cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
922
Views
0
Helpful
2
Comments
kyleleighavery
Cisco Employee
Cisco Employee

What's in this release?

 

Hello everyone! Here are the release notes for our most recent updates to Duo.

Public release notes are published on the Customer Community every other Friday, the day after the D-release is completely rolled out. You can subscribe to notifications for new release notes by following the process described here. If you have any questions about these changes, please comment below.

Check out the Guide to Duo End-of-Life and End-of-Support Plans. This guide provides an up-to-date list of current and past end-of-life plans for Duo products.

 

New features, enhancements, and other improvements

 

Duo Device Health application is now Duo Desktop

 

Duo Desktop settingsDuo Desktop settings

 

Duo Desktop settings for device registration and health checksDuo Desktop settings for device registration and health checks

 

More Duo Desktop settingsMore Duo Desktop settings

 

Now in General Availability: Duo Admin Panel common header and navigation

  • The Admin Panel header and navigation are presented with new design and styles.
  • The support content moved from the left navigation to Help menu in the header.
  • The width of the experience has been expanded to 1920px.
  • The deployment ID and account number are now available in the footer.
  • Customers with the ability to have subaccounts on different Duo deployments (such as members of Duo’s MSP program) are included in this general availability release.

 

Now in Public Preview: SAML Encrypted Assertions for SAML Identity Providers in Duo Single Sign-On (SSO)

  • There is a new Assertion encryption setting for Entra ID (Azure ID) and Other SAML Identity Providers that supports encrypted assertions: Allow use of any algorithm that is supported by SAML Identity Provider configuration
  • If enabled, Duo SSO will accept a SAML response using any of the algorithms listed under Assertion encryption algorithm and Key transport encryption algorithm. If disabled, Duo SSO will only accept a SAML response using the specified Assertion encryption algorithm and Key transport encryption algorithm.
  • Enable this new setting to opt-in to this public preview feature. 
Assertion encryption settingsAssertion encryption settings

 

Updated the Duo SSO Assertion encryption algorithm list

  • Updated the default Assertion encryption algorithm from AES256-GCM to AES256-CBC.

 

Duo Admin Panel now displays a banner to accounts with a single Owner

  • When an account has only one Duo administrator with the Owner role, the Duo Admin Panel Administrators page will now display a banner reminding the sole Owner to add another administrator with the Owner role.

 

Operating systems policy updated

 

Updated Duo Universal Prompt for Duo Passwordless

  • The prompt to complete Passwordless 2FA with a WebAuthn platform or roaming authenticator now offers a link to Other options that lets the end-user select a different authentication method.
Duo Universal Prompt for Duo PasswordlessDuo Universal Prompt for Duo Passwordless


New and updated applications


Three new named SAML applications with Duo SSO


Duo Device Health application is now Duo Desktop with the latest release


Duo AD FS MFA Adapter version 2.2.0 released

  • Adds support for AD FS OIDC Application Group applications.
  • Updates the ADFS-Diag.ps1 support script to collect information about Application Groups and NET Framework strong cryptography configuration.
  • Reminder that effective October 10, 2023, Duo no longer supports Windows Server 2012 and 2012 R2. Although it is still possible to install the Duo Authentication for AD FS plugin on these versions of Windows Server, we do not recommend it and we will not be able to support it going forward.

Duo Mobile for Android version 4.53.0 released

  • Miscellaneous bug fixes and behind-the-scenes improvements.

Duo Mobile for iOS version 4.53.0 released

  • Miscellaneous bug fixes and behind-the-scenes improvements.
 

Bug fixes

  • Fixed a bug in the traditional Duo Prompt that omitted mobile device activity notifications from the enrollment summary email.
  • Fixed accessibility issues in the new Duo Admin Panel header and navigation.

 

Comments
Gigawatt
Level 1
Level 1

 

Is there more of a breakdown for the new feature for "Duo AD FS MFA Adapter version 2.2.0"

We run this in on our ADFS servers as well, just wondering what features / doors are going to open for this new update? 

timshores
Cisco Employee
Cisco Employee

Hi @Gigawatt, the latest version lets you use Universal Prompt for applications in your AD FS OIDC application group. It's another tool to help you migrate from the iframe-based traditional Duo Prompt.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Quick Links