Skip to main content
Versa Networks

Versa Networks Cloud-Hosted SASE Services Release Notes

These release notes describe the features for the Versa Networks cloud-hosted SASE services.

January 10, 2023
Revision 2

Product Documentation

The Versa Networks product documentation is located at https://docs.versa-networks.com.

New Features

  • Address object references—You can view, edit, and delete address object references. See Configure Address Objects.
  • Application reverse proxy and IdP proxy—Application reverse proxy protects software as a service (SaaS) applications from direct access from unmanaged devices that do not have Versa client installed to connect to Versa Cloud Gateways. It uses an identity provider (IdP) for user authentication. See Configure Application Reverse Proxy.
  • Automatic certificate provisioning, distribution, and renewal—You can use the Automated Certificate Management Environment (ACME) protocol to automatically provision, distribute, and renew certificates for SASE services. See Configure Certificate Servers.
  • CASB—Cloud Access Security Broker is on-premises or cloud-based policy enforcement software that secures the data flowing between users and cloud applications to comply with corporate and regulatory requirements. See Configure CASB Profiles.
  • Central authentication for Director AAA—For remote authentication, you can create a user on a central authentication server. See Configure AAA (for Director).
  • Certificate manager—When configuring a certificate manager, you can configure the Default CSR and On Response Unknown fields in the Add Server popup window and the Expiry Alarm Threshold, Renew Threshold, Subject Alt Name, and Onboard Notification fields in the Add Request popup window. See Configure Certificate Servers.
  • DLP—Data loss prevention is a set of tools and processes for detecting and preventing data breaches, cyber exfiltration, and unwanted destruction of sensitive data.
  • DNS filtering—In a DNS filtering profile, you can configure the identification of tunnel detection, which is a type of cyberattack that encodes data from other programs or protocols in DNS queries and responses, and you can configure a sinkhole action. See Configure DNS Filtering.
  • DNS monitoring logs—You can configure traffic-monitoring policies to export DNS monitoring logs to Versa Analytics. See Configure Log Export Functionality.
  • Dynamic destination NAT IP addresses—When you configure a CGNAT address pool, you create a dynamic IP address–only pool, which allocates dynamic destination NAT (DNAT) IP addresses. See Configure CGNAT.
  • Dynamic tenant configuration—For service templates, you can dynamically configure tenants. See Configure Basic Features and Configure the Versa Secure Access Service.
  • Dynamic Versa Cloud Gateway—Dynamic Versa Cloud Gateway (VCG) allows provider organizations to provide an optimal gateway to Versa SASE clients. A VSG instantiates when there is no optimal gateway for a SASE client gateway group. See Configure Dynamic Versa Cloud Gateways.
  • Email notifications for alarms enhancements—You can include additional variables when configuring the email subject, and you can include variables in the message of the email and SMS text message. Note that for existing notification rules (without variable substitution), there are no significant changes, and you continue receiving mostly the same email as before. The only difference is that if you had configured an email subject, that subject shows up as the title in the email message. (In previous releases, the title in all emails is the string "Alarm Alert".) Also, in previous releases, some details about the alarm (such as device name, tenant, severity, alarm type, and alarm text) are included at the bottom of all notification emails. If the email message contains no variable substitution, these details continue to be included. If the email message contains substitution for alarm severity and either for device name or alarm type, these details are not included. This means that, for existing customers, if you do not change their email message, the email content remains the same as before, and if you customize the email body using variable substitution, the email body contains only what you configure, with no redundant details included at the bottom of the message. See Configure Notifications for Alarms.
  • Endpoint information profiles—Endpoint information profiles (EIPs) classify endpoints based on multiple types endpoint posture information. See Configure Endpoint Information Profiles.
  • HTTP header profiles—You can configure HTTP header insertion and modification profiles for use with SaaS applications. See Configure HTTP Header Profiles and Configure HTTP/HTTPS Proxy.
  • IDP dropped packets—When a new version of the IPS signature is being compiled, traffic is processed using the previous version of the IPS signature. See Configure Intrusion Detection and Prevention.
  • Logging enhancements—VOS devices support SASE web and DNS-monitoring logs. See Configure Log Export Functionality, Configure Log Collectors and Log Exporter Rules, Analytics Log Collector Log Types Overview, and Apply Log Export Functionality.
  • Monitor SaaS applications with traceroute—You can use the traceroute command to monitor SaaS applications.
  • Network obfuscation—When you create a DNS proxy, you can configure network obfuscation and DHCP server monitors. See Configure a DNS Proxy.
  • Secure web gateway—NGFW supports SWG (explicit proxy) user authentication using LDAP and local authentication. See Configure User and Group Policy.
  • Select a Director view—You can directly change the Versa Director view to Director view, Template view, or Appliance view. A message displays in the horizontal menu bar to indicate which view you are currently in. You use the buttons in the bar to the right of the log to change views. See Director GUI Overview.
  • Simple Mail Transfer Protocol (SMTP) notifications—You can configure SMTP notifications at the system level and for tenants. See Configure SMTP Notifications.
  • SMS text messaging—The SMS and SMTP notification configurations no longer appear on the same screen. There are now separate SMS and SMTP notification configuration screens. See Enable SMS Text Messaging and Configure SMTP Notifications.
  • TWAMP Control—TWAMP Control, also called full Two-Way Active Measurement Protocol (TWAMP), allows negotiation of SLA parameters negotiation. You can configure TWAMP client and server sessions. See Configure TWAMP Control Client and Server Sessions.
  • TWAMP Light test sessions—You can associate a TWAMP Light sender test session with a TWAMP Control client connection and a TWAMP Light reflector test session with a TWAMP Control server connection. Also, TWAMP Light reflector test sessions support auto start. See Configure TWAMP Light Sessions.
  • User-defined sessions—When you configure a user-defined session, you can configure the action to be sinkhole. See Configure User-Defined Actions.
  • User and user group policy—NGFW can use certificate, LDAP, local profile, Kerberos, RADIUS, and SAML for user and group authentication, and you can configure RADIUS servers. See Configure User and Group Policy.
  • Webhook notifications for alarms—When a VOS device generates an alarm, the alarm is sent to the Director and Analytics nodes. On the Director node, you can configure webhooks to forward the alarms and notifications to an external HTTP or HTTPS server and to a ServiceNow platform, and you can then incorporate the notification details into your web services. See Configure Webhook Notifications for Alarms.
  • Web-monitoring logs—You can configure traffic-monitoring policies to export web-monitoring logs to Versa Analytics. See Configure Log Export Functionality.

Request Technical Support

To request technical support, visit http://support.versa-networks.com. If you are contacting support for the first time, register and create an account. You can also send email to support@versa-networks.com or contact your Versa Networks sales account team.

Revision History

Revision 1—March 18, 2022
Revision 2—January 10, 2023

  • Was this article helpful?