Skip to content

New Features

Session Management Features

Multiple Simultaneous Sessions Support for End Users

Users maintain multiple concurrent sessions across devices. Previously limited to a single active login.

Business Value

  • Multi-device operational flexibility across desktop and mobile

  • Continuous productivity without forced logouts

  • Enhanced user experience for distributed work environments

Key Features

  • Configurable Session Limits: The maximum number of simultaneous sessions per user via Authentication ACL can be up to the number of licenses available in HySecure.

  • Enhanced Active Users View: Unique Session ID assigned to each active session.

  • Session-Based Log Tracking: Session ID field added to Activity Logs, User Logs, and Endpoint Security Logs.

  • Self-Service Session Management: Users view and manage active sessions via the HyLite Portal My Profile section.

Session Management When Limit Reached

Upon reaching the configured session limit, additional login attempts display a session limit error, with a Session Management option to terminate existing sessions before proceeding.

Platform Support

  • Workspace Client platforms (Windows and macOS)

  • HyLite Portal web access

Note

Concurrent Sessions-based licenses are required to use this feature.

How-To Guide: For more information, refer to the KB article.

DC-DR & High Availability Features

HySecure DC-DR Sync Configuration via Management Console

DC-DR synchronization is now configurable through the management console. Previously required SSH console access only.

Business Value

  • Simplified disaster recovery configuration management

  • Unified administrative interface for DC-DR operations

  • Reduced technical complexity for synchronization setup

Key Features

  • Management Console Configuration: Complete DC-DR setup via web interface

  • Unidirectional Sync: Data synchronization from DC to DR only

  • Flexible Scheduling: Daily or interval-based sync/restore options

  • Token-Based Authentication: Secure DC-DR communication channel establishment

  • Post-Recovery Sync: DR-to-DC configuration export/import for DC recovery scenarios

Configuration Requirements

  • All configurations must be performed via the Active config node on both DC and DR sites

  • Minimum 5-minute time gap between DC sync schedule and DR restore schedule recommended

Note

  • Unidirectional sync only (DC → DR)
  • Advanced Settings require HySecure configuration expertise
  • Configuration synchronized includes selected features and dependencies
  • Last Sync Time and Next Sync Time displayed on the DC-DR page

For more information, refer to the KB article.

Turbo Module Features

AD/LDAP User Attribute-Based Turbo Endpoint VIP Address Assignment

Turbo endpoint virtual IP addresses are assigned directly from AD/LDAP user attributes. Eliminates the need for a separate Turbo IP address pool.

Business Value

  • Centralized virtual IP management through AD/LDAP

  • Reduced manual configuration overhead

  • Simplified Turbo endpoint administration

How to Enable

Contact Accops Support for assistance with backend configuration.

Configuration

  1. Log in to the HySecure management console as a Security Officer/Administrator.

  2. Navigate to Settings > Authentication > Authentication Server.

  3. Add new or modify existing AD/LDAP server.

  4. In User Attribute Mapping, select the TurboVIP attribute from the dropdown.

  5. Click Add New Mapping to map the directory attribute storing the virtual IP address.

  6. Default directory attribute: msRADIUSFramedIPAddress (customizable if required).

Important

  • TurboVIP attribute must be single-valued; multivalued attributes not supported.
  • If the default attribute is unavailable in LDAP, configure a custom directory attribute mapped to TurboVIP.
  • When Fetch Turbo Client IP is enabled, the system uses the AD attribute as the primary source.
  • If the attribute is missing, invalid, or misconfigured, the system falls back to the existing IP address pool.

AD/LDAP User Attribute-Based Turbo Application Assignment

Turbo Applications can now be assigned directly through AD/LDAP user attributes, eliminating manual application creation and assignment in HySecure Management Console. Ensures seamless alignment with directory-based application assignments.

Business Value

  • Directory-based application assignment reduces the HySecure configuration

  • Seamless alignment with existing AD/LDAP application policies

  • Centralized application access management

Prerequisites

  • At least 1 Turbo application must be assigned to the user in the HySecure gateway for Turbo enablement.

How to Enable

Contact Accops Support for assistance with backend configuration.

Important

  • System prioritizes AD/LDAP attribute for Turbo application assignment
  • If the AD/LDAP attribute is missing, invalid, or misconfigured, the system falls back to the previous assignment method
  • When enabled with AD/LDAP applications configured, a Turbo tunnel is created only for AD/LDAP applications
  • Turbo applications assigned via the HySecure management console become inaccessible when the feature is enabled

Configuration

  1. Log in to the HySecure management console as a Security Officer/Administrator.

  2. Navigate to Settings > Authentication > Authentication Server.

  3. Add new or modify existing AD/LDAP server.

  4. In User Attribute Mapping, select the TurboACL attribute from the dropdown.

  5. Click Add New Mapping to map the directory attribute storing application details.

Note

LDAP may not have a default attribute for applications; create a multi-valued directory attribute and map it to TurboACL.

Assigning Turbo Application ACLs in AD/LDAP Server

The administrator configures application rules for each user in the Active Directory/LDAP server using a multi-valued attribute.

Rule Format

  • permit/deny – Traffic allowed or blocked

  • tcp/udp/ip/icmp – Protocol specification

  • any – Source can be any IP address

  • host [IP/Hostname/Subnet] – Destination specification

  • eq [port/port-range] – Port specification (optional)

Supported Host Formats

  • IP address: 172.XX.XX.XX

  • Subnet: 172.XX.XX.XX/XX or 172.XX.XX.XX 255.255.XXX.XXX

  • Hostname: www.accops.com

Example Rule Set

permit ip any host 192.XX.XX.XX/24 eq 22

permit tcp any host www.accops.com eq 80-443

permit tcp any host www.accops.com

permit icmp any host 192.XX.XX.XX 255.255.0.0 eq 443

permit tcp any host 192.XX.XX.XX eq 5900

Rules are configured in a custom or existing multi-valued attribute in the AD/LDAP server.