Cloudi-Fi’s Updates in Winter 2022: Summary of Changes and Improvements implemented into the Cloudi-Fi's solution.
These changes will be applied on Friday December, 16th evening. No service interruption is expected.
Enhancements
Administrators
-
For security reasons, Administrators accessing Admin Console with SAML SSO should not be allowed to set a Cloudi-Fi password or change their contact email address. These 2 options are now only available to standard administrator connecting with a login / password ( Settings My Profile )
-
Show / Hide select switch to control "disabled" administrators visualization. This option allows to show disabled administrators in the administrator list. Disabled administrators are now hidden by default ( Administrators Accounts )
-
Add an event logs when an administrator login via SSO under Administrators Audit Logs.
Lobby bulk import
-
Enables to import multiple guest indentities at once. Input file format can be customized if necessary ( Visitors Lobby ).
Activations
-
Zscaler Activation in existing tenant is now adding a SSL Rule to bypass SSL inspection on guest enabled Locations
-
Meraki - AccessPoint without any name set can now be imported ( not default behavior )
-
Fortinet - Enable Forti AP Cloud integration
Help Desk
-
Allow multiple Organization membership for Partners. Administrators can now be associated with multiple Organizations and access tickets of each of these organization. The Organization has to be selected while accessing the Help Desk system under Help Help Desk
DHCP - Monitoring
-
Aggregate duplicate DHCP request in audit log
-
Tunnel usage report
Bug fixes
Activations
-
On first Zscaler activation, provisioned departments were assigned to the default IdP. Cloudi-Fi policies were set with these wrongly created profiles. As a result, authenticated users were not able to browse Internet unless URL Policies were adjusted with the appropriate profile. This fix makes sure created departments on Zscaler are assigned to Cloudi-Fi IdP configuration using the SCIM feature.
-
In last October, Meraki Cloud upgrade introduced a major change in the way they handle external captive portal URLs. This change caused issues to recognize the Guest Location. We introduced a change in the URL format in order to be compatible with latest Meraki Cloud upgrade. Existing configurations have to be reviewed as defined on the following guide.
-
Meraki Integration stops overriding customer SSID parameters while pushing Cloudi-Fi base configuration - Instead of pushing a default config that overrides the entire existing configuration of an SSID, we now only push the parameters we really want to update, and leave the rest as is.
Portal Authentication
-
Google Chrome introduced a strong Cookie management policy using SameSite attribute. This behavior change caused the SAML Authentication to randomly fail. SameSite Cookie policy had to be updated in order to fix this issue.
-
iOS compatibility issue while running version 12.x. These iOS versions were not able to load the portal properly due to a wrong cookie detection issue.
-
Update browser / system recognition to recognize latest versions
Registration
-
Set a profile replacement when a profile is deleted in order to make sure all active identifies and registration policies keep using a valid profile.
Portal Management
-
Configurations related to a portal such Access permission or other configuration types were not updated when a new portal version was deployed. Configuration Cache bust has been introduced to fix this issue on portal update.
Administration
-
When Teams option is enabled, Guest Profile list must not be filtered by team. All profiles must be available to all administrators regardless of their Team membership..
Reporting
-
On public reports, filters dropdown only shown first 2 selected items. Filtering bar menu size is now adjusting automatically in order to display all selected items.
-
Session usage were randomly showing excessive service usage due to concurrent statistic generation tasks. Concurrency is now handled differently in order to fix this issue.
DHCP
-
Lease list / count not showing up. Due to message routing between active nodes, lease list could not be downloaded through DHCP APIs. Message routing methods were reviewed in order to make sure this issue doesn't not happen again.
-
Service stability issue under heavy load. When more than 200 requests are received during the same second, DHCP Service could not serve all these requests in a timely manner. Issue was related to a dependancy with log storage. Application architecture has been redesigned in order to remove this dependancy