Noteworthy Changes

The following table describes the major feature changes that are introduced in the corresponding release.

Feature

Description

Release 9.1R17
For PAN, Check-point, and Fortinet firewall when security policies are changed on firewall, ensure to restart the services on IPS for the reconciliation of the resource access policies.
Supported ISAC Version This release supports 22.2R1. For more info refer to https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB45603
Release 9.1R16

Anonymous Auth server

Re-introduced Anonymous authentication server.

Session IDs in logs

Host Checker logs enhanced to include session IDs.

Release 9.1R15

Feature Deprecation

From 9.1R15 onwards, some features are deprecated. Ensure you remove all related configurations before upgrading to 9.1R15. Upgrade may fail if all configurations are not removed. For more information refer KB45044.

If upgrade is performed through Admin UI, the upgrade failure message displays the list of deprecated feature configuration that needs to be removed to proceed with upgrade.

If the upgrade is performed using REST APIs or management servers like Pulse One, check serial console for the list of deprecated feature configurations.

Release 9.1R14

Features targeted for deprecation

From release 9.1R14, few features are targeted for deprecation. For these features, 9.1R14 update does not support new configurations, however it supports modification to existing configuration. On upgrade, there are no changes to the existing configurations. These features will be permanently deprecated in next releases. For detailed list of deprecated features refer KB44747.

Rebranding Pulse Secure to Ivanti

Rebranding of Pulse Secure logo, copyright, and some references to reflect Ivanti branding is in progress. The rebranding activity to Ivanti will be continued through next release. Pulse Connect Secure (PCS) is referred to as Ivanti Connect Secure (ICS) and Pulse Policy Secure (PPS) is referred to as Ivanti Policy Secure (IPS).

Default periodic host checking interval increased

The default periodic host checking interval is set to 60 minutes. Setting aggressive intervals may result in performance issues.

Release 9.1R13

Delegation to Network Infrastructure Device configuration moved

From 9.1R13, Delegation to Network Infrastructure Device related configuration is moved under Network Access configuration. Prior to 9.1R13, the settings were available in Log/Monitoring page under Admin Role.

Release 9.1R11

Email Notifications modified to Email Scheduler

“Email Notifications” under Configuration > Notification is now modified as “Email Scheduler”.

“Email Notification” page was earlier accessible only if Profiler license is configured and Profiler server is created. Beginning with Release 9.1R11, Email Scheduler page will be available irrespective of Profiler license or server creation. If Profiler is not created, then “Device Discovery” will not be present in the list of report types in email scheduler page.

Release 9.1R10

Host Header Enforcement

Host Header enforcement is introduced in 9.1R10. When this option is enabled on the server under System > Configuration > Security > Miscellaneous, the Pulse Client upgrade through IPS may fail. For more information, refer to KB44646.

Release 9.1R3

OAC Client Removal

OAC client is deprecated beginning with Release 9.1R3.

Profiler

For release 9.1R3, the minimum version of the fingerprints package supported is 41.

NMAP Upgrade

Upgraded NMAP database and Binary for improving the detection and classification of new devices.

SNMP Performance im-provements

Improved endpoint devices detection using SNMP.