These are the news for Nexus Hybrid Access Gateway.
Excerpt |
---|
2019-09-05 Nexus Hybrid Access Gateway 5.13.3 has been released today. Read more in the Release note Hybrid Access Gateway 5.13.3. This release solves the problem with configuring Skolfederation as an Identity Provider and having to point out the old Skolfederation server in the local host file as a workaround. The Skolfederation will permanently change to the new server which requires customers to upgrade to this version. Main new feature in this release:
Hybrid Access Gateway now offers REST-based web services that allow the configuration of certain object types without using the administration interface. |
...
2019-04-23
Nexus is proud to announce the availability of Nexus Hybrid Access Gateway 5.13.2. Click here for release note.
Main new features in this release:
- Support for signing during SAML authentication
If the SAML request contains a SignMessage
element, Hybrid Access Gateway forwards the contained message to the signing interface of Swedish BankID as well as Nexus Personal Mobile and Nexus Personal Desktop. The same message can also be shown in the browser by changing the authentication method template.
Hybrid Access Gateway displays all authentication methods that are configured for the corresponding AuthContext
.
- Prevent username change during step-up authentication
When a user authenticates with an additional method, username change can be prevented. This property is set to 'true' by default. During authentication, the user id of the linked user is compared to the one in the existing session. If they are not the same, the authentication is declined.
2019-02-01
Nexus is proud to announce the availability of Nexus Hybrid Access Gateway 5.13.1. Click here for release note.
Main new features in this release:
- It is now possible to login to Swedish BankID using a QR code. This featured function is optional.
- The Ubuntu base image of the virtual appliance was updated from version 14.04 to version 18.04. This update includes many fixes of vulnerabilities related to the previous operating system version. See also Hardening of the Hybrid Access Gateway appliance. Since the virtualization tools are no longer included in the Ubuntu base image then the appliance now requires internet access to install them.
Note | ||
---|---|---|
| ||
Customers who use Nexus Personal Mobile need to do the following before upgrading to Hybrid Access Gateway 5.13 from a version before 5.12, to continue with Personal Mobile registration, authentication, and signing:
OR
For instructions, see Migrate Personal Mobile Profiles from Hybrid Access Gateway to Personal Messaging.pdf Contact Nexus for support. |
2018-11-16
Nexus is proud to announce the availability of Nexus Hybrid Access Gateway 5.13. Click here for release note.
Main new features in this release:
...
Added support for Oracle database
The new version of Hybrid Access Gateway has support for Oracle database to be used as external database.
Note |
---|
Due to required changes on a database level a dialect must be added if using an external report database before upgrading to the new version. Without the dialect entry, the connection to the reporting database will fail unless the entry was entered and the administration service was restarted. For further information, see Change report database for Hybrid Access Gateway. |
...
Direct integration of Nexus Personal Desktop
Secure login is now even more convenient in Hybrid Access Gateway, with added smart card support via Nexus Personal Desktop, which is useful, for example, to make digital signatures in Nexus GO Signing.
Improved hardening of appliance
With Hybrid Access Gateway 5.13 the hardening index of the appliance was improved to be even more secure. The overall hardening score (based on Lynis) was increased to 74.
Note |
---|
To improve the hardening index of Hybrid Access Gateway, an SSH configuration parameter ( To increase the amount of authentication attempts:
In case of Hybrid Access Gateway upgrades, this change has to be done after the appliance has been upgraded successfully. |
2018-05-07
Nexus is proud to announce the availability of Nexus Hybrid Access Gateway 5.12. Click here for release note.
Main new features in this release:
- OATH authentication with Google Authenticator et al
The OATH authentication method in Hybrid Access Gateway now supports software token like Google Authenticator or Microsoft Authenticator. With Personal Mobile 3.7 or higher Nexus provides its own implementation of OATH as a software token. - Authentication with Freja eID
With the introduction of Freja eID, Hybrid Access Gateway now supports three different Swedish eIDs. It supports (Mobilt) BankID and Freja eID over a native interface and AB Svenska Pass over SAML. Authentication with Personal Mobile certificate
Besides raw keys Personal Mobile also supports profiles with certificates. In this case the certificates were issued by a CA such as Nexus Certificate Manager. Hybrid Access Gateway now supports authentication with these certificates without the need to know about the user and its user name.
Note | ||
---|---|---|
| ||
Customers who use Nexus Personal Mobile need to do the following before upgrading to Hybrid Access Gateway 5.12, to continue with Personal Mobile registration, authentication, and signing:
For instructions, see Migrate Personal Mobile Profiles from Hybrid Access Gateway to Personal Messaging.pdf. Contact Nexus for support. |
Note | ||
---|---|---|
| ||
For more information, see Configure TLS-enabled notification server. |
2018-05-03
For customers who use Hybrid Access Gateway together with Nexus Personal Mobile, it is recommended to start preparing for Hybrid Access Gateway 5.12, that is soon to be released.
Note | ||
---|---|---|
| ||
Customers who use Nexus Personal Mobile need to do the following before upgrading to Hybrid Access Gateway 5.12, to continue with Personal Mobile registration, authentication, and signing:
For instructions, see Migrate Personal Mobile Profiles from Hybrid Access Gateway to Personal Messaging.pdf. Contact Nexus for support. |
...
2018-03-21
When performing an online upgrade of Nexus Hybrid Access Gateway, certificates and signatures are used to establish a trust between Hybrid Access Gateway and the online upgrade servers. The communication is secured using https and downloaded versions are also signed and verified before the upgrade starts.
The previously used certificates expired the 7th of March 2018. If you run Hybrid Access Gateway version 5.10.x or older you must first update the certificates for trusting the upgrade server before you can perform an online upgrade of Hybrid Access Gateway. More information is found on Nexus Support Portal.
- Go to https://support.nexusgroup.com.
- Select Nexus Downloads, Nexus Hybrid Access Gateway and Updates.
- Instructions are found in the pdf.
...
2018-01-25
Nexus is proud to announce the availability of Nexus Hybrid Access Gateway 5.11.4. Click here for release notes.
Customers who are running Hybrid Access Gateway 5.11.2 need to run the following command from appliance bash and then restart administration service in order to download newer releases:sudo chmod 755 /trust
...
2018-01-08
Nexus is proud to announce the availability of Nexus Hybrid Access Gateway 5.11.3. Click here for release notes.
Due to an issue, the upgrade server could not be reached with Nexus Hybrid Access Gateway 5.11.2. This has been fixed with Nexus Hybrid Access Gateway 5.11.3.
...
2017-12-21
Nexus is proud to announce the availability of Nexus Hybrid Access Gateway 5.11.2. Click here for release notes.
Important issues fixed in this release:
- Nexus GO Authentication with Swedish BankID
With the first version of the NexusGO authentication method it was not possible to map the login credential of BankID (personnel number) to an attribute of the Hybrid Access Gateway user. The user id was used by default. Therefore, the user in Hybrid Access Gateway needed to have the BankID as user id.
A new Extended Property "User Attribute" has been added to allow mapping to, for example, an AD attribute.
...
2017-10-10
Nexus is proud to announce the availability of Nexus Hybrid Access Gateway 5.11. Click here for release notes.
Main new features in this release:
- Access Client for Mac OS
If the portal contains a resource that requires the Access Client, a link will be displayed that leads the user to the Apple AppStore, where the Access Client for Mac OS can be downloaded. - Nexus GO Authentication with Swedish BankID
With this method customers can use their Nexus GO service as a SAML Identity Provider to authenticate using Swedish (Mobile) BankID, without having to set up a contract with BankID.
Other new features are described in these articles:
- Hybrid Access Gateway requirements and interoperability
- Access rules
- Set up email or sms notification channel
...
2017-09-13
Nexus announce End-of-Life for legacy product PortWise Access Manager and Authentication Server (AMAS).
Related information
Release notes
...
All release notes
Supported versions
Supported versions of Digital Access component
Vulnerability/patch-related information
Vulnerability/patch-related information