Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Client Proxy 4.9.1 Release Notes

  1. Last updated
  2. Save as PDF

About this Patch Release 

This patch release addresses the Common Catalog removal process and provides users with a seamless experience when updating the Bypass List and Alternate Redirection List elements, enables simplified configuration settings for PA-UDP, and optimized Clear Text Logs. Apart from this, the SCP 4.9.1 release also addresses important bugs such as Optimal CPU utilization and performance improvements in Cloud Firewall and IPv6 traffic fallback to IPv4 in macOS Sonoma to name a few. For more information on the resolved issues, see the resolved issues list.

  • Windows - 4.9.1.12
  • Mac - 4.9.1.30
  • SCP extension for Trellix Saas ePO - 4.9.1.17.1
  • SCP Extension for OnPrem ePO - 4.9.1.28.1

NOTE: This patch release does not support the automatic upgrade of a pre-release software version. To upgrade to a production release of the software, you must first uninstall any pre-release versions. 

Trellix On-Prem ePO Common Catalog Removal

In Skyhigh Client Proxy 4.9.1 and later, the dependency of Common Catalog Extension has been removed, providing users with a seamless experience when updating the Bypass List and Alternate Redirection List elements. For more details on how to remove it, see On-Prem ePO Common Catalog Removal.

IMPORTANT: It is required to follow the correct Common Catalog removal steps after completing the upgrade of the SCP extension to 4.9.1 or later to avoid any compatibility issues in the future with Trellix On-prem ePO. 

Enhancements 

Simplified Steps for Configuring PA-UDP 

Support for the UDP protocol for Private Access has been improved through simplified steps for configuring PA-UDP settings. For more details, see Prerequisites and Firewall Settings for Private Applications.

Clear Text Log Optimization 

Clear Text Logs are optimized by removing lines that are printed continuously, as they increase the log size and affect readability along with changing some of the ERROR Logs labels to INFO or WARNING on Windows & macOS. 

Support for UDP-based Private Applications on macOS

Skyhigh Client Proxy supports UDP traffic for private applications using Private Access on macOS. 

Resolved Issues  

Reference Issue Description
MCP-6313 Client Proxy policy saves additional ports 9995 and 9999 to redirect as HTTP/HTTPS on-prem ePO
without getting missed, which was not saved earlier. (Windows and macOS)
MCP-6384 SCP now does not allow a browser page with the ZTNA dashboard upon stoppage. (macOS only)
MCP-6420 Trellix ePO - SaaS SCP Policy Catalog screen transition. This issue is now resolved.
MCP-6523 When the machine recovers from sleep mode, SCP redirects to the cloud primary proxy. (Windows only)
MCP-6579 The optimal CPU utilization is due to an internal task that caused CPU spike in Skyhigh Client Proxy is now resolved. (macOS only)
MCP-6583 IPv6 traffic fallback to IPV4 traffic when the Block IPV6 option is enabled. (macOS only)
MCP-6595 Skyhigh Client Proxy connection was intermittently interrupting, the issue is now resolved. (Windows only)
MCP-6597 The About SCP Window now shows no redirection when the client proxy is not redirecting any traffic. (Windows only)
MCP-6599 The Bypass List and Alternate Redirection List page just spins and never loads, this issue is
now resolved. (Windows and macOS)
MCP-6687 When upgrading Skyhigh Client Proxy in macOS via ePO, the Trellix icon becomes grey and now the issue is resolved and the Trellix icon is active. (macOS only) 
MCP-6735 The client Proxy status window displayed a Bypass Mode message with an erroneous date. This issue is now resolved. (macOS only)
MCP-6736 Traffic redirection is not supported on Skyhigh Client Proxy 4.8 and 4.9.0.115 after the MacOS 14.4 upgrade. (macOS only) 
UFW-858 The optimal CPU utilization is reduced and performance is improved in 2, 4, and 8-core CPU systems.  (Windows only)

Known Issues

Reference Issue Description
MCP-6590 Issue: Policy Revision Number Mismatch between Trellix SaaS EPO and SCP Client (Mac and Windows). which happens only in a specific user environment. 

Workaround:  Only the Trellix Saas ePO would show a rev no. of (N+1), compared with the endpoint. All the functionalities will be working as it is.
MCP-6658 Issue: Trellix SaaS ePO: In some scenarios when Bypass list and Alternate Redirection list settings are added/modified (eg. Domain Name, Network Address, Port and Process list information) the settings do not remain saved, when we switch between tabs or navigate to another screen before saving the policy.

Workaround:  Before switching tabs, save the policy.
MCP-6668 Issue: If we apply a dummy proxy as primary, scp blocks/bypasses the alternate redirection traffic as well since the primary proxy is not reachable.
MCP-6755 Issue: If a policy name is updated from the Policy Catalog page, the revision number will not increase. 

Workaround: Open the policy and save it to get the updated policy name reflected in an endpoint
MCP-6759 Issue:  When SCP is installed, it is unable to use a T-Mobile iPhone hotspot. This is only for Mac and IPv6 networks.

 

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Topic
  2. Tags
    1. 4.6.1 Release Notes
    2. SCP 461 Release Notes