Product Update - March 22nd, 2021

New Features & Enhancements

  • Unifying SSO Settings in the Cato Management Application: We are unifying all the Single Sign-On (SSO) provider settings in the Cato Management Application. The VPN SSO settings are moving from the VPN Settings > Single Sign-On window to the Access > Single Sign-On window. This SSO unification also requires that we migrate the back-end VPN SSO provider settings to the new infrastructure. Read more about the migration process here.
  • Enhancement for Creating New AWS and Azure Sites: You can now configure the  Local IP for the Native Range in the Add Site window.

Cato SDP Client Releases

  • macOS Client v4.5: The macOS Client version 4.5 will be available in the App store starting on the week of March 21st. This version includes:
    • Enhanced macOS SDP Client Troubleshooting Capabilities: These capabilities let Cato seamlessly and proactively troubleshoot macOS Clients to help improve stability, performance, and end user experience. Read more.
      • The total amount of uploaded data is about 1 MB per day.
      • To manage this feature, go to Global Settings > VPN Settings > Client Logs Policy.
    • Improved Support for macOS SSO: We improved user experience related to SSO authentication. Read more.
    • Client Enhancements:
      • Improved connectivity for TCP connections (ENG-14639, ENG-14912)
    • Bug Fixes:
      • Office Mode enhancements and bug fixes (ENG-14500)

PoP Announcements

  • Jakarta, Indonesia: We are planning to upgrade the PoP in Jakarta and provide better service for connections to this PoP.

Security Updates

  • IPS Signatures:
    • Malware - Retadup (New)
    • Malware – Wrokni (New) 
    • Malware - Cobalt Strike (Enhancement) 
    • CVE-2021-26855
    • CVE-2021-26857
    • CVE-2021-27065
    • CVE-2020-35489 
    • SSRF attacks (Enhancement)
    • XMLRPC Pingback (Enhancement)
    • Java Insecure Deserialization (Enhancement)
    • SSI Injection (Enhancement)
    • Netgear setup.cgi unauthenticated RCE
    • PHP-ping - ‘Count’ RCE
    • JAWS DVR CCTV unauthenticated shell command execution 
    • CVE-2017-1000486
    • CVE-2021-3007
    • CVE-2021-25296
    • CVE-2021-25297
    • CVE-2021-25298
    • CVE-2020-15906
    • CVE-2020-9484
    • CVE-2020-5902
    • CVE-2020-14882
    • CVE-2020-6308
    • CVE-2020-10252
    • CVE-2018-10561
    • CVE-2018-10562
  • Application Database:
    • Cisco Meraki Cloud (Enhancement)
    • Cisco Umbrella (New)

Support Tickets Resolved

  • #49012, #63813, #66194, #69266, #70465, #70593, #71887, #72642, #73134, #73194, #73495, #73699, #73802, #74123, #74881

Was this article helpful?


Add your comment