What's new ?

Updated 1 month ago by admin

v2.45.2 - 24th April 2023

Web Security

  • Added a Capture Type option to the Mac OS X Agent Configuration section to toggle between identifying users by SAM, UPN or FQDN

v2.45.1 - 20th April 2023

General

  • Minor cosmetic fixes

v2.45.0 - 13th April 2023

General

  • Maintenance release to support the forthcoming Advanced DLP add-on

v2.44.1 - 28th March 2023

Bug fixes

  • Cloud Activity (API) report shows filename column by default
  • Fix for date conversion in Email Activity report

v2.44.0 - 24th March 2023

Cloud Application Security

  • Added the ability to capture events from Onedrive and Sharepoint API connectors

v2.43.4 - 2nd March 2023

Security Awareness Training

  • Ability to impersonate a child SAT tenant
  • Bug fix license change

v2.43.3 - 14th February 2023

Bug fixes

  • Quarantine multi-select doesn't always select all items
  • Mac OS X certificate generated in a Agent Config Profile now have unique serial numbers
  • SecureMail delete item dialog box typo corrected
  • Administrator section no longer limited to 200 users
  • Keyword Filter in Analytics improved as a tag field
  • Chart legend format no longer contains underscores

v2.43.2 - 30th January 2023

General

  • Completion of the migration to Cloud Reporting mode
  • Active schedules have been migrated however we recommend customers review them
  • For assistance with Log Archives, please contact your service provider

v2.43.1 - 21st December 2022

Multi-Factor Authentication

  • Made available the "Authentication Activity" report and charts when Cloud Reporting mode is enabled

Email Security

  • Made available the "Email Activity (Personal)" report when Cloud Reporting mode is enabled

Bug fixes

  • Fixed issue drilling down from Top Application Actions chart
  • Fixed the series ordering on the Top Application Names chart
  • Fixed issue running Web Activity by Hits with the "Block Unclassified Sites" rule filter
  • Fixed issue using the "Agent" filter in Web Activity by Hits
  • Fixed and issue with the logic when using the "Action Risk" filter. Now matches selected level and above
  • Other minor fixes
  • Authentication Activity notes field improvements

v2.43.0 - 13th December 2022

Bug fixes

  • "Device Type" filter added to Web Activity reports

v2.43.0 - 30th November 2022

General

  • Updates to support the forthcoming Security Awareness Training add-on product. Please contact your service provider for further information.

General

  • Additional ACL's to control the Move and Delete account functions

v2.42.7 - 21st November 2022

Bug fixes

  • Web Activity report filter improvements

v2.42.6 - 17th November 2022

Bug fixes

  • Chart drill down fixes and improvements
  • Email Activity report filter improvements

v2.42.5 - 15th November 2022

Bug fixes

  • FIX - Certain Cloud Reporting chart drill-down or report filters cause the session to be invalidated and the user to be logged out.

v2.42.4 - 11th October 2022

General

  • Remove End of Life products from menu

v2.42.3 - 28th September 2022

Email Security

  • Fix - downloading file attachments containing a plus character causes an error

v2.42.2 - 27th September 2022

General

  • Minor cosmetic fixes

v2.42.1 - 20th September 2022

General

  • Fix - Forgotten Password flow does not mark the user as verified
  • Fix - removed incomplete tooltips

v2.42.0 - 15th September 2022

Email Security

  • General release of the Post Delivery Deletion feature for Email Security. View the Knowledge Base article for more information.

v2.41.0 - 30th August 2022

General

  • General Maintenance Release to support the forthcoming switch to the new log platform for enhanced reporting

Email Security

  • Message Details - the delivery state is now shown for each recipient (delivered, rejected, delayed)
  • Fix - Long URL's in "Message Details" can be copied to the clipboard
  • Fix - Long recipient list in "Message Details" now wraps correctly
  • Fix - Quarantine Release action is now audited as "QuarantineRelease" with parameter to represent accompanying Safe/Deny action

Web Security

  • Fix - Ability to copy data from the Cloud Activity (Inline) report to the clipboard
  • Fix - updated the ARM64 anti-malware database URL for Mac OS X agents

Email Security maintenance release - 14th July-19th July 2022

Email Security

  • General Maintenance Release

Email Security maintenance release - 29th June-5th July 2022

Email Security

  • General maintenance release

v2.40.1 - 27th June 2022

General

  • Updated MSA agreement
  • Active Directory "Domain" label has been changed to "Name" to more accurately reflect that this is an arbitrary name string

Email Security

  • FIX - Quarantine portal now provides paging
  • FIX - Quarantine and Digest actions are now audited (requires Audit License)
  • FIX - Error messages improved
  • FIX - Validation to prevent selecting the same start and end time for Digests
  • FIX - Append Text length validation relaxed
  • FIX - Quarantine sometimes errors if the JWT token length is very long

Email Security maintenance release - 19th-21st June 2022

Email Security

  • Added new Dictionaries that can be used as part of a DLP policy to protect against sensitive data leakage
  • Fix - detecting long strings in message body sometimes fails due to underlying encoding
  • Fix - support for Greek characters in Executive Tracking names
  • Fix - support for Greek/Cyrillic characters with the Append/Prefix to Subject action

Email Security maintenance release - 26th-31st May 2022

Email Security

  • General maintenance release

v2.40.0- 24th May 2022

General

  • Improved authentication with a new "Sign in with Microsoft" button that is accessible from the dashboard login page. Administrators can configure Single Sign On to allow easier on-boarding of end users or administrators with a custom role

IDaaS

  • Early access to the forthcoming Identity-as-a-Service product. IDaaS is enabled by configuring an identity provider (or IdP) within the platform, along with one or more applications (service providers). There is no additional hardware or software to deploy.
  • For further information please contact your account manager

Email Security maintenance release - 5th-8th May 2022

Email Security

  • General maintenance release

Email Security maintenance release - 13th-19th April 2022

Email Security

  • General maintenance release

Email Security maintenance release - 30th March-5th April 2022

Email Security

  • Level 1 sandbox now uses pre-filtering for increased performance and reduced scan times

Email Security maintenance release - 2nd-7th March 2022

Email Security

  • Improvements to the "Empty Body" detection rule
  • Improvement to reject Reference headers with values larger than the RFC allowed size of 32792
  • New DKIM keys default to 2048-bit

v2.39.6 - 13th January 2022

Bug fixes

  • Restored the Active Directory -> Search option for accounts without an MFA license
  • Change Password caused an API error
  • Mac OS X Agent SSL Key is created automatically which overrides local certificate

v2.39.5 - 4th January 2022

Bug fixes

  • Outbound email host validation improved

v2.39.5 - 21st December 2021

Email Security

  • The Spam Safe/Deny List sections now support type-ahead searching for a mailbox.
  • It is now possible to verify DKIM for a sub-domain.
  • Quarantine Preview has been improved for iOS 15.
  • Added additional Delivery State filters for "Delayed" and "Blocked".

Web Security

  • It is now possible to create a certificate to deploy to Big Sur (and above) devices using MDM software. Requires Agent v4.3.8 or above.

Multi-Factor Authentication

  • It is now possible to filter the Active Directory user list based on the status of synchronisation with the Cloud MFA service.

Bug fixes

  • General: Active Directory configuration does not update the LDAP port when switching between LDAP and LDAPS.
  • General: the Account List no longer shifts to the right after expanding more than 3 levels.
  • General: the "Session Expired" dialog no longer appears behind the login fields
  • Email Security: the Email Activity report now shows the Delivery State in red if there is a delivery failure.
  • Email Security: a meaningful error is now displayed if a duplicate safe or deny list entry or mailbox is added.

v2.39.0 - 28th November 2021

General

  • The AD Connect client software has been updated to support an API key as an alternative to using a restricted administrator user. Version 2.60.132 is now available for download.
  • Within the Active Directory section, it is now possible to generate an API Key pair (Client ID and secret) for an on-premise connection.

v2.38.5 - 29th October - 2nd November 2021

Email Security

  • Recipient Limit Per Hour condition and Sending Limit Redirect action have been added to the Sending Limit Monitoring capabilities. These will be applied automatically to new accounts if sending limits are exceeded. See the Bulk Mail & Fair Usage guide for more information.

Bug fixes

  • "Executive Tracking Whitelist" custom data is not created automatically
  • Reprocessing a quarantined message fails to detect DMARC
  • Case sensitivity issue when detecting outbound sender

v2.38.0 - 30th September 2021

Email Security

  • General maintenance release

v2.37.5 - 2nd August 2021

Email Security

  • Added the date and time of the last Spam Digest sent to any mailbox to the Global Digest Settings section.

Web Security

  • The Reclassification Request system now includes the User Reason in the notifications and will provide feedback if a request cannot be completed or processed.

Bug fixes

  • Switching between Global and Personal Quarantine no longer displays a loading mask continuously.
  • Accessing the Super User section from Account Management when the account has remote management disabled no longer causes a logout event.
  • Licenses cannot be updated if the account they belong to is deleted.
  • It is no longer possible to set an unlocked License to have an expiry date in the past.
  • Final Action and Final Rule columns now have sorting disabled on Email Activity report and Quarantine list. This will be addressed in a future maintenance release.
  • Delivered column can now be sorted on the Email Activity report.
  • Enabled sorting on Sender IP, Subject, Sender Address and Size columns on the Quarantine list.
  • The Headers tab is now hidden if the email message has a rejected status.
  • Bulk Mailbox Import now correctly sets the Mailbox Type.
  • Agent update URL's are no longer duplicated in the Agent Configuration Profiles.
  • The URL's tab is no longer missing when viewing Message Details.

v2.37.0 - 23rd July 2021

General

Added a Role Builder interface for defining Roles with specific Access Controls (permissions) to the dashboard. The Role Builder compliments the existing pre-defined roles and is intended to allow more granular access for administrator users.

v2.36.5 - 15th June 2021

Web Security

  • Added a Proxy Mode option to the Mac Agent Configuration section to toggle between SOCKS, HTTP or Auto-Detect modes of operation.
  • Added a Capture Type option to the Windows Agent Configuration section to toggle between identifying users by SAM or UPN.
  • Added a new Allow Tray App to be Started option if Hide Tray Icon is in use, to the Windows Agent Configuration section.
  • Added a new Enable popup notifications for blocked downloads option to the Windows Agent Configuration section. A tray notification will be displayed if a download is blocked due to the MIME scanner.

Email Security

  • Sending Limit Per Hour condition and Stop Deliver action available to rate limit outbound email. These will be applied automatically if sending limits are exceeded.

Bug fixes

  • Issue requiring multiple clicks to accept the Master Services Agreement.
  • Updated Active Directory - Users text for the Shared Mailbox icon.
  • The Email Security - DHA rule can no longer be disabled.
  • Improved validation when configuring MIME Type unpacker options.

v2.36.0 - 3rd June 2021

Email Security - Quarantine

  • Improved Global Quarantine and Personal Quarantine layout.
  • Improved Preview Message which strips insecure scripts, clickable links and other malicious content from the message to provide users and administrators with an entirely SAFE preview.
  • The option to Reprocess messages. This feature will reprocess messages through the rules engine after tweaks or changes to rules, resulting in delivery of messages that may have been previously incorrectly quarantined.
  • The ability to Download Attachments from a quarantined message.
  • Colour coded entries to indicate messages that have received a medium or high spam score.
  • The name of the Rule that resulted in the message being quarantined
  • A new more secure Quarantine Portal where end-users can review, release and deny messages directly from their Spam Digest email, without the need to further authenticate.

Bug fixes

  • End User role can be changed once it has been set
  • The Message Rules and Connection Rules list now correctly show a custom description if one has been set.

v2.35.6 - 10th May 2021

Bug fixes

  • Improved Spam Safe/Deny list validation
  • Removed auto fill from TOTP fields
  • Improved DKIM verification

v2.35.5 - 5th May 2021

General

Added support for Time-Based One-Time Passwords (TOTP) as a second factor for authenticating with the dashboard. You can use any compatible app, such as Authy, Google Authenticator, etc. To configure TOTP, sign in to the dashboard, click the key icon in the top right, and then App Authentication.

Email Security

  • Added DKIM activation and verification to the Domains configuration section. DKIM no longer requires manual activation by your service provider and will activate automatically once at least one DKIM public key can be verified for a domain.
  • Renamed Global Safe/Deny List to Spam Safe/Deny List.

Bug fixes

  • Improved validation on the Spam Safe/Deny List so that partial email addresses can no longer be entered.
  • Updated incorrect tooltip for Chromebook Agent Profiles.

v2.35.2 - 19th April 2021

Bug fixes

  • Cosmetic updates

v2.35.1 - 6th April 2021

Bug fixes

  • Fixed role name display

Email Security maintenance release - 31st March-5th April 2021

Executive Tracking

The default Executive Tracking rule now supports a bypass list which can be used to skip detection for a list of defined email addresses contained in the "Executive Tracking Whitelist" Custom Rule Data.

Bug fixes

  • Content-disposition attachment fix
  • SPF macro fix

v2.35.0 - 29th March 2021

General

  • Framework updates

Email Security maintenance release - 17th-22nd March 2021

Bug fixes

  • Prefix to Subject action doesn't apply to an email if the final action is Quarantine.
  • SPF failure when a CIDR is specified as domain name part.
  • DKIM inserts incorrect bh= hash.
  • File Type detection false positives.

Email Security maintenance release - 4th-9th March 2021

Bug fixes

  • Improved login speed for SecureMail service.
  • Downloading attachments through external SecureMail interface sometimes fails.
  • Fixed an issue where duplicate Sandbox licenses were added to a new account.

v2.34.2 - 15th February 2021

Bug fixes

  • Time period formatting for the Feature Controls -> Time condition no longer shows a "NaN" error
  • The Authentication Activity report shows an "Internal" label if the End User IP is a RFC1918 address
  • When trying to schedule a chart, the correct "PDF" option is now available to select as the output format
  • Improved error message when trying to delete Custom Rule Data if it is in use by a rule
  • Forgotten password for End User fails if mailbox does not match the case of the associated admin username
  • Updated Access Control labels in Provisioning and Account Settings
  • The Agent Type column has now been renamed Agent, as it is a multi-purpose field
  • Added the Category ID to the Custom URL category view to assist with troubleshooting
  • In Email Activity and Quarantine, Added the received/sent date to the Message Detail view
  • In Email Activity the Filter Rule and Filter Action column background colours are now tied to Delivery State for clearer indication that a mail has been delayed or rejected
  • Added a Copy button the Message Detail view to easily copy the message GUID
  • Added the Own Sender Domain connection rule condition
  • Added a warning to the MFA Group filter within Active Directory on-premise connections
  • Browser Categories and Browser Patterns from an account template or parent are now duplicated to the new account

Email Security maintenance release - 4th-8th February 2021

Bug fixes

  • Garbage characters appearing in the email when "Prefix HTML" action is in use with complex HTML tags.
  • PermitSMTPRelay users should be excluded from the Open Relay Protection rule.
  • Connection rule with ACCEPT action is not logged correctly.
  • Dictionary can now be used with a connection rule GeoIP condition.

v2.34.1 - 22nd January 2021

Bug fixes

  • Web Security - unable to save a Chromebook profile if no default profile exists
  • Web Security - issue deleting a Chromebook agent from the Deployment grid
  • Web Security - status and last username detail is now displayed correctly in the Deployment grid
  • Web Security - removed Browser Type and OS conditions from the Feature Controls rules editor as they are not currently supported
  • Email Security - the Quarantine subject field now supports Greek and Cyrillic characters rather than displaying ??? question marks
  • Cloud MFA - improved the tooltip text for users pending synchronisation with IntelliTrust

v2.34.0 - 18th January 2021

Web Security

  • Added support for the upcoming USS Agent for Chromebook release. It is now possible to create and manage Chromebook configurations and deployments from within the dashboard.
  • Support for the "Agent Anti-Malware (Mac OS X)" add-on product which scans downloaded files for malware on the endpoint.
    • Added the product to Provisioning and License Management.
    • Once licensed the product can be configured in the Agent Configuration section.
    • Requires USS Agent for Mac OS X 4.3.1 or above.
  • Added a new "Hide tray icon on startup" option in the Windows Agent Configuration section. Requires USS Agent for Windows version 4.3.8 or above.

Bug fixes

  • Web Security - it is now possible to deselect a tag if it has been selected as a report filter.
  • Web Security - Time condition with a single time period now correctly matches.

v2.33.2 - 28th December 2020

General

Update to the Master Services Agreement (v2.2). For further information please see the legal section.

v2.33.1 - 18th December 2020

Bug fixes

  • General - license region is missing during provisioning

v2.33.0 - 17th December 2020

Web Security

  • Added Browser Type condition. With this new feature, you can define categories of browsers and conditionally match on version. For example, you could block all end of life versions of Internet Explorer, or only allow a certain group of users to use Firefox.
  • Added Operating System condition. With this new feature, you can control web requests based on the originating operating system. For example, you could block all vulnerable versions of Microsoft Windows or only allow Mac OS X devices to access specific web resources.
  • Extended the options for the MIME Type action to support scanning archives. Requires latest agent (Windows: 4.3.12+) and gateway (v1.2.27+) software (scheduled for General release Q1 2021).
  • Updated the AD User condition to allow selection of UPN user, for use with hybrid AD deployments.
  • Updated the AD Group condition to allow selection of Azure AD groups, for use with hybrid AD deployments.

General - Active Directory

  • The Username (UPN) column now indicates if the user is a shared mailbox from Azure Active Directory with an icon.
  • Added the ability to configure the NetBIOS domain on an Azure Active Directory connection, which is required for using web security with hybrid AD.
  • Added "Given Name" and "Surname" fields to the user settings panel.

General - Licensing

  • It is now possible to increase the user count and extend the expiry date of a locked Standard license.

Reports

  • The Web Activity and Cloud Activity - Inline reports have been updated to display the domain and username in separate columns. This is to support UPN style usernames as well as traditional SAM and Domain.

Bug fixes

  • General - new product licenses default to 50 users.
  • Email Security - custom quarantine names are limited to 32 characters.
  • Web Security - category list is not limited to 25 categories.
  • Web Security - missing $VIRUSNAME$ placeholder available in block templates.
  • Web Security - timestamps in the Deployment section display correctly when using Safari.

v2.31.1 - 6th November 2020

Bug fixes

  • Minor cosmetic fixes

v2.31.0 - 2nd November 2020

General - Active Directory

  • Added support for synchronising shared mailboxes from Azure Active Directory with Exchange Online. Additional permissions must be granted to allow access to the shared mailbox properties. Please see the Knowledge Base article.

Web Security

Added support for using the AD Group condition when synchronising groups from Azure Active Directory in hybrid mode.

Bug fixes

  • Cloud Activity (Inline) report - the Keyword Category filter now uses OR logic when searching for matching categories.
  • Azure Active Directory sync - fixed a spurious issue where some Azure Active Directory synchronisations failed due to a "nextLink" error from the Graph API.

v2.30.3 - 8th September 2020

Bug fixes

  • Audit report sometimes stalls with a loading symbol

v2.30.2 - 2nd September 2020

Bug fixes

  • Minor cosmetic fixes

v2.30.1 - 24th August 2020

Bug fixes

  • SecureMail - attachment does not display on mobile view
  • SecureMail - replies are not editable on mobile view
  • SecureMail - font drop down is not selectable in mobile view
  • SecureMail - SecureMail option is not visible for administrator role
  • Licenses - error viewing licenses on accounts where administrator has been removed

v2.30.0 - 6th August 2020

SecureMail add-on for Email Security

  • SecureMail is an add-on for the Email Security product that allows users to send an email message that can only be viewed and responded to from within a secure web based dashboard
  • Contact your Service Provider for more information about the license

Email Security

  • Added a "Scan Office Files" condition which allows Custom Rule Data to be used to scan Microsoft Office files for patterns (excluding PDF)

Compliant Email Archive

  • Opening the Compliant Email Archive from the USS dashboard is now an audited event (requires the Audit product)

Cloud App Security

  • Recent Office 365 application changes have required App Catalog actions to be significantly updated. Please review any rules that use App Actions for O365 as they may require updating

Bug fixes

  • Account Management - the search is not reapplied after the account list is refreshed
  • License Management - added an edit icon on the license management grid for clarity. Also increased the default window size
  • Email Security - the validation on the Custom Rule Data text entry fields has been relaxed, allowing for larger entries to be saved
  • Email Security - it is no longer possible to use reserved words such as "spam" and "virus" in a Custom Quarantine name
  • Web Security - fixed an issue submitting a URL Reclassification when managing a child account but the parent account does not have Web Security licensed

v2.29.2 - 23rd June 2020

Email Security

  • Minor bug fix

v2.29.2 - 2nd June 2020

Email Security

  • Support for UTF-8 characters in the Notify Recipient and Notify Sender actions

v2.29.1 - 5th May 2020

General

  • Improved the load time and performance of the Account Hierarchy tree
  • Enabled automatic license expiry and suspension emails

Web Security - General

  • Added the option to request an email notification when a Reclassification Request has been processed. By processed, it means the URL has changed categorisation since the request was submitted.

Web Security - Windows agent

• Support for the "Agent Anti-malware (Windows)" product which scans downloaded files for malware on the endpoint:

  • Added the product to Provisioning and License Management
  • Once licensed the product can be configured in the Agent Configuration section
  • Reporting through the Web Activity analytics
  • Requires USS Agent for Windows 4.3.x (release candidate)

• Added the option to select a specific Auto-Update repository and options include Stable (General Availability), Release Candidate and Beta. A custom repository is also supported.

Web Security - Mac agent

  • Added the option to skip entering a password to start the agent manually if it has already been stopped using the password
  • Added the option to select a specific Auto-Update repository and options include Stable (General Availability), Release Candidate and Beta. A custom repository is also supported.

Web Security - Gateway

  • Added an "Allow upgrades to other protocols from HTTP/1.x" option to enable Web Socket support with USS Gateway 1.2.x

Email Security

  • Added the option to "Send Copy To" from the Global Quarantine, allowing a quarantined message to be sent to a different recipient for analysis
  • Added a new "Header Exists" condition to check for the presence of a message header using exact match or regular expression
  • Added detection of password protected PDF documents to the default "Password Protected Attachment" rule

Bug fixes

  • General - Added missing tooltips to the template options in account provisioning wizard
  • Email Security - fixed a regression that allowed a system rule to be editable
  • Email Security - fixed the description for the AD Group condition
  • Email Security - improved the placeholder text for the Sender IP filter
  • Email Security - fixed a typo in the "Prefix HTML" action description
  • Email Security - fixed a typo in the "Re-Route To" action description
  • Web Security - fixed the X-Forwarded-For tooltip on Gateway Profile Configuration
  • Web Security - fixed the duration values and chart axis in the Top Users (Time) and Top Domains (Time) charts
  • Web Security - gateway anti-malware maximum scan size warning message will be displayed after 6Mb
v2.28.0 - 15th April 2020

General

  • This release introduces a more formalised approach to License Types, to assist partners with provisioning and reporting. It also introduces account level permissions to control provisioning of certain License Types (contact your service provider for more information).
  • The "Products" section within provisioning has been renamed "Licenses"
  • Added additional "Live Date" and "Live By" columns to the license view
  • Added “License Type” to the dashboard product panels

Web Security

The Web Security conditions for Active Directory user and group can now be used with an Azure AD connection that is operating in hybrid mode (requires samaccountname attribute to be synchronised from on-premise AD)

Bug fixes

  • The 2FA authentication flow is now fully audited (if Audit product is enabled)
v2.27.0 - 19th March 2020

Email Security

Support for the "Compliant Email Archive" product. This product provides archiving of all inbound and outbound email with Data Guardian supervision and sophisticated search options. Please contact your service provider for more information.

  • Added the product to Provisioning and License Management
  • Added the ability for administrators to log in automatically to the Email Archive system for configuration and administration

Bug fixes

  • Fixed a problem initialising the dashboard which may occasionally cause the dashboard to fail to load without a manual refresh
  • Removed the ability to use a custom attribute for phone and email data from an Azure Active Directory sync. This is no longer supported through the Graph API.
  • Removed an empty Sandbox Settings option which appears for End User role.
v2.26.0 - 6th March 2020

General

  • Updated background image for Provisioning, new Administrator and Forgotten Password screens

Email Security

Support for the "Email Security Sandbox - Level 2" product add-on.

  • Added the product to Provisioning and License Management
  • Added a new Message Rule condition called "Email Sandbox - Level 2" which sends attachments to the sandbox for deep scanning

Log Streaming

Added support for SumoLogic via new "Form Post" output method. Log data will be sent to the specified URL using a multipart form upload (POST method).

Bug fixes

  • Deliver Inbound/Outbound rules are now locked for editing but can still be moved
v2.25.0 - 2nd March 2020

General

  • New splash screen and login screen layout.
  • Infrastructure upgrades for the upcoming general release of the ASE product (Autonomous Security Engine).
v2.24.6 - 31st January 2020

General

Additional Roles have been created to support various new use cases. See the Knowledge Base article for more information.

Bug fixes

  • Custom URL domains are forced to lower case to avoid rule matching issues
  • Importing mailboxes with mixed case email addresses are now duplicate checked correctly
  • A warning is now shown when deleting an Active Directory domain if the users or groups are in use by Web Security or Email Security rules
v2.24.5 - 13th January 2020

Bug fixes

  • Custom URL patterns are now audited (requires Admin Audit product)
  • Improved validation on license expiry date
  • The Message Rules rule builder opens the "Sandbox - Level 2" rule correctly if it is present
  • Manually downloaded reports are only sent if the email recipient is verified
  • Combined Chart report is not saved correctly for a user that uses AutoLogin method from an external application
  • Excel formatted reports now follow the formatting from the interface
v2.24.4 - 11th December 2019

General

  • Increased MFA token timeout to 1 minute
v2.24.3 - 4th December 2019

Bug fixes

  • Various minor cosmetic and functional bug fixes

v2.24.0 - 6th November 2019

Email Security

Added the option to import mailboxes from a CSV file that has been exported from Microsoft Exchange Online. This is an alternative to using the Active Directory synchronisation feature.

Cloud MFA

  • Added the option to limit synchronising Active Directory users to the Cloud MFA service based on group membership. This makes it easier to select which users have a Cloud MFA license.
  • Added the option to synchronise Active Directory common name as an alias for Cloud MFA user authentication. For example, user@domain.com or DOMAIN\user would be able to authenticate as user as well.
  • Users that are synchronised with the Cloud MFA service now show a green padlock.

Active Directory

Added the option to specify a group attribute name and value to limit the users that are synchronised from an Azure Active Directory connection.

Bug fixes

  • Corrected the Source Name/IP label tip when add/editing an Azure AD connection
  • The Source Name/IP field is now required for an Azure AD connection and the validation message has been improved

v2.23.0 - 28th October 2019

Reporting

Introducing the "Log Streaming" product which provides the capability to output enriched log data to a 3rd party product/service - such as a data analysis tool or SIEM solution.

  • Ability to have an independent log stream per licensed product (Web, CASB, Email, MFA)
  • Supports Webhook or Amazon SQS interfaces
  • Ready made Splunk App is available and will be published to the Splunk marketplace shortly. Please contact your Service Provider for further information.

Email Security

Updated the default Spam Digest template to render correctly in "Dark Mode" on various device operating systems such as Mac OS X and iOS 13.

Bug fixes

  • Delete tag confirmation message incorrectly showed an undefined label
  • Adding an Inbound Mail route caused a validation error relating to the "Cost" value
  • Removed the Active Directory attribute sync options for non-Azure AD domains

v2.22.0 - 30th September 2019

Email Security

Introducing the "Image Content Analysis" product add-on which detects Not Safe for Work (NSFW) image content within email attachments, archives and Office documents.

  • Added the product to Provisioning and License Management.
  • Added a new "Image Analyser" condition to Message Rules which allows you to select from 7 predefined categories such as Adult, Extremism, Weapons, etc.
  • Added a new "Image Scanning" section to Product Configuration which allows the administrator to adjust the global sensitivities for each image category and the minimum and maximum scan file sizes.

Web Security - Agent Profiles

A confirmation dialog is now displayed if a Gateway configuration option is changed that will cause the Gateway proxy to restart. The administrator must now confirm the action.

Web Security - USS Gateway

Version 1.1.53 is now available for download:

  • The Gateway now reports the proxy status back to the Deployment section.
  • The Gateway entry will be removed from the Deployment section on successful reset.
  • Fixed a bug relating to a large number of session files building up due to incorrect housekeeping.

Web Security - Deployment

  • The Deployment grid is now refreshed automatically after a delete.
  • A "Refresh" button has been added to the Deployment grid.
  • The Deployment grid is now sorted by Last Status Timestamp (newest to oldest).
  • Additional columns "Fail Open" and "Last ICAP" have been added as new columns to the Deployment grid and are hidden by default.

Bug fixes

  • Email Security - Prevent the deletion of the system groups called "Administrators" and "Everyone".
  • MFA - Unlocking a user now removes both the account level lock and temporary pass code lock if they are set.
  • Reporting - the Hostname filter in Web Activity reports now correctly matches the search term.
  • Reporting - it is now only possible to select PDF output for report types that support it (Combined reports and Charts).
  • Reporting - the list of Saved Reports is no longer limited to 25.
  • General - the "Add" administrator button is now available in the "Super User Access" window when managing customer accounts.
  • General - Active Directory attribute filter is no longer required by default.
  • General - The "Add Account" option within the "Products" section has been renamed "Open Account" to make it clearer this means opening an account for management rather than provisioning a new account.

v2.21.0 - 3rd September 2019

Settings - Active Directory (AzureAD)

It is now possible to limit an Azure AD sync using an Extension Attribute name and value. This can be useful if you only wish to synchronise a sub-set of users to USS.

Web Security - Deployment

  • Agents now report back their current status e.g. Active, Disabled*
  • Agents now report their current username, IP address and MAC address*
  • Agent GUID is deleted if the agent is uninstalled or reconfigured*
  • The manual delete agent option has been reinstated with additional validation

* Currently this applies to the Windows agent only and requires v4.2.11 and above.

Mac OS X agent and Gateway support coming soon.

Email Security - Sandbox Settings

A new section called Sandbox Settings is available in Email Security / Product Configuration if one of the sandbox products is active. Sandbox Settings allows you to enable or disable Sandbox Notifications and customise the Mail From and Name for notification emails.

Bug fixes

  • Pasting invalid characters into the Provisioning email address field bypasses validation
  • The Email Activity "Delivery State" filter with value "Delivery Error" displays the "Related" icon but it does not function correctly
  • The Email Activity "Release from Quarantine" filter does not return any matching results
  • Cancelling the Suspend License action leaves the license in a suspended state visually
  • Unable to edit Azure AD connection settings after the connection has been created

v2.20.0 - 19th August 2019

General

  • Deleting or Suspending an account or license now requires further confirmation to approve the action, to guard against accidental actions
  • Deleting a parent account now also deletes all child accounts so that the account does not become orphaned
  • There is an improved menu layout for adding product licenses to an account which makes it clearer which add-on modules belong to which products
  • The "Image Analysis" product has been split into "Image Analysis for Web Security" and "Image Analysis for CASB" in preparation for the upcoming "Image Analysis for Email Security" add-on module.

Web Security

  • A new option to set the endpoint agent service local port is available in the Advanced section of the Windows & Mac agent configuration profiles
  • It is now possible to configure Network Adaptor detection in the Mac agent configuration profile (requires latest Mac agent endpoint software)

Bug fixes

  • "Report Viewer" roles are no longer able to view the names of Saved Reports for products that are not associated with the role (the Saved Reports were never accessible, cosmetic improvement only)
  • The "Log Level" action now correctly bypasses logging if set to "Do not log"
  • Child accounts now correctly inherit Saved Reports and Favourites from the specified template account

v2.19.0 - 26th July 2019

Email Security

Support for the "Email Security Sandbox - Level 1" product add-on which will be available in all regions w/c 29th July.

  • Added the product to Provisioning and License Management
  • Added a new Message Rule condition called "Email Sandbox - Level 1" which sends attachments to the sandbox for deep scanning. Recipients will receive a notification that an email they have been sent is being scanned - it can take from 2 to 20 minutes for the sandbox to complete depending on the size and complexity of the file.
  • Added new action "Strip & Replace" to remove attachments and replace with a text file containing details of the reason why the attachment was removed
  • Added new action "Add to Global Quarantine" to move the email to the quarantine for review by an administrator

Email Security

Added a "Digest & Branding" section within Product Configuration to enable further customisation of the Spam Digest email.

General

When provisioning a new account based on an existing "Child Account" the new account now inherits the Filter Rules, Feature Controls, Categories and Saved Reports from the template account.

Bug fixes

  • The "Add to Personal Safe List" action no longer requires configuring
  • Improved validation of the primary account username during provisioning
  • Incorrect region was shown when selecting an add-on product for Web Security
  • The Rules sections are now hidden for the Report Viewer roles and End User role

v2.18.0 - 12th July 2019

Email Security

It is now possible to view and manage End User (personal) Safe/Deny lists from the Global Safe/Deny section

Reports - Email Security

Added a new column to the Actions tab within the Message Details panel which shows each recipient the action was applied to, if there were multiple recipients of the message.

Reports - Audit

Added coverage for the following Email Security sections to the Admin Audit product:

  • Message & Connection Rules
  • Domain Routes
  • Disclaimers
  • Manage Quarantine

General

The username is pre-populated on the login form after account / administrator activation to make first time login simpler.

General

A Forgotten Password link is now available on the login page to allow administrators to reset their password easily.

Web Security - Windows Agent Configuration

In preparation for general availability of the upcoming Windows Agent, the following updates have been applied to the Windows Agent Configuration Profile section. If you would like to evaluate the release candidate, please contact the helpdesk.

The following features require Windows Agent 4.2.8 or above:

  • Enhanced the "Do not disable if" logic to support checking if any Network Adaptor has an IP in a specific CIDR pattern.
  • The Hostname field now accepts an IP address as a value for Hostname when detecting the network. This bypasses the requirement for DNS resolution.
  • Fixed an issue where the home network was not detected after switching WiFi connections.
  • Added the option to bypass entering a password to start the agent manually if it has already been shutdown successfully manually.

Windows Agent

Version 4.2.8 is now available to download for new installs. This version of the agent supports MIME Type scanning and contains numerous bug fixes.

Web Security

A new set of system block templates have been added with a fresh design. The new templates include Warning, Quota, File Download and Unclassified Site block pages.

Bug fixes

  • Custom App Risk value is now removed if the slider is moved to the Unset position.
  • The AD Group filter is correctly applied when you drill down from Extended Web Report charts.

v2.17.0 - 27th June 2019

Email Security - Message Rules

Added a new Sender IP Geolocation condition to Connection Rules which allows you to accept or reject email messages based on the geo location of the senders IP address.

Roles Based Access Control

A new End User Portal role has been created which allows end-users to log in to the dashboard and manage product features. End users are represented as administrators but with very restricted access.

End User Portal

Through the new End User Portal role, the following sections have been added to the Email Security product:

  • Personal Quarantine - for searching and managing email messages that end up in the users quarantine area (this is an alternative to the Spam Digest email)
  • Personal Safe/Deny List - for managing the users own Safe or Deny list (the Global Safe/Deny list is still applied)
  • Personal Digest Settings - for managing the options related to when a Spam Digest email is sent
  • Email Activity (Personal) - a view of the Email Activity report which only shows the users own email

Please note: you can only access the "Personal" screens when logged in directly as the end-user. The options will be disabled when managing a child account or, in the case of Email Security, if the username of the end-user does not have a corresponding mailbox.

Administrators

Added an Import option to allow mass on-boarding of administrators. This makes it easy to on-board a list of email addresses as new administrators with the End User Portal role assigned. New administrators, regardless of role, are required to go through the email verification process before they can sign in.

Email Security - General

  • Product Configuration - Added a Global Digest Settings screen for configuring when the Spam Digest email will be sent. This can be overridden by the end-user through the Personal Digest Settings screen.
  • Quarantine - Added a Rule filter to search the quarantine for messages that matched a specific rule.
  • Group Management - enabled sorting
  • Log Archives - enabled archiving of message logs in line with the account retention periods
  • Message Details - added a new "URLs" tab to display any URL's that are captured from the email body
  • Message Details - added a new "Attachments" tab to display the filename and type of attachments in the email
  • Mailboxes - added the ability to manage the alias list for a mailbox

Reporting - Audit

Added logging for the following Email Security configuration actions:

  • Domain management
  • Group management
  • Outbound Mail configuration
  • Safe/Deny List management
  • Dictionary management
  • Mailbox management
  • Digest Settings

Additional actions will be added as part of 2.17.1 to complete the coverage.

Web Security - Charts

Added new charts for response based scanning (requires USS Gateway 1.1.49 and above):

  • Top Blocked Malware by Category
  • Top Blocked Malware by User
  • Top Blocked Malware by Domain
  • Top Blocked Malware by Name
  • Top MIME Types by Category
  • Top MIME Types by User
  • Top MIME Types by Domain
  • Top MIME Types by Type
  • Top Blocked Images by User
  • Top Blocked Images by Domain

NOTE: detailed hit information is now available as part of the Web Activity by Hits report. The Malware Detections and Image Reputation report will be end of life soon.

Email Security - Bug fixes

  • Quarantine is now sorted from newest to oldest
  • Message Actions view now shows the correct rule data rather than an ID number
  • Whitespace is correctly removed from new domains that are configured
  • Custom Rule data extended from 400 to 2048 characters
  • It is now possible to correctly save the chosen LinkScan operating mode
  • It is now possible to save a description for Message & Connection Rules
  • A friendly error is shown if a duplicate domain is added
  • Fixed an issue saving the global or domain disclaimer
  • Duplicate audit log entries removed
  • The correct Delivery route is set depending on the Direction condition that is set in the rule

Web Security - Bug fixes

  • Unblock Request emails now show the Timestamp based on the end-user local time (on their device or gateway depending on deployment method)

v2.16.0 - 3rd June 2019

Settings - Active Directory

It is now possible to synchronise objects from a Microsoft Azure Active Directory into USS. You will need your Azure tenant name (e.g. name.onmicrosoft.com) and you will be required to approve USS for read access to the Azure directory by granting consent with an administrator user account. If the Azure AD is also synchronised with an on-premise directory, it is possible to use this as the primary source of Active Directory objects. Please note that adding a new Domain Connection will require you to update existing web security rules that use AD attributes.

Web Security - Filter Rules

Added the ability to set a password for a filter rule that uses the Warn final action*. If a password is set, the end-user will be required to enter the password in order to proceed through the warning page.

* This requires infrastructure updates that are scheduled to be completed by 8th June 2019

Reports - Web Security by Hits/Visits

Added a Details panel to each result which displays all of the collected meta data for the request.

Settings - Administrators & Reports

Added the ability to redact sensitive information within reports for specific administrator users within an account.

Bug fixes

  • "Coverage" indicator now correctly shows 100% if all core services are licensed
  • GUID search in the Deployment section now works as expected

v2.15.0 - 15th May 2019

Reports - General

  • Added MIME Type, Anti-Malware and Image Filtering response data to the Web Hits and Web Visits reports with additional filters (Compatible with USS Gateway versions v1.1.47+)

Product - MFA

  • Added a constraint that prevents an AD Group from being selected in multiple rules

Bug fixes

  • A bug where the MFA Activity report didn't show country information
  • Fixed an issue where the Audit Report failed to ingress data if a URL was too long
  • Fixed an issue with MFA where the loading mask wouldn't disappear after saving the AD Object settings

v2.14.2 - 9th May 2019

Bug fixes

  • Web Activity by Category column sorting issue
  • Changed MFA rule time condition toggling logic
  • An issue with MFA rule changes not being saved
  • Changes to validation within the EMS product configuration

v2.14.1 - 7th May 2019

Master Services Agreement

Following a general review of our terms and conditions, our Master Services Agreement has been updated. Version 2.0 of the Master Services Agreement comes into effect on 8 May 2019 and supersedes all previous EULAs, SLAs and v1.0 of the MSA. For further information please see https://www.censornet.com/legal

v2.14.0 - 3rd May 2019

Reports - General

  • Updated all Reports with a new horizontal Filters panel that is visible by default. This replaces the pop-up window and makes it faster to add and modify report filters
  • Added the ability to save charts and their settings for easy access
  • Added the ability to add multiple saved charts to a Combined Report - a single PDF containing all of the charts and data tables - ideal for management summary reports
  • Added the ability to add Combined Reports to the scheduler
  • Added the ability to download an individual chart as PDF (either directly from the browser or from the server which includes additional data table)
  • Activity report searches and their filters are now logged in the Audit Report
  • Added the full HTTP request including query string to the Cloud Activity - Inline report results
  • Added a new chart Top Operating Systems
  • Added missing Actions to the Email Activity report (was previously named Final Action)

Reports - Web Security

  • Renamed the Web Activity report to Web Activity by Visits - this report shows web hits grouped into "visits" with approximate duration
  • Added a new Web Activity by Hits report which offers a flat list view of individual web hits, optimised for speed
  • Combined the Malware Activity and Image Reputation reports into Web Activity by Hits - please note that a USS Gateway update is required. The individual reports can still be used but will eventually be removed.
  • Updated web charts to drill down to Web Activity by Hits unless the chart is duration based
  • Added new filters for Operating System, Browser and Agent Version
  • Added support for specifying multiple values in the username filter, separated by semi colon e.g. admin; sysadmin
  • Added support for using a full URL or domain/path in the URL filter (not available for Visits report)
  • Added a new Web Activity by Category report which makes it easy to obtain a list of unique objects based on category e.g. All users who have web hits classified as Malware. Available objects: username, IP address, MAC address, tag, operating system, browser, agent version. From this report, you can also drill down for further detail.

Account Settings

  • Notifications section now shows any email addresses that haven't been verified with the option to re-send the verification email

Account Management

  • Added a Refresh button to refresh the account tree

Bug fixes

  • Keyword patterns must be at least 3 characters in length
  • Added Connection IP condition to Email Security Connection Rules
  • The Delete Agent option is now hidden for the Agent Installer role
  • Drill down from Email Volume chart has been fixed
  • Email headers and Server log are now redacted if redaction is enabled by the child account
  • Email Security actions Notify Recipient/Sender - From and Subject are now required fields. Added the % placeholders to the form for easy reference
  • Automatically remove white space from the start/end of URL patterns

v2.12.1 - 10th April 2019

Bug fixes

  • Mailbox variants could not be added as a result of the RBAC implementation
  • "Valid to" on a License is now displayed in UTC
  • Email Security domain list no longer pages incorrectly

v2.12.0 - 29th March 2019

Roles Based Access Control

Added support for RBAC (Roles Based Access Control) to the dashboard with a set of pre-defined roles for easy restriction of administrator capabilities. The following roles are supported in this release:

  • Super User - full access to all dashboard capabilities
  • Agent Installer - restricted user capable of installing endpoint agents, AD Connect agent and gateway virtual machines
  • Admin - Web - Web Security product administrator only
  • Admin - Email - Email Security product administrator only
  • Admin - Cloud App Security - Cloud App Security product administrator only
  • Admin - MFA - MFA product administrator only
  • Admin - Partner - ability to provision new accounts and manage licenses only (requires partner level account)
  • Email - Quarantine Admin - ability to manage the Global Quarantine only
  • Web - URL Admin - ability to manage Custom URL categories only
  • Report Viewer - ability to view reports for all products
  • Report Viewer - Web Security - ability to view the reports for the Web Security product only
  • Report Viewer - Email Security - ability to view the reports for the Email Security product only

Email Security - Mailboxes

This section has been updated to show an icon if the mailbox was synchronised from Active Directory. It now also shows the total number of mailboxes and the number of those which were synchronised from Active Directory, e.g. 159 mailboxes synchronised (130 from Active Directory)

Email Security - Global Quarantine

Now supports Safe/Deny by IP address for quarantined messages.

Product Settings - Administrators

The "Super User" column has been removed and a new "Role" column added that allows a super user to set a role for another admin user.

MFA - portal logins

Dashboard logins now use SMS-based one time passcodes. Support for the "CensorNet /SMSPASSCODE App" is no longer available for dashboard logins. The token entry time has also been reduced from 2 minutes to 30 seconds.

MFA powered by IntelliTrust

This release includes support for the upcoming launch of MFA powered by IntelliTrust - a new Cloud MFA product integration for the USS platform. Look out for further product announcements soon.

Account Management - Provisioning

The Provision Account process has been improved so that it is no longer necessary to wait until all of the requested products are provisioned. Instead, provisioning will now take place in the background freeing up the administrator to carry out other tasks within the dashboard. Note that this may mean new account Activation Links take a couple of minutes to be ready to use. Using an activation link too early will display a "Try again in a couple of minutes" message - this is normal. In addition, the account will not be visible in the Account Management section until provisioning has completed.

Active Directory - User objects

The Active Directory / AD Objects user list now shows the users group membership. Note: this is not available if the legacy Cloud MFA product is licensed.

Active Directory - Settings

The Active Directory connection settings now includes options for synchronising Email and Phone numbers for user objects.

Web Security - Web Activity

Additional Filters have been added to the Web Security report to allow searching by MIME Category and MIME Type.

Internet Explorer 11 

Support for Internet Explorer 11 has been removed. Only browsers supporting Javascript ES6 are supported.

v2.11.0 - 1st February 2019

Web Security

The Filter Rules section has been expanded to support additional actions:

  • There is a new action called Template which is shared by the other actions instead of being set explicitly in the action configuration.
  • The Allow, Block, Warn, Quota and Redirect actions are now known as Request Actions as they operate on the HTTP request.
  • A new MIME Type action has been added as the first supported Response Action as it operates on the HTTP response. This can be used with the Allow, Warn or Quota request actions as a second step before web content is returned to the end user.
  • The MIME Type action allows for blocking MIME Type strings in the Content-Type header that is returned by the remote web server. Over 450 categorised MIME Types are available.
  • In addition to the MIME type header being scanned, the HTTP response will also be scanned for executable code if the Executable Binary category is enabled.

NOTE: this feature requires USS Gateway v1.32 and above.

Reports

  • The Web Activity report has been extended so that the web hits in a visit now show the request and response scanning outcomes.
  • Additional columns: Response Module, Response Category, Response Pattern Name and Keyword have been added to the report.

Bug fixes

  • Downloading a saved report that uses the Keyword Category column no longer results in an empty report.
  • The Web Activity report sometimes displays out of timestamp order.
  • Exporting headers for an email message in Excel format no longer hides email addresses.

v2.10.1 - 29th January 2019

Bug fix

The Message Rules filter in the Email Activity report no longer displays an error message

v2.10.0 - 23rd January 2019

General

A new System Status link has been added to the login page and a new System Status page has been added to the Status section.

General

The Products section menu is now collapsed by default.

Web Security

The Filter Rules and Feature Controls sections have been improved for better usability and performance. The rule editor now opens in the main tab rather than in a floating window.

Web Security

From the Filter Rules section, when adding a Custom URL match it is now possible to edit the Custom URL category/patterns without leaving the rule editor.

Email Security

The Message Rules and Connection Rules sections have been improved for better usability and performance. The rule editor now opens in the main tab rather than in a floating window.

Email Security

It is now possible to multi-select messages in the quarantine to release, add to safe list or add to deny list.

Bug fixes

  • It is now possible to download a report if the XHR filter is used.
  • Removed unused values from the "Final Action" filter in the Email Activity report.
  • Adding the “Audit” product changes the region of the “Web Security” license.

v2.9.0 - 27th December 2018

Email Security

It is now possible to use the USS AD Connect service to power user synchronisation in the Email Security product. This requires AD Connect 1.4 client software to be installed and your Email Security license to be updated to use the USS AD store. Existing customers please discuss migration with your service provider.

Email Security

A new Executive Tracking feature has been added to combat spear phishing and CxO fraudulent emails. Using details synchronised from Active Directory (AD Connect 1.4+ required), the new Executive Tracking condition will automatically detect, using fuzzy logic algorithms, variants of users' real names within the senders' email headers, to detect simple but effective attempts to impersonate key company officials. The condition can be used in conjunction with any of the existing actions, such as Quarantine, Add to Subject, Notify, etc for complete flexibility. This is not active by default. 

Email Security

A new Group Management section has been added to Email Security for viewing groups from Active Directory and to manage manually created ones. Groups can also be flagged for "Executive Tracking" meaning all users in the group will be used by the new condition described above.

Email Security

The Mailboxes section has been enhanced to support group membership and adding custom variants for use with the Executive Tracking condition. For example, if there is a specific name that someone is known by, it can be manually added as a variant for the mailbox and this will be taken into account by the Executive Tracking condition. Mailboxes can also be included or excluded from Executive Tracking from this section.

Email Security

A new Nearby (Cousin) Domain feature has been added to combat targeted attacks using your own corporate brand names that at first glance appear legitimate. The new condition uses the Levenshtein distance algorithm to detect how similar the sender domain is from one of your own corporate domains. Based on the result, any of the existing actions such as Quarantine, Add to Subject, Notify, etc can be used for complete flexibility. For example, if your corporate domain that is protected with Email Security is called and a sender emails you from  - the distance is 1 which is very small and suggests it is extremely similar but not identical to your real domain. In this case, you may want to add a warning to the message or quarantine the mail for review as it is potentially suspicious. This is not active by default.

Mac OS X Agent 

An updated version of the Mac OS X Agent is available to bring key feature parity with the Windows agent:

  • Now supports Network Detection. The Network Detection option has been added to the agent configuration section.
  • Installer now allows selection of the configuration profile to use during installation
  • Block QUIC feature has been implemented
  • Block Insecure SSL Ciphers has been implemented
  • Do not log IP/MAC has been implemented

 Early access to this version is available through your service provider.

Bug fixes

  • Modifying an Unblock Request URL before Approving still saves the original URL in the chosen Custom URL category
  • Refreshing the page when managing licenses causes the Remove license button to disappear
  • Paging through Tags in the Visual Rule Builder generated an error
  • Bypass Types based on IP/CIDR now support IPv6 patterns

v2.8.1 - 10th December 2018

Partners - License Management

Partner accounts are now restricted by default:

  • Only new product licenses can be added to a child account
  • All new product licenses are locked to 30 day trial

Supported Browser warning

A warning message will be displayed if you try and access the dashboard with IE11. See Supported Browser page.

Email Security - Message Rules

Updated to be consistent with Web Filter Rules:

  • Remove paging toolbar
  • Now uses the same icons for delete and change
  • Increased character limit for Notify Sender/Recipient message

Email Security - Email Activity

  • Added a new "Dropped" value to the "Delivery State" filter.
  • Added a "Dropped" series to the "Inbound Email Activity" chart

Bug fixes

  • Clicking the search icon multiple times in the Account Relations tree causes the product button status to change
  • Added a chart title for "Top Cloud Application Locations"
  • Fixed "Device Group" select box in Device Import sections
  • Changed the "Authentication Activity" chart from area to line chart so that data points are more easily clickable
  • Searching Devices/Custom URL/Bypass shows more results than it should when clicking on the category
  • "Update Config" timestamp now reflects UTC and local time
  • Sometimes bypass patterns are not taking effect on the USS Gateway (gateway update required)

v2.7.0 - 23rd November 2018

CASB

Added image content scanning to files uploaded via connected Cloud Storage apps in API mode. The following image categories are supported:

  • Alcohol
  • Drugs
  • Gore
  • Adult
  • Underwear (including swimware)
  • Extremism
  • Weapons

This is configurable in the Image Scanning section under Cloud Application Security

Reports - Cloud Activity (API)

Added new Threat Count filter to return only results that contain a minimum number of threats

Reports - Cloud Activity (Inline)

  • Added new Service IP filter to search for hits based on the destination cloud service IP address
  • Updated the Keywords filter so that it searches captured app data and supports multiple values separated by semi-colon

Bug fixes

  • Searching in Devices section shows the correct count in the resulting categories
  • Action Value in downloaded reports is now formatted correctly
  • Entering invalid credentials when logging in results in an infinite "Loading" message
  • Unable to add a URL pattern that ends in a number
  • It's now possible to select a sub-category when submitting a URL for reclassification
  • Drill down from Top Cloud Application Locations

v2.6.0 - 16th November 2018

Reports

All of the chart visualisations have been updated for better usability and accuracy with drill-down and zoom. The charts also now support download to PDF or image and they support a custom time range

Reports

Added a new product "Extended Web Reports" which provides additional charts by Active Directory user group for the Web Security product.

  • Top Web Categories by Group
  • Top Domains by User or Group
  • Top Users or Groups by Time Spent

Reports - Web Activity

A new "SYSTEM" category has been added to the Web Categories selector containing the following options:

  • CTIRU - hits that matched the Counter Terrorism Internet Referral Unit block list
  • Time Quota - hits that were accessed whilst a Time Quota was active
  • Warning Bypassed - hits that were accessed after the warning page (Warn final action) was bypassed by the user

Provisioning and License Management

The new "Extended Web Reports" product can be added during provisioning or license management

Products

The navigation menu is now expanded by default for faster access to configuration sections

Web Security - Filter Rules - Warn & Quota final actions

The minimum configurable value for the "Allow For" setting is now 5 minutes

Web Security

Added a new ICAP node in Tokyo, Japan for improved coverage in Asia-Pacific

Web Security - USS Gateway

Version 1.1.30 is now available for download:

  • Updated user interface
  • Bandwidth, Requests and DNS timing charts with pan-zoom
  • Image Analysis module for image scanning
  • Improved performance when using content scanning modules
  • Bypass entries shown in the local UI
  • Support for the new "Bypass Authentication by MAC Address" bypass type
  • Based on Ubuntu 16.04 operating system

Existing customers can follow the upgrade steps to migrate from 1.0.x

Version 1.0.58, for existing Ubuntu 14.04 versions of the USS Gateway, is now available as an upgrade package. This includes:

  • Updated user interface
  • Numerous bug fixes including improved handling for overlapping domains

**The 1.0.x branch is now in maintenance mode only.**

Bug fixes

  • Fixed an issue where the warning state for a user does not persist across ICAP servers, resulting in an unexpected "invalid token" error message
  • Validation error when trying to add a new schedule
  • "Re-write URL" action filter not returning the correct results on the Email Activity report
  • Charts now correctly support the "Limit" option
  • Email Security - NDR is not generated for EOD errors
  • Email Security - Global quarantine ordering is sometimes out of sync
  • Email Security - placeholders are case sensitive
  • Email Security - "signed email cannot be verified" Outlook error
  • Email Security - blank recipients removed from charts

v2.5.0 - 26th October 2018

Account Management

This section has been redesigned to make it easier for partners to manage their child accounts.

  • Integrated the "Lookup", "Relations" and "Explore" tabs into a single "Relations" view
  • The Relations view shows the account hierarchy
  • Search by name or account UUID
  • Toggle between traditional tree list and visual tree (with right-click menu for managing accounts)

Charts

  • Charts now support a "Specific" timespan and have a "Run Report" button to refresh
  • Drill down from Cloud Application Security charts have now been enabled
  • "Top Domains By Time Spent" chart now returns data for "Last Hour" interval (displays results from the top of the hour)
  • Charts that used a duration are now rendered correctly as HH:MM:SS format rather than just hours.

Reports

  • The Web Activity report now shows the query string, if available, for each hit in an expanded visit
  • Clicking the GUID in a Quarantined Email now opens the Email Activity report for that GUID
  • The Web Activity "Exclude Ajax" filter now works as expected and removes results that were triggered by background polling in the browser
  • Downloaded / Scheduled reports in Excel format now loads correctly on an iOS device
  • Download/Scheduled Report emails now use the branding configured for the account to make them look more familiar to end-users

Unblock Requests

  • Unblock Request notification emails now use the branding configured for the account to make them look more familiar to end-users
  • Added a tooltip for "User Reason" to make long entries easier to view
  • Fixed a bug where the URL added from an Unblock Request contained spurious characters

Email Security

Implemented a new "URL Scanner" rule condition which scans URL's in the message body at delivery time for known threats.

Email Verification

  • Email verification emails now use the branding configured for the account to make them look more familiar to end-users

Provisioning

  • The "Welcome" email for a new account now uses the branding from the parent account to make it look more familiar

Web Security - Filter Rules

  • Viewing and searching the parent/child grouping for the "Web Category" match has been improved

Bug fixes

  • Saving a Windows Agent Configuration Profile incorrectly increments the update interval
  • Login dialog disappears if cancelling an MFA login
  • Provisioning based on a child account generates an "Undefined" error
  • Drill down from charts was out by 1 hour in some cases
  • Agent Gateway Configuration profile was missing the "Enforce Safe Search" option
  • Preview from Quarantine now opens in a dialog
  • Missing descriptions have been added to system-level Message Rules in Email Security
  • It is now possible to correctly select a region per product

General

The dashboard now shows the version number (bottom left) which if clicked opens the What's New? page

5th October 2018

Web Security

The "Web Categories" list has been grouped to make administration easier. The list is now presented as a tree allowing for quick selection of entire groups or individual categories. This updated list is available in the Filter Rule Builder and the Web Activity report.

Email Security

The Global Quarantine is now refreshed when a message is released using the Safe or Deny option.

Email Security

A new "URL Scanner" condition has been added to Message Rules which scans email messages for malicious web links at delivery time. The condition will return a result of "Threat" or "Clean" which can be used to trigger an additional action, such as adding to the spam score, quarantine, notify, etc.

Reports

  • New columns "URL Category" and "Keyword Category" have been added to the Web Activity report.
  • The duration column in the "Top Domains by Time Spent" and "Top Users by Time Spent" is now formatted correctly.

License Management

The "Trial" column has been renamed "Status"

2nd October 2018

Agent Configuration Profiles

Now able to manage Gateway Anti-Malware and Image Analysis products on behalf of a child account.

1st October 2018

Image Analysis

A new "Image Analysis" product is available to add real-time image content scanning to the Gateway*. Added:

  • Image Analysis product to provisioning and license management
  • Additional Gateway Configuration Profile settings for configuring the Image Analysis product
  • Image Reputation report in Analytics section

* An upgrade to the Gateway virtual machine system software is required.  

Deployment

Added Search by agent name, GUID and version number.

Deployment

Added multiple delete option to remove agent records that are no longer required.

Email Security

Added multiple delete option to the Global Quarantine.

Web Security

Changed the "Duration" slider to be a numeric entry field based on seconds, to allow for more granular queries to be made.

Reports

Added new "Collaboration" options to the "Action" filter on the App Activity (API) report.

Reports

Added a new "Delivery Delay" option to the "Delivery Status" filter on the Email Activity report. If used, a new "Find Related Messages" option is available to find all results related to a particular delayed message for easier troubleshooting.

Reports

Added a new "(Block Uncategorised Sites)" option to the "Filter Rules" filter on the Web Activity report.

Bug fixes

  • New accounts provisioned using the "Baseline Template" system template correctly inherit the Filter Rules, Feature Controls and General settings.
  • The App Activity (API) report now groups duplicate threats into one threat result.
  • An agent configuration profile marked as default can no longer be deleted.
  • Email Security Message Rules action Notify Sender/Recipient now supports placeholder tags in subject and body

24th September 2018

Cloud MFA

Unable to lock/unlock an MFA user if a phone number has been set.

7th September 2018

Web Security

Implemented the Feature Controls section that allows you to configure rules to apply features such as Google, Yahoo!, YouTube and Bing Safe Search, YouTube for Schools mode and Google App domain restrictions.

Web Security

Added the ability to set a description for Filter Rules and Feature Control rules.

Web Security

Added a password strength meter to the admin password field in Agent Configuration profiles.

Web Security

Added a new Bypass pattern type to allow bypassing source MAC addresses from authentication (Gateway only - new release pending).

Email Security

Messages in the Email Quarantine can be previewed by clicking the subject text.

Cloud App Security

Now logging Download events in API mode.

Devices & Groups

Added a "Devices & Groups" section to Products for managing devices. Includes options to import from CSV, IP range or CIDR.

General

Enabled the "View Analytics" button in Quick Lookup and "Super User Access" now opens in a window.

3rd September 2018

Email Security

Bug fix for the Global Quarantine section

27th August 2018

Email Security

Support for DKIM and DMARC has been added to the Email Security product. DKIM public key can be managed in the Domains section and you can now use the new DKIM and DMARC rule conditions and actions to configure the desired behaviour for your domains.

New rule conditions:

  • DKIM Enabled
  • DKIM Signature
  • DMARC Policy
  • DMARC Failure

New rule actions:

  • DMARC Verification Required
  • DKIM Signing

Email Security

Added a new condition "Protected Attachment" condition for detecting password protected archives.

Email Security

The "Preview" option in the Email Digest (click the subject of an email in the digest) now has buttons to Release and Safe or Deny the sender, domain/IP from the preview page.

Products & Reports

The active tab that you are working in is now remembered when you switch between Products and Analytics (Reports) section as a partner level account

Reports

The Email Activity report now converts the Timestamp (Local) time to the browser local time, rather than the mail server delivery local time

9th August 2018

Reports

Added a section to create Report Schedules using a calendar view for ease of management. Schedules allow saved reports to be sent on a regular interval (hourly, daily, weekly, monthly) to one or more recipients, in different formats. This can also be used as an alerting system by disabling the "email empty report" option.

Reports

Added a Malware Detections report for use by customers who have licensed the BitDefender plugin for the Gateway virtual machine (Gateway Anti-malware).

Reports

Added Gateway Anti-malware product specific charts:

  • Top Malware Categories detected
  • Top Malware Identified
  • Top Malware by Domain
  • Blocked Malware by username
  • Blocked Malware by IP
  • Block Malware by MAC
  • Blocked Malware by Tag

Account Profile

Added a Notifications section where customers can now specify individual email addresses for system, maintenance, unblock and log archive notifications. It is recommended you review and update this to ensure the details are accurate.

Email Notifications

Updated the design and content for all of the notification emails sent by USS to use the new theme and contain more context.

Bug fixes

  • Cloud Activity (API) paging toolbar showed incorrect number of pages and results for some queries
  • Top Spam Recipients, Top Senders and Top Virus Recipients charts appeared empty for some customers
  • Second hour data point on time series charts always showed zero results
  • Unable to change a product region by adding and removing a license
  • Parent is unable to submit a URL reclassification request within a child account
  • Custom Risk score not rendered correctly on Cloud Activity - Inline report
  • Warn and Redirect final actions not rendered correctly on Cloud Activity - Inline report

20th July 2018

Log Archives

Added a section to view and download Log Archives, which are created automatically based on the retention period for your licensed products.

Reports

Updated the Search toolbar within the Analyse section.

Email Security - LinkScan

Added an additional set of options to block on threat detection and show/hide target URL's. Also updated the names of the LinkScan options. The full set of options are now:

  • Click to Continue
  • Auto Redirect unless Threat Detected
  • Click to Continue, Block on threat, Show target URL
  • Auto Redirect, Block on threat, Show target URL
  • Click to Continue, Block on threat, Hide target URL
  • Auto Redirect, Block on threat, Hide target URL

Email Security - Digest Template

The layout of the digest email has been updated:

  • "Release" button renders correctly on high resolution displays
  • Used a lighter colour scheme for the message From/Subject block
  • Trimmed long From/Subject lines

Bugs fixes

  • Drill down from "App" charts that rely on an App Name or Action.

USS Agent for Windows Agent

  • Hot fix for version 4.0.1 branch (4.0.1.3291) which resolves an issue with certificate generation on Windows 7 and Server 2008r2
  • Updated 4.1.5.3303 release candidate, excludes "interception" mode which is being phased out

17th July 2018

Web Security - Unblock Requests

Added the ability to manage "Unblock Requests" from within the Web Security product section. Unblock Requests allow end-users to submit sites to be unblocked, streamlining the process for IT administrators.

Reports

Added an additional filter for "Delivery State" to the Email Activity report. Also added mail flow direction indicators to the report and a "Delivered" column for quick review.

Reports

The Web Hits downloadable report now includes the full URL for each request.

Reports

Enabled the Download option for "Cloud Activity - Inline" report.

Bug fixes

  • Issue opening the Message Details view and selecting "Actions" tab
  • Some downloaded reports do not complete successfully
  • API error appears in Analyse section for accounts with no assigned licenses

10th July 2018

Reports

Added the ability to save any report you have created. This allows you to build up a library of frequently run reports which can be used by your administrator users.

Reports

Added the ability to mark a saved report as a "favourite". Favourite reports will show up in the quick access area within the "Analytics" section.

Reports

Optimised the "Email Activity" report so that results are returned much faster. This enhancement is also reflected in the drill down from charts.

Reports

The "Email Activity" report now includes recipients in the CC and BCC fields by default in new searches. To change this, use the new "Exclude CC/BCC" checkbox.

Web Security - Filter rules

Fixed the "Switch Logic" functionality so that the setting is saved correctly.

26th June 2018

Administrators

Added a new "Administrators" option within the "Products" section for creating and managing admin users.

Reports

Added the ability to search the "Web Activity" report based on Active Directory group. This new filter works in conjunction with Active Directory sync to allow a report to be generated based on web traffic from all users belonging to a particular group.

AD Objects

Added the ability to manually set a phone number or email address for a particular user (if the option to import automatically is disabled in the default sync settings).

21st June 2018

Provisioning

Added the ability to provision the Multi Factor Authentication product and manage the license for an existing account.

Active Directory

Added an "MFA Settings" tab that allows you to configure the AD Connect agent to sync attributes used for MFA, such as phone numbers and default settings such as dispatch policy and bypass.

AD Objects

Added "User Settings" for sync'd users that allows you to override MFA settings for a specific user, e.g. change dispatch policy, lock account, toggle MFA.

Reports

  • Added "Authentication Activity" report with search filters and export to CSV/Excel, to enable reporting on MFA activity.
  • Added 9 charts specific to the Multi Factor Authentication product, such as "Logins by Country", "Logins by Client Type", "Top Failed Users", etc.

Change Password

Added the option to change your password for the USS portal

Configure MFA Login

Added the ability to set up MFA for your USS account when logging in to the dashboard

Agents

  • It is now possible to change the assigned profile for an agent by double clicking the "Configuration Profile" cell
  • It is now possible to unset the "tag" option for an agent
  • It is now possible to delete hostnames configured for Network Detection

Email Security

  • Message Headers - added an "Export" button to be able to download as CSV/Excel file
  • Server Log - added an "Export" button to be able to download as CSV/Excel file

31st May 2018

Report Downloader

A new option to download reports for Web Security and Email Security.

Provisioning

The ability to add or remove Multi-Factor Authentication licenses.

23rd May 2018

Email Security

Added two new charts:

  • Top Final Rules - a bar chart showing the names of the rules that contained a final action
  • Top FinalActions - a donut chart showing the number of times a final action has been triggered by an email

Email Security

Changes to the Email Activity report:

  • Final Rule - the name of the rule containing the final action reported in the Final Action column
  • Improved the speed that the report is generated
  • Message Details - headers and server log entries are now expanded by default making them easier to read
  • Updated the Final Action filter to include all possible final actions

Email Security

Added the Message Security rule condition to Message Rules for detecting signed/encrypted email.

Email Security

Updated the Quarantine filters to reflect the search criteria currently available for quarantined messages.

Web Security

Added the Template section to Product Configuration for managing block templates.

Account Profile

Added a Region column to the Licenses list.

General

Updates templates for system email messages such as address validation

Bug fixes

  • Rule names can now contain white space
  • Default Mac OS X profile settings now use the correct URL's
  • Top E-mail Actions chart drill down now works as expected
  • Drill down from main dashboard now works correctly if a sub-account has been opened after logging in
  • Expiry label is removed correctly if the license becomes valid
  • Opening an account from the Analytics view correctly loads the licenses for the account

14th May 2018

Email Security

Hot fix to resolve an issue with drill down when clicking on a rule name containing parenthesis in a chart.

13th May 2018

Provisioning

The "Regions" section has been renamed "Data at Rest". This is where the log data for all licensed products will reside.

Provisioning

The "Products" section has been altered to be similar to "Manage Licenses" and to allow selection of "Region" for each licensed product. This "region" relates to where the service is based or in the case of Web Security, which filtering nodes the product will use.

Provisioning

Block Templates are correctly migrated to the new account if using a System Account as Template.

Email Security

New system rules "(Default) CoreService Malware" and "(Default) CoreService Phishing" have been created to provide more granularity in charts and reports.

Email Security

New Rule Conditions added:

  • File Type - detect the presence of certain file types e.g. Executables, Office What's new ?s, in the email message
  • Virus Ruleset - detects the presence of malware in macro, VBA and Office What's new ?s

Email Security

Added new filters to the Email Activity report:

  • Message Rule - search the report for emails that triggered a specific rule name, e.g. CoreService - Phishing
  • Also Search CC/BCC - optional tick box to search the CC/BCC fields for a recipient name
  • IP Address - now correctly accepts an IP address
  • GUID - this is now case insensitive

Email Security

Reporting has been improved:

  • Drill down from charts is now available
  • Charts now display times in local time
  • When searching using the "Last" intervals the timezone offset is correctly calculated
  • Local Timestamp column renders correctly on Safari/IE

Email Security

Message Detail section improvements:

  • Header view correctly renders header values now containing left and right caret characters
  • CC/BCC address are shown in the recipient list
  • Verdict has been removed

Email Security

Improvements to LinkScan service so that links included in the label part of anchor tags are not rewritten. Use "LinkScan HTML" action value for this option.

Email Security

Add paging to "Group Membership" condition for accounts with a large number of groups synchronised.

Email Security

Global Safe/Deny list now allows hyphen characters.

Email Security

Quarantine now supports Deny actions.

Email Security

Deleting a domain now correctly removes the domain from the account.

Account Profile

Administrator can now upload a custom logo to use for the dashboard.

License Management

Updated to show selected Region and supports Region selection when adding a new product.

Web Activity

The Warn count column now correctly reflects the number of hits in the visit with Warn as a final action.

Cloud Activity (Inline)

Report now allows the link in the Captured HTTP request to be clicked.

Agent Configuration

The "Block QUIC" setting is now sent correctly to the agent when configured (also ensure you are using the latest version of the agent software).

Audit

Now captures Login events.

Win / Mac Agent Profiles

The "Service Hostname" field is no longer editable. This is managed automatically by the product "Region" selection.

Web Security

Fix applied for embedded URL scanning on Translator Sites that caused a crash with an abnormally long URL.

9th April 2018

Mailboxes

Fix applied to allow searching of synchronised mailboxes.

6th April 2018

General

Minor cosmetic enhancements

E-mail Security

Notify Sender & Recipient rule actions now allow additional characters: []*

5th April 2018

E-mail Security

Integration of the E-mail Security Administration interface, including:

  • Visual Message & Connection rule builder
  • Global Quarantine with release, safe/deny sender
  • Global Safe & Deny Lists
  • Mailbox management
  • Configuration of domains, inbound/outbound mail routing, disclaimers and custom quarantine areas
  • Updated E-mail Activity report with Message Detail view, including headers and server log
  • New Top Rules and Top Rule Action charts
  • Custom Rule Data lists

Provisioning

Added a verify user step to the provisioning wizard

Provisioning

System templates now inherit filter rules and categories

29th March 2018

General

Moved "Administrators", "Active Directory" and "Keyword Lists" to the global Settings section within Products menu.

Provisioning

Added "Support Level" to the account provisioning wizard.

Keyword Lists

Keyword Categories has been renamed Keyword Lists and has now been made a global option for use across Web and CAS products. A new category type called "DLP" has been created for use with the CAS API mode DLP scanner.

Active Directory

Added configuration of Active Directory domains, status updates and synchronised object viewer for users, groups and OU's.

Web Security

Embedded scanning of URL's on known Translator and Anonymous proxy web sites. This enables you to let users access Google Translate without them being able to use it to request content from sites that may otherwise be blocked by active filtering rules.

Web Security

Updated the list of system web categories to over 400 including new categories such as Cryptocurrency, IoT, Terrorism and Fake News. This offers much more granularity when defining web security policies. All existing rules will be automatically updated and current categories will be mapped to the new more detailed categories. Where a current category maps to multiple new categories all of the new categories will be selected

Web Security - Windows Agent

Altered the Network Detection feature so that detected hostnames can resolve to a specific IP before triggering Network Detection rules. Requires the latest version of the Windows agent.

Web Security

Added a "URL Lookup" tool in order to determine how a web site address is classified in the system category list. Accessible from the Filter Rules section.

Web Security

Added the ability to report a misclassified site directly from the URL Lookup tool or Web Analyse report.

CAS - DLP

Ability to use a custom Keyword List for scanning documents uploaded to Cloud Applications connected via API mode CAS.

CAS - App Catalog

Search option is now operational.

CAS - App Activity (Inline)

Added username and device (IP & MAC) columns to the report.

USS Gateway

Maintenance release v1.0.44 is now available

USS Agent for Windows

Maintenance release v4.0.1.3018 is now available.

USS Agent for Mac OS X

Maintenance release v1.0.0.3053 is now available.

v2.0 - 23rd January 2018

Gateway Profile

  • [FIX] Selected Bypass Categories are now displayed correctly

v2.0 - 22nd January 2018

Dashboard

  • Added default charts to the primary dashboard for licensed products

Gateway Profile

  • New "Advanced" option to set the behaviour of the proxy for unsupported protocols

E-mail Security

  • Global Deny List (excluding search)
  • Global Safe List (excluding search)

E-mail Security

Product Configuration section added:

  • Domains
  • Inbound E-mail
  • Outbound E-mail
  • Disclaimer

Provisioning

  • [FIX] Clicking Web Security product causes an error during provisioning wizard

Licensing

  • [FIX] Unable to set expiry date of an existing license

v2.0 - 11th January 2018

Area

Description

Provisioning

  • It is now possible to specify the parent of the newly provisioned account

Quick Account Lookup

  • It is now possible to move an account to another parent

Analyse

  • Cloud Activity (Inline) report shows news entries first.

General

  • Fix for timestamp format in Internet Explorer/Edge
  • Branding colour can now be saved

v2.0 - 22nd December 2017

Area

Description

General

  • EULA Acceptance for first-time admin logins
  • [FIX] Issue accesing Production Configuration of a child account

v2.0 - 21st December 2017

Area

Description

Agent Profiles

  • Added Captive Portal mode and timeout options to Gateway Profile section
  • It's now possible to use a separate tag for Captive Porta/Guest connections

Account Activation

  • Minimum password strength enforced

Dashboard

General fixes after initial release:

  • [FIX] Accounts section gives an API error on some partner accounts
  • [FIX] Match Logic in Web Filter Rules now persists
  • [FIX] Clicking a line chart point causes the web app to crash
  • [FIX] Drill down from Top App charts now works

v2.0 - 19th December 2017

Area

Description

Dashboard

Initial release of an updated user interface for the Unified Security Service, available at https://dashboard.clouduss.com. For access, please contact your Service Provider.

v1.16.0 - 31st August 2017

Area

Description

Cloud App Security

A new "User comforting" feature has started to be rolled out across the most popular apps in the App Catalog. This feature mimics the native SaaS/App error message format to display a "Blocked" notice, rather than terminating the request unexpectedly if an action has been blocked by a policy rule. This feature is designed to give users comfort that an action has been stopped rather than the SaaS/App is not functioning correctly, for a better user experience and to reduce helpdesk requests.

Cloud MFA

New options have been added to "Local Sync" mode to allow a dialling code prefix to be specified for all synchronised users and the ability to synchronise phone number and e-mail details for each user. Custom attributes for locating the phone number and e-mail address in AD can also be specified, if required.Version 1.2 of the AD Connect agent must be installed to take advantage of these features.

Cloud MFA

A "Bypass MFA" option has been added to the "Local Sync" mode which can be used to turn MFA authentication on or off for all synchronised users. An additional override has been added to "User Settings" allowing you to override this setting on a per user basis. This can be useful for proof-of-concept testing or to make exceptions for additional flexibility. Please note: this option is visible in the UI but will not be available to use until beta 2 of Cloud MFA (due September 2017).

Cloud MFA

The "Authentication Analyse" report has a new search field called "Note" which allows you to search Authentication attempts for a particular outcome e.g. "Authentication bypassed", "Invalid Credentials", etc. As with all other search fields, these can be used for on-demand or scheduled reports.

AD Connect

Version 1.2 of AD Connect is now available which supports the latest MFA product features. This is the production release of AD Connect and all customers are advised to uninstall the previous 1.0 or 1.1 version and reinstall with 1.2 (an advisory e-mail will be sent out in due course).

USS Agent for Windows

Version 4.0.0.2669 is now available via direct download and auto-update. This version includes a fix for Bypass patterns not taking effect in Local Proxy mode. Please see the full change log for further details.

v1.15.2 - 14th July 2017

Area

Description

Settings

The Active Directory Add/Edit Domain dialog has been updated with a new layout. If you have an Authentication (MFA) license for your account then the MFA specific settings will now appear in a separate tab. Additional settings have been added to support the upcoming AD Connect 1.2 release which synchronises phone number and email address details from Active Directory.

USS Agent for Windows

Final release candidate v4.0.0.2591 is now available to download. This concludes the beta phase.

USS Agent for Windows

A new "Strict SSL/TLS mode" checkbox has been added. If enabled, the agent will reject old style ciphers such as rc4 and rc4-md5. This is only compatible with v4.x of the USS Agent for Windows.

USS Gateway

Updated the root CA certificate database to improve access to HTTPS sites when SSL Interception is enabled.

USS Gateway

System logs are cleared after 30 days to preserve disk space.

v1.15.1 - 15th June 2017

Area

Description

Login

Updated the splash screen image.

Reports

Only supported columns on the Web Analyse report can be used to sort the results.

Reports

Allow searching for keywords containing single quotes and fixed an issue with scheduled/downloaded reports that contain special characters.

USS Gateway

Added an "Advanced" configuration section containing options to fine tune the performance of the gateway. The new options include:

  • Reduce noise from background Web requests - designed to avoid unnecessary SSL interception on background URL's that are used by search engines and mapping sites to suggest phrases or locations (search terms are still captured as normal).
  • Reuse the same key when using Diffie-Hellman key exchanges - reduces CPU and disk I/O by not creating a new key on every TLS handshake when PFS is in use.

USS Gateway

The Captive/Guest Portal now redirects to the original web site visited by the user (if available) unless an explicit Redirect URL is specified in the Gateway Profile Configuration.

USS Gateway

Changes to the Network Configuration that are made after installation, such as DNS servers and hostname, are now correctly applied to the gateway.

USS Gateway

The version number is now displayed on the Overview / Configuration section.

v1.15.0 - 31st May 2017

Area

Description

Filters

Added a new final action called "Warn" to the rules engine which is similar to "Block" except it enables the end-user to access the blocked page by clicking a Continue button. This is also known as a "coaching mode" as it helps to train end-users about web sites that may violate an Acceptable Usage Policy but gives them freedom to proceed if they acknowledge the risk. The "Warn" final action comes with a new $WARN$ placeholder which allows the button to be placed anywhere in a custom template. The amount of time an end-user can spend looking at a site that matched the "Warn" final action is also configurable.

Reports

The "Warn" final action column has been added to the "Web Analyse" report and a new Web Category called "Warning Bypassed" can be used to report on Web sites that have been accessed by clicking through the warning page.

Reports

The Start/End search fields are no longer restricted to the default retention period for each product. This allows customers with longer retention periods to search older data.

Reports

The "Overview" button has been changed to "Explore" and moved down in the menu. The "Analyse" option is now the first to load when clicking the "Reports" button - as this is the most used option in the "Reports" section.

Reports

The "Add Chart" window is now longer and shows the charts grouped by product for easier selection.

Reports

Changed the "Web Analyse" report so that columns specific to a web hit are only visible when a Visit is expanded. These columns are: Device Type, Tag, Feature Control Name, Filter Rule, Keywords.

Provisioning

It is now possible to find a parent account when provisioning or moving an existing account by typing the first few letters of the account name.

Windows Agent Configuration

The "Local Proxy with Driver Interception" mode is now the default mode in the Default Windows Configuration profile for newly provisioned accounts.

USS Gateway

Now correctly supports the 206 "Partial Content" HTTP response code.

USS Agent for Windows

The latest v4.0.0.2497 beta (GA release is expected in June 2017) release includes the following changes:

  • compatibility with the Windows 10 1703 upgrade (Creators edition)
  • Fixed a problem with Chrome when using the agent on a HP TC 620 server with AMD CPU
  • ICAP port selection is now automated - agent will try the preferred ports and then automatically switch to the alternative ports if a connection is not possible

This version of the agent is available for all customers to try via the usual Download link. 

v1.14.0 - 11th April 2017

Area

Description

Web - Categories

Bypass Categories can now be applied to either explicit proxy connections, Captive Portal connections, or both. This allows you to maintain conditional bypass rules based on how the user is connected to the proxy.

USS Gateway

SSL Intercept mode now has additional flexibility - it can be enabled for proxy connections, Captive Portal connections, enabled for both or disabled. Domain level visibility and filtering is available even if interception is disabled.

USS Gateway

Web access via the Captive Portal is now logged and filtered at the domain level even if SSL Intercept has been disabled via a Bypass Type, which means customers can disable SSL Interception for certain devices, networks or destination domains and still maintain a level of visibility and control.

USS Gateway

A new Bypass Type has been added - "Bypass authentication for destination domain". This is particularly useful for Java applet based web applications that are not compatible with proxy server authentication, or to anonymise access to sensitive web based sites/applications.

USS Gateway

It is now possible to configure the proxy to use the X-Forwarded-For header which may be useful for some remote web servers/applications. The supported options are "delete" (default), "on", "off", "truncate" and "transparent".

v1.12.0 - 30th March 2017

Area

Description

Filters

Added a "Time Quota" feature to the rules engine which is implemented as a new Final Action for a rule. If Quota is enabled, on a per rule basis, you can specify the amount of time in the quota and the template to use if the quota is exceeded. Web traffic that the quota is applied to appears with the "Time Quota" category in the Web Analyse report.

Filters

Added a "Match Logic" option to Step 3 of the Rule Editor so that AND or OR logic can be applied to all of the selected match types, allowing for more flexible rules to be created. Previously, all matches used OR logic only.

Filters

The "Devices" condition now shows all of the devices imported into the Devices & Groups section.

Reports

Added the option to search Web and App Analyse reports by Filter Rule name. For Web Analyse, you can also use this feature to search for uncategorised sites that were blocked.

Reports

Added additional columns to the App Analyse report for Browser, Agent, Country and Filter Rule name.

Reports

Scheduling system has been changed so that only Saved Reports with a similar relative timespan to the schedule interval can be attached.

Reports

An e-mail notification will be sent to the configured "Notify E-mail" address once log data has been archived according to the account retention period.

Windows Agent Configuration

The Windows Agent Configuration profile now supports "Local Proxy with Driver Interception" mode for the upcoming version 4 release of the Windows Agent (contact your account manager to participate in early beta)

v1.11.0 - 9th February 2017

Area

Description

Reports

Added a "Hostname" field to the search criteria and a "Device (Host)" result column to the Web, Apps and Malware analyse reports, to allow reporting on web activity based on device hostname.

Settings

Import devices via CSV to more easily register devices (hostname, IP and MAC address) with USS.

Settings

Import IP addresses via range or CIDR to more easily register networks for use in filtering policies.

v1.10.0 - 25th January 2017

Area

Description

Settings

The AD Connector service for Local Sync mode is now available in public BETA. The AD Connector can be installed on a local Windows server and synchronises Active Directory objects from the local network to the USS cloud. It does not require a port opening through the customer firewall.

Reports

Added a Log Data section to Reports / Archives which allows customers to download their log data in CSV format once the product retention period has been exceeded. To receive an e-mail when new archives are available, ensure you configure the "Notify E-mail" option in Account profile.

Gateway

For advanced users, a pre-override file is now available for customising proxy server configuration on the USS Gateway. See the Advanced section for further information.

Mac OS X Agent

The USS Agent for Mac OS X now correctly reports the username if the Mac is joined to a domain but logged in with a local user account.

v1.9.2 - 10th January 2017

Area

Description

Login

New login splash page.

Web - Unblock Requests

Added an Unblock History option to view past requests that have been processed. Also improved duplicate handling and preventing end-users submitting the same request multiple times.

Web - Categories

Improved pattern duplicate checking for URL, Bypass and Keyword Categories.

Agent (Windows & Mac)

Added a new configuration profile option for "Update Check Interval" which allows you to configure the number of minutes between checking for new software updates.

Agent (Windows)

Added two new configuration options, "Capture MAC Address" and "Capture IP Address" so that these details can be excluded from reporting e.g. for privacy reasons.

Settings - Account Profile

Improved layout and added a vertical scrollbar.

Settings - Active Directory

Local Sync now requires a username and password to be specified.

Partner - Accounts

It is now possible to search for an account by ID rather than just name.

v1.9.0 - 23rd December 2016

Area

Description

Web - Unblock Requests

Feedback mechanism for streamlining end-user requests to "unblock" sites that have been blocked by their Filter Rule. The feature is enabled through a new Web Template placeholder, $UNBLOCK_FORM$ and managed through the new Web / Unblock Requests section by the administrator.

Web - Prevent Law (UK)

For UK organisations bound by the Prevent Law e.g. schools, local government, police, healthcare, etc the ability to block the police monitored list of terrorist content (Web Sites) can now be enabled on an account basis by the service provider. Once enabled, the list of web sites will be automatically blocked and can be reported on by the administrator via Web Analyse.

Web - Filter Rules (CAC)

New "Action Risk Level" match option allows Cloud Application Control based on the risk level of the cloud action. This allows the administrator to control access to Cloud Application activity (e.g. file uploads, sharing, etc) that has been deemed a certain risk level, either by default or by the administrator customising the App Catalog settings. The new match option can be used in isolation or combined with an existing Specific or Generic cloud application action match. 

Apps - Custom Domains

The App Catalog has been extended to support multiple domains for Cloud Applications, for cases where customers are using Cloud Applications running on their own domain names.

Web - Filter Rules

The Rules Engine now enforces the Final Action for all requests captured by the conditions if there are no Matches configured in the rule e.g. allows for simple creation of a "block all" rule

Web - Keywords

Added a new "Add & Create New" button to the "Add Pattern" dialog to allow faster entry of multiple patterns.

Partner - Accounts

It is now possible to update account licenses and profile information for a child account even if the child has opted out of Partner Management.

Agent (Gateway)

Fixed a problem with the Captive Portal caused by the inclusion of the local loopback interface in the firewall rule used for intercepting requests.

v1.8.0 - 7th December 2016

Area

Description

Settings

Improved the Active Directory domains section with a new layout and support for the upcoming "AD Connector" push agent. Administrators can choose between Cloud Sync (existing method) and Local Sync (AD Connector method – when available).

Web - Policy

Added a new Keyword Filtering module that can be incorporated into filter rules, which allows matching URL's or captured app data against a list of pre-defined Keyword Patterns. This allows for monitoring or blocking search engine terms, URL's, file extensions and postings on Social Media.

Web -Categories

Added a new Keyword Categories section for managing lists of categories and patterns for use with the Keyword Filtering module. Categories of patterns can be used specifically with URL's, specifically with captured App Data or both. Categories also have a logic setting to determine if any one or all patterns in the category must match. Patterns can use matching logic such as "contains", "exact match", "begins with", "ends with" and negate (if more than one pattern exists).

Reports

Introduced a new style for map based charts such as "Top Cloud Application Locations" which makes it easier to see heat maps and will fit all heat maps into the chart view using auto-zoom. Standard and terrain views also now supported.

Reports

Extended Web and App analyse reports to include new search criteria and result columns for Keyword Categories and Keyword Patterns. Keyword data can also be used in exported or scheduled reports.

Reports

Added a new "Top Keyword Categories" chart for use in the Global and Web dashboards.

Reports

Improved the "More Information" dialog for individual Web Visits and Hits with a new layout and split the information into Request, Filter and Meta sections.

Gateway

Improved ICAP server selection algorithm which determines the best ICAP server to use when there are several close by.

Agent (Windows)

Signed driver for Windows 10 which is compatible with SecureBoot / UEFI BIOS.

Agent (Windows)

Added a warning message if DeviceGuard is enabled on Windows 10 Enterprise / Server 2016.

Agent (Windows)

Support for Microsoft Edge on 32-bit Windows 10.

v1.7.0 - 21st November 2016

Area

Description

General

Added a "What's New?" link for displaying the most recent change log

General

Updated EULA to 1.2

General

Child accounts now inherit the theme from the parent account that provisioned them

General

There is no longer a flicker effect when using a Theme logo that is hosted remotely. Maximum length of URL also increased.

General

Integrated the Online Documentation into the user interface, with a ? icon available in most sections

General

Various minor cosmetic changes.

Reports

Large result sets can now be converted to one-time CSV downloads straight from the Analyse report

Reports

It is now possible to Pause a scheduled report

Reports

It is now possible to save a report without having to run it first e.g. for creating scheduled reports

Reports

Added the Gateway Anti-malware option to the Partner Reports section

Reports

Updated the License Statistics chart layout

Reports

Changed the Analyse report Search Criteria layout to make selecting and managing Saved Reports clearer

Agents

The ICAP Hostname field has been improved to allow selecting servers by region e.g. Global, US, Europe 

Agents

The default maximum scan size for Gateway Anti-malware feature has been increased from 6Mb to 12Mb

Settings

Users who are not Super Administrators can no longer change the Role of another administrator

Settings

Moved the Tags option to the Web section and changed the labels on the Active Directory Add/Edit domain dialog

Back to top


How did we do?