cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1403
Views
0
Helpful
9
Comments
kyleleighavery
Cisco Employee
Cisco Employee

 

Hello everyone! Here are the release notes for our most recent updates to Duo. 

Public release notes are published on the Customer Community every other Friday, the day after the D-release is completely rolled out. You can subscribe to notifications for new release notes by following the process described here. If you have any questions about these changes, please comment below. 

Check out the Guide to Duo End-of-Life and End-of-Support Plans. This guide provides an up-to-date list of current and past end-of-life plans for Duo products.  

 

New features, enhancements, and other improvements 

In-app survey in the Duo Admin Panel 

  • Some administrators will be prompted to fill out a new in-app survey in the Duo Admin Panel to collect user feedback. Not all admins will be prompted to fill out the survey and participation is optional for those for whom it does appear. 
    • Federal customers are omitted from the survey. 

 

Updates to the WebAuthn page in the Duo Admin Panel 

  • 2FA Devices > WebAuthn has been revamped to omit obsolete references to U2F and add columns to the credentials table for additional information.  
 

The 2FA Devices > WebAuthn page has been updated for clarity.The 2FA Devices > WebAuthn page has been updated for clarity.

Change to Duo Admin Panel fonts 

  • The Duo Admin panel has new fonts! This will not affect functionality. 

 

Improvement to single subaccount reparenting 

  • Reparenting of a single subaccount now automatically completes after relevant admin approval without intervention from Duo Support. 

 

Updates to the Authentication Log in the Duo Admin Panel 

  • If an account has selected to “Block Duo Push attempts that occur within 15 seconds of an unanswered attempt” in Settings > Lockout and Fraud, the Authentication Log will show “Frequent attempts” under “Denied” in the Result column when an attempt related to that setting occurs. 
    • Result previously showed “Anomalous Push.” 

 

Lockout & Fraud settings with “Block Duo Push attempts that occur within 15 seconds of an unanswered attempt” selected.Lockout & Fraud settings with “Block Duo Push attempts that occur within 15 seconds of an unanswered attempt” selected.

Update to the Universal Prompt Progress report  

  • Akamai EAA and Aeries SIS apps are now displayed as Update required in the Universal Prompt Progress report. 

  

Updates to Universal Prompt enrollment language 

  • The Add one more device step now includes the guidance “With a second option to log in, you’ll be less likely to get locked out.” 
  • The text for the link to skip adding another device is updated from “Skip for now” to “I don’t want to add another option.”

 

The Add one more device step has updated language.The Add one more device step has updated language.

New and updated applications 

Thirteen new named applications with Duo Single Sign-On (SSO) 

  • Reminder: Duo Access Gateway reached the last date of support on October 26, 2023. The DAG end-of-life milestone scheduled for March 30, 2024, has been canceled. At this time, existing DAG applications will continue to work after March 30, 2024. Please see the Guide to Duo Access Gateway end of life for more details. 

 

Name changes for Thycotic Secret Server and Citrix NetScaler 

  • The Thycotic Secret Server partner-developed Auth API–based two-factor authentication (2FA) application is now renamed to Delinea Secret Server.  
    • There is no change to the SSO application for the same vendor product. 
  • The Citrix NetScaler RADIUS 2FA application and the Citrix NetScaler SAML SSO application are now both renamed to NetScaler. 

 

Duo Network Gateway version 3.2.0 released 

  • Logging enhancements. 
  • Fixes an issue where single page apps (SPAs) cache portions of the DNG authentication path. DNG auth path now sends no-cache headers. 
  • Updated Dependencies: Supervisord to 4.2.5, cffi to 1.16.0, Setuptools-rust to 1.9.0, and Hatchling to 1.22.5. 

 

Duo Splunk Connector version 2.0.3 released 

  • Fixed an issue in the app.manifest file that did not comply with Splunk's standards. 

 

Duo Desktop macOS public beta version 6.11.1.0 released  

  • Minor improvements and bug fixes. 

 

Duo Desktop Windows public beta version 6.11.1 released 

  • Updated Intune device identifier detection to support new identifier location. 
  • Minor performance improvements. 

  

Duo Mobile for Android version 4.69.0 released 

  • Miscellaneous bug fixes and behind-the-scenes improvements. 

 

Duo Mobile for iOS version 4.69.0 released

  • Updated user interface to allow Bluetooth for Proximity Push private preview. Please reach out to your customer success team or leihung@cisco.com if you are interested in participating. 
  • A proximity push spinner was added to the Verified Push screen. 

 

Bug fixes 

  • Passwordless 
    • Fixed a bug where the the browser did not prompt the user to complete the WebAuthn process unless they changed tabs. 
  • Passport 
    • Fixed a bug where a user’s username would get set in Duo Desktop when doing a passwordless authentication even if Passport was disabled. 
    • When a user’s username autofills via Duo Desktop for SSO authentications and they are then redirected to passwordless, they will now be able to change their username before being prompted to authenticate.  
Comments
Gigawatt
Level 1
Level 1

Thank you for adding "Globalscape EFT" & "Procore" to the pre-built protected applications 🤲

DuoKristina
Cisco Employee
Cisco Employee

Thanks for raising them in your D287 Release Notes comment, @Gigawatt .

Gigawatt
Level 1
Level 1

If possible, it would be nice for some of the Bank applications such as "PayPal" & "Worldpay" be added as a pre-built protected application as well. 

DuoKristina
Cisco Employee
Cisco Employee

Thanks for the suggestions. I've added them to our scratchpad for possible inclusion.

BennyBuckets
Level 1
Level 1

I know many of us are awaiting the new NetScaler integration.  Any updates on the timeline?

Thanks!

DuoKristina
Cisco Employee
Cisco Employee

The direct OIDC NetScaler integration (for Duo Universal Prompt without SSO/FAS) depends on a new firmware release from NetScaler. Rest assured we'll make sure everyone knows when it becomes available.

lcrone
Level 1
Level 1
Same with Paylocity for instance, we worked with your support and Paylocity support and it was an AWFUL experience (not with you guys, but the wonkiness) that came from having to manually set this one up!

Would be great if it mostly just worked!

Thanks!
landyn
Cisco Employee
Cisco Employee

@BennyBuckets We're very close on an announcement but need some willing test participants to pressure test this integration a bit more first. If you have a NetScaler test environment and would be willing to put the integration through its paces within the next week or two, please reach out via duo-universal-prompt@cisco.com

 

DuoKristina
Cisco Employee
Cisco Employee

Edited to add label.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Quick Links