Skip to main content

Release Notes

version 2.4.2 (2022-10-05)

  • added support for Network Tags in Cloud Composer v2 GKE Clusters
  • improved audit (config) logging for subnets
  • improved connection handling for very short lived TLS connections with specific server-side implementations (such as Envoy Proxy)

version 2.4.1 (2022-05-05)

  • fixed an excessive retries issue with automatic config building where the service account's role allowed querying of Service Projects but the Host Project did not have shared VPC setup enabled
  • fixed a sporadic connection reset issue, that emitted unexpected response in the logs, and which only occurred in the see-thru monitoring mode while connecting to a destination at very high latency

version 2.4.0 (2022-03-13)

  • new warning message in config logs when a connection test to an FQDN, carried out by discrimiNAT itself, in any allowlist fails
  • serverless support introduced; VPC connectors from Cloud Functions etc. will have their outbound traffic filtered
  • added support for self-attaching an allocated External IP
  • change of one of the default scopes, when the service account is not overridden,from compute-ro to compute-rw; this is to support self-assignment of labeled external IPs
  • discrimiNAT's own instance ID added to every log line under the key instance, indicating which instance the log line was emitted from
  • updated TLS ECH draft extension identifiers

version 2.3.0 (2021-11-02)

  • added support for shared VPC; now Service Projects can use a discrimiNAT instance deployed in their Host Project

version 2.2.0 (2021-08-31)

  • see-thru mode introduced; build allowlists super-quick by putting a Firewall Rule in monitor mode first
  • improved handling for a large number of FQDNs in the allowlists
  • full bypass hook added; please reach out to support for instructions on this
  • updated TLS ECH draft extension identifiers

version 2.0.5 (2021-05-03)

  • restricted firewall rule scanning to the same VPC as discrimiNAT firewall was deployed in

version 2.0.4 (2021-04-03)

version 2.0.3 (2020-11-05)

  • v2 launch
  • completely new architecture addressing the potential for mismatch of IPs addresses as looked up by a protected workload from the VPC resolver and as looked up by the discrimiNAT firewall
  • rewritten in Rust

version 20200529 (2020-05-29)

available on request; v1 is now deprecated; please upgrade to v2

version 20200524 (2020-05-24)

available on request; v1 is now deprecated; please upgrade to v2

version 20200516 (2020-05-16)

available on request; v1 is now deprecated; please upgrade to v2

version 20191207 (2019-12-07)

available on request; v1 is now deprecated; please upgrade to v2

version 20191107 (2019-11-07)

  • v1 launch