Skip to main content

Illumio Core What's New and Release Notes for Release 24.2

Known Issues in Release 24.2.0

Enterprise Server

  • Creating same name workloads from the ip address contextual menu (E-116711)

    On the main workloads component (WorkloadEdit) users are able to create workloads with the same name.

    Workaround: none

  • Refused connection to the Support portal with Segmentation Templates > sign in (E 113084)

    Clicking on segmentation templates > sign in the support portal returns an error.

    Workaround: none.

  • Unable to select a workload inside an open combo node (E-112344)

    Clicking on a workload inside a combo node does not select a workload and the traffic links connected to it are not showing.

    Workaround: none

  • The Explorer page is not loading and redirects to the Traffic page (E-111574)

    Workaround: The Explorer page loads if users enable both Explorer and Classic Illumination.

  • Deleted Workload traffic link shows a policy decision (E-110143)

    A deleted workload traffic link shows a policy decision by mistake.

    Workaround: None

  • Ransomware Dashboard always shows high Protection coverage score (E-106996)

  • Global admin prompted to update Ransomware "Workloads Requiring Protection" but not authorized to do so (E-105756)

  • PCE application log files are not rotated (E-105659)

    Some PCE application log files (agent, collector, haproxy) are not rotated, while the other files are rotated correctly.

    Workaround: none.

  • Standalone PCE not starting up after service_discovery_encryption_key change (E-104880)

    Workaround: none

  • Removal of inactive accounts ignores API use (E-103316)

    In PCE release 22.4.1+A3, user accounts that have been inactive for more than 90 days are removed automatically. However, the active status is determined based only on whether the account has logged in to the web console UI. If the account is used only to issue API requests, it is counted as inactive and removed after 90 days.

  • Updating max results in Illumination Plus (10K) updates the Explorer max results (E-102742)

    The maximum connection number in Explorer gets updated to the same maximum number as the update in Illumination Plus. However, the maximum number in Illumination Plus is 10,000, while in Explorer, it is 100,000.

    Workaround: Update the max results setting in Explorer to get more than 10K results.

  • Recent filters become empty when users run a query from Explorer (E-102525)

    Workaround: None

  • When users load saved filters in Explorer, more than four labels are showing up (E-102438)

    Workaround: None

  • After creating a new organization, users are unable to load saved filters (E-102268)

    Workaround: Create the save filter once you issue a new query from Explorer or Illumination Plus.

  • Enforcement boundaries filters are still showing after enforcement boundaries are deleted (E-102251)

    Workaround: None

  • SecureConnect only logs the "E" on the source (E-101229)

    Works as designed. There is no way to tell whether SecureConnect is in the egress path.

  • Windows 11 shows as Windows 10 on workload/VEN page (E-100844)

    Workaround: none.

  • Flow timestamp incorrect in Illumination for inbound-only or outbound-only reported flows (E-96595)

    The flow timestamp shown in Illumination is unreliable for ingress- or egress-only reported flows.

    Workaround: Use Explorer to see the correct timestamp.

Illumination Plus

  • Explorer/Illumination Plus filter was incorrectly interpreting flows with an empty label group (E-105503)

    When using an empty Label Group as a filter in Explorer or Illumination, the same result was returned as expected if the filter criteria were "Any Workloads."

    This issue is resolved and works as designed.

  • Saved filter for Explore and Loading showing empty data by default (E-102257)

    The created Saved filter for Explore and Loading is showing reported policy decisions with empty data by default.

    Workaround: None

PCE Platform

  • chronyd usage failure (E-111664)

    • 'illumio-pce-env check' cmd relies on 'chronyc' for checking the clock drift.

    • There is a STIG (Security Technical Implementation Guide) security advisory which recommends users disable access to chronyd.

    • As of today, on implementing the STIG directive, 'illumio-pce-env check' results in a warning message: '506 Cannot talk to daemon error'.

    • Federal customers/government agencies are more likely to follow the STIG advisories.

Data Platform

  • Missing vulnerability data in the Workloads Export (E-114354)

    The Workload export feature does not include vulnerability data.

    Workaround: none.

PCE Web Console UI

  • Proposed Rules - Status information is being hidden (E-105098)

    The Proposed Rules status information is hidden by the "Add to Ruleset" page.

    Workaround: The information is shown on the Ruleset Summary page.