Sophos ZTNA – v2.0.2 is now available - Announcements - Zero Trust Network Access

24 Apr 2023

[Update: 17th May]

A new release, Version 2.0.2, is now available. It addresses the problem with gateway upgrades that was previously reported.

Overview

Today, the ZTNA team is pleased to announce the general availability of Sophos ZTNA v2.0.2. ZTNA is now integrated with Sophos XDR, enabling security teams to investigate and analyse user and application access activity. This release contains enhancements to port range configuration for agent-based applications and CloudFormation Template (CFT) upgrades for AWS gateways. Along with the above-mentioned enhancements, this release contains fixes for several issues.

ZTNA – XDR Integration

We are pleased to announce ZTNA integration with XDR. Users can query ZTNA-related information from the Sophos data lake with this integration. The first draft of pre-defined queries has been published on the Sophos Community. Users can now access these queries via the ZTNA query pack under the Threat Analysis Center.

This would help the IT admin detect and investigate security events like denied application access attempts where you can filter by a threshold number or for auditing purposes where you want to identify the top users based on application usage. We will add more queries to this query pack in the upcoming releases.

The list of query-able ZTNA reporting fields is published as a part of the Sophos schema viewer. Enable designer mode to edit or add custom queries. Please note that you need a separate XDR license to access the threat analysis center and access the above queries.

Port range configuration

Users can now configure port ranges while creating agent-based resources. This would facilitate users who use resources or applications that need a wide range of ports to work seamlessly.

AWS CFT upgrade

An upgrade to the CloudFormation template for AWS gateways will be available. The ZTNA gateway leverages components on AWS for seamless gateway deployment and operation. Some of these components have reached the end of the support date and must be upgraded to the latest version for seamless operation.

The user will get alerts about the end of the support date and the deadline by which the CFT must be upgraded. If the gateways are not upgraded by the deadline, this could lead to undefined outcomes.

The guide to help the user upgrade will be available on the upgrade window, as shown in the below screenshot.

Issues Fixed

Issue Key	Summary
NZT-4496	The build number does not change after the gateway upgrade on the diagnostics console.
NZT-4867	ZTNA product license is listed for non-supported Sophos Central regions
NZT-5066	Central help for Azure and Okta identity providers pointing to an incorrect page

Known Issues

The list of all known issues can be viewed here.