Identity-Based Microsegmentation Guide
LAST UPDATED: October 8, 2021

5.0.12

Sept 2, 2021

What’s new

Identity over UDP

With this release we are introducing support for identity exchange over UDP. You can now create target UDP networks for the segments of your network that run UDP services protected by an enforcer. With that in place, you can start creating network rulesets that rely on identity exchanged over UDP for their actions. You can learn more about implementation and how to use this feaure under the enforcer page in our concepts section.

Please note that not all applications accepting UDP traffic know how to handle identity meta data without an enforcer protection. Make sure to be very specific in your UDP target networks creation.

Resolved issues

  • CNS-2739: Fetching huge amounts of data from the Dashboard may cause memory issues on VictoriaMetrics nodes.

Known issues

  • CNS-2996: Flows log details fails to show policy name for network access policies.
  • CNS-3018: Validation errors seen after upgrade of 3.14.x enforcers.
  • CNS-2715: On failover enforcer connections are not terminated from the previously active control plane.