Unified Access Gateway | Released on 06 July 2021

Check for additions and updates to these release notes.

VMware Unified Access Gateway Release Notes provides information on the new features and enhancements for the 2106 release. This page also provides a list of our resolved issues. The 2106 release has been replaced by the 2106.2 release which contains further important updates which are listed in the 2106.2 release notes. Unified Access Gateway 2106.2 or later should be downloaded and deployed to benefit from both sets of updates.

What is New in This Release

VMware Unified Access Gateway 2106 provides the following new features and enhancements:

  • Added SAML authentication support for the Admin UI administrator login. This is an optional alternative authentication method in addition to the existing password authentication. SAML authentication is delegated to a third-party SAML Identity Provider for administrator login and to control the list of users to whom administrator access is granted.
  • IPv6 support is added for Unified Access Gateway deployments to Amazon AWS EC2.
  • OPSWAT client device compliance checks are normally made at Horizon user login time and at desktop or application launch time. For cases where the on-demand OPSWAT agent is used, Unified Access Gateway now supports the option to omit the login time check so that the check is made only at desktop and application launch time. This option is configurable.
  • Added support for processing a JSON Web Key Set (JWKS) format for dynamically obtaining multiple public keys used for validating JSON Web Tokens received by Unified Access Gateway for Horizon Universal Broker use. 
  • Improved support for Horizon Smart Card and device certificate authentication when multiple complex certificate issuer chains are used.
  • Secure Email Gateway logs are now included in the Unified Access Gateway log archive.
  • Minimum length password policy is now enforced when the root password is changed using the Linux "passwd" command. The minimum root password length is configurable.
  • Unified Access Gateway HTTP sessions use a session ID cookie called "ACCESSPOINTSESSIONID". The value of this now changes after user authentication steps to further defend against session fixation attacks.
  • The password expiry period of admins with the monitoring role was previously always set to the same as for the main admin role. This version allows a different value to be set for admins with the monitoring role.
  • The Admin UI now has a session inactivity timer of 10 minutes by default. This value can be set to a different value at deployment time.
  • Updates to Photon OS package versions and Java versions.
  • User activity for applications accessed through Unified Access Gateway with the Workspace ONE Tunnel application can now be visualized in Workspace ONE Intelligence.
    Customers can view what applications are being used, which users are most active, and what websites are most visited, to help provide analytic insight into user behaviors and application usage patterns.

Internationalization

The Unified Access Gateway user interface, online help, and product documentation are available in Japanese, French, German, Spanish, Brazilian Portuguese, Simplified Chinese, Traditional Chinese, and Korean. For the complete documentation, go to the Documentation Center.

Compatibility Notes

For more information about the VMware Product Interoperability Matrix, go to http://www.vmware.com/resources/compatibility/sim/interop_matrix.php.

Lifecycle Support policy

For information about the Unified Access Gateway Lifecycle Support policy, go to https://kb.vmware.com/s/article/2147313.

Installation and Upgrade

To download the Unified Access Gateway, see the Product Download page.

Sizing Options

For the Unified Access Gateway sizing recommendations, go to VMware Configuration Maximums.

Technical Resources

To learn and master Unified Access Gateway, go to https://techzone.vmware.com/mastering-unified-access-gateway.

Resolved Issues

  • An issue relating to HAProxy zombie processes that were not automatically removed is resolved.

  • Resolved an issue in the Admin UI when the RADIUS auth method was removed after previously being set.

check-circle-line exclamation-circle-line close-line
Scroll to top icon