Cloud Platform Release v21.3.0

Our development team spent the last several weeks working hard to knock out a number of annoying bugs and enhancing features. This is a fairly significant platform update that also improves platform reliability and stability too. We think you’ll like what you see!

• New Rate Limiting Feature: We added a highly sought-after feature to ADC-as-a-Service in the public-facing port options to allow rate-limiting of client/end-user connections. Now you can select on a per-protocol/port basis exactly how many connections are too many. The design of the rate-limiting feature is to ensure that no single client uses more resources than they should. Not only does this further enhance DDoS mitigation but it can improve general application availability too. More detail can be found in our KB article How to Implement Connection Rate Limiting.
  
  
• SSL Improvements: In our December release we made a significant number of improvements to how SSL certificates are managed, deployed and displayed in the panel. We have refined this even further to ensure greater reliability when deploying across our global network. SSL certificates are securely pushed to POPs through VPN tunnels which occasionally exhibit issues such as packet loss that may cause a file transfer to fail. This version includes additional checks and balances to better detect these issues and correct them automatically.
  
  
• SSL_PROXY Protocol: We have improved how the new SSL_PROXY protocol is deployed and mapped to other protocol types to prevent incorrect usage in certain situations. Additionally, if adding the SSL_PROXY to an existing device, it would not always attach the correct monitors already in use on other protocols/ports on the same device. This has also been resolved.
  
  
• HTTP to HTTPS redirect: We made a significant improvement to the HTTP to HTTPS redirect. Now when this feature is enabled in the public facing port options, it is effective regardless of whether a port mapping for the same is in place. Previously the redirect would only work if a port mapping was completed which often caused some confusion.
  
  
• DNS DNAME: We improved validation logic when creating or editing DNS DNAME records to ensure RFC compliance.
  
  
• DNS CAA Record: We enhanced support for the DNS CAA record. This record type is natively supported on all new zones/domains that have been added to the platform since August 24, 2020. Older domains can still create the similar TYPE257 records or customers can request via a support ticket that these domains be upgraded to support CAA as well.
  
  
• WAAP Error URL: We changed the default URL that the WAAP redirects to for blocks to provide better feedback as to why the URL was blocked and what blocked it.
  
  
• Mobile Verification: We corrected a bug in the user profile that would prevent the “Verify Mobile” button from consistently sending a test message.
  
  
• Intermediate SSL Certificates: We corrected a bug where intermediate SSL certificates were not ordering alphabetically after a prior code release.
  
  
• User and Company Table: We made some adjustments to the User and Company tables to allow column sorting by additional columns including “Active” and “Time Created”.
  
  
• DNS Importer: We continue to make frequent modifications to the DNS Importing functions, and this past month was no different. We have improved how the SOA record detects email addresses and also better detect invalid ASCII characters in TXT records.
  
  
• Password Reset: We fixed a bug where an unhelpful error would be displayed if the security question and answer was too long. It only supports 128 characters and we now provide a better message when that limit is reached.
  
  
• User Security Dialog: We improved the user security dialog where the password can be changed, two-factor is enabled and the security question and answer is set to make it more intuitive. Occasionally a user would enter a new password (for example) but then click the close button before saving the password. This frequently caused considerable confusion when the new password did not take effect.
  
  
• User Password Reset: If an admin attempted to reset the password for a user whose account was locked, an unhelpful error message would be displayed. We corrected this and now alert the admin that the account should be unlocked before resetting the password.
  
  
• Network FQDN Device: We improved the add/edit device dialog to now allow devices with underscores in the name. Previously it only allowed letters, numbers and hyphens in a FQDN.
  
  
• Device Protocol/Port: When a device is added to a port map group that has protocols/ports that are not already on the device, the panel should add them automatically to that device to save the user a step. This was not working for one protocol type consistently and has now been resolved.
  
  
• Alert List Delete: If a user attempted to delete an alert list that was attached to a maintenance window, an unhelpful error would be displayed. We updated this error to provide better guidance on why it cannot be deleted.
  
  
• Client Idle Timeout: We corrected a bug where the client idle timeout in the public facing port option would not properly save consistently when load balancing persistence was set to a specific type.
  
  
• DNS Authoritative Status: The DNS authoritative status icon will occasionally take a long time to update from red to green if the NS records of the prior DNS provider have been cached for a very long time. In this update we have improved this validation process by checking with the root DNS servers instead of DNS resolvers. This should improve the time to reflect the true status significantly.
  
  
• Change Log: We continue to enhance the change log to ensure that essential changes are properly logged for audit purposes. In this release we added over a dozen additional log improvements.

Please send us your feedback! As we continue to evolve our solution to be the leading ADC-as-a-Service platform, we want to know what you think. Tell us the good and the bad. Let us know what features you think we should have and which ones are a waste of time, buggy, or don’t make sense. The more feedback you give us, the better our product becomes because we really do listen! Please contact us! We love hearing from our customers.