D277: Duo Release Notes for Oct 27, 2023

kyleleighavery · ‎10-27-2023

What's in this release?

New features, enhancements, and other improvements
Now generally available: Provision Duo from Cisco Security Cloud Control
Now generally available: Policy Endpoints in the Admin API
Now generally available: Identify trusted networks in Risk-Based Factor Selection (RBFS) and Risk-Based Remembered Devices (RBRD) policies
Restrict network access to the Duo Device API for generic Duo Trusted Endpoints integrations
Duo operating systems policy update for Android
New and updated applications
Five new named SAML applications with Duo SSO
Duo Device Health for MacOS version 5.6.0.0 released
Duo Device Health for MacOS Public Beta version 5.6.2.0 released
Duo Device Health for MacOS Public Beta version 5.6.1.0 released
Duo Device Health for Windows Public Beta version 5.6.1 released
Duo Mobile for Android version 4.52.0 released
Duo Mobile for iOS version 4.52.0 released
Bug fixes

Hello everyone! Here are the release notes for our most recent updates to Duo.

Public release notes are published on the Customer Community every other Friday, the day after the D-release is completely rolled out. You can subscribe to notifications for new release notes by following the process described here. If you have any questions about these changes, please comment below.

Check out the Guide to Duo End-of-Life and End-of-Support Plans. This guide provides an up-to-date list of current and past end-of-life plans for Duo products.

New features, enhancements, and other improvements

Now generally available: Provision Duo from Cisco Security Cloud Control

New users who purchase the User Protection Suite from Cisco Security Cloud Control can provision Duo as part of their suite.
Administrators with the User Protection Suite can use the Cisco Security Cloud Sign On, protected by Duo to sign in across Cisco Secure products.

Now generally available: Policy Endpoints in the Admin API

The Duo Admin API now provides Duo Policy endpoints.
Customers can more easily manage larger environments with bulk applying user group policies to applications.

Now generally available: Identify trusted networks in Risk-Based Factor Selection (RBFS) and Risk-Based Remembered Devices (RBRD) policies

RBFS and RBRD policies can suppress detection of a novel IP address or novel WiFi Fingerprint if the user is authenticating from an IP address on a list of known low-risk IPs defined in the policy.
To define low-risk IP addresses for RBFS or RBRD, edit the policy of each application protected by RBFS or RBRD in the Duo Admin Panel and specify a list of IP addresses, IP ranges or CIDRs in Add Trusted Networks.

A screen grab of the new Add trusted networks section.

Restrict network access to the Duo Device API for generic Duo Trusted Endpoints integrations

Optionally specify which IP addresses or ranges are allowed to use your Device API application in Trusted Endpoints > Networks for API Access. If you do not specify any IP addresses or ranges, the Device API application may be accessed from any network.

A screen grab of the new Networks for API access (optional) section.

Duo operating systems policy update for Android

As of October 17, Duo operating systems policy will recognize Android 14 as the latest and Android 13 as up-to-date.

New and updated applications

Five new named SAML applications with Duo SSO

There are now named SAML applications to protect Hubspot, Auvik, Singlewire InformaCast, Zoho Directory and Bitwarden with Duo SSO, our cloud identity provider.
Reminder: Duo Access Gateway reached the last date of support on October 26, 2023. The new DAG end-of-life date will be March 30, 2024. Please see the Guide to Duo Access Gateway end of life for more details.