Previous Release Notes For 2024
These prior release notes describe the new features, enhancements, resolved limitations, and known limitations for CloudSecure in previous 2024 releases.
Illumio CloudSecure is an agentless SaaS solution that provides visibility into your AWS and Azure network flows to define Zero Trust Segmentation policies in the public cloud, with the following features:
- Multi-cloud coverage
- Fast breach containment
- Ease of use
- Low total cost of ownership
For questions, reach out to cloudsecureproduct@illumio.com.
What's New in This Release - September 5th, 2024
No. | Feature Category | Feature List |
---|---|---|
1. | Applications |
The Applications page now lets you export reports. |
2 | Administration |
The Connector page automation feature for Slack now allows you to test the new trigger rule before saving. See Connector. |
3. | Visualization |
These resources are now visible on the Inventory page:
|
What's New in This Release - August 29th, 2024
No. | Feature Category | Feature List |
---|---|---|
1. | Onboarding | You no longer need to manually configure CloudSecure to fetch flow logs from custom S3 paths, as Illumio now automatically accommodates fetching flow logs stored there. The manual configuration steps have been removed from the documentation portal. |
2 | Applications |
The Application Definitions tab now lets you export reports. |
3. | Visualization |
CloudSecure now retains system events for 30 days. See Events. |
Erratum
The previous release notes erroneously stated that report scheduling was available as a feature. The statement has been removed from the previous release notes.
What's New in This Release - August 21st, 2024
No. | Feature Category | Feature List |
---|---|---|
1. | Administration | The Connector page now lets you automate notifications based on triggers you select. See Connector. |
What's New in This Release - August 15th, 2024
No. | Feature Category | Feature List |
---|---|---|
1. | Administration |
The Illumio Virtual Advisor (IVA) is an AI chatbot that helps organizations understand and reduce their risk posture by using natural language questions to generate quick answers and actions. |
2. | Visualization |
These resources are now visible on the Inventory page:
|
What's New in This Release - August 8th, 2024
No. | Feature Category | Feature List |
---|---|---|
1. | Visualization |
The Traffic page now supports:
See Reports, Traffic and Search Traffic. |
2 | Visualization |
The Events page now lets you export system event reports. See Events. |
3. | Visualization |
These AWS resources are now visible on the Cloud Map page:
|
What's New in This Release - August 2nd, 2024
No. | Feature Category | Feature List |
---|---|---|
1. | Visualization |
The Insights page now includes 24 insight tiles, so you can use out-of-the-box queries to gain quick insights into resources within minutes of onboarding them:
See Insights. |
2 | Visualization |
The Insights page now provides descriptions when you hover over the insight tiles. See Insights. |
What's New in This Release - August 1st, 2024
No. | Feature Category | Feature List |
---|---|---|
1. | Visualization |
These Azure resources are now visible on the Inventory page:
|
2. | Visualization |
The Inventory page now lets you export reports. See Inventory. |
3. | Visualization |
The Reports page now lets you edit reports. See Reports. |
4. | Visualization |
The Traffic and Cloud Map pages now lets you filter IP addresses by CIDR blocks. See Search Traffic and Cloud Map. |
5. | Visualization |
CloudSecure now removes flow information more than 90 days old. See Traffic. |
6. | Visualization |
The Traffic page now lets you refresh your filter results to clear stale data without refreshing the browser page. See Search Traffic. |
7. | Visualization |
The Usage page now has updated terminology for the data displayed See Product Usage. |
8. | Applications |
CloudSecure now has an Application Summary tab in the application details panel. |
9. | Onboarding |
CloudSecure now has a Service Accounts page for adding and deleting service accounts and their secrets. See Service Accounts. |
What's New in This Release - July 25th, 2024
No. | Feature Category | Feature List |
---|---|---|
1. | Visualization |
This Azure resource is now visible on the Map page:
|
2. | Visualization |
These Azure resources are now visible on the Inventory page:
|
3. | Visualization |
The Events page now performs cleanup after events become seven days old. See Events. |
4. | Visualization |
The Reports page now lets you delete reports in bulk. See Reports. |
What's New in This Release - July 18th, 2024
No. | Feature Category | Feature List |
---|---|---|
1. | Administration |
The Show Impact filter now lets you filter by network access control lists. |
2. | Visualization |
These AWS resources are now visible on the Inventory page:
|
What's New in This Release - July 11th, 2024
No. | Feature Category | Feature List |
---|---|---|
1. | Administration |
Role-based access control (RBAC) is now available. |
2. | Visualization |
The Traffic and Application Traffic basic filter has been replaced by the advanced filter. See Search Traffic. |
3. | Visualization |
The Traffic page now has an export option. See Traffic. |
4. | Visualization |
These Azure resources are now visible on the Inventory page:
|
5. | Visualization |
The Reports page now lets you generate Risk reports. It also now lets you delete reports. See Reports. |
6. | Visualization |
The Events page now has a System Events Tab, which lets you view system-generated events. See Events. |
What's New in This Release - June 28th, 2024
No. | Feature Category | Feature List |
---|---|---|
1. | Visualization |
The Reports page gives you the ability to generate event audit reports asynchronously. You can then download and share the reports. See Reports. |
2. | Visualization |
CloudSecure's Inventory page provides the following new resource properties for the AWS resources listed:
|
3. | Visualization |
CloudSecure's Inventory page provides the following new information or presentation:
|
4. | Visualization |
These Azure resources are now visible on the Inventory page:
|
5. | Visualization |
The Inventory, Application Inventory, and Cloud Map filters now let you search for resource groups and resource names. See CloudSecure Search. |
6. | Flow Log Access |
You can now manually add permissions to the CloudSecure role so that it can fetch flow logs that you may have stored in custom S3 bucket directories. |
What's New in This Release - June 21st, 2024
No. | Feature Category | Feature List |
---|---|---|
1. | Visualization |
The advanced traffic filter now also appears on the Applications page Traffic tab. Use it to search traffic to and from the selected application. See Search Traffic. |
What's New in This Release - June 18th, 2024
Note: If you are on a single product offering and are interested in learning more about the new Platform offering, contact Illumio Customer Success.
No. | Feature Category | Feature List |
---|---|---|
1. | Visualization |
With Illumio CloudSecure Insights, you can use out-of-the-box queries to gain quick insights into resources within minutes of onboarding them, including:
|
What's New in This Release - June 13th, 2024
The following new features are available in this release:
No. | Feature Category | Feature List |
---|---|---|
1. | Flow Log Access |
CloudSecure now lets you filter Flow Log Access tables in the following places:
|
2. | Visualization |
See Search Traffic. |
3. | Policy |
|
Note: If you are on a single product offering and are interested in learning more about the new Platform offering, contact Illumio Customer Success.
No. | Feature Category | Feature List |
---|---|---|
1. | Visualization |
Illumio now lets you achieve unified visibility with the Map:
See Map. |
2. | Policy |
Policy can now be authored and enforced for all datacenters and cloud workloads. Illumio allows or denies traffic between applications using policies that you write. In order to write application policies, you must create rules for the policy. See Unified Policy. |
3. | Administration |
The Illumio Virtual Advisor (IVA) is an AI chatbot that helps organizations understand and reduce their risk posture by using natural language questions to generate quick answers and actions. |
4. | Labeling |
See Use AI Labeling.
See Rule-Based Labeling. |
What's New in This Release - June 6th, 2024
The following new features are available in this release:
No. | Feature Category | Feature List |
---|---|---|
1. | Flow Log Access |
CloudSecure now gives destination-based view to grant flow log access. The new view provides a list of flow log destinations that are used for storing flow logs on a per-account basis. You can also see a list of log sources sent from different accounts. For centralized flow logs, you can now grant access to the log archive account's destination so that CloudSecure can read and process the logs. See Grant Flow Log Access. |
2. | Visualization |
This resource is now visible on the Inventory page: AWS:
|
Resolved Limitations in CloudSecure
- [Policy Services UI] Do not highlight Delete button with a resource when you create a new Service (C-3944)
When provisioning new services, users saw the Remove button automatically gain focus with a numeral '1.' Clicking Remove deleted the new service.
What's New in This Release - May 30th, 2024
The following new features are available in this release:
No. | Feature Category | Feature List |
---|---|---|
1. | Flow Log Access |
CloudSecure now lets you access Azure VNet flow logs. See Grant Flow Log Access. |
2. | Policy |
Organization policies now let you select 'All Workloads' that allow you to write organization policies for all resources in onboarded cloud accounts. See Writing Application Policy. |
Resolved Limitations in CloudSecure
- [Policy Services UI] Do not highlight Delete button with a resource when you create a new Service (C-3944)
When provisioning new services, users saw the Remove button automatically gain focus with a numeral '1.' Clicking Remove deleted the new service. - Error shown when users attempt to add an existing user to their account (C-3083)
When a user tried to add existing users to their existing CloudSecure account, CloudSecure correctly prevented the action, but did not issue an error message. For example, if a customer had one live CloudSecure account and also one trial account, trying to add an existing trial user to the live account silently failed.
What's New in This Release - May 23rd, 2024
The following new features are available in this release:
No. | Feature Category | Feature List |
---|---|---|
1. | Visualization |
The Dashboard now lets you ingested resources at a glance. See CloudSecure Dashboard. |
2. | Labeling |
The Label Mapping page now lets you view a list of the following system-generated labels at a glance:
|
Resolved Limitations in CloudSecure
- Reselecting custom traffic filter will reset the time span (C-1978)
When users adjusted the time filter after searching for flows in a given time span, the filter reset to the previous day.
Known Limitations in CloudSecure
- AWS PaaS resources may not have ENI (C-3265)
CloudSecure uses DNS lookup on the fully qualified domain name to get the elastic network interface relationships, which is not guaranteed to get a match. The potentially affected AWS resources are RDS DBInstances, RDS DBClusters, ElasticLoadBalancingV2 load balancers, MemoryDB clusters, ElastiCache for Redis clusters, and Redshift clusters. - Error shown when users attempt to add an existing user to their account (C-3083)
When a user tries to add existing users to their existing CloudSecure account, CloudSecure correctly prevents the action, but does not issue an error message. For example, if a customer has one live CloudSecure account and also one trial account, trying to add an existing trial user to the live account will silently fail. - Middle, right, or control click to open in new tab do not work (C-2398)
Middle click, right click, and control click sometimes do not open the specific desired CloudSecure tab. - Application sometimes gets mapped to the wrong deployment's env label (C-1257)
The resources have multiple cloud tags, the tag in the application definition label doesn't align with the one used in the environment label. - Competing application definition (multiple app-def using same tags) (C-1095)
CloudSecure allows users to create multiple application definition with the same rules, i.e., same set of tags can be shared for two applications.
What's New in This Release - May 16th, 2024
The following new features are available in this release:
No. | Feature Category | Feature List |
---|---|---|
1. | Visualization |
The Traffic page now lets you view traffic flow source and destination details. See Traffic. |
Known Limitations in CloudSecure
- AWS PaaS resources may not have ENI (C-3265)
CloudSecure uses DNS lookup on the fully qualified domain name to get the elastic network interface relationships, which is not guaranteed to get a match. The potentially affected AWS resources are RDS DBInstances, RDS DBClusters, ElasticLoadBalancingV2 load balancers, MemoryDB clusters, ElastiCache for Redis clusters, and Redshift clusters. - Error shown when users attempt to add an existing user to their account (C-3083)
When a user tries to add existing users to their existing CloudSecure account, CloudSecure correctly prevents the action, but does not issue an error message. For example, if a customer has one live CloudSecure account and also one trial account, trying to add an existing trial user to the live account will silently fail. - Middle, right, or control click to open in new tab do not work (C-2398)
Middle click, right click, and control click sometimes do not open the specific desired CloudSecure tab. - Application sometimes gets mapped to the wrong deployment's env label (C-1257)
The resources have multiple cloud tags, the tag in the application definition label doesn't align with the one used in the environment label. - Competing application definition (multiple app-def using same tags) (C-1095)
CloudSecure allows users to create multiple application definition with the same rules, i.e., same set of tags can be shared for two applications.
What's New in This Release - May 13th, 2024
The following new features are available in this release:
No. | Feature Category | Feature List |
---|---|---|
1. | Visualization |
The Inventory page now has a Service Category filter for searching your inventory of resources. See CloudSecure Search. |
Resolved Limitations in CloudSecure
- Map not matching Azure VM topology (C-2720)
Sometimes the Cloud Map showed VMs as the child of a location instead of a subnet. The subnet was found, but the VM did not show up in the subnet.
What's New in This Release - May 2nd, 2024
The following new features are available in this release:
No. | Feature Category | Feature List |
---|---|---|
1. | Labeling |
You can now use the following system-generated labels:
|
2. | Visualization |
The Traffic page Beta Advanced Filter now lets you search by VPC, subnet, and resource type. See Search Traffic. |
3. | Policy |
The following resources now support policy:
|
Resolved Limitations in CloudSecure
- Empty page should have string called "No integrations" (C-983)
When the Onboarding page was empty, there was no text string. If the page lacks data, it now says "No data to display."
Known Limitations in CloudSecure
- AWS PaaS resources may not have ENI (C-3265)
CloudSecure uses DNS lookup on the fully qualified domain name to get the elastic network interface relationships, which is not guaranteed to get a match. The potentially affected AWS resources are RDS DBInstances, RDS DBClusters, ElasticLoadBalancingV2 load balancers, MemoryDB clusters, ElastiCache for Redis clusters, and Redshift clusters. - Error shown when users attempt to add an existing user to their account (C-3083)
When a user tries to add existing users to their existing CloudSecure account, CloudSecure correctly prevents the action, but does not issue an error message. For example, if a customer has one live CloudSecure account and also one trial account, trying to add an existing trial user to the live account will silently fail. - Middle, right, or control click to open in new tab do not work (C-2398)
Middle click, right click, and control click sometimes do not open the specific desired CloudSecure tab. - Application sometimes gets mapped to the wrong deployment's env label (C-1257)
The resources have multiple cloud tags, the tag in the application definition label doesn't align with the one used in the environment label. - Competing application definition (multiple app-def using same tags) (C-1095)
CloudSecure allows users to create multiple application definition with the same rules, i.e., same set of tags can be shared for two applications.
What's New in This Release - April 25th, 2024
The following new features are available in this release:
No. | Feature Category | Feature List |
---|---|---|
1. | Policy |
The following resources now support policy:
|
2. | Flow Log Access | You can now test your accounts' flow log access. See Grant Flow Log Access. |
3. | Visualization |
|
Resolved Limitations in CloudSecure
- Missing Feature: Day 0 Map, Inventory, and Traffic Views (C-2913)
The Day 0 Cloud Map and Traffic pages did not show the Add Cloud Banner. It instead gave a "no resource/traffic available" message.
Known Limitations in CloudSecure
- AWS PaaS resources may not have ENI (C-3265)
CloudSecure uses DNS lookup on the fully qualified domain name to get the elastic network interface relationships, which is not guaranteed to get a match. The potentially affected AWS resources are RDS DBInstances, RDS DBClusters, ElasticLoadBalancingV2 load balancers, MemoryDB clusters, ElastiCache for Redis clusters, and Redshift clusters. - Error shown when users attempt to add an existing user to their account (C-3083)
When a user tries to add existing users to their existing CloudSecure account, CloudSecure correctly prevents the action, but does not issue an error message. For example, if a customer has one live CloudSecure account and also one trial account, trying to add an existing trial user to the live account will silently fail. - Middle, right, or control click to open in new tab do not work (C-2398)
Middle click, right click, and control click sometimes do not open the specific desired CloudSecure tab. - Application sometimes gets mapped to the wrong deployment's env label (C-1257)
The resources have multiple cloud tags, the tag in the application definition label doesn't align with the one used in the environment label. - Competing application definition (multiple app-def using same tags) (C-1095)
CloudSecure allows users to create multiple application definition with the same rules, i.e., same set of tags can be shared for two applications.
What's New in This Release - April 18th, 2024
The following new features are available in this release:
No. | Feature Category | Feature List |
---|---|---|
1. | Visualization |
|
2. | Deployments |
You can now edit your deployments. See Define a Deployment. |
Resolved Limitations in CloudSecure
- Traffic flow filter by status not working as expected (C-3566, C-3686)
Users navigating the Cloud Map sometimes also saw denied traffic included on a node Details page despite filtering for allowed traffic. - Error onboarding Azure Flow Logs (C-2890)
Users would sometimes get an error when onboarding Azure flow logs due to CloudSecure not understanding that flow log destination access was already granted. - No description in Azure "Forbidden" onboarding message (C-2023)
When encountering an Azure onboarding error message, users did not get sufficient information to readily resolve the problem.
Known Limitations in CloudSecure
- AWS PaaS resources may not have ENI (C-3265)
CloudSecure uses DNS lookup on the fully qualified domain name to get the elastic network interface relationships, which is not guaranteed to get a match. The potentially affected AWS resources are RDS DBInstances, RDS DBClusters, ElasticLoadBalancingV2 load balancers, MemoryDB clusters, ElastiCache for Redis clusters, and Redshift clusters. - Error shown when users attempt to add an existing user to their account (C-3083)
When a user tries to add existing users to their existing CloudSecure account, CloudSecure correctly prevents the action, but does not issue an error message. For example, if a customer has one live CloudSecure account and also one trial account, trying to add an existing trial user to the live account will silently fail. - Middle, right, or control click to open in new tab do not work (C-2398)
Middle click, right click, and control click sometimes do not open the specific desired CloudSecure tab. - Application sometimes gets mapped to the wrong deployment's env label (C-1257)
The resources have multiple cloud tags, the tag in the application definition label doesn't align with the one used in the environment label. - Competing application definition (multiple app-def using same tags) (C-1095)
CloudSecure allows users to create multiple application definition with the same rules, i.e., same set of tags can be shared for two applications.
What's New in This Release - April 11th, 2024
The following new features are available in the April 11th, 2024 release:
No. | Feature Category | Feature List |
---|---|---|
1. | Visualization | |
2. | Applications |
You can now bulk-delete applications that were created using Application Discovery Rules. See Define an Application Automatically for information. |
3. | Labels | The Tag to Label Mapping page now shows both the Illumio label type and the labels to which you have mapped your CSP cloud tag keys. See Cloud Tag to Label Mapping for information. |
Resolved Limitations in CloudSecure
- Map is empty when no regions returned in top down view (C-2982)
When users filtered the Cloud Map in a way that excluded regions, it would appear empty. This limitation is resolved.
Known Limitations in CloudSecure
- AWS PaaS resources may not have ENI (C-3265)
CloudSecure uses DNS lookup on the fully qualified domain name to get the elastic network interface relationships, which is not guaranteed to get a match. The potentially affected AWS resources are RDS DBInstances, RDS DBClusters, ElasticLoadBalancingV2 load balancers, MemoryDB clusters, ElastiCache for Redis clusters, and Redshift clusters. - Error shown when users attempt to add an existing user to their account (C-3083)
When a user tries to add existing users to their existing CloudSecure account, CloudSecure correctly prevents the action, but does not issue an error message. For example, if a customer has one live CloudSecure account and also one trial account, trying to add an existing trial user to the live account will silently fail.
- Application sometimes gets mapped to the wrong deployment's env label (C-1257)
The resources have multiple cloud tags, the tag in the application definition label doesn't align with the one used in the environment label. - Competing application definition (multiple app-def using same tags) (C-1095)
CloudSecure allows users to create multiple application definition with the same rules, i.e., same set of tags can be shared for two applications. -
Competing application definition (multiple app-def using same tags) (C-1095)
CloudSecure allows users to create multiple application definition with the same rules, i.e., same set of tags can be shared for two applications.
What's New in This Release - April 4th, 2024
The following new features are available in the April 4th, 2024 release:
No. | Feature Category | Feature List |
---|---|---|
1. | Visualization |
|
Resolved Limitations in CloudSecure
-
Cloud Map is only showing some VNET peering links (C-3428)
Sometimes the Inventory page showed additional peers that did not show up on the Map page. This limitation is resolved. -
Security group names not showing up in console (C-1875)
Discovered EC-2 instances did not show security group names. This limitation is resolved. -
AWS Security Group Rules not rendered on UI (C-3466)
The Inventory detail page displayed security group details, but the rules were missing. This limitation is resolved.
Known Limitations in CloudSecure
- AWS PaaS resources may not have ENI (C-3265)
CloudSecure uses DNS lookup on the fully qualified domain name to get the elastic network interface relationships, which is not guaranteed to get a match. The potentially affected AWS resources are RDS DBInstances, RDS DBClusters, ElasticLoadBalancingV2 load balancers, MemoryDB clusters, ElastiCache for Redis clusters, and Redshift clusters. - Error shown when users attempt to add an existing user to their account (C-3083)
When a user tries to add existing users to their existing CloudSecure account, CloudSecure correctly prevents the action, but does not issue an error message. For example, if a customer has one live CloudSecure account and also one trial account, trying to add an existing trial user to the live account will silently fail.
- Application sometimes gets mapped to the wrong deployment's env label (C-1257)
The resources have multiple cloud tags, the tag in the application definition label doesn't align with the one used in the environment label. -
Competing application definition (multiple app-def using same tags) (C-1095)
CloudSecure allows users to create multiple application definition with the same rules, i.e., same set of tags can be shared for two applications.
What's New in This Release - March 28th, 2024
The following new features are available in the March 28th, 2024 release:
1. | Visualization |
|
2. | Applications | CloudSecure now lets you bulk delete application definitions. See the Define an Application Automatically documentation on the portal. |
Resolved Limitations in CloudSecure
-
Azure NAT Gateway not showing up in Cloud Map (C-3427)
Azure NAT gateways appeared on the Inventory page but did not show up on the Cloud Map page. This limitation is resolved. -
Allow multiple rules with empty prefix (C-3339)
There was previously a constraint enforced where two rules could not have the same prefix, even if the prefix were left blank. This limitation is resolved.
Known Limitations in CloudSecure
- AWS PaaS resources may not have ENI (C-3265)
CloudSecure uses DNS lookup on the fully qualified domain name to get the elastic network interface relationships, which is not guaranteed to get a match. The potentially affected AWS resources are RDS DBInstances, RDS DBClusters, ElasticLoadBalancingV2 load balancers, MemoryDB clusters, ElastiCache for Redis clusters, and Redshift clusters. - Error shown when users attempt to add an existing user to their account (C-3083)
When a user tries to add existing users to their existing CloudSecure account, CloudSecure correctly prevents the action, but does not issue an error message. For example, if a customer has one live CloudSecure account and also one trial account, trying to add an existing trial user to the live account will silently fail.
- Application sometimes gets mapped to the wrong deployment's env label (C-1257)
The resources have multiple cloud tags, the tag in the application definition label doesn't align with the one used in the environment label. -
Competing application definition (multiple app-def using same tags) (C-1095)
CloudSecure allows users to create multiple application definition with the same rules, i.e., same set of tags can be shared for two applications.
What's New in This Release - March 21st, 2024
The following new features are available in the March 21st, 2024 release:
No. | Feature Category | Feature List |
---|---|---|
1. | Visualization |
For a full list of all supported resources visible on the Inventory page, see the Inventory documentation on the portal.
|
2. | Flows |
The Risk Report feature on the Traffic page now lets you toggle which details you wish to include. See the Traffic documentation on the portal.
|
3. | Traffic |
The filter now lets you use the Beta Advanced Filter mode, which lets you use joiners and operators while searching for sources, destinations, categories, etc. See the Traffic documentation on the portal.
|
4. | Onboarding |
|
5. | Applications |
CloudSecure now lets you automatically approve application definitions in two places. The Application Definition page lets you toggle whether you want CloudSecure to automatically approve all discovered applicable deployments and resources. Similarly, the Application Discovery Rule page lets you toggle whether you want CloudSecure to automatically approve all discovered application definitions, as well as any updates made to their deployments and resources. See the Define an Application Automatically documentation on the portal. |
Resolved Limitations in CloudSecure
-
Editing discovery rules inserts extra dash (-) automatically (C-3337)
When modifying discovery rules, an extra dash was added automatically to the prefix. This limitation is resolved. - Deleting T2L mapping does not delete label dimension (C-2646)
When users deleted a tag to label mapping, any labels that were assigned to resources using that mapping were not removed. Deleting the mapping kept those mapped labels on the resources, resulting in the label never being deleted. This limitation is resolved.
Known Limitations in CloudSecure
- AWS PaaS resources may not have ENI (C-3265)
CloudSecure uses DNS lookup on the fully qualified domain name to get the elastic network interface relationships, which is not guaranteed to get a match. The potentially affected AWS resources are RDS DBInstances, RDS DBClusters, ElasticLoadBalancingV2 load balancers, MemoryDB clusters, ElastiCache for Redis clusters, and Redshift clusters. - Error shown when users attempt to add an existing user to their account (C-3083)
When a user tries to add existing users to their existing CloudSecure account, CloudSecure correctly prevents the action, but does not issue an error message. For example, if a customer has one live CloudSecure account and also one trial account, trying to add an existing trial user to the live account will silently fail.
- Application sometimes gets mapped to the wrong deployment's env label (C-1257)
The resources have multiple cloud tags, the tag in the application definition label doesn't align with the one used in the environment label. -
Competing application definition (multiple app-def using same tags) (C-1095)
CloudSecure allows users to create multiple application definition with the same rules, i.e., same set of tags can be shared for two applications.
What's New in This Release - March 11th, 2024
The following new features are available in the March 11th, 2024 release:
No. | Feature Category | Feature List |
---|---|---|
1. | Onboarding |
You can now onboard Azure tenants in addition to individual subscriptions as before. See the Onboard an Azure Cloud Tenant documentation on the portal. |
2. | Visualization |
These resources are now visible on the Inventory page: AWS:
Azure:
For a full list of all supported resources visible on the Inventory page, see the Inventory documentation on the portal. |
3. | Policy |
See the Writing Application Policy documentation on the portal. |
4. | Applications | You can now approve application deployments and resources in bulk on the application definition page. See the View and Approve documentation on the portal. |
Resolved Limitations in CloudSecure
- Slice bug on Flow Log Access page (C-3080)
A conditional check was missing for sliced items. Therefore, users might have gotten a blank screen. This limitation is resolved. -
406 errors should be displayed when deleting tag to label mappings (C-3217)
When users deleted a tag to label mapping, any errors returned by the delete response were not shown in the UI. This limitation is resolved. -
Application has 0 resources, but the map is rendering resources (C-3041)
When users selected an application on the Cloud Map, the map would sometimes indicate resources despite there not being any. This limitation is resolved. -
Go button does not refresh data unless filters change (C-2296)
When users executed a query on the Traffic, Inventory, or Cloud Map pages, the Go button did not re-run the same query on fresh data. To re-run the same query, users had to change the filter and change it back again before re-running the query. This limitation is resolved. -
Avoid label create/delete race conditions (C-2957)
When users deleted and re-created an application or deployment in quick succession, CloudSecure sometimes deleted the label that was re-used by the re-created app/deployment. Users ended up with an application or deployment linked to a deleted label. This limitation is resolved. -
Events in CloudSecure UI should show the latest events at the top (C-2946)
The Events page would show the oldest events at the top rather than at the bottom. This limitation is resolved. -
Editing Azure subscription integrations showed child account list (C-2920)
When users edited their Azure subscriptions, the user's child accounts were mistakenly listed. This limitation is resolved.
Known Limitations in CloudSecure
- Error shown when users attempt to add an existing user to their account (C-3083)
When a user tries to add existing users to their existing CloudSecure account, CloudSecure correctly prevents the action, but does not issue an error message. For example, if a customer has one live CloudSecure account and also one trial account, trying to add an existing trial user to the live account will silently fail. - Application sometimes gets mapped to the wrong deployment's env label (C-1257)
The resources have multiple cloud tags, the tag in the application definition label doesn't align with the one used in the environment label. - Competing application definition (multiple app-def using same tags) (C-1095)
CloudSecure allows users to create multiple application definition with the same rules, i.e., same set of tags can be shared for two applications.
What's New in This Release - February 29th, 2024
The following new features are available in the February 29th, 2024 release:
No. | Feature Category | Feature List |
---|---|---|
1. | Visualization |
|
Resolved Limitations in CloudSecure
- App approval status filters do not show correct results (C-2945)
The resources have multiple cloud tags, the tag in the application definition label doesn't align with the one used in the environment label.
Known Limitations in CloudSecure
- Application sometimes gets mapped to the wrong deployment's env label (C-1257)
The resources have multiple cloud tags, the tag in the application definition label doesn't align with the one used in the environment label.
- Competing application definition (multiple app-def using same tags) (C-1095)
CloudSecure allows users to create multiple application definition with the same rules, i.e., same set of tags can be shared for two applications.
What's New in This Release - February 22nd, 2024
The following new features are available in the February 22nd, 2024 release:
No. | Feature Category | Feature List |
---|---|---|
1. | Application Definition |
Application Discovery Rules now allow full editing. |
2. | Policy | Allow rules are now available for organization policies. |
3. | Visualization |
|
Resolved Limitations in CloudSecure
- Tag to label mapping must be defined before an app is defined (C-2997)
User did not have the ability to write policies on labels created using tag to label mapping if those labels were not associated with any application. This limitation is resolved. - Editing proxy username is not supported (E-113332)
CloudSecure did not support updating the username. Due to this limitation, name editing was disabled in existing tenants and all the new users added to existing tenants. The edit user function in the User detail page and the My Profile page were disabled. For new tenants and users in new tenants, editing the user is now supported. This limitation is resolved. - Traffic doesn't show labeled workloads (C-2559)
When users went to the Traffic tab, flows sometimes erroneously lacked labels. When users searched for labeled traffic flows, sometimes no results were returned. This limitation is resolved.
Known Limitations in CloudSecure
- Application sometimes gets mapped to the wrong deployment's env label (C-1257)
The resources have multiple cloud tags, the tag in the application definition label doesn't align with the one used in the environment label.
- Competing application definition (multiple app-def using same tags) (C-1095)
CloudSecure allows users to create multiple application definition with the same rules, i.e., same set of tags can be shared for two applications.
What's New in This Release - February 15th, 2024
The following new features are available in the February 15th, 2024 release:
No. | Feature Category | Feature List |
---|---|---|
1. | Visualization |
Public IPs are supported for Azure VM flows but not policies. |
Resolved Limitations in CloudSecure
- The username is incorrectly displayed on the main page and within the user grid (C-2897)
User's names displayed incorrectly after being added. This limitation is resolved. - Resources not shown for pending approval apps (C-2887)
When creating applications either individually or using a discovery rule, resources were not visible on the Application Definition page resources link while the applications were pending. This limitation is resolved. - UI must validate application deployment inputs (C-2797)
Users were allowed to add deployment types without any values. If a user did not enter any values, a UI page crash occurred and/or the backend rejected the request. The UI now disables the Add button when no values are selected. This limitation is resolved. - Tried to onboard an AWS account previously onboarded and offboarded, getting errors in cloudformation template creation (C-2715)
Offboarding AWS accounts did not completely remove the stack. Workaround: Follow the Remove the Integration instructions on the Illumio documentation portal.
Known Limitations in CloudSecure
- Application sometimes gets mapped to the wrong deployment's env label (C-1257)
The resources have multiple cloud tags, the tag in the application definition label doesn't align with the one used in the environment label.
- Competing application definition (multiple app-def using same tags) (C-1095)
CloudSecure allows users to create multiple application definition with the same rules, i.e., same set of tags can be shared for two applications.
What's New in This Release - February 8th, 2024
The following new features are available in the February 8th, 2024 release:
No. | Feature Category | Feature List |
---|---|---|
1. | Visualization |
|
2. | Onboarding | You can now onboard AWS organizations in addition to individual accounts as before. |
3. | Applications |
Although CloudSecure has always allowed you to define applications individually, you can now automatically create multiple applications by defining an Application Discovery Rule. This feature runs in the background, so the rule you create will automatically define applications when new resources are added that meet the rule parameters. You can also now use accounts, in addition to cloud tags or virtual networks and subnets, to define your applications. |
Resolved Limitations in CloudSecure
- NSG attached to subnet is not included in vm->nsg relationship (C-2594)
CloudSecure was programming only network security groups associated with a NIC. This limitation is resolved. Now CloudSecure will program both network security groups associated with a subnet and those associated with a NIC. - Label search within an application shows resources that do not belong to the application (C-2568)
A label search within an application showed all resources instead of showing the resources for only the selected application. This limitation is resolved. -
Dashboard Traffic Summary tile forgets user's previous filter selection (C-2387)
When users filtered by a specific CSP and a specific timeframe, and went away from the Dashboard page, the Traffic Summary tile would reset to the 24-hour default, with all CSPs selected. This limitation is resolved.
Known Limitations in CloudSecure
- Application sometimes gets mapped to the wrong deployment's env label (C-1257)
The resources have multiple cloud tags, the tag in the application definition label doesn't align with the one used in the environment label.
- Competing application definition (multiple app-def using same tags) (C-1095)
CloudSecure allows users to create multiple application definition with the same rules, i.e., same set of tags can be shared for two applications.
What's New in This Release - February 1st, 2024
The following new features are available in the February 1st, 2024 release:
No. | Feature Category | Feature List |
---|---|---|
1. | Visualization |
|
2. | Flows |
The Risk Report feature on the Traffic page lets you generate a PDF report summarizing the following at the account/subscription level:
|
3. | Onboarding | When onboarding CSP accounts or subscriptions, you can now select read-only access. |
Known Limitations in CloudSecure
- Application sometimes gets mapped to the wrong deployment's env label (C-1257)
The resources have multiple cloud tags, the tag in the application definition label doesn't align with the one used in the environment label.
- Competing application definition (multiple app-def using same tags) (C-1095)
CloudSecure allows users to create multiple application definition with the same rules, i.e., same set of tags can be shared for two applications.