8.2.1 Release Notes

Zentera CoIP Platform Release Notes

Release 8.2.1 (031023b)

zLink and CoIP Launcher Versions

* Servers with zLink version lower than the minimum required will be upgraded automatically while connecting to a 7.1.1 or newer zCenter

** Existing Xvnc sessions will be terminated if zasa-dep is upgraded on Linux servers.

*** CoIP Launcher 2.0 and its dependency package will be downloaded and upgraded automatically if the bundled version is newer than the user's.

Link to the Upgrade Package

New Features and Enhancements

• VNC/RDP remote desktop sessions now support watermarking (requires zasa and zasa-dep version 8.2.1-8 or later)
• Added log management features to manage internal database size, and set policies to automatically archive the CoIP database to remote storage
• Significant UI cleanup and performance improvements throughout the admin portal
• New Access Policy security controls control enforcement of Access Policy filters (e.g. Service Port objects, Application Process objects) with a detection and prevention mode
• Chamber policies now support IGMP filtering
• The default ZNS for Applications/Server Groups can now be associated for Remote Desktop sessions
• Admins can now quickly view which users have access to an Application/Server Group by clicking on the "Users With Access" count in the Application view
• New security alert emails for customers who are running a standalone CoIP deployment without external SIEM
• Many improvements to HA to reduce sensitivity for failover and streamline fail-back
• zCenter orchestrator upgrades no longer affect in-process user data sessions
• Database replication for DR is now non-blocking when the standby zCenter is being configured
• New default chamber templates for new Application Profiles
• Improved handling for multiple service domain names
• Source IP whitelisting for user roles is now available in the Onboarding Flow (OBF) Management pages

Bug Fixes

• Fixed a bug that prevented users from entering their username after launching a new VNC session from CoIP Launcher
• Updated the SMTP connector for compatibility with modern SMTP services
• Fixed an error that occurred when opening a Windows RDP session with RealVNC viewer
• Fixed a problem that prevented user VNC settings from applying to VNC Join sessions
• Fixed logic that could allow multiple endpoints registering for the first time in a short time window to receive the same CoIP address
• CoIP Launcher zcaa now flushes the DNS cache on startup and exit to eliminate DNS corner cases
• UX improvements for Application Chambering pages
• Fixed a problem causing Unix epoch instead of human-readable timestamp to be reported as the start time of an application-to-application policy
• Removed a restriction blocking the admin from viewing learned rules while a Learn job is in progress
• Updated the signing of the ZPFilter driver for Windows 7/8 and Windows Server 2008/2012 to allow it to be updated
• Fixed logic that caused endpoints to receive faulty chamber policies when batches of server register at the same time
• Fixed a problem that prevented Application auto-join from failing in certain cases
• Improved the robustness of the ZNS node control channel connection
• Added a workaround for zasa to avoid networking problems observed when chamber is activated on certain RHEL and Oracle Linux releases (8.4, 8.6)
• Fixed a problem with the $AppProfileCommand.addComputingFlow API call
• Fixed a problem that caused the *getControllerSoftwareVersions APIs from reporting the correct API version
• Addressed a problem with stale admin portal login sessions introduced in release 8.1.2.

Known Issues

• The zLink installation script supports SUSE Linux Enterprise Server 15, but not all family products
• In certain conditions, applying Learn rules can cause Access Policies to be removed; to workaround, after applying a Learn rule, open and save an existing Access Policy (do not need to change the Policy).
• Chamber enforcement is currently not supported on MacOS CoIPLauncher
• In FTM, when specifying a file with the length of its absolute path greater than 260, Windows OS API will fail to access the size of the file
• In FTM, the uploaded folder cannot be moved when it's been opened and in the meantime the approver approves or rejects the approval mail

Browser Versions Used in Validation

CoIP Launcher in this release was validated on the following browsers/platforms: