Secure Client (AnyConnect) Release Notes

Feature Overview

Secure Access Public APIs offer flexibility and control for customers, partners and 3rd party vendors. The Secure Access SDK (Software Development Kit), which is built using our Open API Specifications, helps expedite and simplify implementation and integration with Secure Access. This GA release marks a significant milestone in our commitment to providing developers with the tools they need to build custom solutions and enhance their Secure Access experience.

Key Features

• Comprehensive API coverage for Secure Access functionalities.
• Easy-to-use SDK with detailed documentation and examples.
• Support for multiple programming languages.
• Enhanced security features to protect API interactions.

Benefits

• Accelerate development and deployment of custom integrations.
• Improve operational efficiency through automation.
• Enable innovative use cases tailored to specific business needs.

We encourage all developers and partners to explore the Secure Access SDK and provide feedback to help us continue improving this valuable resource.

Para obter uma cópia off-line ou impressa deste documento, basta escolher ⋮ Opções > Página Amigável para Impressora. Você pode então Imprimir > Imprimir em PDF ou Copiar & Colar em qualquer outro formato de documento de sua preferência.

Introdução

Lançamento do Secure Client 5.1.11.388 em 22/Agosto/2025.

Resumo

• Suporte para Linux ARM64
• Suporte para RHEL 10.x

Referências

• Secure Client 5.1.11.388 - Software Download
• Secure Client 5.1.11.388 - New Features
• Secure Client 5.1.11.388 - Resolved Caveats

Cisco Secure Client Release 5.1.9.113 (MR9)

Download

There are three ways to access the Cisco Secure Client:

• Download from the Cisco Secure Access dashboard

  • Connect > End User Connectivity Click the Cisco Secure Client download icon in the top right and download the appropriate software for your operating system.

• The Cisco software portal

  • Deploy with full packages for head end and pre-deploy methods
  • Optional Cloud Connector (Connector is required for all cloud features)
  • Deploys the same way as "AnyConnect" branded releases

• Cisco Secure Client Cloud Management (Windows and MacOS)

  • Cloud features enabled by default
  • Cloud management of profiles
  • Easy cloud updates

Enhancements

• Further optimized the time to restore protection after network state changes in certain instances (macOS)
• Support for alternate (region specific) resolver IPs (Windows, macOS) (Private preview)

Bug Fixes

• Fixed an issue where client UI was incorrectly indicating the User Name field in certain instances (macOS)
• Fixed an issue where client failed to send probes in case of VA configured in an IPv6 environment (macOS)
• Fixed an issue in some rare instances, where DNS redirection may be disabled on one network stack, even when the protection status shows both IPv4 and IPv6 are engaged. (Windows)

Known Issues

• In rare instances, when a device wakes from "sleep state", the Umbrella module may not detect the state change and does not become active (macOS)

Other Changes

• None

These release notes are for the Umbrella roaming security module only. Refer to the Secure Client release notes for a list of new features and bug fixes affecting other modules.

Cisco has implemented support for multiple deployments of Cisco Secure Access to address the needs of our multinational customers. The main deployment, also known as the Global deployment, is distinct and isolated from other deployments, such as the one in China, that meets local operational needs. For example, the China-specific deployment does not provide DNS protection, but does provide Secure Web Gateway (SWG) protection.

Client support for multiple deployments is included starting from Cisco Secure Client 5.1.8 (Windows and macOS), allowing roaming users to connect to the correct Secure Access deployment depending on where they are at the time.

To ensure a seamless experience when roaming between different Secure Access deployments, such as transitioning from the Global deployment to one in China or vice versa, it is essential for IT staff to properly provision the Cisco Secure Client installation. As a result, starting with CSC 5.1.8, Umbrella module now supports multiple OrgInfo.json files. These files contain the necessary configuration that enables the client to register and connect seamlessly to various Secure Access deployments. By doing so, users can maintain consistent and reliable connectivity protection no matter where they are, enhancing productivity and minimizing disruptions.

What has changed with OrgInfo.json?

• Primary OrgInfo.json file: Umbrella module still expects a main OrgInfo.json file in the Umbrella runtime directory.

  • For Windows, the directory is: %ProgramData%\Cisco\Cisco Secure Client\Umbrella.
  • For macOS, the directory is: /opt/cisco/secureaccess/umbrella.

• Additional OrgInfo.json files: Umbrella module now accepts additional OrgInfo.json files from other Secure Access deployments to the same directory. Only one OrgInfo.json file is supported per deployment.

  • The file name must follow the format OrgInfo..json, where the custom name can include letters (a-z, A-Z), numbers (0-9), underscores (_), or dashes (-), for example, OrgInfo.global_org_55.json and OrgInfo.china_org_11.json.

  • Each OrgInfo.json file must include a "region" tag to identify its originating Secure Access deployment. Supported regions are "global" and "china." Any unrecognized region defaults to "global." If the "region" tag is missing, it is assumed to be "global" for backwards compatibility purposes.

  • Upon startup for a new installation of CSC 5.1.8 or later, the client examines the Umbrella runtime directory to locate and process any OrgInfo.json files. These files are then copied into directories corresponding to each deployment, as identified by their "region" tags. The Umbrella/data/regionaldata/ directory stores the files and relevant runtime data.
    Note: OrgInfo.json files in the Umbrella directory are ignored after the initial setup.

    • Once the files have been copied, the OrgInfo.json file is only consumed from the Umbrella/data/regionaldata/ directory.
    • The old runtime directory for OrgInfo.json i.e. Umbrella/data is no longer used.
      Note: In the case of a FedRAMP Umbrella deployment, the OrgInfo.json file is copied from Umbrella to Umbrella/data/regionaldata/fedramp

  • Upon upgrade of an existing installation to CSC 5.1.8 or later, the OrgInfo.json and related files are moved from the directory Umbrella/data to Umbrella/data/regionaldata/global.

    • Once the files have been moved, the OrgInfo.json file is only consumed from the Umbrella/data/regionaldata/ directory.
    • After the move, the old runtime directory for OrgInfo.json i.e. Umbrella/data is no longer used.
      Note: In the case of a FedRAMP Umbrella deployment, the OrgInfo.json file is moved from Umbrella/data to Umbrella/data/regionaldata/fedramp

  • Note: Cisco does not officially support creation of OrgInfo.json via scripts.

    • The encoding of OrgInfo.json must be ASCII or UTF-8.
    • The OrgInfo.json in the Umbrella/data/regionaldata/ directory must have a “region” tag whose value matches the region name in the directory.

• Cisco has implemented a location detection service that uses DNS to determine the current “region”. The service returns a text record indicating the region name. Currently “global” and “china” are the only supported regions. Once the location has been obtained, the client uses the matching OrgInfo.json going forward. This mechanism has been designed to be forward-looking, with support for future deployments.
  Note: in case of FedRAMP Umbrella deployments, location detection does not apply.

Adhering to these guidelines ensures that organizations can configure their Cisco Secure Client for multi deployment support, enabling efficient roaming and protection across different Secure Access deployments.

Overview

Cisco Secure Client can now be deployed from Cisco cloud utilizing Cisco XDR or Cisco Secure Client Cloud Management.
Cisco XDR is a cloud-based security solution that simplifies operations by helping security teams detect, prioritize, and respond to threats. It integrates Cisco and third-party tools into a single platform for comprehensive threat management. Cisco Secure Client with Client Management is the next-generation Secure Mobility Client that combines the existing features of both AnyConnect and Secure Endpoint with a Cloud Management solution in a single, unified end-user interface.
For customers who are not using Cisco XDR, Cisco offers Cisco Secure Client Cloud Management at no additional cost. This service is available to those with an active Cisco Secure Client or Umbrella license.
Both solutions support the creation and uploading of Cisco Secure Client profiles, including the Umbrella Orginfo.json file. Deployments can then be configured to specify Cisco Secure Client modules using these profiles. The Cloud Management module is essential, enabling the client to check in with the cloud every 2, 4, 6, or 8 hours. This ensures that clients remain up to date, as any changes to their deployment are pushed during these check-ins. Additionally, administrators receive a client inventory that displays installed versions, modules, and the last check-in time.
The following image shows the XDR Client Management and Cisco Secure cloud management:

Deploying Cisco Secure Client

In this instance, XDR will be utilized; However, the procedure remains the same when using Cisco Secure Client Cloud Management too.

Profiles

The Profiles page provides a list of all the Cisco Secure Client profiles in your Cisco XDR organization and allows you to create profiles that control the Cisco Secure Client endpoint software.
We recommend that you start by gathering existing profiles or using the profile editor in Client Management to create new ones. The online profile editor can create profiles for the modules listed here. For the Network Access Manager (802.1x supplicant) and the Umbrella Orginfo.json, these profiles must be uploaded.
Note:
There are only two default profiles, and this is directly from the XDR Client Management Help. The NVM Cloud Default Profile is mandatory but the Cloud Managment default profile is optional.
Cisco XDR includes the following default profiles to help you get started with Cisco Secure Client deployments:

• Cloud Management Default Profile
• NVM Cloud Default Profile
  The default profiles are associated with the XDR default deployment, which can be installed on your endpoints to improve detections and enrich incidents in Cisco XDR. These profiles can also be applied to any user created deployments. For more information, see XDR Profiles

Uploading the Orginfo.json profile

Upload the rginfo.json file that you previously downloaded from the Umbrella dashboard.

1. Navigate to Client Management > Profiles > Upload, select Umbrella from the list and click Next.
   A pop-up is displayed.
2. You can either drag and drop the Orginfo.json file or navigate to its location to add this profile and make it available for deployments.
3. After the file is uploaded, go to Client Management > Profiles and, if required, apply a filter for Umbrella to display only the available Umbrella profiles. Typically, this step has to be performed only once. The profiles can be used in multiple deployments.

Create a Deployment

The Deployments page provides a list of all the Cisco Secure Client deployments in your Cisco XDR organization and allows users to define a list of all the packages and related profiles that must be installed on all the computers in a specific deployment within an organization (for example, QA department).

• To create a new deployment, navigate to Client Management > Deployments and click on New. You can also edit existing deployments from the list displayed.
• When prompted, select the operating system for the deployment, that is, either Windows or macOS.
  In this example, Windows is selected.
• Click Create New.
• Specify a name for the deployment: This name will be included in the file name of the final package after the deployment configuration is complete.
• Every deployment includes the Cloud Management module and profile. Choose a version for both the Cloud Management module and the Cloud Management profile. While the default Cloud Management profile typically works well, administrators have the option to create a custom profile, if needed. For example, you might want different check-in intervals or update Windows for certain user groups.
• From the Version Control drop-down list, choose the Secure Endpoint connector version that you want to deploy. If you prefer to not include the Secure Endpoint module, choose Skip and proceed. In this example, Skip is chosen.
  Next, configure the Cisco Secure Client section to include AnyConnect VPN, Umbrella, and DART in the deployment.
  Note:
  If you don27t plan to use AnyConnect VPN, you can skip adding a VPN profile. After completing the cloud deployment, push the VPNDisable_ServiceProfile.xm file to the VPN profile directory (as described earlier in Customize Windows Installation of Cisco Secure Client guide). This hides the AnyConnect VPN tile in the GUI.
  To complete the Cisco Secure Client section of the deployment, we selected an existing VPN profile that was either uploaded or created in Client Management using the profile editor. Along with the VPN profile, we enabled the DART and the Umbrella module, specifying the previously uploaded Umbrella OrgInfo.json profile. This configuration generates a deployment package that includes the specified modules and profiles upon installation.
• After completing the deployment configuration, click Next.
  For Windows deployments, the administrator will have the option to add the Zero Trust Access (ZTA) module for Cisco Secure Client. While the ZTA module is supported on macOS through other deployment methods, it is not yet supported for cloud deployments using XDR or Cisco Secure Cloud Client Management. The ZTA module is designed to work seamlessly with the Cisco Umbrella solution.
  ZTA focuses on knowing, understanding, and controlling who and what is on your network:
• It grants appropriate access based on role or function.
• It controls application access at the network layer.
• By assuming that the network layer is untrustworthy, it helps prevent unauthorized access and breaches.
• When you click Save it finalizes the deployment configuration and presents the Administrator with two installation package options - Network Installer or Full Installer.
• Network Installer: A streamlined installer that includes only the Cloud Management client. When using the Network Installer, it will download the remaining components specified in the deployment in the background.
• Full Installer: A comprehensive package that includes all the installers and profiles configured for the deployment. It is larger than the Network Installer, and when used, it installs the Cloud Management client along with all associated packages from the deployment.
  Both the Full and Network installers will link the device to the deployment from which the installer was created. Whenever the device connects to the cloud, it checks the installed packages against the deployment requirements. The device then updates the packages and profiles to match the deployment, but does not downgrade any packages that are newer than those specified in the deployment.

Post Deployment

After deploying Cisco Secure Client with Cloud Management, both Cisco XDR and Cisco Secure Client Cloud Management offer valuable insights into the clients deployed to the cloud. The administrator can access a comprehensive inventory of these clients by navigating to Client Management > Clients.
A table lists all the Cisco Secure Client devices in your organization along with their data. The following information is also displayed:

• The total number of devices found.
• The number of devices selected.
• Move to Deployment: Click to move selected devices to a specific deployment.
• Create New Deployment: Click to open the Deployments page. From this page, Admin users can define a list of all the packages and related profiles that must be installed on all the computers in a specific deployment within an organization.
• Export to CSV: Click to download the table contents to a spreadsheet. Note that only the contents of the table will be downloaded.
• Each device includes a pivot menu icon that enables you to take action on it. You can perform some actions directly using pivot menu or pivot to the integrated product to perform additional actions.
• The behavior varies slightly when performed in Cisco Secure Client Cloud Management. However, the Administrator can switch to a detailed view for more information.

Additional Reference

For more information about Cisco Secure Client Cloud Management, please refer to the FAQ.

Cisco is proud to release Cisco Secure Client (formerly AnyConnect) version 5.1.8.122 (MR8) as an update to Cisco Secure Client version 5.1.8.105. Customers are encouraged to deploy this latest version.

Download

There are three ways to access the Cisco Secure Client:

• Download from the Umbrella dashboard
  • Deployments > Roaming Computers. Click the Roaming Client download icon in the top right and download the appropriate pre-deployment package for your operating system.
• The Cisco software portal
  • Deploy with full packages for head end and pre-deploy methods
  • Optional Cloud Connector (Connector is required for all cloud features)
  • Deploys the same way as "AnyConnect" branded releases
• Cisco Secure Client Cloud Management (Windows and MacOS)
  • Cloud features enabled by default
  • Cloud management of profiles
  • Easy cloud updates

Bug Fixes

• Occasionally, SWG may not successfully redirect few connections due to incorrect rule match
• Sometimes, changes in connection types (e.g. WiFi to wired) may affect SWG ability to intercept traffic (macOS)
• Occasional KDF disruptions may prevent SWG from intercepting traffic consistently (macOS)

Known Issues

• None

Other Changes

• None

These release notes are for the Umbrella roaming security module only. Refer to the Secure Client release notes for a list of new features and bug fixes affecting other modules.

Cisco Secure Client Release Notes

Cisco is proud to release Cisco Secure Client (formerly AnyConnect) version 5.1.8.122 (MR8) as an update to Cisco Secure Client version 5.1.8.105. Customers are encouraged to deploy this latest version.

Download

• There are three ways to access the Cisco Secure Client:
• Download from the Cisco Secure Access dashboard
  • Connect > End User Connectivity Click the Cisco Secure Client download icon in the top right and download the appropriate software for your operating system.
• The Cisco software portal
  • Deploy with full packages for head end and pre-deploy methods
  • Optional Cloud Connector (Connector is required for all cloud features)
  • Deploys the same way as "AnyConnect" branded releases
• Cisco Secure Client Cloud Management (Windows and MacOS)
  • Cloud features enabled by default
  • Cloud management of profiles
  • Easy cloud updates

Bug Fixes

• Occasionally, SWG may not successfully redirect few connections due to incorrect rule match
• Sometimes, changes in connection types (e.g. WiFi to wired) may affect SWG ability to intercept traffic (macOS)
• Occasional KDF disruptions may prevent SWG from intercepting traffic consistently (macOS)

Known Issues

• None

Other Changes

• None

These release notes are for the Umbrella roaming security module only. Refer to the Secure Client release notes for a list of new features and bug fixes affecting other modules.

Update - March 13, 2025:

Please note: Cisco Secure Client (formerly AnyConnect) version 5.1.8.122 (MR8) has been released as an update to Cisco Secure Client version 5.1.8.105. Customers are encouraged to deploy this latest version. See https://community.cisco.com/t5/umbrella-software-release-notes/cisco-secure-client-5-1-8-122-mr8-update-to-5-1-8-105/ta-p/5270421

Download

There are three ways to access the Cisco Secure Client:

• Download from the Umbrella dashboard
  • Deployments > Roaming Computers. Click the Roaming Client download icon in the top right and download the appropriate pre-deployment package for your operating system.
• The Cisco software portal
  • Deploy with full packages for head end and pre-deploy methods
  • Optional Cloud Connector (Connector is required for all cloud features)
  • Deploys the same way as "AnyConnect" branded releases
• Cisco Secure Client Cloud Management (Windows and MacOS)
  • Cloud features enabled by default
  • Cloud management of profiles
  • Easy cloud updates

Enhancements

• Addressed an issue where DNS protection is impacted due to a conflict with other agents attempting to listen on port 53 (Windows, macOS)
• Secure Client now reports Secure Web Gateway protection status as well to the dashboard (Windows, macOS)

Update - March 7, 2025:

We apologize for any confusion; this capability is currently implemented in the client with reporting in the Cisco Secure Access dashboard, with plans to introduce it to the Umbrella dashboard soon.

Update - May 26, 2025:

this capability is now implemented with reporting in the Umbrella dashboard.

Bug Fixes

• Fixed an issue that causes TCP connections to drop in certain rare instances (Windows)
• Fixed an issue with use of swg_use_kdf.flag that would cause restart of internal state in certain rare instances (macOS)

Known Issues

• None

Other Changes

• Umbrella directory update
  please refer to KB article at https://community.cisco.com/t5/security-knowledge-base/umbrella-directory-update-cisco-secure-client-5-1-8-win-macos/ta-p/5275528

These release notes are for the Umbrella roaming security module only. Refer to the Secure Client release notes for a list of new features and bug fixes affecting other modules.

Microsoft Defender for Endpoint for Mac version 101.1001.1340

Release Date: June 19, 2024

This update for Microsoft Defender for Endpoint for Mac includes performance improvements and bug fixes to enhance the security and reliability of the product. Users are encouraged to update to this latest version to benefit from the improvements.

Key updates:

• Improved detection capabilities for macOS threats
• Enhanced integration with Microsoft Defender Security Center
• Bug fixes addressing stability issues

For more details, visit the official Microsoft Defender for Endpoint documentation.