Versa SASE Client Release Notes for MacOS
These release notes describe features, enhancements, and fixes in all releases of the Versa SASE client software for MacOS operating system. The SASE client supports MacOS 10.14 and later.
Note that in releases prior to Release 7.3.7 for MacOS, the product was called the Versa Secure Access (VSA) client application software.
Product Documentation
The Versa Networks product documentation is located at https://docs.versa-networks.com.
Install the Versa SASE Client
Release 7.6.4
Released July 24, 2024
- Add support for TLS Tunnel from the App Settings menu. By default, TLS tunnel is disabled. When you enable TLS Tunnel, the client tries to establish a tunnel based on the tunnel type order it receives from the portal.
- Add support for Sync Account from the Enterprise menu, to synchronize client configuration with the SASE portal. You can perform this action even if the client is not connected to the network. Note that Sync Account is disabled when the client is connected or if a reconnect attempt is in progress.
- Add support to display the audit log for important client actions from the App Settings > Log Settings > Audit Logs menu.
For example:
- Add Verbose option in the Log Level menu to log additional information during the interaction with the client user interface.
- Notify users about terminating the connection when a user exceeds the maximum number of concurrent logins from multiple devices. You configure the number of concurrent user logins from the gateway. The default value is 5.
- Add support to create unique EAP IDs for users who log in from different devices.
- Add support to choose the Dead Peer Detection (DPD) interval from the App Settings menu. When there is no activity over the IPsec tunnel, the client sends DPD probes to check if the IPsec peer is active based on the value you select from the following:
- Low—Client runs DPD every 30 minutes.
- Medium—Client runs DPD every 10 minutes.
- High—Client runs DPD every minute.
If the peer does not respond to 5 probes, the client declares the peer dead and terminates the session.
Fixed Bugs
- Digital Experience Monitoring (DEM) reports are not generated when the number of monitored applications is less than 4.
- Incorrect time stamp in DEM reports.
- DEM reports display incorrect disk usage.
- On some Mac devices, the Versa XPC service does not start, which causes portal registration and gateway connection failure. Now, portal registration and gateway connection do not depend on XPC service and do not fail if this service does not start.
- Issue with Always On when fail mode is set to FAIL-OPEN.
- UI issues related to tunnel monitoring.
Release 7.6.3
Released January 16, 2024
New Features
- Add option in Systray App menu to directly establish a tunnel based on the last connected enterprise and gateway group or gateway profile. Establishing this tunnel avoids the client triggering a connection when the user opens the client.
- Add support for Auto Hide, to automatically hide a client window when there is no user activity for a period of time. To enable or disable this feature, toggle Auto Hide on the App Settings (previously Troubleshooting) window.
- Add support for Digital Experience Monitoring (DEM). The client receives a DEM profile from the SASE registration portal and uses the information in the profile to periodically monitors end-to-end performance of the configured applications at specified interval. It then shares the report to Versa Analytics. DEM monitors the following:
- Device health, for example, CPU, disk, memory, and battery level.
- Wi-Fi SSID, signal strength, and bytes received and transferred.
- Local network segment packet loss, jitter, and latency
- Internet segment—Number of hops, and hop-by-hop and aggregate packet loss, jitter, and latency.
- Application performance—DNS lookup time, TCP connection establishment time, TLS handshake time, HTTP latency, time to first byte, time to last byte, and hop-by-hop latency, jitter, packet loss.
- Performance of private and internet-bound applications.
- Add support for Two-Way Active Measurement Protocol (TWAMP). TWAMP Light is a lightweight version of TWAMP that eliminates the need for a control session.
- Improve user experience when connecting to a gateway by automatically connecting to the next available gateway when there is an error during tunnel establishment.
- Capture device name from registered devices to identify unique devices registered by a user.
- Share EIP data when connected to a trusted network.
- User can disconnect while in a trusted network.
- Rename Troubleshooting menu to App Settings.
- The default value for automatic disconnect reminder time is now 15 minutes. Previously, it was 5 minutes.
Fixed Bugs
- Fix for retry operation in Tunnel Monitoring.
- Fix for log file folder permission on log rotate.
- Fix EIP issues. (Bug 101989)
- UI and performance improvements.
Release 7.6.2
Released September 5, 2023
New Features
There are no new features in this release.
Fixed Bugs
- Publish tunnel IP address to gateway for EIP requests after establishing connection to SASE gateway.
- Log file folder permission issue during log rotation and OS upgrade.
- Blank screen issue during SAML login.
- Add realtime category for anti-malware.
- Validate auto-upgrade timestamp.
- Reset EIP profile definition based on the pre-registered post-response.
Release 7.6.1
Released June 30, 2023
New Features
There are no new features in this release.
Fixed Bugs
- Multifactor authentication (MFA) issues when you disable remember credentials.
- Vulnerability fixes for TWAMP path-monitoring scripts.
Release 7.6.0
Released May 17, 2023
New Features
- Support for autodisconnect based on configured disconnect interval.
- Software auto-update.
- Support for maintenance mode notifications.
- Support for device posture using endpoint information profile (EIP) collection and reporting.
- Support for certificate-based multifactor authentication (MFA).
Release 7.5.4
Released March 10, 2023
New Features
- Support for dynamic height support in UI to accommodate custom messages from the server.
- Support for password reset for users on Versa IDP.
- Support for XML/JSON response from the server.
Fixed Bugs
- VPN reconnection issues when the system changes from sleep mode to active state.
Release 7.5.3
Released January 25, 2023
New Features
New User-Defined Excluded Routes screen allows you to add routes to exclude from the full tunnel.
Fixed Bugs
- Always-on is automatically enabled while synchronizing configuration.
- Support for TLS 1.0 on M1 chipset.
Release 7.5.2
Released September 23, 2022
New Features
There are no new features in this release.
Fixed Bugs
- TOTP compatibility issue in Versa Operating SystemTM (VOSTM) Release 21.2.2.
- Password reset option is not displayed in enterprise details.
Release 7.5.1
Released September 14, 2022
New Features
There are no new features in this release.
Fixed Bugs
- Fix tunnel monitoring issues. (Bug 85659)
- Fix re-registration issues in Restricted mode.
Release 7.5.0
Released August 3, 2022
New Features
- Support for client control–related configuration received from secure access portal in Versa Director Release 21.3.
- Client backward compatibility between VOS Releases 21.3 and 21.2.
- Client support for trusted and untrusted network detection
- Tear down VPN connection when network moves from untrusted to trusted network.
- Autoconnect if network moves from trusted to untrusted.
- Path monitoring.
- IP stickiness.
- Restricted access override on FAIL-CLOSE operation.
- Latency bias support for optimal gateway selection.
- Exclude routes in configuration profiles to bypass the traffic over the tunnel if the tunnel is full.
- Hot standby.
- TWAMP-based path monitoring and switching to alternate path when SLA degrades for the currently active path.
- WebSocket notifications.
- Two-factor authentication (2FA) optimizationto receive QR code over email.
Enhancements
- Enterprise Details screen enhancements
- Path-monitoring profile menu to view TWAMP metrics configured on the server. This menu is available when TWAMP is enabled on the server side. For more information, see Configure TWAMP Control Client and Server Sessions.
- Account Details screen updates to configure always connected, fail close features, and tunnel monitoring.
- Always connected screen to modify the always-on and restricted access features.
- Connection Details screen enhancements
- Path Monitoring menu to view TWAMP metrics and WAN link path conditions of the connected gateway.
- Minor UI changes and color corrections.
- Home screen enhancements
- Added Trusted Network Detection screen to notify users about trusted network .
- Minor UI changes and color corrections.
- Gateway Details screen enhancements
- Displays hot standby gateways.
- Minor UI changes and color corrections .
Fixed Bugs
There are no bug fixes in this release.
Release 7.3.9
Released February 11, 2022
New Features
There are no new features in this release.
Fixed Bugs
- Fix fail open/close syntax issue in firewall configuration rules.
- Add ICMP protocol in firewall configuration rules.
- Correct spelling in log files and GUI.
- Fix performance issue in SCAXPC services.
- Change copyright date from 2021 to 2022.
- Handle 404 in prelogin and login use cases.
- Fix "Failed to connect" toast message when disconnecting from full-tunnel gateway.
- Modify pre-installation and post-installation scripts to support downgrade from Release 7.3.9.
Release 7.3.8
Released November 9, 2021
New Features
- Display group name on the connected screen.
- Server authentication response message is displayed if it is configured in the secure access policy. The server then sends the unique message configured in the matching rule to the client.
Fixed Bugs
- Add border to the client in WebView. In earlier releases, when WebView displayed the Microsoft authentication login page, the client application was hard to distinguish from the background, if the background color was same as the authentication page.
- Autopilot configuration synchronization issue when authentication method changes from local database to SAML.
- Autopilot configuration synchronization fails when the multifactor authentication (MFA) validity expires.
- Fix XPC vulnerability. (Bug 73710)
- Incorrect username is displayed on Director or Analytics node after registration authentication failure. (Bug 56946)
- Replace latitude and longitude tags in the Troubleshoot screen with the geolocation tag, and display the latitude and longitude values separated by a comma.
- Registration success message is displayed in the Settings window because of a previous configuration synchronization. This has been fixed.
- Spelling corrections in clear data messages.
- Username is not updated when the authentication method changes from local database to SAML.
- When the configuration is synchronized and the password is removed from the database, the remember-me value is not overridden when the remember credential is False. This issue has been fixed.
Release 7.3.7
Released February 4, 2021
New Features
- If DNS servers are reachable, client checks whether gateways are available. To enable DNS server monitoring, in the SASE client home screen, click Settings > Troubleshoot and then click the DNS Server Monitoring toggle button.
- Disconnect always-on.
- Perform metric reporting every 5 minutes.
Fixed Bugs
- Create IPsec tunnel based on domain IP address.
- Log filename changes.
- Latency-based optimal gateway selection. See Performance-Based Dynamic Gateway Selection in Use the Versa SASE Client Application.
- Autorecover mechanism on optimal gateway.
- UI improvements.
Release 7.2.2
Released July 7, 2021
New Features
- Always-on connectivity—Allow preregistered or authorized clients to connect to the VSA gateway without user intervention. See Enable Always-On in Use the Versa SASE Client Application.
- Synchronize autopilot configuration—Gateway profile changes in the secure access server are automatically synchronized and users do not need to re-register each time.
- Detect captive portal and automatically display the captive portal window.
- Admin mode—To enable admin mode, in the SASE client home screen, click Settings > Troubleshoot and then click the Admin Mode toggle button. Admin mode is valid only for 5 minutes.
- Monitor DNS server. See Set Prefixes and DNS Servers in Use the Versa SASE Client Application.
- Fail or open mode—Enable from admin mode.
- Diagnostics and technical support—Run diagnostics to automatically fix basic issues and, for issues that cannot be fixed, provide logs to send to Versa Customer Support. See Perform Diagnostics and Export Logs in Use the Versa SASE Client Application.
- Change latitude and longitude—Click Settings > Troubleshoot and then update the Latitude and Longitude fields.
- Enhancements to log structuring and rotation policies.
- Display local IP address and public IP address information in the Connection Details window.
- Database migration from Release 7.2 to Release 7.3.
- Display custom logo on the client.
- Separate VSA tray application that displays the status of the client.
- Use IP address in IPsec profile.
Fixed Bugs
- Fix delete route script issue.
- Reset password feature.
- Fix TOTP authorization issue.
- Fix EAP ID issue.
- UI improvements.
- Enable rekeying.
Release 7.4.5
Released June 8, 2021
New Features
- Support Windows 7, 64-bit
Fixed Bugs
- Issues with OTP failures and incorrect OTP entry while connecting.
- Improve SAML browser emulation registry to better render the SAML page
Release 7.4.4
Released May 27, 2021
New Features
- Export logs to USB flash drive for technical support in pre-logon mode.
- Graceful reconnect for connections with SAML authentication.
- Users can interact and reconnect from the UI when the connection is lost.
Fixed Bugs
- Fixed pre-logon connect issue.
- Reconnect issues with invalid or no authentication token.
- Unexpected exception handling of timer ticker.
- Synchronize UI, Systray, and Windows when Windows restarts.
- IPC issues between processes on systems in non-English locations.
- IPC issues in reading and updating configurations and state.
Release 7.4.3
Released May 14, 2021
New Features
- Include event viewer logs in log export to technical support
Fixed Bugs
- Unstable connection during graceful reconnect when system wakes from sleep mode.
- Fix issues with tunnel state inconsistencies in UI and Systray.
- Implement a recovery mechanism to reestablish communication between the client and Windows Communication Foundation (WCF) when the WCF service does not respond.
- Add delay between graceful reconnect attempts. Earlier, continuous attempts to reconnect sometimes exhausted retries. With the delay, reconnection chances are greater when the system is up.
- Failure displays if route and DNS installation fails or Windows service does not respond during VPN connect. Service recovery attempt is performed on a best-effort basis by resetting the listening of service. This issue has been fixed
Release 7.4.2
Released April 19, 2021
New Features
- Select best gateway based on proximity of the client to the gateway, gateway load, and the latency between the client and the gateway. See Configure the Versa SASE Client To Select the Best Gateway.
- Autosynchronize periodically with the VSA portal to receive updated profiles.
- Graceful autoreconnect—Automatically restore connection when network comes back up after an outage.
- Detect captive portal and automatically display captive portal window.
- Always-on connectivity—Allow preregistered or authorized clients to connect to the VSA gateway without user intervention. See Enable Always-On in Use the Versa SASE Client Application.
- Detect trusted networks and perform tunnel bypass.
- Notify Windows connect or disconnect events
Fixed Bugs
There are no bug fixes in this release.
Request Technical Support
To request technical support, visit http://support.versa-networks.com. If you are contacting support for the first time, register and create an account. You can also send email to support@versa-networks.com or contact your Versa Networks sales account team.