[Update: 17th May]

A new release, Version 2.0.2, is now available. It addresses the problem with gateway upgrades that was previously reported.

Overview 

Today, the ZTNA team is pleased to announce the general availability of Sophos ZTNA v2.0.2.  ZTNA is now integrated with Sophos XDR, enabling security teams to investigate and analyse user and application access activity.   This release contains enhancements to port range configuration for agent-based applications and CloudFormation Template (CFT) upgrades for AWS gateways. Along with the above-mentioned enhancements,  this release contains fixes for several issues.

ZTNA – XDR Integration

 We are pleased to announce ZTNA integration with XDR. Users can query ZTNA-related information from the Sophos data lake with this integration. The first draft of pre-defined queries has been published on the  Sophos Community. Users can now access these queries via the ZTNA query pack under the Threat Analysis Center.

 This would help the IT admin detect and investigate security events like denied application access attempts where you can filter by a threshold number or for auditing purposes where you want to identify the top users based on application usage. We will add more queries to this query pack in the upcoming releases.

The list of query-able ZTNA reporting fields is published as a part of the Sophos schema viewer. Enable designer mode to edit or add custom queries. Please note that you need a separate XDR license to access the threat analysis center and access the above queries.

Port range configuration

 Users can now configure port ranges while creating agent-based resources. This would facilitate users who use resources or applications that need a wide range of ports to work seamlessly.

AWS CFT upgrade

 An upgrade to the CloudFormation template for AWS gateways will be available. The ZTNA gateway leverages components on AWS for seamless gateway deployment and operation. Some of these components have reached the end of the support date and must be upgraded to the latest version for seamless operation.

 The user will get alerts about the end of the support date and the deadline by which the CFT must be upgraded. If the gateways are not upgraded by the deadline, this could lead to undefined outcomes.

 The guide to help the user upgrade will be available on the upgrade window, as shown in the below screenshot.

Issues Fixed

Issue Key

Summary

NZT-4496

The build number does not change after the gateway upgrade on the diagnostics console.

NZT-4867

ZTNA product license is listed for non-supported Sophos Central regions

NZT-5066

Central help for Azure and Okta identity providers pointing to an incorrect page

Known Issues

 The list of all known issues can be viewed here.