Visual Guard Update List

Release Candidate

Major Features of Visual Guard:

  • MFAPolicy at 2 Tiers: 
    Introducing a two-tiered approach to MFA policies, Visual Guard 2024.0 allows for the implementation of both GlobalPolicy and ApplicationPolicy. This dual-layered policy framework ensures a flexible yet secure environment, catering to the broad security requirements at the organizational level while allowing for application-specific MFA configurations.
  • MFA Deployment to Other VGRepository:
     Expanding the reach of MFA, Visual Guard 2024.0 enables the deployment of MFA settings across different VGRepositories. This feature ensures that MFA protections are uniformly applied, enhancing security across all platforms and applications managed within the Visual Guard ecosystem.
  • Enrollment of the User with VGIdentityServer: 
    A streamlined user enrollment process with the VGIdentityServer simplifies the integration of MFA, ensuring that users are quickly and securely onboarded with multi-factor authentication protocols.
  • Comprehensive MFA Integration: 
    Visual Guard 2024.0 intricately weaves MFA into all its functions, providing detailed insights into how multi-factor authentication works seamlessly within the Visual Guard framework to protect sensitive data and applications.
  • Duplicate Role: 
    Visual guard allows you to duplicate a Shared Role & Application role within your system that mirrors an existing role, duplicating all similar permissions and responsibilities. This feature is exclusively available in VG 2024 and later versions.

Introducing VGMagicLink

A standout feature of Visual Guard 2024.0 is the introduction of VGMagicLink, a revolutionary technology that enhances the MFA experience. VGMagicLink allows for real-time authentication, enabling users to gain access to secured applications immediately after validating a unique link. This technology offers an alternative to traditional OTP and email link methods, providing a seamless and efficient way to ensure security without compromising on user convenience.
VGMagicLink exemplifies Visual Guard’s commitment to innovation in security, offering users a quick and secure authentication method that aligns with the modern need for immediate and reliable access to applications.

Visual Guard’s Login Flow with Magic Links

Visual Guard Magic Links

VGSecurityRuntime

MFA Integration in the Authentication flow
This update ensures that during authentication, users are required to provide multiple forms of verification, adding an extra layer of defense against unauthorized access, and fortifying the overall security posture of the system.
MFA Deployment – Repository and Application Level
This feature allows to import MFA policy and its configuration from the source repository to the target repository. This is helpful when an administrator want to copy the policy and configuration from Dev or QA repository to the Production repository.
MFA Enrollment Flow
The MFA enrollment flow involves users registering one or more secondary authentication methods, such as a phone number for SMS or email ID for link, which are then required in addition to the primary password for enhanced security during login.
MFA Integration in Angular Apps
This update enables Angular applications to implement MFA, providing a secure, interactive user verification experience without compromising the app’s performance or user interface.
MFA Policy – Global and Application Level
This feature allows for the precise tailoring of MFA requirements, ensuring that security measures align perfectly with specific organizational policies and application-specific needs.
Password Policy Flow Change for MFA
This change harmonizes password regulations with MFA requirements, enhancing overall security while streamlining the user’s authentication journey.
.Net 8 Support
VG 2024 will support .Net 8.0

VG WinConsole

Added Support for Multi Factor Authentication.
This new feature enhances security by requiring users to provide additional verification beyond their credentials, ensuring a robust defense against unauthorized access.   
Add/Edit Identity Server Configuration  
Several configuration changes have been made to the IdentityServer and new properties have been added to the WinConsole settings. This allows for more flexible configuration of the VGIdentityServer. ex. Authentication Preferences, Grpc Private service references, Auto restart options etc.
Add/Edit Global MFA Policy
With this feature, you can now easily add or edit Global MFA policy at an organizational level by specifying certain parameters for multi factor authentication.
Add/Edit Application MFA Policy
With this feature, you can now easily add or edit MFA policy at an application level by specifying certain parameters for multi factor authentication.
Deployment of MFA (Global MFA Policy and MFA Configuration)
It will allow you to deploy Global MFA Policy and MFA Configuration from source repository to target repository. 
Add Existing Repository via VGIdentity Server
This feature allows you to easily connect and incorporate your data and resources into VGIdentity Server, enhancing user access control, authentication, and security.
MFA license key
The MFA (Multi-Factor Authentication) License Key is a unique code generated to activate the MFA feature within the product. It’s tailored according to the specific features associated with each key, ensuring a customized security setup.
Duplicate Role
Visual guard allows you to duplicate a shared role and application role within your system that mirrors an existing role, duplicating all similar permissions and responsibilities.
Miscellaneous Settings
With minimal effort, Master Administrators can manage user impersonation for both Identity Server and workflow, streamlining administration tasks.

VG WebConsole

MFA Login Integration
This update ensures a fortified entry mechanism, balancing strict security measures with a smooth user authentication flow.
MFA Policy – Global and Application Level
Administrators can now define multi-factor authentication policies to secure the entire organization (Global) and customize them for specific applications, ensuring flexible yet robust security measures.
Passwordless Authentication
This feature gives the access to your account using alternate methods, such as secured link or one-time codes (OTP), enhancing both security and user experience.
Password Policy with MFA
This feature allows users to set and manage strong password requirements while incorporating multi-factor authentication for an added layer of protection.
Getting Started
This feature provides a user-friendly onboarding experience, guiding new users through the essential steps of setting up Visual Guard.
Duplicate Role
Visual guard allows you to duplicate a shared role and application role within your system that mirrors an existing role, duplicating all similar permissions and responsibilities.

VG IdentityServer

Visual Guard’s Identity Server receives significant updates in 2024, focusing on user experience, customization, and security enhancements. These updates streamline the configuration process, enhance user interface customization, and integrate advanced security features like Multi-Factor Authentication (MFA).
Configure Repository Wizard
This wizard will help you to configure the repository(storage) with IdentityServer when VGIdentityServer is started very first time.
Configure Local Settings
This wizard will allow you to configure the local settings for Identity server.
Configure Identity Server Options
This feature will allow you to configure the identity server options.  ex. Authentication Preferences, Grpc Private service references, Auto restart options etc.
Customize UserInterface 
You can customize the VGIdentityServer user interface by adding pre-defined Visual Guard variables for website text. For example:

  • [ApplicationId] – Gets the application Id.
  • [ApplicationName] – Gets the application Name
  • [ApplicationDescription]- Gets the application Description)

MFA Enrollment Process for users

  • Send Verification & Validation for Email Address and Mobile Number
  • Register EmailAddress, MobileNumber. 

This will ensure that users can confidently access their accounts with an added layer of protection against unauthorized access.
Integration of MFA for Existing Authentication Modes
Enhance security by seamlessly integrating Multi-Factor Authentication (MFA) into your existing authentication methods. Users now have an added layer of verification for increased account protection and data security.
Select MFA Preferences (ex. OTP Authentication, Link Authentication) and Authentication.
This feature allows individuals to select their preferred MFA method, enhancing their login experience and security.
Support for Clustering Environment.
This feature will allow to setup the clustering environment/load balancing environment via configuration.
Implementation of Remember Me on Login Form.
Users can now choose to have their login credentials remembered, streamlining future login processes and providing a smoother user experience.
Implementation of Default Authentication Mode & Default Domain Name on Login form
Users can now pre-select their preferred authentication method and domain for a more efficient and personalized login experience.
Changes in VGIdentityServer-Private Mode (performance improvements)
These enhancements optimize the application’s responsiveness and speed.

API Level
Implementation of MFA Enrollment Web-API Functions

  • Send Verification & Validation for EmailAddress and Mobile Number 
  • Register Email Address, Mobile Number

This allows for easy, programmable MFA credential management, significantly bolstering application security.
Integration of MFA in Existing Authentication Methods of API
This integration ensures a robust, user-friendly authentication process without compromising the existing API structure and flow.
Integration of MFA in Existing Authentication Methods of API for PowerBuilder
This feature seamlessly incorporates an additional verification layer into PowerBuilder applications, ensuring secure user access without altering the established API workflows.
Integration of Passwordless Authentication in API for PowerBuilder and Other Authentication Modes
This innovative approach enhances security and user experience by eliminating the need for traditional passwords, instead utilizing secure, user-friendly authentication methods such as biometrics or verification codes.
Postman Changes for all Methods
These changes are designed to simplify the integration and testing of various authentication methods, including MFA and Passwordless authentication, directly within the Postman environment.

VG 2020.3

New Features

  • VG Angular
    We have upgraded our framework to Angular version 15. This upgrade enhances performance and security.
  • API Documentation
    We have published new API documentations on Postman. These documentations will aid developers in understanding how to use our APIs more efficiently.
  • MFA Azure Front Door
    We added a “no-store” cache control header to the response of MFA Azure Front Door. This will help to ensure that sensitive data is not stored in the browser’s cache.
  • WinConsole: Repository Connection
    The WinConsole can now connect to the VGIdentityServer. This will allow better integration between these two components.
    WebConsole Attendance Monitoring
    Modifications have been made to the calendar control for tracking attendance hours. This will help to improve time tracking accuracy.
  • WebConsole: Role Deletion
    The “Delete Role” option has been moved to the bottom menu in the WebConsole for better ergonomics.
  • WebConsole: Loading Icon
    A loading icon has been added to the workflow data monitor in the WebConsole to indicate when data is being loaded.
  • WebConsole: Workflow Settings Improvement
    The last execution time of VGWorkFlowServer has been added to the WebConsole settings. This will allow users to see when the workflow server was last run.
  • IdentityServer Configuration
    Several configuration changes have been made to the IdentityServer and new properties have been added to the WinConsole settings. This allows for more flexible configuration of the IdentityServer.
  • Angular Documentation
    The Angular integration documentation has been updated
  • VG SaaS UI Update
    The UI of VG TRIAL SAAS has been updated to include left-hand margins, clickable titles that open in new windows, a separator below the ProgressBar, and CSS changes on button click. This improves the overall user experience.
  • VG Runtime
    The system has been upgraded to version 4.6. This upgrade brings security and performance improvements.
  • Password Policy Comment
     A comment has been added for the Auto-Unclock feature in the password policy. This gives users a better understanding of this feature.

Bug Fixes

  • WebConsole | Monitoring | Graph
    The graph display for a 15-month range has been fixed. The graph no longer reverts to only two bars.
  • Documentation
     Fixed the bug where the eazydocs_get_option() function was not found. This solved an issue with the documentation site’s theme.
  • Oracle Migration
    Fixed migration errors from 2019.2 to 2020.3 in oracle repositories. Users will no longer see error messages when logging in.
  • VGSecurityRuntime VGUser Creation
    Fixed an issue that prevented creating a second VGUser in a new SQL repository without a license. The incorrect error message will no longer appear.
  • Authentication Modes
    Fixed differences in authentication mode selection when adding a new repository in WinConsole and WebConsole. The options will now be consistent between the two.

VG 2020.2

VG Security Runtime

  • VG Multi-Factor Authentication (VG MFA)
    Visual Guard now includes a proprietary Multi-Factor Authentication system. Users have to enter a Pin code (One-time Password / OTP) or click on a link, sent by SMS or email.
  • VG Passwordless Authentication
    Users can verify their identity without entering a password. In addition to simplifying the user experience, VG Passwordless Authentication strengthens security and reduces the risk of Identity thefts.
Multi-factor Authentication
Visual Guard MFA

VG WinConsole

  • Enabling MFA for existing Visual Guard Accounts.
    You can choose which account is MFA ready and progressively implement strong authentication.

VG WebConsole

  • Enabling MFA for existing Visual Guard Accounts.
    You can choose which account is MFA ready and progressively implement strong authentication.
  • Deleting Applications
  • Support for Office 365 SMTP
  • Enhanced export of VG EventViewer to Excel

VG Identity Server

  • Load Balancing
    Load Balancing is now supported, between several VG Identity Servers connected to the same VG Repository, and sharing the same configuration.
  • New protocols added to speed up communications between VG Identity Server and VG Runtime(s): GRPC V1 and GRPC V2 (Windows 11)

Bug Fix

  • Separate Authentication from the Workflow Server
    Because the Workflow Server works continuously, we saw 1000 to 2000 authentication per day only for the Workflow Server
  • Improve maintenance operation
  • Connection to VG IdentityServer

VG 2020.1

VG Security Runtime

    • Enhanced permission management for PowerServer
    • A new entity called VGDistributedTransient has been added for supporting load balancing

VG WinConsole

  • Permission Matrix
    Generating permission Matrix from the WinConsole, for Applications, Roles, and Users
  • Managing Web API permission for PowerServer
    • Datastores are listed automatically by scanning the PBLs of the PowerBuilder application.
    • Mapping Datastores and Resources (which datastores access which tables for Create/Read/Update/Delete purposes). This allows creating permissions at table level : VG will enforce these permissions anytime a PB client is accessing the related datastores.
    • Creating fine-grain authorizations to allow Reading / Updating / Deleting / Creating from specific Resources (tables)
    • Creating fine-grain authorizations to allow Reading / Updating / Deleting / Creating from specific datastores
  • When searching for users, the “contains” operator is now selected by default.
  • Exporting Groups and Roles details in Excel files
  • Enhanced Configuration UI for Identity Server
  • New progress bar to monitor repository deployment / importing processes.
  • Support for Cross-origin Resource Sharing (CORS)

WebConsole

  • Migration to .Net Core 3.1
    Overall response time and performance improvements
  • New WebConsole features
    • Renaming an Application from VG WebConsole
    • Managing Web API permission for PowerServer
      (see WinConsole for more details)
    • Exporting Event Logs in Excel
    • Generating Permission Matrix from VG WebConsole
    • Generating VG configuration files
    • Viewing VGLicense details
  • If a user accessed the WebConsole with a Windows SSO authentication, he is able now to edit the UI language

VG Identity Server

  • New APIs
    • ChangePassword()
    • ForcePassword()
    • WriteLog()
    • GetCurrentPermissions()
    • GetCurrentRoles()
    • SetProfileAttribute()
    • GetProfileAttribute()
    • GetAllRoles()
    • Grant and Revoke Role
  • When connecting to a VG Repository via VG Identity Server, accessible databases are automatically listed.

Visual Guard 2020.0

VG Security Runtime

  • Support for .NET Core
    Visual Guard now supports .NET Core with a new assembly  Novalys.VisualGuard.Security.Core
  • Permission Matrix
    You can now generate a permission matrix at role, group, and user level. This matrix shows in a grid the dependencies between users, roles, and permissions.
    Permission  Matrix
  • VG Server private mode is now replaced by a direct HTTPS communication from the VGSecurityRuntime to VG Identity Server
  • Support for PowerServer 2021
    • Authentication modes supported with PowerServer 2021:
      • Windows accounts (authentication via Active Directory)
      • Single Sign-On with Windows accounts
      • OAuth2 authentication
      • Token-based authentication
      • Login/password authentication

PowerServer 2021
    • Dynamic permissions supported for PowerServer 2021
      Dynamic permissions are Fine-grained permissions implemented without modifying the code.
      They control access to specific features in the PB client, as well as the Web API. On the server-side, they allow securing resources (DB tables in most cases), regardless of the client technology: PowerBuilder, .NET, Angular, etc.

VG Identity Server 

VG Identity Server is a new Server. It is replacing both VG Server and VG WebPortal, which are no longer included in Versions 2020 and above.
VG Identity Server manages Identities and Access Control, using OpenID Connect or OAuth 2.0 protocols.

In addition, VG Identity Server can also:

  • Authenticate users via external identity providers (Microsoft, Google, Facebook, etc.)
  • Manage user sessions 
  • Federate several independent websites or applications across a single user session (Single Sign-on)
  • Generate or validate tokens
  • and more…

VG Identity Server supports contextual roles and groups, to adapt an authentication UI to the business context of a user.

WebConsole

  • New Design
    The Visual Guard WebConsole has been redesigned and offers more customization options and styles

  • Visual Guard WebConsole User Identity Management Dashboard
  • New features: 
  • Enhanced monitoring:  information has been narrowed down to relevant events. Data is preloaded for faster response time.

  • Visual Guard Workflows
    VG Workflows are managed within the VG Web Console.
    They replace VG notifications and are meant to automate the detection of certain application events, to trigger required actions.
    They are created/edited with a visual designer.
Visual Guard WebConsole User Identity Management Dashboard

Visual Guard Documentation

Visual Guard 2019 GA

Support of .NET Core

  • Visual Guard 2019 is compatible with .Net Core to secure cross-platform (Windows, macOS, and Linux), cloud, and IoT applications
Visual Guard supports .NET Core

Support of Angular

  • VG 2019 includes a new module to simplify the integration with Angular applications.
Visual Guard supports Angular

Web Administration Console

  • The VG 2019 Web Console has been redesigned. In addition to offering a modern look, it is now responsive and can be used on all screen sizes, including mobile devices.
  • The web console also includes new graphs for applications and sensitive activities monitoring

Win Administration Console

  • Visual Guard 2019 supports securing .Net Core applications (.Net Core Console and .Net Core Web Applications), Hence using Visual Guard WinConsole, you can add your .net core applications to the repository.
  • In the Event viewer wizard, it allows to filter event logs by application.
  • Now, you can have the progress status of deployment process in deployment repository wizard.
  • It allows to 'Edit Permissions' for Role and PermissionSet in more user-friendly way.
  • It allows to 'Edit PermissionSets' for Role and PermissionSet in more user-friendly way.