Skip to content

New Features

Security & Access Control Features

Access Control for MFA-Integrated Applications

Overview: Enhanced security for MFA-integrated applications with ACL evaluation during application access. Previously, LDAP Integration Services (LIS) applications bypassed Application-specific ACL checks. Now administrators can enforce MFA on a per-application basis.

Business Value: Granular control over multi-factor authentication requirements per application, improving security posture.

Prerequisites: LDAP Integration Services (LIS) must be configured and operational.

How-To Guide: KB Article: Configure MFA Application Access Control - KB001

Administration Access over the Internet

Overview: New option to control HySecure Management Console access from the internet. Administrators can now allow or block user access to the Management Console over the internet during user creation or role assignment (such as SO, Administrator, L1 Support, or Monitor).

Business Value: Enhanced security by restricting Management Console access to the local network only when required.

How-To Guide: KB Article: Configure Internet Access Restrictions - KB002

Role-Based Access to Active Directory Users from HyLite and Client

Overview: Active Directory users can now access the HySecure Management Console without requiring native certificate-based authentication. Security Officers and Administrators can assign management roles directly to AD users.

Available Roles:

  • Security Officer
  • Administrator
  • L1 Support User
  • Monitor

Business Value:

  • Simplified user management
  • HTML5 browser-based Management Console access from any device
  • Reduced certificate management overhead

Important Notes:

  • Only native Security Officers and Administrators can grant console access.
  • Administrators cannot assign the Security Officer role.
  • MFA recommended for all AD users with console access.

How-To Guide: KB Article: Configure AD User Management Console Access - KB003

Endpoint Security & Compliance Features

OS-Based Login Support for HyLite and Client

Overview: Control user login access based on the operating system detected on the user's device or browser. Administrators can allow or block access based on specific OS criteria, enforcing IT policies by restricting access from non-compliant operating systems.

Business Value:

  • Enforce organizational IT policies
  • Block access from outdated or end-of-life operating systems
  • Detailed logging in Endpoint Security logs

How-To Guide: KB Article: Configure OS-Based Login Policies - KB004

Azure AD Domain Support in Host Scan Policies

Overview: Extended Host Scan policy framework to include Azure Active Directory domain-joined devices. Administrators can define login policies based on Azure AD domain membership, supporting both on-premises Active Directory (AD) and Azure Active Directory (Azure AD) environments.

This functionality now supports both local and Azure AD domain-joined devices, enhancing compatibility and security for hybrid identity environments.

Business Value:

  • Hybrid identity environment support
  • Enhanced device-level access control
  • Stronger security posture validation

How-To Guide: KB Article: Configure Azure AD Domain Policies - KB005

Security & Encryption Agent Support (Beta)

Overview: Endpoint security scan now validates Security Agents and Encryption Agents on user devices. The system verifies the required security and encryption agents during login, blocking access if the agents are not detected.

Supported Agents:

  • Security Agents: Forcepoint, Zscaler, or Any Security Agent
  • Encryption Agents: BitLocker, McAfee, or Any Encryption Agent

Business Value: Ensures that only compliant devices equipped with the necessary security tools can access resources.

How-To Guide: KB Article: Configure Security Agent Policies - KB006

Administrative & Management Features

Unused Access Devices Cleanup

Overview: Automated cleanup of access devices not used for a specified number of days. The system tracks the last login time for each device and removes inactive devices during scheduled cleanups, thereby improving device management and security.

Key Features:

  • Configurable inactivity period
  • Flexible scheduling (Daily, Weekly, Monthly)
  • Blocked devices remain unaffected

Note

The last login time for each device will be set when the service pack is first applied and will be updated with each user login.

The initial last login time is set at the service pack installation. The last login time for each device will be set when the service pack is first applied and will be updated with each user login.

Business Value:

  • Simplified device management
  • Enhanced security through active device monitoring
  • Automated maintenance

How-To Guide: KB Article: Configure Device Cleanup Policies - KB007

Integration & API Features

HySecure Integration with HRMS

Overview: New HySecure APIs enable seamless integration with corporate HRMS systems for automated attendance tracking based on user login activity. APIs utilize JWT-based authentication and provide login and logout data in JSON format.

Key Features:

  • JWT-based secure authentication
  • Flexible filtering options (Domain, Date Range, User, Start of Day)
  • JSON format data export
  • Automated attendance tracking for remote work scenarios

API Endpoints:

  • Authentication: https://VIP/api/v1/auth/connect
  • User Reports: https://VIP/api/v1/reporting/sessions

Business Value:

  • Eliminates manual attendance marking
  • Improved operational efficiency
  • Automated compliance reporting

How-To Guide: KB Article: Configure HRMS Integration APIs - KB008