Symantec VIP Enterprise Gateway 9.11 release notes
search cancel

Symantec VIP Enterprise Gateway 9.11 release notes

book

Article ID: 429939

calendar_today

Updated On:

Products

VIP Service

Issue/Introduction

Symantec VIP Enterprise Gateway 9.11.x Release Notes

Resolution

Refer to the VIP Enterprise Gateway 9.11.x release notes on theTechdocs portal. Below is a quick reference summary of the updates, changes and fixes for each version. 

9.11.0

  • Support for DigiCert Global Root CAs
  • Support for authenticators that are compliant with FIDO-2 standards to VIP Login authentication flows. 
  • Support for  SUSE Linux Enterprise Server (SLES) 15.1/15.3.
  • Upgraded encryption algorithm from 3DES to AES for all components, by default. 
  • Exported Configuration Console Settings file now added to upgrade backup (.bak) file.
  • Added a Subject Alternative Name (SAN) in a Certificate Signing Request (CSR) in the VIP Enterprise Gateway Configuration Console.  
  • Added certificate expiration warning to the console when the certificate is within 60-days or expiring.
  • Enhancement HSTS headers to include 300 and 400 response pages.
  • Enhanced logging for LDAP connectivity issues. 
  • Added validation server port to VIP Cloud requests from EGW. These are exposed in the VIP Manager REPORTS. 
  • LDAP Simulation service auto-shut off when simulation is completed.
  • Native expired root CA cleanup.
  • Improved LDAP sync logging.
  • SSL certificate security hardening
  • Resolved file permission issues after rotation.
  • This release also includes routine technical improvements and security upgrades.

9.11.1

  • Support for DigiCert Global Root G2 CA
  • Introduce REST APIs that let you manage certain VIP Enterprise Gateway functions programmatically.
  • Email credentials are now supported for all RADIUS authentication flows. (VIP cloud added email as a credential type in Jan 2024)
  • support for RadiantOne FID 7.4 as a user store.
  • Validation server log ability to capture the client IP addresses for each user authentication.
  • Linux EGW Setup docs updated for the Admin setup password.
  • Updated the EGW Administrator password change tool.
  • PUSH number challenge attribute handling.
  • VIP Manager IdP server.log corrections.
  • Resolved MyVIP error "Failed to fetch userInfo or Fido policy from cloud" 
  • Add ability to use a dash(-) in a User Group Mapping name.
  • The requestID from VIP EG 9.11 SSP/My VIP IdP no longer shows 9_10_3.
  • Resolved CVE-2024-3596 Radius protocol vulnerability.
  • Resolved VIP EGW version 9.11.0 vulnerability CVE-2024-7264 on Linux.
  • Documentation update for Auto-starting VIP EGW services on Linux.
  • Addressed a MyVIP Password Reset issue.
  • Different log lormat for a Custom Validation Server when in ABC mode
  • Resolved error: "WARNING: Runtime environment or build system does not support multi-release JARs. This will impact location-based features."
  • HTTPS LiveUpdate failure shows HTTP URL.
  • Directory Listing Vulnerability on Jetty Web Server in VIP Enterprise Gateway
  • This release also includes routine technical improvements and security upgrades.

9.11.2

  • Ability to configure whether users with passwordless authenticators can fall back to password authentication.
  • VIP User Name Attribute appears on the User Store page by default.
  • Sort VIP Enterprise Gateway Configuration Console logs by the Date Time column.
  • Added additional RADIUS Validation server templates under the vendor 'Broadcom'. 
  • Removed support for the 'GINA' Validation server template.
  • Updated the Active Directory Federation Services (ADFS) 2.0 Validation server template to Active Directory Federation Services (ADFS).
  • Updated REST APIs allow programmatic updating of multiple Validation server passwords at one time.
  • The full Alias and CN values are displayed in the VIP Certificate list and the SSL Certificates list.
  • Added support for Windows Server 2025 Standard Edition, Microsoft Active Directory 2025, PingDS 8.0.0 (formerly ForgeRock Directory Service 7.2.2).
  • Resolved 9.11>9.11.1 LiveUpdate error 'Ensure that your VIP Enterprise Gateway host can connect to http://liveupdate.symantecliveupdate.com'.
  • LiveUpdate no longer defaults to the admin user that is logged in, rather than the service account or system user.
  • Removed extra lines of parameters after upgrading to  9.11.0 to 9.11.1, extra lines of parameters are getting added in <VRSN_MAUTH_HOME>\IDP\services\SSP\conf\ssp.conf. 
  • VIP user attributes now syncing with the LDAP/User Store.
  • VIP Enterprise Gateway 9.11.2 Self Service Portal generates proper hashIDs for cloudID mapping.
  • User records added to logs for the admin LDAP synchronization operations.
  • Validation server now recovers fully from Automatic Business Continuity mode.
  • LDAP Sync shows users to be deleted and instead of only showing users to modify.
  • NAS-IP and FramedIP addresses in logs are now consistent. 
  • Cipher Suite hardening for VIP EGW web portals. 
  • This release also includes routine technical improvements and security upgrades.
Powered by Wolken Software