What's New in Version 9.0.2
SecureEdge Access Mass Enrollment
The Barracuda SecureEdge Manager allows administrators for mass enrollment for SecureEdge Access with their respective devices. You can now enroll multiple groups and users at the same time.
For more information, see How to Enroll Users in Barracuda SecureEdge.
SecureEdge Access Global and User Settings
As of the 9.0.2 release, administrators can configure additional SecureEdge Access settings on global and user level. You are provided with several new safety features for SecureEdge Access, such as:
Tamper Proof – User can no longer disable the SecureEdge Access Agent, unenroll the SecureEdge Access Agent, or quit SecureEdge Access Agent by right-clicking on the system tray.
Device Pre-Logon – Enables numerous accounts on Windows to share the same enrollment link. Administrators can manage user devices running Windows without the user being logged in.
User Device Limit – Refers to the number of devices the user is allowed to enroll.
For more information, see How to Configure SecureEdge Access Global Settings.
In addition, you can now override the global SecureEdge Access/Default settings of the ZTNA features and create settings on a user level.
User Override – You can override ZTNA features on each user level.
For more information, see How to Configure SecureEdge Access User Settings.
Application Catalog Entries
The Barracuda SecureEdge Manager allows administrators to define applications to appear in the SecureEdge Access Agent app for quick access.
For more information, see How to Configure Application Catalog Entries.
SecureEdge Zero Trust Access Dashboard
A new, Barracuda SecureEdge Zero Trust Access dashboard is now available. The Barracuda SecureEdge Manager allows you to create and customize your own SecureEdge Zero Trust Access dashboards in order to simplify the management of traffic information and status for connected users, resources, and custom applications.
For more information, see How to Customize a SecureEdge Zero Trust Access Dashboard.
Barracuda DC Client Configuration
The Barracuda SecureEdge Manager allows administrators to configure the DC Agent, which acts as the connector between various Barracuda Networks products and Microsoft domain controllers to transparently monitor user authentication.
For more information, see How to Configure the DC Client in Barracuda SecureEdge.
LDAP Integration in SecureEdge Access
Barracuda SecureEdge Access now allows administrators to select either Microsoft Entra ID or LDAP and sync with Zero Trust access.
For more information, see How to Connect Your Microsoft Entra ID or LDAP with SecureEdge Access.
Multiple IP Support for Static WAN
Barracuda SecureEdge now supports multiple IPs on a static WAN interface. The SecureEdge Manager allows you to add additional IP addresses, in addition to the primary IP address, to a static WAN interface for both Sites and Private Edge Services. Note that when selecting a static WAN interface as the destination of an ingress NAT rule or as the source of an IPsec tunnel, you need to select a single IP configured on this static WAN interface: either the primary IP address or an additional IP address.
For more information, see How to Configure Additional IP Addresses to a Static WAN Interface.
Available Hotfixes
9.0.0 – 9.0.2: Hotfix 1123 - OpenSSH
Summary:
Fixes CVE-2024-6387 (RegreSSHion vulnerability)
Note: After installing the hotfix, you can only update from 9.0.0 to 9.0.2!
To download the package, go to https://dlportal.barracudanetworks.com/#/packages/5919/openssh-1123-9.0.2-220099771.tgz
In addition, the new patch package including the three hotfixes has been released for CloudGen Firewall and SecureEdge that includes: Hotfix-1120, Hotfix-1121, and Hotfix-1123.
To download the new patch package including the hotfixes, go to https://dlportal.barracudanetworks.com/#/packages/5923/patch.GWAY-9.0.2-0230+3hotfixes.tgz
Known Issues 9.0.2
ACL Rule – Setting up the source or destination criteria to all sites and all private Edge Services results in the same networks configured on the box. [SWCS-3988]
Known Issues Related to Azure Log Analytics (OMS)
On boxes with Azure Log Analytics (OMS) activated, the phibs service does not restart automatically after update. To get the service running, a reboot is required.