Views:

Configure custom ports for Internet Access On-Premises Gateway services

March 25, 2024 — Users may now change the default ports for services such as data proxy, authentication proxy, and ICAP/ICAPS services configured on the Internet Access On-Premises Gateway. Configure custom ports from Service Gateway Management. For more information, see Service Gateway services.
Zero Trust Secure AccessSecure Access ConfigurationInternet Access Configuration

New PoP site serving the AWS Middle East and Africa region

March 25, 2024 — Zero Trust Secure Access Internet Access now offers support for the AWS Middle East and Africa Region. Users in the region may configure their service FQDNs to reflect the new location.
For more information on available PoP sites for the Internet Access Cloud Gateway, see Port and FQDN/IP address requirements.
Zero Trust Secure AccessSecure Access ConfigurationInternet Access Configuration

Zero Trust Secure Access enables selected private IP addresses to bypass authentication on cloud and on-premises gateways

March 11, 2024 — You may now allow endpoints to bypass user authentication on configured cloud and on-premises gateways. To bypass user authentication, endpoints must connect using a private IP address specified by the administrator. When connecting to the internet through an Internet Access gateway, endpoints using the specified private IP addresses are included as a user in the Internet Access user count for credit calculation. This feature is not available on the default cloud gateway when connecting outside of defined locations.
Zero Trust Secure AccessSecure Access ConfigurationInternet Access Configuration

Zero Trust Secure Access now supports Wintun as a service mode for traffic forwarding on Windows Secure Access Modules

March 11, 2024 — Zero Trust Secure Access has added support for the Wintun TUN adapter in the available service modes for traffic forwarding on Windows Secure Access Modules. Select the TUN (Wintun) service mode in the Secure Access Module global settings if your users' devices require greater traffic throughput.
Zero Trust Secure AccessSecure Access Module

Zero Trust Secure Access enables additional authentication to Private Access

February 26, 2024 — Users may now require additional authentication to Private Access after authenticating on endpoints with the Secure Access Module. Enabling the new feature overrides the default behavior of authenticating users to Internet Access and Private access at the same time, allowing for the use of Private Access only on demand. For more Information, see Secure Access Module.
Zero Trust Secure AccessSecure Access ConfigurationSecure Access Module

Zero Trust Secure Access Private Access and Internet Access now supports custom service status on individual endpoints

January 29, 2024 — Zero Trust Secure Access now allows users to set the service status for Internet Access and Private Access on single endpoints. Users may choose to align the service status for the endpoint with the current global configuration or choose to never enable either service on selected endpoints. Configure endpoints from the endpoint list on the Secure Access Module screen.
Zero Trust Secure AccessSecure Access ConfigurationSecure Access Module

Zero Trust Secure Access now supports devices managed by custom MDM solutions or no MDM solution

January 29, 2024 — In addition to Microsoft Intune-managed devices the Zero Trust Secure Access mobile module can now be deployed to all managed or unmanaged mobile devices, allowing you to secure more mobile endpoints. If you do not currently have an MDM solution, the mobile module supports deployment through Mobile Device Director. For more information, see Deploying the Secure Access Module to Mobile Devices.
Zero Trust Secure AccessSecure Access ConfigurationSecure Access Module

Zero Trust Secure Access now supports local user groups

January 29, 2024 — Zero Trust Secure Access now supports local user account management both individually and by assigned groups. You may assign local users to one or more local user groups, allowing you to apply access rules by group. For more information, see Local user account management.
Zero Trust Secure AccessSecure Access ConfigurationIdentity and Access Management

Local user account support added to Zero Trust Secure Access

December 18, 2023 — In addition to integration with third-party identity and access management providers, Zero Trust Secure access now supports the addition and maintenance of local user accounts. Administrators may import lists of local user emails to serve as the basis for local user accounts, or the accounts may be added manually.
Zero Trust Secure AccessSecure Access ConfigurationIdentity and Access Management

AWS Italy region has new PoP site for Internet Access Cloud Gateway in Zero Trust Secure Access

October 24, 2023 — Zero Trust Secure Access has launched a new PoP site for Internet Access Cloud Gateway in the AWS Italy region. For details on available PoP sites for Internet Access Cloud Gateway, see Port and FQDN/IP address requirements.

Zero Trust Secure Access Internet Access supports Kerberos authentication with on-premises Active Directory servers

October 9, 2023 — In addition to NTLM v2 authentication, Zero Trust Secure Access Internet access now supports Kerberos as an authentication service for single sign-on with on-premises Active Directory servers. Find and configure the new method in the Global Settings of Internet Access Configuration.
Zero Trust Secure AccessSecure Access ConfigurationInternet Access Configuration

Microsoft Purview Information Protection integration with Zero Trust Secure Access Internet Access

September 11, 2023 — Zero Trust Secure Access Internet Access has extended its Data Loss Prevention capability by integrating with Microsoft Purview Information Protection. You can now synchronize your published sensitivity labels and add them into Data Loss Prevention rules to let Internet Access block protected files with sensitivity labels from being sent outside your organization.
Zero Trust Secure AccessSecure Access ConfigurationInternet Access Configuration

Zero Trust Secure Access now supports Deep Discovery Analyzer integration

September 11, 2023 — Internet Access on-premises gateways in Zero Trust Secure Access now offer integration with your existing Deep Discovery Analyzer appliances. In addition to cloud sandboxing, on-premises gateways can submit suspicious files to Deep Discovery Analyzer appliances for analysis after integration. See the settings of your Internet Access on-premises gateways to start using the feature.
Zero Trust Secure AccessSecure Access ConfigurationInternet Access Configuration

Zero Trust Secure Access adds update module feature to endpoint list

September 11, 2023 — Zero Trust Secure Access users can now update the Secure Access Modules deployed to endpoints directly from the endpoint list. Selecting Update module from the Manage module menu allows you to update modules on specified endpoints to the versions configured in Module Version Management. See the Endpoints tab in Secure Access Module to use the feature.
Zero Trust Secure AccessSecure Access ConfigurationSecure Access Module

New point-of-presence (PoP) site for Zero Trust Secure Access Internet Access available

August 28, 2023 — Zero Trust Secure Access Internet Access has launched a new PoP site for the Internet Access Cloud Gateway in Israel in the AWS Middle East region.
For details on the available PoP sites for the Internet Access Cloud Gateway, see Port and FQDN/IP address requirements.
Zero Trust Secure AccessSecure Access ConfigurationInternet Access Configuration

Zero Trust Secure Access Internet Access supports bandwidth control for On-premises Gateways

July 31, 2023 — The Zero Trust Secure Access - Internet Access On-premises Gateway now supports bandwidth control for specified URLs on both downstream and upstream traffic.
For more information, see Configuring bandwidth control
Zero Trust Secure AccessSecure Access ConfigurationInternet Access Configuration

Zero Trust Secure Access Internet Access supports ICAP integration for On-premises Gateways

July 17, 2023 — The Zero Trust Secure Access - Internet Access On-Premises Gateway now supports enabling ICAP integration in addition to the default proxy mode. ICAP integration can be configured from the Internet Access ConfigurationGateway page.
Zero Trust Secure AccessSecure Access ConfigurationInternet Access Configuration

System log enhancements and unusual status alerts for Zero Trust Secure Access Internet Access

July 3, 2023 — Zero Trust Secure Access Internet Access now maintains system logs to provide summaries about Internet Access On-Premises Gateway events that occurred, including gateway connection status change, service version update, and SSO authentication proxy status change.
You can also configure alerts to send notifications when the status of an on-premises gateway changes to "Unhealthy", or when the on-premises gateway that serves as the authentication proxy for SSO is disconnected from your on-premises Active Directory server. For more information, see Internet Access gateways and corporate network locations.
Zero Trust Secure AccessSecure Access ConfigurationInternet Access Configuration

Zero Trust Secure Access Internet Access supports Artificial Intelligence category for cloud app filtering

July 3, 2023 — Zero Trust Secure Access Internet Access now supports a new cloud app category "Artificial Intelligence" evaluated by Cloud Reputation Services. This allows you to easily filter out generative AI-based cloud apps when adding custom cloud app categories and create Risk rules and Internet Access rules to control users' access to these cloud apps.
Zero Trust Secure AccessSecure Access ConfigurationInternet Access Configuration

Secure Access Module can be deployed on the endpoints managed by Trend Vision One Endpoint Security

July 3, 2023 — Customers that have updated to Trend Vision One Endpoint Security can now install the Secure Access Module on the following endpoints with supported operating systems: Standard Endpoint Protection endpoints, Server & Workload Protection endpoints, and Sensor only endpoints.
Other features available for the Secure Access Module can also be applied to the endpoints, such as removing the module or replacing the PAC file.
Zero Trust Secure AccessSecure Access ConfigurationSecure Access Module

Zero Trust Secure Access adds customized DLP templates for Internet Access

June 19, 2023 — To strengthen the data loss prevention capability of Internet Access, Zero Trust Secure Access supports customized Data Loss Prevention (DLP) templates and customized DLP data identifiers including expressions, file attributes, and keywords. Administrators can add customized DLP templates using either predefined or customized DLP data identifiers, create DLP rules to include customized DLP templates, and then apply them to Internet Access rules to scan outbound web traffic against accidental data disclosure and intentional theft.
For more information, see Data loss prevention rules.
Zero Trust Secure AccessSecure Access ConfigurationInternet Access Configuration

Zero Trust Secure Access supports SMB protocol for Private Access

June 19, 2023 — Administrators can add the organization's private applications that use the Server Message Block (SMB) protocol to the internal apps list. This allows Private Access to control users' access to these applications through the Secure Access Module.
Zero Trust Secure AccessSecure Access ConfigurationPrivate Access Configuration

Zero Trust Secure Access adds service mode configuration for internet access

The Secure Access Module can now configure the service mode for the internet access service of Trend Vision One, facilitating the selection of the proper configuration for your endpoints. Adaptive mode is selected by default to assist you in automatically configuring the proper mode for endpoint internet access.
Zero Trust Secure AccessSecure Access ConfigurationInternet Access Configuration

Log collection available in Zero Trust Secure Access agent console

The Zero Trust Secure Access agent can now collect debug logs to make troubleshooting more convenient for users. The agent console features a new button for users to initiate log collection. When debug logging is enabled, the log will include diagnostic information to assist with troubleshooting end users' issues.
Zero Trust Secure AccessSecure Access Overview

Zero Trust Secure Access Internet Access On-Premises Gateway supports syslog forwarding

Zero Trust Secure Access Internet Access On-Premises Gateway now supports forwarding activity logs in the Common Event Format (CEF) to a designated syslog server.
Zero Trust Secure AccessSecure Access ConfigurationInternet Access Configuration

Zero Trust Secure Access Internet Access supports sandboxing integration

Zero Trust Secure Access Internet Access now supports sandbox integration as part of a public preview, allowing you to automatically submit suspicious files to the Sandbox Analysis app.
Note
Note
You must set a daily reserve of more than zero to enable the automatic submission of suspicious files to the Sandbox Analysis app.
For instructions on setting a daily reserve, see Submission Settings Configuration.
For more information, see Adding a threat protection rule.
Zero Trust Secure AccessSecure Access ConfigurationInternet Access Configuration

Zero Trust Secure Access Internet Access supports NTLM v2 authentication

Zero Trust Secure Access Internet Access now supports transparently authenticating end users on your on-premises Active Directory server using the NTLM v2 protocol, with an Internet Access On-Premises Gateway acting as the authentication proxy server.
For more information, see Global settings.
Zero Trust Secure AccessSecure Access ConfigurationInternet Access Configuration

Application discovery is available for Zero Trust Secure Access Private Access

Application discovery identifies domains and IP addresses accessed over the past 14 days, helping you determine which internal applications are being used in your organization's network. To facilitate the configuration of access rules, this feature also identifies users who have accessed the internal applications and recommends the most likely user groups.
Zero Trust Secure AccessSecure Access ConfigurationPrivate Access Configuration

New point-of-presence (PoP) site for Zero Trust Secure Access Internet Access available

Zero Trust Secure Access Internet Access has launched a new PoP site for the Internet Access Cloud Gateway in Bahrain in the AWS Middle East region.
For details on the available PoP sites for the Internet Access Cloud Gateway, see Port and FQDN/IP address requirements.
Zero Trust Secure AccessSecure Access ConfigurationInternet Access Configuration

Enhancement to Internet Access On-Premises Gateway

If your organization uses a third-party proxy server to access the internet, you can now configure the proxy server as the upstream proxy to connect your deployed Internet Access On-Premises Gateway to the internet.
For details on configuring upstream proxy for an Internet Access On-Premises Gateway, see Deploying an Internet Access On-Premises Gateway.
Zero Trust Secure AccessSecure Access ConfigurationInternet Access Configuration