Skip to content

Enhancements

Device Management & Security Enhancements

Microsoft Intune MDM Device Approval Integration

Overview: Enhanced device approval workflow through Microsoft Intune MDM server as an external authentication source. Devices are automatically approved for HySecure gateway access based on their registration status with the Microsoft Intune MDM server.

Business Value:

  • Streamlined device management through existing MDM infrastructure.
  • Automated device approval reduces administrative overhead.
  • Enhanced security through enterprise device management.
  • Centralized device compliance enforcement.

Key Features:

  • Automatic Device Approval: Devices are approved based on Intune registration status.
  • Real-Time Validation: Check device status during the login process.
  • Flexible Authentication Frequency: Configure per-login or new-device checking.
  • Entra Device ID Integration: Search devices using Entra Device ID attribute.

Platform Support:

  • Windows Workspace Client (7.2.0.10xx) and above
  • Mac Workspace Client (7.0.1.1101) and above
  • Other platforms require bypass configuration.

Configuration Options:

  • Check on every login: Authenticate device with MDM server at every login.
  • Check for new device: Authenticate only new devices; subsequent logins are approved locally.

How-To Guide: Refer to the KB Article: Configure Microsoft Intune MDM Integration - KB012

Access Device Approval Revocation

Overview: Automated revocation system for manually approved access devices based on inactivity period. Administrators can set time intervals after which inactive devices are automatically marked as "pending for approval," requiring manual re-approval.

Business Value:

  • Enhanced security through active device lifecycle management
  • Automated cleanup of stale device approvals
  • Reduced attack surface from inactive devices
  • Simplified device management with automated processes

Key Features:

  • Configurable Revocation Period: Set days after which inactive devices are revoked
  • Last Login Tracking: Automatic tracking of device usage patterns
  • Manual Approval Scope: Only applies to manually approved devices
  • Exclusions: Automatic approval and MDM-approved devices are unaffected

How-To Guide: KB Article: Configure Device Approval Revocation - KB013

Authentication & Identity Enhancements

OAuth Authentication for SMTP Server

Overview: Enhanced email server authentication supporting OAuth-based authentication alongside traditional username/password methods. Provides secure integration with Microsoft Exchange (Office 365) environments.

Business Value:

  • Enhanced security through modern authentication protocols.
  • Future-proof email integration, as basic authentication is deprecated.
  • Compliance with Microsoft Exchange security requirements.
  • Improved operational continuity.

Supported Provider:

  • Microsoft Exchange (Office 365) only

Configuration Parameters:

  • Client ID (Azure AD App's Client ID)
  • Client Secret (Azure AD App's Client Secret)
  • Tenant ID (Azure Active Directory Tenant ID)
  • Sender ID (Configured email address in Azure/Exchange)

How-To Guide: KB Article: Configure OAuth SMTP Authentication - KB014

Authentication Server Bypass Configuration

Overview: Advanced authentication routing allowing bypass of higher priority authentication servers based on endpoint WAN IP addresses. Requests from specified IP ranges automatically route to lower priority authentication servers.

Business Value:

  • Flexible authentication routing for different network segments
  • Simplified access for trusted network locations
  • Enhanced control over authentication workflows
  • Support for multi-server authentication environments

Configuration Options:

  • WAN IP address specification
  • IP address ranges and subnets.
  • Combination patterns for complex network topologies
  • Multi-server priority management

How-To Guide: KB Article: Configure Authentication Server Bypass - KB015

Additional Authentication Bypass via Management Console

Overview: Management console interface for configuring authentication bypass from Additional Authentication Servers based on endpoint WAN IP addresses. Previously available only through backend configuration.

Business Value:

  • Simplified administration through a GUI interface
  • Reduced dependency on backend configuration changes
  • Enhanced flexibility for network-based authentication policies
  • Streamlined management of authentication exceptions

How-To Guide: KB Article: Configure Additional Authentication Bypass - KB016

User Experience & Interface Enhancements

Enhanced License Information Dashboard

Overview: Comprehensive license utilization display improvements provide detailed license information directly on the dashboard interface.

Business Value:

  • Improved license visibility and management
  • Better capacity planning through detailed utilization data
  • Enhanced administrative efficiency
  • Proactive license management capabilities

Key Improvements:

  • License Type Display: Concurrent Users / Named Users type shown on dashboard
  • Enhanced Utilization Chart: Count and percentage display without hover requirement
  • Time Zone Information: License expiry date includes the associated time zone
  • Real-Time Updates: Current license status and utilization metrics

Separate PC Token and Mobile Token Registration

Overview: Independent registration mechanisms for PC tokens and mobile tokens, providing enhanced control for environments using local push notification servers.

Business Value:

  • Improved token management flexibility
  • Enhanced support for hybrid push notification environments
  • Better control over client-specific authentication requirements
  • Simplified configuration for mixed client environments

Configuration Control:

  • Contact Accops support for configuration flag management.
  • Separate controls for PC and mobile token registration
  • Push notification server reachability options.

How-To Guide: KB Article: Configure Token Registration Mechanisms - KB017

Password Visibility Toggle in HyLite Portal

Overview: Enhanced user experience with password visibility toggle functionality across multiple password fields in the HyLite portal interface.

Business Value:

  • Improved user experience and accessibility
  • Reduced login errors through password verification
  • Enhanced usability for mobile and touch devices
  • Consistent interface design across platforms

Coverage:

  • Login password fields
  • Change password interfaces
  • Self-service portal password fields
  • MFA token input fields

Broadcast Message Support for HyLite Portal

Overview: Extended broadcast message functionality to HyLite Portal users, providing consistent communication across all access methods.

Business Value:

  • Unified communication across all access portals
  • Enhanced user notification capabilities
  • Consistent messaging for policy updates and announcements
  • Improved user engagement and awareness

Configuration:

  • Configure through Client Profiles > Basic Configuration.
  • The message applies to both Workspace client and HyLite portal users.
  • Real-time message updates without service restart

How-To Guide: KB Article: Configure Broadcast Messages - KB018

Custom HyWorks Maintenance Mode Messages

Overview: Custom message display capability for HyLite Portal when the HyWorks Controller is in maintenance mode, providing users with specific maintenance information.

Business Value:

  • Enhanced user communication during maintenance periods
  • Reduced support calls through clear status messaging.
  • Customizable messaging for different maintenance scenarios
  • Professional user experience during service interruptions

Configuration Requirements:

  • Backend configuration required - contact Accops support team
  • Custom message file creation and permissions
  • Maintenance mode flag management

How-To Guide: KB Article: Configure Custom Maintenance Messages - KB019

User Interface Label Customization for HyLite Portal

Overview: Extended UI customization capabilities to HyLite Portal, allowing administrators to customize username/password labels and display custom user messages.

Business Value:

  • Brand consistency across all access portals
  • Improved user experience through familiar terminology
  • Support for multi-language environments
  • Enhanced professional appearance

Customization Options:

  • Username field labels
  • Password field labels
  • Custom user messages
  • Portal-specific branding elements

Configuration Location:

  • Settings > Authentication > Authentication Servers
  • User Interface Configuration section
  • Real-time updates without service restart

How-To Guide: KB Article: Customize HyLite Portal Interface - KB020

Logging & Monitoring Enhancements

Enhanced Token Details in Activity Logs

Overview: Improved activity logging with detailed information about additional authentication tokens used during consent-based authentication processes.

Business Value:

  • Enhanced audit trail for compliance requirements
  • Better security incident investigation capabilities
  • Detailed authentication method tracking
  • Improved troubleshooting and support

Log Enhancement Examples:

  • Previous: User mike.adams successfully authenticated with the HyID server (Device Consent).
  • Enhanced: User mike.adams successfully authenticated with the HyID server (Device Consent) with an additional token, SMS Token.

Additional Information Included:

  • Specific token types used in authentication
  • Consent-based authentication details
  • Multi-factor authentication method tracking
  • Enhanced timestamp and session correlation