Pulse Policy Secure 5.2R1 Release Notes Pulse Policy Secure version 5.2 R1 Build 28769 Pulse Client version 5.1 R2 Build 54585 Odyssey Access Client version 5.60.27023
Product Release 5.2
Document Revision 1.0 Published: 2015-03-31
© 2015 by Pulse Secure, LLC. All rights reserved
Pulse Policy Secure Release Notes
Table of Contents Hardware Platform ___________________________________________________________________ 4 Virtual Appliance Editions ______________________________________________________________ 4 Interoperability and Supported Platforms _________________________________________________ 4 Upgrading to Pulse Policy Secure 5.2R1 ___________________________________________________ 5 New Features ________________________________________________________________________ 5 Fixed Issues _________________________________________________________________________ 6 Open Issues _________________________________________________________________________ 6 Documentation ______________________________________________________________________ 8 Documentation Feedback ________________________________________________________________ 9 Technical Support ______________________________________________________________________ 9 Requesting Technical Support ___________________________________________________________ 9 Revision History ________________________________________________________________________ 9
© 2015 by Pulse Secure, LLC. All rights reserved
Page 2 of 10
Pulse Policy Secure Release Notes
List of Tables Table 1: Virtual Appliance Qualified Systems ........................................................................................... 4 Table 2 Upgrade Paths ............................................................................................................................. 5 Table 3 List of New Features .................................................................................................................... 5 Table 4 List of Issues Fixed in this Release ................................................................................................ 6 Table 5 List of Open Issues in this release ................................................................................................ 6 Table 6 Documentation ............................................................................................................................ 8 Table 7: Revision History .......................................................................................................................... 9
© 2015 by Pulse Secure, LLC. All rights reserved
Page 3 of 10
Pulse Policy Secure Release Notes
Hardware Platform You can install and use this software version on the following hardware platforms:
IC4500, IC6500, MAG2600, MAG4610, MAG6610, MAG6611, MAG SM160, MAG SM360
Virtual Appliance Editions This software version is available for the following virtual appliance editions:
Demonstration and Training Edition (DTE) Service Provider Edition (SPE)
Table 1: Virtual Appliance Qualified Systems Platform VMware
KVM
Qualified System
IBM BladeServer H chassis BladeCenter HS blade server vSphere 5.1, 5.0, and 4.1
QEMU/KVM v1.4.0 Linux Server Release 6.4 on an Intel Xeon CPU L5640 @ 2.27GHz o NFS storage mounted in host o 24GB memory in host o Allocation for virtual appliance: 4vCPU, 4GB memory and 20GB disk space
To download the virtual appliance software, go to: http://www.pulsesecure.net/support/
Interoperability and Supported Platforms
Refer to the Supported Platforms document on the software download site for details about supported versions of the Screen OS Enforcer, the Junos Enforcer, client browsers, client smart phones, and client operating systems. Go to: http://www.pulsesecure.net/support/
© 2015 by Pulse Secure, LLC. All rights reserved
Page 4 of 10
Pulse Policy Secure Release Notes
Upgrading to Pulse Policy Secure 5.2R1 Table 2 Upgrade Paths Release
Description
Pulse Policy Secure Software Upgrade
Automatic updates to this release are supported for all PPS releases after and including PPS 4.4 R1.
This release does not support IC4000 and IC6000 devices. These hardware models have reached end-of-life (EOL).
Pulse Secure Desktop 5.1R2 Client Software Upgrade
Refer to the Pulse Secure Desktop Client 5.1 release notes.
Odyssey Access Client Upgrade
In this release same version of Odyssey client is retained.
PPS Agent (OAC)
An IC Series device can handle 1500 concurrent endpoint upgrades.
Standalone OAC Client
This release supports the standalone, non-PPS version of Odyssey Access Client. Instructions for installing OAC on standalone clients are contained in the help guide under the section Getting Started > Initial Configuration.
Endpoint Security Assessment Plug-in (ESAP) Compatibility
ESAP package version 2.6.6 is the minimum version to be compatible with Pulse Policy Secure version 5.2R1. The default version for ESAP is 2.6.6
Network and Security Manager (NSM) Compatibility
NSM is not supported
New Features Table 3 describes the major features that are introduced in this release.
Table 3 List of New Features Feature
Description
Wireless LAN Controller (WLC) external captive portal integration
Ability to deploy Guest access management on Cisco and Aruba WLAN
Guest Self-service registration
Self-service registration of guests to obtain network access
User Experience Enhancements for Guest
Refreshed user-experience through revamp of the existing User Interface for both Guest users as well the Guest User Access
© 2015 by Pulse Secure, LLC. All rights reserved
Page 5 of 10
Pulse Policy Secure Release Notes Access
Managers
IF-Map Rebranding
Introduced Pulse Secure brand and trademarks in IF-MAP vendor specific metadata types
Addition of Funk-DestinationIP-Address attribute
Ability to enable administrator to assign realm based on Radius incoming port
Fixed Issues Table 4 lists issues that have been fixed and are resolved by upgrading to this release.
Table 4 List of Issues Fixed in this Release PR Number
Release Note
PRS-323316
When many authentication requests are pending at the same time, SBR consumes lot of memory leaving very less memory for system to continue to work. To avoid this situation, the number of pending authentication requests in SBR have been reduced.
Open Issues Table 5 lists open issues in this release.
Table 5 List of Open Issues in this release PR Number
Release Note
PRS-324568
Guest user sessions are reported as "802.1x Auth" in "Auth Mechanism" chart on dashboard charts.
PRS-325099
If customer deployed/using GUAM prior to 5.2 and when upgraded to 5.2 old Login is shown, however the rest of pages (such as summary, create user, create many user, edit pages...and so on) will have new User Interface(UI). To get the latest Login page UI, admin needs to enable "Use this signin policy for Guest and Guest admin to use specific pages." in the SignIn-URL they used prior to 5.2
PRS-322455
Guest user session does not display Agent Type in Active Users page in Wireless LAN Controllers deployment
PRS-325099
Customization of GUAM pages is no longer supported in 5.2, If customer using customization using custom sign-in pages (i.e. using sample) prior to 5.2 and when upgraded to 5.2 customization done prior to 5.2 is lost.
PRS-322691
"Change password at first/next login" option will not be supported in GUAM for Wireless LAN Controller (WLC) case. This option should not be enabled. If enabled, it will not have any effect.
© 2015 by Pulse Secure, LLC. All rights reserved
Page 6 of 10
Pulse Policy Secure Release Notes
PRS-317090
IPSec use-cases will not work if Fed client-1(Authentication PPS) is upgraded, due to change in public key. The new public key needs to be re-published to Fed client2(Enforcer PPS). Workaround: Reboot the Fed client-2 so it can fetch new public key from Fed client-1
PRS-318004
When an active node of a Pulse Policy Secure Active/Passive cluster, configured for IPSec Enforcement using Virtual Adapter, is rebooted, the ssh session to the SRX protected resource is disconnected. Work around is to restart ssh session to the protected resource.
PRS-322433
Cisco WLC running 7.6.130.0 does not apply session time-out sent by PPS in the RADIUS Access Accept, if there is a session-timeout configured already on the WLC for the WLAN.
PRS-321071
Deleting user from Pulse Policy Secure active user page does not disconnect the Cisco 2500/5500/7500/8500 WLC wireless user
PRS-325011
With Host Check interval set to non-zero when client machine comes back from sleep or hibernation, Pulse Secure client does not resume 802.1x connection.
PRS-321068
Guest Access: After login through web auth (captive portal), client does not go to vlan id sent from IC. Workaround: Use a RADIUS Filter-ID attribute to restrict the guest’s access
PRS-325108
For Pulse Policy Secure, the agentless Host Checker version on Mac OSX is incorrect in versioninfo.ini file
PRS-324891
When Pulse Secure client 802.1x connection is resumed after Pulse Policy Secure (PPS) Active-Passive cluster fail-over, host check does not happen immediately and it is evaluated after the configured host check interval.
PRS-322623
Guest Access: With Aruba Wireless Controller, CHAP for captive portal radius authentication is not supported because Aruba Wireless Controller uses not standard implementation of CHAP. Workaround: Use PAP for captive portal radius authentication.
PRS-322503
Guest Access: With Aruba Wireless Controller, change of VLAN by specifying in the new role does not work for captive portal. Workaround: Use Filter-ID Radius attribute to restrict the guest user’s access.
PRS-324342
With PPS in Active/Passive cluster mode, deleting the user from active user page does not disconnect user from Cisco WLC
PRS-322367
With new guest sign-in pages, admin will not be given an option to configure PostAuth Sign-in Notification
© 2015 by Pulse Secure, LLC. All rights reserved
Page 7 of 10
Pulse Policy Secure Release Notes
Documentation Table 6 describes the documentation set. The documentation is available at
http://www.pulsesecure.net/support. Table 6 Documentation Title
Description
Getting Started
Release Notes
A release summary, including lists of new features, changed features, known issues, and fixed issues.
Supported Platforms
List of client environments, third-party servers, and third-party applications that have been tested and are compatible with the software release.
Getting Started Guide
How to complete a basic configuration to get started using the solution.
Licensing Guide
How to install any licenses that might be required.
IC Series to MAG Series Migration Guide
How to migrate the system configuration and user data to the newer platform.
Virtual Appliance Deployment Guide
How to install, configure, and use the virtual appliance edition.
Administration Guides Complete Software Guide
The complete collection of user documentation for this release in PDF format.
Administration Guide
How to complete the network and host configuration and how to use certificate security administration, configuration file management, and system maintenance features.
Feature Guides
Guest Access Solution Configuration Guide
A complete guide to guest access solution which enables self-registration of guest over WLC and enable administrator to manage guest user access privileges.
© 2015 by Pulse Secure, LLC. All rights reserved
Page 8 of 10
Pulse Policy Secure Release Notes Solutions Endpoint Security Feature Guide
Describes Host Checker and Cache Cleaner settings.
Developer Reference Guide Custom Sign-In Pages Developer Reference
A reference on customization sign in pages
Documentation Feedback We encourage you to provide feedback, comments, and suggestions so that we can improve the documentation. You can send your comments to
[email protected].
Technical Support Technical product support is available through the Pulse Secure Global Support Center (PSGSC).
http://www.pulsesecure.net/support/ Call 1-888-314-5822 (toll-free in the USA, Canada, and Mexico). If outside US or Canada, use a country number listed from one of the regional tabs
For more technical support resources, browse the support website: http://www.pulsesecure.net/support/
Requesting Technical Support To open a case or to obtain support information, please visit the Pulse Secure Support Site: http://www.pulsesecure.net/support/
Revision History Table 6 lists the revision history for this document. Table 7: Revision History Revision
Description
26 Mar 2015
Initial publication.
© 2015 by Pulse Secure, LLC. All rights reserved
Page 9 of 10
Pulse Policy Secure Release Notes
© 2015 by Pulse Secure, LLC. All rights reserved
Page 10 of 10