The VSA 9.5.1 release includes the enhancements and fixes described in the topics below. For minimum system and agent requirements, see these topics in the Kaseya R95 System Requirements Guide: Kaseya Server Minimum Requirements & Configuration and Agent Minimum Requirements.
Important! This release requires agent version 9.5.0.19. Be sure to update your Windows, Mac, and Linux agents after installing this release.
Important Note Regarding 2FA for On Premise VSA Customers
Please be informed that in the this VSA release Two-Factor Authentication (2FA) will become mandatory on all VSA On-Premises user logins.
This change will bring On-Premises VSA into parity with SaaS VSA as it relates to the use of 2FA for protecting user logins when accessing the VSA UI.
For more information on VSA 2FA, including educational material, please click this link for the KB article.
Deprecations
Deprecated legacy API call (/api/v1.0/sample/environment).
New Features
Authentication
Added support for PingID as a SAML provider for SSO in the AuthAnvil module.
BMS Integration
Added additional BMS integration logging to system log.
Live Connect and Remote Control: Remote Control File Transfer
Added the ability to transfer files directly between the source machine and the remote control target, directly within the remote control application. In this case, users do not have to use the Live Connect application to transfer files while working in an active Remote Control session.
File transfer functionality can be triggered by the following user initiated action:
- Drag and Drop
As a part of this new feature, we added an option called 'Disable Remote Control File Transfer' under the User Role Policy and Machine Policy pages. By setting this option, File Transfer capabilities within Remote Control will be explicitly disabled for a specific User Role, and/or a specific machine. Note that by VSA design, Machine Policy takes precedence over User Role Policy. For example, if a VSA agent has RC File Transfer “disabled” in its Machine Policy, RC File Transfer will be disabled for any user of VSA when Remote Controlling said device. If RC File Transfer is not “disabled” in a Machine Policy but is “disabled” in a User Role Policy, RC File Transfer will be disabled for any Remote Control session performed while such User Role is in use.
‘Disable Remote Control File Transfer’ is exclusive to Remote Control and does not affect file transfer capabilities of Live Connect.
For more information regarding this feature, refer to this KB Article.
Live Connect: Searching ability within Live Connect Registry
Providing a feature where user can search registry path in Live Connect's Registry Editor to quickly locate the registry data on an endpoint. The previous search should be cleared any time by clicking on refresh before searching again. Searching text should start with HKEY and NOT Computers\ like regedit. User can also copy the registry path that they mentioned on search text box by clicking provide 'copy' icon and paste it anywhere using Ctrl+V.
Enhancements
Live Connect & Remote Control
- Improved the reconnect mechanism in Live Connect and Remote Control.
- Increased security to 1-Click feature in order to increase user adoption of Kaseya Remote Control and 1-Click Access.
API Framework
- Prevent IIS WebDAV from VSA API processing - resolves environmental OS X Catalina agent check-in issue.
- GetAlarm API now returns ticket status along with ticket number associated with the alarm.
Software Management
- Wake on Lan function is now included in Software Management scheduler.
- The patch 'suppress' option will be expanded throughout software management allowing you the ability to suppress vulnerabilities throughout the module.
- When utilizing the 'ask user about reboot and offer delay' option in deployment profiles - it will now record the response from the end user and will store it in the agent procedure log.
- Software Management view objects are now available as part of the VSA System Views.
- Software Management will now display a progress bar during scan and deployment tasks.
- Software Management now supports Pre and Post automation for the scan profiles. You will now have the ability to include agent procedures before and after scheduled scan profiles.
- Removed randomized delay (30 seconds to 5 minutes) prior to scheduled scans initiating. This will result in quicker response to software management scans.
- Existing Software Management Report Parts will include VSA data-point columns such as Agent ID, Computer Name, Current and Last User, Last Check-in time and more.
- Software Management views now include endpoints which are fully patched (zero vulnerabilities) and enrolled in Software Management.
User Portal
- Disabled the ability for users to modify a ticket that has been submitted.
- After formatting updates in BMS, they display in User Portal in plain text.
- Added ability for VSA admins to switch between classic and new UI for the user portal ticketing.
- Updated grid for ticketing.
- Added tab for Active and Closed tickets.
- Enabled the ability to add attachments to tickets from the user portal.
- Added ability to see who made updates to the ticket.
VSA Core
- Increased API authentication token strength.
VSA UI
- 2FA is now mandatory for On Premise user accounts when logging in through the VSA UI.
- Provided an ability to customize the default "Welcome Back" title for the logon page.
Bug Fixes
Agent Module
- Fixed an issue when custom field information does not get merged while merging agents.
Agent Procedures
- Fixed an issue where the password will be stored in encrypted form in the database, agent logs, and while exporting a procedure. This fix is provided for new and existing procedures related to createLocalUser(), createDomainUser(). The agent must havebe updated to latest version.
- Fixed an issue when createLocalUser() command did not encrypt password.
- Fixed an issue with the inability to select a folder when creating writeDirectory() statement in Procedure Editor.
Agents
- Fixed an issue with 64-bit macOS agent not properly returning core OS and OS Version information.
Alerting
- Fixed an issue where user will not receive additional alarms within Ignore additional time period even if machine reboots.
API Framework
- /system/orgs/{OrgId}/staff API now provides correct primaryPhone and primaryEmail.
- Fixed an issue with Update User REST API to support changing password.
- Fixed an issue with Close Alarm API to add note upon alarm close.
- Fixed /system/orgs REST API to return correct PrimaryFax and PrimaryTextMessagePhone field values.
- Fixed an issue with GET /assetmgmt/agents/uptime/ - now it returns proper MachineGroup.
Audit
- Fixed an issue where SW License Audit was not able to finish within execution time limit.
Authentication
- Fixed an issue that prevented the reuse of one-time passwords during Two-Factor Authentication.
- Fixed an issue where Active Directory users could see 'An error has occurred' error if domain name is entered with backslash '\'.
Classic Monitoring
- Fixed an issue where copied monitor set could be removed regardless of the state of the source monitor set.
- Fixed monitor set issue where performance counters were being displayed without a valid counter object having been selected.
- Fixed an issue with inability to copy and move monitor sets from System Cabinet.
- Fixed an issue in Group Alarm Status dashboard that displayed duplicate backup columns.
Cloud Backup
- Fixed an issue with activity harvest failure due to Acronis ID was missed from database.
Discovery
- Fixed an issue so that discovered assets with the same IP Address are assigned only to the network on which they were discovered.
- Fixed an issue where domain watch did not display results when filter string was used.
- Fixed an issue when large domain broke domain harvest.
- Fixed network topology issue where users cannot see the list of available networks for selection.
- Discovery scan scheduler now respects timezone offsets.
Info Center
- Fixed an issue where rescheduling the reports in info center will now show correct Next Run time.
Kaseya Anti-Malware
- Fix for showing an accurate number of KAM scans performed in Executive summary report.
Kaseya Anti-Virus
- Fixed an issue where Kaspersky-update folder is accessible and shared now.
Live Connect
- Fixed an issue that caused error message showing "An unexpected error occurred" while loading Kaseya Live Connect.
- Fixed inconsistencies with "Enter Remote Control Note" dialog box.
- Fixed an issue where admin note displayed in Live Connect instead of Remote Control window.
Network Monitor
- Added property (final_rebuild_timeout) to configuration (rminit.cfg) file to manage timing for the writing of final.dat KNM data file.
Policy Management
- Fixed an issue which causes auto-adjusting of agent procedures schedule in Policy Management when one of the procedure's schedule is changed.
- Update Lists By Scan applied by policy with monthly recurring schedule on multiple machines at the same time, the "distribution window" is now being respected.
- Fixed an issue with Audit where credentials were not applying via policy.
Software Management
- Fixed Patch History Page in order to enable the ability to the user to multi-select experience when reviewing rejected and suppressed patches.
- Fixed an issue with the <id> variable when skipping a reboot in Software Management - now it displays the full name including the machine group and org.
- Fixed 'no data available' error when executing certain software management reports.
- Added option and prompt to user to initiate a scan following the creation of a KB over-ride profile. Note: Scan is required to initiate KB over-ride on endpoints.
- Fixed an issue when a machine was suspended in software management - Deployment cycles would initiate on some agents.
- Fixed an issue when Software Management tasks still run if agent was suspended - now Agent Suspension function will also suspends Software Management tasks.
- Fixed an issue where Software Management scan schedules may be removed during different application of different SM profile types (deployment-third party-override).
- Fixed an exception error issue when profile column filters are applied in machines page.
- Fixed an issue with Software Management pending reboots - they will now recognize outside reboots.
- Fixed an issue with scan or deployment errors did not get cleared after task completed successfully on next cycle.
- Fixed an issue where compliance check schedule was not initiating on some endpoints.
- Software Management Deployment will now update 'Last deployed date' following successful deployment. It is no longer tied to reboot of endpoint.
- In Deployment Profiles, Pre-Reboot procedures will now be honored even when reboot is not initiated (Skip Reboot option - Email when Reboot).
- Fixed an issue when deployment was processed even if no vulnerabilities presented.
- Software Management Suspension will now suspend tasks without the removal of any pre-existing profiles.
- Fixed an issue with column filtering when deploying patches on Vulnerabilities page.
TAP Integration
- Improved TAP module removal cleanup process.
User Portal
- Fixed inconsistency between the User Portal and BMS regarding the ticket number.
VSA UI
- Fixed issues with searching on items in "search machines" box.