Hybrid Data Security release notes
HDS 2024.11.18.6728
- Added support for Saudi Arabia DC.
- Includes the latest security fixes.
- Includes fixes for HDS alarms.
HDS 2024.07.23.6579
- Improves KMS-CLOUD_ACCESS_FAILURE.health and DB_CONNECTION_POOL_ERROR alarms.
- Improves HDS alarms to remove excessive logging and stack-trace.
- Includes fixes for docker connectivity test failures.
- Added support for CSB4 and Java17.
- Includes the latest security fixes.
- Includes a fix that allows unverified guest users to leverage in-meeting chats.
HDS 2024.03.16.6355
Performed a rollback to this version since unverified guest users were unable to use the in-meeting chat feature.
HDS 2024.06.03.6455
- Improves the KMS-CLOUD_ACCESS_FAILURE.health and KMS-DB_CONNECTION_POOL_ERROR alarms.
- Improves HDS alarms to remove excessive logging and stack-trace.
- Includes fixes for docker connectivity test failures.
- Added support for CSB4.0 and Java17.
- Includes the latest security fixes.
HDS 2024.03.16.6355
- Fixes bug to improve the Machine Account expiry alerts logic, refer CSCwj06418.
- Improves Mercury WebSocket connections in KMS.
HDS 2024.02.23.6324
In this initial phase of container registry migration, HDS images are published to the Amazon ECR registry. If the HDS node does not have connectivity to Amazon ECR, images will be pulled from the Docker hub as a fallback option. (For more information, see the "Feature Announcements" tab.)
HDS 2024.02.02.6293
There are no release notes for this maintenance upgrade.
HDS 2023.11.16.6207
-
Fixes bug to resolve DB_PANIC alarm clearing logic, refer CSCwh68639.
-
Fixes bug to resolve a scheduling issue for meetings in the Webex app.
-
Improves handling of Mercury WebSocket connections.
HDS 2023.09.22.6136
-
Fixes bug to resolve the DNS Jail Proxy Setup issue, refer CSCwh56777.
HDS 2023.08.07.6085
There are no release notes for this maintenance upgrade.
HDS 2023.07.17.6057
-
Fixes bug for memory optimizations on HDS node, Refer CSCwh01920.
-
Modifies configurations for Guest users support.
-
Modifies Mercury library to improve WebSocket connections.
HDS 2023.06.13.5989
-
Includes two new alarms:
HMAC_PRODUCER_TASK_FAILURE
andCLIENT_MESSAGES_FAILURE
-
Improves validations for database connectivity
-
Upgrades the tomcat, python, and openssl packages
HDS 2023.04.15.5925
Changes some alarm names to use the 36 character limit expected by the Webex Hybrid Management service.
These are the previous and new alarm names:
-
KMS-SETUP.checkKmsCertificateValidity
changes toKMS-SETUP.checkKmsCertValidity
-
KMS-CLOUD_ACCESS_FAILURE.ci-machine-auth
changes toKMS-CLOUD_ACCESS_FAILURE.ci-ma-auth
-
KMS-CLOUD_ACCESS_FAILURE.mercury-websocket
changes toKMS-CLOUD_ACCESS_FAILURE.mercury-ws
-
KMS-CLOUD_ACCESS_FAILURE.health-check
changes toKMS-CLOUD_ACCESS_FAILURE.health
Improves KMS Certificate Validity alarm by raising it frequently (60 days, 30 days, 15 days and then every alternate day).
HDS 2023.03.09.5885
-
Improves Machine Account expiry alarm by raising it frequently (60 days, 30 days, 15 days and then every alternate day).
HDS 2023.02.14.5845
There are no release notes for this maintenance upgrade.
HDS 2023.01.10.5803
-
Improves SYSTEM-OVERLOAD alarm clearing
-
Increases thread pool size for Avalon Indexer service to fix CSCwe06185
-
Includes the latest common fixes from Webex
HDS 2022.12.06.5766
-
Moves HDS images to
ciscocitg
dockerhub repository. -
Upgrades the Flatcar OS to version 3227.2.4.
-
Includes the latest common fixes from Webex.
-
Includes a more robust OkHttp library to improve handling of websocket connections.
HDS 2022.10.18.5701
There are no release notes for this maintenance upgrade.
HDS 2022.09.28.5677
-
Improves the INDEXER_WEBSOCKET_ERROR alarm.
-
Upgrades the Flatcar OS to version 3227.2.2.
HDS 2022.08.18.5613
Adds support for CI guest tokens.
HDS 2022.08.06.5602
Fixes issues related to HDS support for Federation 4.0.
HDS 2022.07.13.5579
There are no release notes for this maintenance upgrade.
HDS 2022.06.23.5552
- Adds support to ECP for Federation 4.0 and Platform metrics.
- Adds improvements to the DNS Jail Proxy to ECP.
- Upgrades to Flatcar OS and KMS.
HDS 2022.05.23.5520
- Improves alarm clearing.
HDS 2022.04.20.5464
- Adds these new alarms:
KMS-SETUP.checkKmsCertificateValidity
—Raises an alarm when the KMS certificate expiry is in the next 30 days.KMS-SETUP.kmsCertificateExpired
—Raises an alarm if the KMS certificate has expired.
- Includes the latest common fixes from Webex.
- Upgrades to Avalon.
HDS 2022.03.02.5385
- Improves alarm clearing.
- Updates to
KMS-OVERLOAD
alarm.
HDS 2022.01.18.5320
- Adds these new alarms:
KMS-HIGH-MSG-LATENCY
—High message delivery latency.KMS-OVERLOAD
—Load aver-age exceeds threshold.
HDS 2021.12.16.5263
- Fixes issue where syslog reconnects can hang.
HDS 2021.12.11.5253
- HDS alarm improvements.
- Fixes the Log4J exploit: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
- Improves token validation during cross-cluser federation.
HDS 2021.11.23.5221
There are no release notes for this maintenance upgrade.
HDS 2021.11.22.5218
- Upgrades to ECP for third-party security fixes.
- Alarm Manager improvements.
HDS 2021.10.21.5175
- Alarm Manager improvements.
- Improvements to the KMS cert handling.
- Upgrades to KMS and Avalon.
HDS 2021.09.13.5117
There are no release notes for this maintenance upgrade.
HDS 2021.08.10.5057
There are no release notes for this maintenance upgrade.
HDS 2021.07.01.4980
There are no release notes for this maintenance upgrade.
HDS 2021.06.13.4956
- Changes to suppress syslog alarms for 2 minutes while reconnecting.
- Downgrades syslog alarms from Error type to Warning.
- Adds a DB Cleanup Job Exclusion Window. See the Feature announcements for details.
- Third-party driver updates to improve database connections.
HDS 2021.05.27.4941
There are no release notes for this maintenance upgrade.
HDS 2021.05.20.4927
- Changes to optimize database connection resources.
- Refresh token improvements.
- Increase the default database cleanup interval from 1 hour to 10 hours.
- Sets the default number of entries in the User cache to 250,000.
HDS 2021.04.12.4861
- Improves the NTP Server alarms for when the HDS is in DNS Jail mode.
HDS 2021.04.01.4842
- Improves the KMS logic to retry registration with the Encryption service.
HDS 2021.02.10.4763
- Improves Mercury reconnections after outages.
- Improves KMS session key management.
March 2024
In accordance with the previous announcement regarding Container registry migration to Amazon ECR, we expect to complete the migration by the end of March 2024. Kindly ensure connectivity to ECR by allowing the URL, "*dkr.ecr.us-east-1.amazonaws.com
" in your application firewalls and proxies.
December 2023
Container registry migration from Docker Hub to Amazon ECR
HDS container registry that hosts images will be changed from Docker Hub to Amazon ECR. This migration is scheduled to take place in February 2024. We kindly request customers to ensure connectivity to ECR by allowing the URL, "*.amazonaws.com
" in their application firewalls and proxies. This step is necessary to prevent any potential issues during upgrades.
October 2023
We've updated the minimum required Postgres database version to PostgreSQL version 14, 15, or 16. HDS will no longer support PostgreSQL versions 10 and 11, see Database server requirements in the Hybrid Data Security deployment guide.
December 2022
We've started hosting the HDS Setup Tool images in a different
dockerhub repository. We previously used ciscosparkhds
and we are now using
ciscocitg
.
If you are creating or updating a configuration ISO for your HDS nodes, you should get the images from the ciscocitg
dockerhub repo.
See Create a configuration ISO for the HDS hosts and Change the node configuration in the Hybrid Data Security deployment guide.
November 2022
We've enabled HDS nodes to use Windows authentication when connecting to your Microsoft SQL Server database. This improves the security and resiliency of your HDS implementation.
The Hybrid Data Security deployment guide describes how to implement this in your environment.
June 2022
Define an exclusion window for the DB Cleanup Job
You can now define a DB Cleanup Job Exclusion Window in the Advanced settings. The default Exclusion Window is from 1:00–4:59 AM (localtime) on Sunday.