Release and Upgrade Notes

Noteworthy Changes: 22.8R1.8

The following features are not supported:

•Custom Domain feature

•Enterprise PKI and BYOC

•Simultaneous Connection feature.

•SAML Single Logout to force User Authentication

The planned deprecation of the Ivanti Secure Access Client (ISAC) Classic UI has been moved out to allow customers additional time to plan for the transition. For the latest timeline and guidance, see the KB article.

Noteworthy Changes: 22.7R1.3

• CASB/SWG options does not support HTTP PAC files. The support is only for HTTPS PAC files.

Noteworthy Changes: 22.6R1

•Default ESAP version is 4.1.6 or the manually selected previous version will be retained. The newer version of ESAP must be manually enabled from the ZTA controller. In case of any config error after selecting the new version, the admin must delete any unsupported versions (See the Admin logs for any unsupported versions). For more information, see https://forums.ivanti.com/s/article/ESAP-Package-Selection-Behaviour-Changes-Starting-from-ZTA-22-6R1-Release

•ESAP Version 3.9.3 is deprecated in this release. If the deprecated version is previously selected it will be upgraded with ESAP version 4.1.6.

•Default ISAC version is 22.5R1 (25375) or the manually selected previous version will be retained. The newer version of ISAC must be manually enabled from the ZTA controller. For more information, see https://forums.ivanti.com/s/article/Ivanti-Secure-Access-Client-ISAC-Behaviour-Changes-Starting-from-ZTA-22-6R1-Tenant-Release

•ISAC Client 22.3R1 18209 is deprecated in this release. If the deprecated version is previously selected it will be upgraded with ISAC version 22.5R1 (25375).

Noteworthy Changes: 22.5R1

UI changes in Application Create/Edit page:

•Admin can choose to continue creating another application in Create page.

•Admin can change the name of an existing application in Edit page.

Noteworthy Changes in 22.4R3

•App configuration supports configuring subnets and ports. For example, 192.168.1.0/24:443.

For a list of the issues resolved in this release, see the information that follows.

Important Notice for v22.1R1 and Later

Release 22.1R1 includes updates to address the OpenSSL vulnerability described in CVE-2022-0778. Ivanti recommends upgrading your Gateways and Clients to the Recommended Version listed in this document at your earliest convenience.

Upgrading Ivanti Secure Access Client Windows Variants to Version 21.6 or Later

Ivanti is aware that Windows-based desktop devices that have Ivanti Secure Access Client installed from a previous nSA release (9.1R11 and earlier) can fail during upgrade to the version applicable to nSA release 21.6 or later. This is due to a certificate expiry issue in the client.

To remedy this situation, please refer to the instructions and helper files contained at:
https://pulsezta.blob.core.windows.net/client/21.6/Pulse_Client_Upgrade_Helper.zip

Administrators using Microsoft Intune for MDM services should instead refer to this document:
https://pulsezta.blob.core.windows.net/client/21.6/Intune_Pulse_client_Upgrade.docx