible welcome note on the end user UI.
•List view for bookmarks, see Customizing the Welcome Page.
•Option to enable/disable a background image in the Sign-In Page, see Configuring Sign-In Pages.
 Release 22.7R2.2
Release 22.7R2.2
                                            | Product Version | Build | 
|---|---|
| ICS 22.7R2.2 | 3221 | 
| ISAC 22.7R3 | 30227 | 
| Default ESAP | 4.3.8 | 
New Features
This release includes only bug fixes and there are no new features.
 Release 22.7R2.1
Release 22.7R2.1
                                            | Product Version | Build | 
|---|---|
| ICS 22.7R2 .1 | 3191 | 
| ISAC 22.7R3 | 30227 | 
| Default ESAP | 4.3.8 | 
New Features
•Play Integrity API Checks: Helps to check that interactions and server requests are coming from the genuine app binary running on a genuine Android device, see Using the Mobile Options.
•Health Check: Ensures that the configured NTP and AD in ICS are reachable and also reduces involvement of support and engineering in addressing the customer environment issues, see Health Check.
•Log Size: The Maximum Log size is increased to 200MB for VMs and 1GB for ISA hardware devices, see Configuring Events to Log.
•Read-Only Admin: On Traffic Segregation, Administrative Network support is removed for Read-Only Admin, see Traffic Segregation Feature Overview.
•Rest API Auth: Removal of support for /api/v1/auth API which does not help in enforcing RBAC on REST endpoints. Instead use /api/v1/realm_auth API for authentication, see Realm-based Authentication.
•FDQN Support: Lockdown Mode Exception Rule is added with Remote FDQN Resources to support FDQN, see Custom-based Resource Access.
•End User Portal: Bookmark panel on end user portal is enhanced with expand and collapse accordion.
•Rewriter: Enhanced Rewriter parser to support Super keyword and Triple dot.
 Release 22.7R2
Release 22.7R2
                                            | Product Version | Build | 
|---|---|
| ICS 22.7R2 | 2615 | 
| ISAC 22.7R2 | 29103 | 
| Default ESAP | 4.3.8 | 
New Features
•Remote Debugging: Now support center can access system over a secure connection using Remote Debugging server via internal, external, or management port, see Using Remote Debugging.
•Licensing Server: ICS Gateway can connect to license server using IPv6 address, from 22.7R2 release onwards, see License Server.
•Delegated Admin: From this release onwards, Delegated admin user can login via rest API.
•Content Security Policy: CSP is implemented to harden the security by detecting and mitigating certain types of attacks, see Security Hardening.
•Configuring Administrator Roles: You can customize the number of records to be displayed per page in a table, see Creating and Configuring Administrator Roles.
•Integrity Check: Booting Options on Integrity Check Failure is newly introduced to check integrity check failures during boot up (Disabled by default). Options are added to Reboot, rollback or continue booting if integrity check fails, see Configuring Miscellaneous Security Options.
•Additional Client package(s): Now, only the active client package will get exported/carry forwarded, see Software Upgrade Page.
•MDM Auth Server: New option is added with interface selection for MDM connections to enable outgoing interface, see Configuring an MDM Server.
•SAML/ Web Server: New setting is added to monitor the SAML/Web server, see Configuring System Maintenance Options.
•TLSv1.3: Support for Browser based TLSv1.3 certificate authentication using Port Redirection, see Enabling Inbound SSL Options.
•Mobile Options: IF-T/TLS NCP knob option is newly added for Mobile, see Using the Mobile Options.
•Host checker Policy: Enhancement of Predefined OS Host Check rule for Windows with Service packs/version number.
•IPv6 support: New IPv6 Provisioning Parameters added that are required during the deployment of a virtual appliance, see deployment guides KVM, Hyper-V, VM, Nutanix.
•OpenSSL 3.0: Upgrading OpenSSL stack with OpenSSL 3.0 which includes a cryptographic module that can be FIPS validated, see Enabling Inbound SSL Options.