Firmware Version 1.3 Release Notes

Firmware version 1.3.3

New Features

1. Handle licensing system outages more gracefully.
2. Fixed sending of handshake error messages to clients could occasionally fail.

‍

Firmware version 1.3.0

New Features

1. Accessing the Orchestrator Console now requires an extra authentication step from within the BlastShield™ Client.
2. Support for running gateways in NAT mode on a single network interface.
3. Added a source + destination NAT mode to gateways. This allows for secure remote access without adding a return route to the lastshield prefix on the protected endpoints.
4. Added support for running gateways in Google Cloud.
5. Substantially improved host agent performance on both Linux and Windows.
6. Support for running host agents on macOS.
7. Agents, Gateways and Clients can now be upgraded without existing connections being dropped.
   
   

Bug Fixes

1. Fixed Lighthouse connection failures due to expired \DST Root CA X3\ certificate on older OS versions.

‍

Upgrade Instructions

New firmware is available for the following applications. Please upgrade the applications in order as shown in the list below. The list is hyperlinked to the relevant installation guides, which also contain the firmware download links. Please ensure that you upgrade your Desktop Client before you upgrade your Orchestrator so that you can continue to access the Orchestrator.

1. Upgrade your desktop client.
2. Upgrade the firmware of the BlastShield Orchestrator.
3. Upgrade the firmware of the connected BlastShield Gateways.
4. Upgrade your BlastShield™ Agents.

‍

Feature Descriptions

Accessing the Orchestrator Console now requires an extra authentication step from within the BlastShield Client

This feature prevents malware on the client computer from making unauthorised connections to the Orchestrator when the Client is connected.

To access the Orchestrator the connected User must first select the Launch Orchestrator option in the Client. This will trigger an additional authentication step and the user will authenticate using a QR code and mobile device biometrics using the Mobile Authenticator app.

Once authentication is complete the BlastShield™ Client will open an Orchestrator session in the web browser of the Client computer. See this article to learn how to do this.

Support for running gateways in NAT mode on a single network interface

This simplifies the networking setup within cloud environments to provide a faster setup experience.

Source + destination NAT mode support for gateways

Added a source + destination NAT mode to gateways.

This allows for secure remote access without adding a return route to the Blastshield™ prefix on the protected endpoints.

Support for running gateways in Google Cloud

A Gateway may be deployed as a GCP Compute Engine instance to provide secure encrypted zero-trust access with micro-segmentation for VMs running in the VPC.

Substantially improved host agent performance on both Linux and Windows

The Agent's data throughput has been significantly optimised to allow for high-performance workloads.

Support for running host agents on macOS

Agent support for macOS has been added. The Agent provides secure encrypted zero-trust access with micro-segmentation support. Learn how to install an Agent on macOS here.

Agents, Gateways and clients can now be upgraded without existing connections being dropped

Upgrading a Gateway, Agent or Client will not cause the existing connections to be dropped.

‍