Dec 16, 2021 — ETP updates

​SIA​ now includes these updates:

  • Legacy UI End of Life. The legacy ​SIA​ user interface has reached its end of life and is no longer supported. To use ​SIA​, make sure you access Enterprise Center from the Control Center menu. ​SIA​ features are available from the Threat Protection menu in the Enterprise Center navigation.

  • Local breakout for bypass domains. The Local Breakout for Bypass Domains policy setting directs domains that are configured for bypass from the branch or enterprise network to the origin. This option is enabled by default. Disable this setting if your network does not have a direct route Internet and cannot access the origin.

  • Save and deploy your configurations. When configuring or modifying a policy, list, or location, you can now select the Save and Deploy option. This option automatically saves settings and deploys them to the ​SIA​ network. While this option allows you to easily deploy a configuration or update, an administrator can still use the Pending Changes list to deploy changes that are saved only.

  • TLS 1.3 Support. ​SIA​ Proxy now supports TLS 1.3.

  • Multi-tenancy. You can give your customers access to ​SIA​ without purchasing a separate product license. You can create a tenant for each customer and assign tenant administrators to it. A tenant administrator can create and manage ​SIA​ components within their tenant, such as policies, lists, locations, certificates, ​ETP Client​s, and more.

    As a super administrator, you can now:

    • Select the policy that you want copied and applied to the Unidentified Location Policy in the tenant.
    • Select whether the tenant will inherit the error page settings from your configuration of ​SIA​.
    • Delete a tenant. This operation removes all configuration settings and components such as policies, locations, lists, and more. The tenant administrator who was assigned to the tenant is no longer associated with it.

This release also includes these ​ETP Client​ updates:

  • Enable Walled Garden. The new Walled Garden Exceptions policy setting allows you to block all traffic when ​ETP Client​ is in an Unprotected state. This setting blocks all traffic except for the domains and IP addresses that are configured as walled garden exceptions in the ​SIA​ network configuration. This setting also makes ​ETP Client​ the device web proxy. As a result, Yes is automatically selected in a policy for Overwrite Device Proxy Settings.
  • Disable Client. You can enable this setting in a policy to disable the client in the location or locations that are associated with the policy.