Versa Titan Release Notes for Release 10.0, 10.1.2, and 10.2.2
This document describes features, enhancements, bug fixes, limitations, and recommendations in Titan Releases 10.0, 10.1.2, and 10.2.2.
Note that the Versa Titan software supports Versa Operating SystemTM (VOSTM) Releases 21.2.2. You must have the latest supported version of the VOS software on your devices. To check your software version, go to Inventory menu in the Titan Portal dashboard. To upgrade the software, see Upgrade the Software.
For more information about VOS release and features, see Versa Operating System (VOS) Release Notes for Release 21.2.
December 3, 2023
Revision 3
Product Documentation
The Versa Networks Titan product documentation is located at https://docs.versa-networks.com/Titan.
New Features
This section describes the new Versa Titan features introduced in Releases 10.0 and later.
Titan Portal Release 10.2.2
Network
- Destination IP and Precedence Fields for port-forwarding rules—Destination IP and Precedence fields have been added to the port-forwarding rules. The Destination IP field is available only for source NAT (SNAT). See Configure LAN Connections.
- MPLS and Split Tunnel (SD-WAN) option—The SD-WAN and Split Tunnel (MPLS) option is available for split tunnels on a WAN port. Selecting this option sends traffic on both the MPLS network and SD-WAN branches and allows you to select the LAN VRs between which the traffic is routed. By default, the default LAN VR is selected. If you select MPLS and Split Tunnel, you can select the redistribute option in the BGP route selection that redistributes the IP prefixes between the MPLS network and the SD-WAN branches of the selected LAN VR. See Configure WAN Connections.
- Traffic shaper—You can configure peak ingress rate in kilobits per second (kbps) and the maximum burst size, in bytes per second at the device level to control ingress traffic flow. A private SASE gateway can modify traffic shaper configuration only before the device is deployed and activated. To modify the configuration later, contact Versa Networks Customer Support. See Configure Miscellaneous Parameters.
- Security pack (SPack) automatic update—A security pack (SPack) is a software bundle that contains predefined services and objects that you can use in firewall configurations to protect network devices from security threats. By default, automatic updating is enabled. See Configure Miscellaneous Parameters.
Monitor
- Advance Monitoring—The Advance Monitoring option in the Titan monitor dashboard allows users who have privileges to access Versa Director or Versa Analytics to launch Versa Director. See Monitor Device Status.
- Routing and IPsec tabs—The Routing and IPsec tabs have been added to the Monitor Network screen so that you can monitor BGP and OSPF in the LAN and so that you can monitor IPsec tunnel connectivity. This information is also available on Versa Director. See Monitor Device Status.
Site
- Billing type—When you create a store admin, MSP, or Reseller, if you select Create as New, in the Billing Type field you can select one of the following:
- PO Based—For PO-based billing, the start date of the device license is based on the purchase order license start date that you enter when you order the device. For a Cloud Gateway, the license start date is the date that you order the Cloud Gateway.
- License Usage Based—For license usage–based billing, the start date of the license is the date that the device is activated. For a Cloud Gateway, the license start date is the date that you order the Cloud Gateway. See Manage Users.
- Edit Address Option for activated and deployed devices—You can edit the site address fields for activated and deployed devices. See Configure and Activate a Site.
- Local authentication moved to Versa IdP—Local authentication has been moved to the Versa IdP system for centralized authentication.
SASE
- DHCP lease time—You can save and reuse the lease time for LAN configurations that use DHCP. You can then select the lease profile on all devices of the organization, and you can add additional profiles. See Configure LAN Connections and Manage Organization Settings.
- VSA termination on multi-VRF devices—MSPs or customers can select the VRF on which the VSA clients terminate. When you change the termination VRF for an active session, the VSA client disconnects automatically when a user changes the VRF for VSA IPsec, and then it reconnects. See Configure a Secure Access Service (Remote Access VPN) Template.
Titan Portal Release 10.1.2
Network
- Subinterfaces on WAN ports—You can configure additional subinterface on a WAN port in the default template when you deploy a device or after you activate a device. To add a WAN subinterface on an activated or deployed device, you must first lock the device using the enable lock mode option. You can also add a subinterface on a PPPoE interface.
If you enable PPPoE on a single VLAN subinterface of a WAN port, PPPoE is automatically enabled on other VLAN subinterfaces on the same WAN port. For example, if you enable VLAN_100 and VLAN_200 on WAN1_port0, and you enable PPPoE on VLAN_100, PPPoE is enabled on VLAN_200. In this scenario, if bridge interface is also enabled on PPPoE VLAN_200, you must modify the username and password on VLAN_200 to prevent unauthorized access.
In the Advance Configuration (Customized) menu for the WAN interface, you can select the Interface Mode as Trunk, Access, and Bridge interface options. The Bridge Interface option is available only if you enable Trunk or Access mode and configure a Layer 2 port. A bridge interface applies to bridging the Layer 2 port with a PPPoE subinterface or with any WAN subinterface.
Titan Portal Release 10.0
New Product Selection
- Bandwidth-based SASE—For an MSP private gateway and cloud gateway, you can create a bandwidth-based license type. Note that only an operator can change the license types. See Add Devices Using Titan Portal.
- Identity provider third-party–based SAML logins per tenant—You can create a SAML profile and SAML authentication rule that contain information about a third-party SAML IdP and other protocol information. See Configure SAML Profiles and Configure Authentication Rules.
- Public individual tenant URI-based logins to Titan (My Domain option)—The My Domain option allows you to align Versa Titan as a complete SASE solution. An end user can now directly access all configured SSO profiles without having to enter the organization name, as was required in previous releases. When an MSP or reseller adds a customer to Titan Portal, a unique URL is shared in the welcome email that is sent to the customer and that they can use to access Titan Portal. When creating a new customer, the organization name is, by default, part of the URL for My Domain, with a subdomain as selected by Versa. However, the customer can enter customized URL. See Add and Manage New Customers on the Titan Portal Dashboard.
For organizations migrating from previous releases, the organization name is part of the URL for My Domain, and versatitan.net is the subdomain. If you want to modify the my domain name after it is has been created, contact Versa Networks Customer Support.
- Remote access VPN—Remote access VPN, an add-on service available for customers who purchase a device license, enables the secure access VPN on branch devices. After you add a device, you can enable remote access VPN in the WAN network configuration, and then the Remote Access VPN tab is displayed in the device configuration window. See Add Devices Using Titan Portal.
-
Support for CSG2000 series appliances—Titan devices support CSG2000 series hardware appliances. See Add Devices Using Titan Portal.
Network
- High availability with VRRP on each port—On an HA device, you can configure VRRP on each LAN port except the cross-connect port. In previous releases, you could configure only one port. To configure VRRP, select the Ethernet LAN port and then toggle VRRP on the Routed (Layer 3) Port. See Deploy High Availability.
- LAN profiles—You can configure a LAN profile to use when configuring Ethernet ports and WiFi interfaces. For each LAN profile, you configure IRB interfaces (including DHCP, DHCP relay, and DHCP clients), virtual LANs (Layer 2 and Layer 3 switching), 802.1X device authentication, Spanning-Tree Protocol, and Link Aggregation Group. See Configure LAN Profiles.
- Layer 2 switch mode—You can configure a LAN port to be a routed (Layer 3) or switched (Layer 2) port. See Configure Ethernet and WiFi Ports.
- Multi-VRF—An operator, a store admin, an MSP, or a reseller can enable multi-VRF for an organization when creating a new customer. Then, a user can use the option to add VRFs when configuring the LAN profile and Ethernet interface. See Add and Manage New Customers on the Titan Portal Dashboard.
- Multi-VRF on configuration mode screens—In configuration mode, the multi-VRF option displays on various menus, including Network, Security, Steering, and Protocols. In Monitor mode, you can select VRFs after selecting the LAN monitor.
- VRF-to-VRF route leaking—If you create static routes for leaking routes between VRFs, you must also create a firewall rule that allows this traffic to pass through. To do this, you select the match criteria and the correct zone scope interface VRF named bidirectionally. See Configure Routing.
- WiFi with RADIUS—When you select WiFi, corporate, and security mode with the enterprise option, the option to configure RADIUS authentication displays, and you can configure the IPv4 address, port, and shared security secret. When users access the WiFi, RADIUS authentication occurs, and the user is then allowed to access the corporate SD-WAN. See Configure WiFi Radios.
- WiFi with multi-VRF—You can configure WiFi corporate traffic to terminate on a specific VRF by selecting Networks > LAN > WiFi and the Ethernet menu, and then selecting VRF in WiFi-1. See Configure Ethernet and WiFi Ports.
Organization Settings
- Kerberos, LDAP, RADIUS, and SAML authenticators—On Titan Portal, you can configure a Kerberos, Lightweight Directory Access Protocol (LDAP) server, Security Assertion Markup Language (SAML), and a RADIUS profile to authenticate end users at the tenant (organization) level using the Authenticator option in the Organization Settings menu. You can use the same profile for all devices in an organization. You can select the profiles when you configure a device, so you do not need to define same profile in multiple places on a device. See Manage Organization Settings.
SASE
- Templates for VSA—For Versa Secure Access (VSA) and the remote access VPN template, you can view the template name, number of devices, and the devices that use the template. The templates have tabs for client settings, security, steering, and miscellaneous (groups and registration portal). Click Secure Access Default template name to configure the VSA service for an organization. See Configure a Secure Access Service (Remote Access VPN) Template.
Security
- Geolocation IP filtering—You can configure geolocation IP-filtering profiles to block IP addresses based on IP address reputation and IP address metadata such as geolocation, and then associate them with security rules under apply security profile. Versa Networks provides a list of predefined regions that you can use to create IP-filtering profiles based on geolocation. See Configure Security.
- Rules list view—By default, the security rules are displayed in grid view. You can change the view to list by clicking the list view icon and pin the view to list for the login session, use the pin icon. See Configure Security.
- SSL full proxy option for TLS decryption profiles—You can configure the SSL full proxy option in explicit and transparent modes for TLS decryption rules. Explicit mode processes SSL/TLS traffic destined to a specific IP address and a specific port. Transparent mode processes SSL/TLS traffic destined to any IP address but to a specific port. See Configure TLS Decryption Profile.
- Users and group match criteria rules for firewall and TLS decryption—After you configure the LDAP active directory, you can go to Security > Firewall Rules and Decryption > Rules to select users or groups to apply rules. The users and groups are those that Titan has in its LDAP active directory. See Apply Match Criteria for Firewall Rules.
Steering
- Rules list view—By default, steering rules are displayed in grid view. You can change the view to list by clicking the list view icon and pin the view to list for the login session, use the pin icon. See Configure Traffic Steering.
- Users and group match criteria rules for traffic steering—After you configure the LDAP active directory, you can go to Steering > Firewall Rules to selected users or groups to apply rules. The users and groups are those that Titan has in its LDAP active directory. See Apply Match Criteria for Traffic-Steering Rules.
- Web proxy bypass option for traffic steering—You can configure a device to be a web proxy, which is a type of explicit proxy. A web proxy acts as an intermediary between a user and a website that they are accessing, making requests to the website using its IP address. A web proxy allows the user to remain anonymous and speeds up browsing by caching webpage data. See Configure Web Proxy Bypass Rules.
Limitations and Behavior Changes
Limitations and Behavior Changes in Release 10.2.2
The following are the limitations and behavior changes in Release 10.2.2.
- To change the billing type from PO-based to license usage–based, a store admin, MSP, or Reseller must contact Versa Networks Customer Support. You cannot change the billing type from the UI. Also, you cannot change the license usage-based type to PO-based.
- For the OSPF area ID, you can use a numerical value in the range of 0 through 4294967295, but the IP address format is not supported.
- The SASE gateway and remote access VPN must be running the same VOS software version (Release 21.3.2) as the headend. If the Titan Inventory dashboard displays a red exclamation mark for the SASE gateway and Remote Access VPN to indicate that you should downgrade to Release 21.2.3, ignore the prompt.
- You cannot migrate remote access VPN users.
- After you migrate from local user authentication to Versa IdP, local (platform) users (enterprise admin or enterprise user) can connect to the gateway if the enterprise has a gateway or remote access VPN connection.
- A enterprise user can order an unlimited number of VSPA users. However, the start and end addresses of the IPsec tunnel address pool are based on the number of users ordered for user-based license type.
- In the Users menu, the user lock and unlock have no effect on VSPA and VSPA plus local users. When you enable lock the VSPA connection is not blocked. Lock works only for local platform users.
- A user platform created with a local user can also connect to VSPA. However, it is recommended that you do not use a local platform user for VSPA.
- Migrated VSPA users cannot reset their password from Versa SASE client application unless the user deletes the record from the local database on the VOS device.
- After you upgrade from Release 10.1.2 to Release 10.2.2, you cannot delete a SASE gateway tenant from Titan Portal. To delete a SASE gateway tenant, contact Versa Networks Customer Support. The NOC must delete migrated organization service template SECURE_organization-name on the Director node. To do this, in Director view, select Configuration > Device Groups, click the SASE gateway device, and in Post-Stagging Template Associations, delete the template SECURE_organization-name and then commit the template. Then, you can delete a SASE gateway tenant from Titan Portal.
- When you configure a static route on Remote Access VPN > IPsec Tunnel Address Pool, the system adds a static route for IPsec pool subnet. Static routes do not display in the Routing tab. To display static routes, select Static Route tab, and then click Sync Configuration in the device option card in the Titan Portal Monitor dashboard. Do not delete the static routes. If you do, the remote access VPN may not work as expected.
- If user onboards a provider organization with a SASE gateway device, the user cannot deactivate the SASE gateway. To redeploy or deactivate the SASE gateway device, contact Versa Networks Customer Support.
- An IPsec interface specific to a SASE gateway tenant is not deleted if the MSP deletes the SASE tenant from gateway with the IPsec tunnel. The IPsec interface is not affected, and it is assigned to the Global routing instance.
- When you update an OSPF LAN-VR configuration, an OSPF instance with router-id, domain-vpn-tag, and enable-alarms is added to the WAN-Transport-VR. When you delete an OSPF LAN-VR, the configuration is not cleaned up, and it keeps the router-id, domain-vpn-tag, and enable-alarms configuration on the LAN-VR.
- You cannot add and delete a VLAN for SASE tenants for single publish in same window. You can perform only one operation, either add or delete, or publish. If you perform add and delete VLAN and then publish in same window, the system does not work as expected.
- You can view cloud gateway order or upgrade request from a customer organization, and it does not display in MSP, store admin, or reseller provider organization.
- vCSG deployment and activation are not supported.
- Versable activation method is supported only for Ubuntu 14.04 (Trusty) devices for VOS Release 21.2.3. Ubuntu 18.04 (Bionic) support for Release 21.2.3 will be added in later releases.
Limitations and Behavior Changes in Release 10.1.2
The following are the limitations and behavior changes in Release 10.1.2:
- For a subinterface, you cannot configure the following options:
- Enable or disable WAN interface at the subinterface level
- Circuit ole
- Link Mode
- Link Speed
- MTU
- If you select an interface to be a bridge interface, the following options are disabled:
- Gateway
- Link Monitoring
- Next Hop
- Remote IP
- For a device, you can configure a maximum of 8 WAN/LTE ports, including subinterfaces. If any free port is available, you can add them as LAN ports.
- PPPoE is supported only on the WAN1, WAN2, WAN3, and WAN4 interfaces.
- If you enable PPPoE on a subinterface of a WAN port, PPPoE is automatically enabled on other subinterfaces of the same WAN port. If you enable a bridge interface on a WAN PPPoE subinterface, the system creates dummy PPPoE tvi interfaces.
- A SASE gateway or remote access VPN device does not support WAN subinterfaces.
- You cannot delete WAN interface and the corresponding SNAT rule simultaneously. You must first delete the SNAT rule and publish the configuration, and then delete the WAN interface and publish the configuration again.
- You can enable xDSL only on the vni-0/0 interface.
- You cannot onboard a device with WAN PPPoE subinterface using the WiFi method. However, you can onboard the device using a staging script. For more information, contact Versa Networks TAC or Customer Support team.
- If you configure an interface as a bridge interface, the interface zone is not displayed in the Titan Portal zone selection menu. However, these zones are configured in Versa Director and on the device, and the functionality works properly.
- You can create a WAN subinterface from Network > WAN. This subinterface does not have an enable option, so if an administrator deletes the base WAN interface, you cannot disable a WAN subinterface. For example, if you create the WAN2Port0 subinterface on WAN1Port0, you cannot enable or disable WAN2Port0 if a user an administartor deletes the WAN1 interface.
- You can configure only one VLAN for bridge trunk port.
- If a user adds or deletes a PPPoE interface and the network is mapped with the incorrect PPPoE tvi interface, the Titan Portal monitor option does not work properly.
- The speed test for SD-WAN with a PPPoE interface and with no VLAN does not work as expected.
- When you configure a LAN with a Layer 2 interface mode as trunk port and WAN Port1 PPPoE subinterface with VLAN0, you cannot also configure another Port1 PPPoE WAN subinterface as a bridge interface.
- You can select the reorder rule option in a device to arrange the firewall rules whenever required, and publish the configuration after reordering the rule.
- For Titan deployment with headend running VOS Release 21.3.2 and all the devices (branches) running Release 21.2.3, Titan inventory dashboard displays the prompt for the SASE gateway and remote access VPN to downgrade to Release 21.2.3. In this scenario, user must not upgrade SASE gateway and remote access VPN to Release 21.2.3. SASE Gateway and remote access VPN must be running with VOS 21.3.2 same as the headend.
- You can select network address as static and configure mandatory fields such as address, gateway, and name server in the device configuration, and then save or publish the configuration.
- If you configure an authentication rule on a Titan branch that is running VOS Release 21.2.3 and managed by headend device with VOS Release 21.3.2, authentication rule configured may not work as expected if user perform sync from Titan monitor page.
- You need to add authentication rules after device activation and not during device deployment.
- VOS Release 21.2.2 does not support activating WAN with VLAN using Versable method. You should use the latest 21.2.3 version recommended for this release.
- vCSG deployment and activation is not supported in this release.
Limitations and Behavior Changes in Release 10.0
The following are the limitations and behavior changes in Release 10.0:
- Remote access VPN does not support client steering. However, VSA clients support client steering.
- For firewall and decryption rules, you must configure authentication rules before using Users and Groups.
- You can change VSA settings only from Organization Setting templates. The same configuration is pushed to all SASE gateways.
- For HA devices, you can change the following fields only on primary devices when lock mode is enabled:
- Enable or disable VLAN tagging
- Layer 3 VLAN addition or removal to LAN interface
- Layer 2 and Layer 3 modes change
- VRF changes on Layer 3 interfaces and Layer 3 VLANs
- When you configure the following fields on the primary device for an HA pair, they are configured automatically on the secondary device when you deploy and redeploy:
- LAN profiles, including Layer 2 and Layer 3 VLANs, IRB interfaces, 802.1X, and Spanning-Tree Protocol.
- Layer 2 interfaces
- VLAN interfaces
- When you add an additional WAN port in lock mode for HA devices, first delete the LAN port and publish and redeploy the device, and then add the WAN port and publish and redeploy the device again.
- A remote access VPN terminates on the default enterprise VRF, that is, enterprise name-LAN-VR.
- In bandwidth-based SASE, only an operator can switch the service type from users to bandwidth or bandwidth to users.
- SASE gateway does not support SD-WAN speed test.
- You must associate an interface with a VRF to have a specific or custom VRF in an IPsec profile.
- If the user has added static routes for the default LAN-VR prior to Release 10.0 and now user adds multi-VRFs in Release 10.0 for its enterprise, and if the user wants to add static routes for the newly added VRFs, it is recommended that the user first delete the static route for the default LAN-VR and then add a new static route.
- Web proxy bypass works on HTTPS only if you configure a decryption profile.
- When you configure SAML authentication, you must do the following so that SAML works as expected:
- Create open rules with destination ports as 44991 and 8080.
- Create a new TLS decryption rule without source and destination zones.
- For a remote access VPN, you must enter the WAN IPsec tunnel IP address information manually.
- When migrating from Titan Release 9.3.2 to Titan Release 10.0, LDAP customers can update LDAP Users and Groups.
- You can change VSA authentication to LDAP, SAML, or local. However, the local user is not deleted when a user changes authentication from local to another authentication methods. In the GUI, the local user is disabled, but the user can delete it if required.
- If you change the authentication from local to another method, you must publish the configuration and again configure the authentication to local.
- When an MSP or a reseller wants to publish a configuration to a specific tenant, you must select Untrust Always in firewall rule.
- Before approving a new SASE gateway license, an MSP or a gateway device admin must check the device resource usage.
- For VSA, if you are using a bandwidth-based SASE gateway license, you must enter the WAN IPsec tunnel IP address information manually.
- You cannot use an optimal gateway group with a SASE gateway and a remote access VPN, because the SASE gateway BGP private TLVs options are enabled in the provider control virtual router, and for remote access VPN, they are enabled in a customer control virtual router. An optimal gateway works only when a group has only a SASE gateway or only a remote access VPN, and not both.
- An MSP, a reseller, or a customer must configure the maximum number of WAN ports in the Versa Director provider organization and then propagate the configured WAN ports to the tenant organization before onboarding the tenant to SASE gateway.
- In HA mode, you can add VRRP capabilities to the LAN interface from Titan Portal with your own VRRP IP address. Because the system generates the VRRP interface IP address for secondary device automatically based on the primary VRRP IP address, you cannot use the immediately next IP address of the primary interface IP address as virtual IP address, because it is reserved for the secondary VRRP interface IP address. For example, If you chose 192.168.1.1 as primary VRRP interface IP address, 192.168.1.2 is reserved for the secondary VRRP interface IP address automatically. So, you cannot use 192.168.1.2 for the virtual IP address.
- You must always maintain LAN symmetrically on both devices. For example, if you add LAN_PORT2 to a VRF on the primary device, you must add the same LAN_PORT2 to the VRF on the secondary device.
- In HA mode, if you disable VRRP for IRB interface on the HA primary device, the IRB interface of the primary and secondary devices is configured with different subnets.
- You must configure the hub or hub controller region for the configured spoke group type to work as expected.
- Before you activate a hub or hub controller and the first spoke device, you must decide on the number of VRFs you need to configure. When you add a new VRF, follow these steps:
- Add a new VRF to any hub, hub controller, or spoke device
- On the Organization Settings page, create a new spoke group template that has the required spoke group type. The same spoke group type is applied for all available VRFs when a spoke group template is created.
- To apply the newly created spoke group template to an already activated spoke device, do the following on each spoke device:
- Add the new VRFs to the activated hub, hub controller, or spoke device.
- Go to Organization Setting > Spoke Group, and create a new template that has the required spoke group type.
- Go to the existing deployed or activated spokes devices.
- Lock the devices.
- Go to the Titan Portal Home screen, select the new spoke group, and publish.
- Repeat Steps 3a through 3e on all devices that are activated.
- To deploy multi-VRF in a hub and spoke for a new organization:
- Activate the hub device and add the multi-VRFs.
- Go to Organization Setting > Spoke Group, and create a new template.
- Add the spoke devices, select the device from the Configure home screen, and activate. All the spokes use this spoke group template, with two VRFs of same spoke group type.
- In the VSA template, select the SASE gateway device to which the VSA client first registers to download the VSA and SASE configuration.
- For the Kerberos authentication method, configure a decryption profile with SSL type full proxy, web proxy bypass, and captive portal. Because of a known issue on the VOS device, add the decryption rule without source and destination zones.
- If an MSP wants to delete any VLAN, at least one VLAN must be present before you can delete the other VLANs. Before you delete a VLAN, do the following:
- Add the required VLANs and publish the configuration.
- Make sure that the LAN physical interface is configured with more than one VLAN.
- Uncheck the VLANs that are not required.
- Publish the configuration.
- You cannot deploy a spoke-to-hub-controller node with only an MPLS circuit.
- For an enterprise, you can have either hub or hub-controller topology, but not both.
- Titan creates the Allow_From_Trust rule to fix a bug in Versa Director, and then Titan disables the rule.
- You must execute the device lock and publish in a maintenance window, because redeploying the device disturbs the traffic flow.
- You must configure the device with a minimum one LAN interface in all topologies to create, deploy, or activate the device, especially in a LAG deployment. For a LAG deployment, ensure that the LAN and LAG interfaces are in the same VRF so that direct internet access works properly.
- If the WAN interface is a PPPoE or xDSL interface, you cannot add a static route..
- You cannot delete a WAN interface and associated SNAT pool simultaneously. You must delete the SNAT pool and publish the configuration, and then delete the WAN interface and publish the configuration again.
- During an appliance activation, if Titan declares that the appliance is activated or failed, the Titan tasks stop publishing further task messages from Versa Director.
- In Titan Mobile App, you can only activate and monitor the device. Configuring a device using Titan Mobile App is disabled.
- In Titan Mobile App, the troubleshooting section in the Hamburger menu for active device has been removed. You can now troubleshoot from the enterprise portal.
Revision History
Revision 1—Release 10.0, November 15, 2022
Revision 2—Release 10.1.2, May 26, 2023
Revision 3—Release 10.2.2, December 3, 2023