Skip to main content

v26.03

Knocknoc 26.03

Knocknoc 26.03 is a major usability-and-operations release focused on making day-to-day access clearer and easier to understand - for both end-users requesting access and administrators running the platform.

A far stronger operational experience for Administrators through new activity/access observation capability, source-login/geo-location data, built-in support and log-collection tooling, performance measurement and error visibility, and far smoother configuration workflows. ForΒ end-users, access feels faster and clearer with better feedback during user login, including granting and revocation.

πŸš€ Highlights

  • Knoc dashboards with richer operational visibility, orchestration performance, live/historic utilisation and more
  • User access dashboards with charts, live-state, history and geo-location information
  • Improved end-user feedback and experience during login
  • API Keys simplified, with EDL security and token-regeneration/revocation/protect options
  • New support page with built-in server and agent on-demand log collection/streaming
  • Better SAML error visibility in the admin portal
  • Important security updates including Golang and included libraries

New Knocs overview page - showing live user and access activity

knocs-overview.png

New Knoc page - showing specific access path activity, user sources/locations, back-end metrics and more

knoc-detail.png

New User activity page

users-overview.png

πŸ› οΈ Administrator improvements

  • All-new Knoc overview dashboard
    You now get live statistics on Knoc utilisation. Which users have access right now, from where (including countries) and to what target systems and networks. Observe how long they are accessing systems and at what times of day, including historical information. The performance of the underlying orchestrated device(s) is also shown along with any reported delays or errors. This is a big observability uplift!
  • All-new user activity dashboard
    Administrators can now quickly see access activity on a user basis over time, making it easier to understand usage patterns and review access behaviour on a per-user basis. Countries, locations, times and sub-access activity.
  • New Support capability (includes live log data)
    A new Support page brings together Server and Agent logs in a single place. This is one of the biggest practical admin improvements in this release - clearer understanding of integration challenges, less jumping between systems.
  • API Keys, Allowlists and EDL access tokens
    The Knoc workflow has been streamlined for "allowlist" API keys, also known as "EDL Security" access tokens. These are essentially secrets provided to an orchestrated device to consume lists securely from Knocknoc. You can regenerate and revoke tokens, see current client/firewall utilisation, with clear-text/protect modes now making administration far simpler.
  • Geo-location context for IP addresses
    IP addresses now display country flags and geo details, giving administrators faster context around where requests appear to be coming from.
  • Smarter inputs
    When copying/pasting a hostname, IP or URL from an orchestrated device, Knocknoc now offers suggestions and automatically cleans input to match the format required. This helps admins move faster and reduce mistakes during setup and editing, it even format-checks key material being provided. It just nicer, as an Admin experience should.
  • SAML domain + settingsΒ 
    SAML domains are now shown in authenticators (eg: Google), helpful if you have multiple Knocknoc servers (MSSP users). Configuration and SAML loading errors are now surfaced directly in the admin portal as dismissible alerts.
  • Workflow and wizard reliability improvements
    Multi-step wizard flows has been tightened up, with Orchestration Agent capabilities mapped, streamlining the Admin experience. If you're trying to add a PF orchestration to a Windows Agent, we've got you covered.
  • KnockEvent log consistency + categories
    The KnocEvent log structure powers SIEM integration, which we've expanded to include Trust and Agent events, to better understand the operating environment from your SIEM. Everyone likes a single pane of glass.. We help.

✨ End-user experience

  • Faster, clearer login and per-knoc MFA flows
    The user login experience is more clear, with 'Read' and other status shifting to 'Granted' to make the overall experience consistent depending on the access mechanism. Per-Knoc access MFA onboarding is more clear. Overall it feels smoother and gives users more clarity during access flows.
  • Improved revocation feedback
    During manual access removal processes, users now receive improved feedback that . That sounds small, but it makes the experience much more accurate and reassuring
  • Smarter offline handling
    When users change networks, enable/disable VPNs or disable connectivity in general, the Knocknoc user experience notes this to users whilst automatically retrying access.

πŸ“ˆ Visibility and supportability

  • Live log streaming
    New support experience allows you to view logs from both Agents (on demand) and the underlying Server. This enables direct access to recent operational events, implemented through a ring buffer to avoid bloat.
  • Access history tracking
    Access history visualization and data tables have been added, improving historical tracking and powering the richer visibility now available in the admin portal. This includes live access, historic, geo locations and more.
  • Environment information
    Hostname and machine information is shown, improving environment awareness for Admins.

πŸ” Security and resilience

  • Golang and library updates
    Golang and various libraries have been updated addressing various security issues. Whilst not deemed critical due to our user of these libraries or language subsets, it is recommended these updates be applied.
  • Read-only database and standby improvements
    If you're running a hot/warm PostgreSQL environment, or hot/hot with failover - cutting to the secondary database-replica is handled more elegantly. A standby state is now shown to connecting administrators, along with a smarter automatic-retry process.

πŸ”Œ Agent updates

  • Sonicwall improvements
    The Sonicwall orchestration handles duplicate names/entries more smoothly.
  • Palo Alto improvements
    Minor improvements improving user login feedback.
  • Backwards compatibility
    Improvements were made to the Agent for log-collection and telemetry, older agent support has been improved. Nonetheless older agents should be upgraded to benefit from the new log collection capability along with other features and library updates.

πŸ› Small stuff & bug fixes

  • Firewall serial numbers: No longer need you to hit enter, tab-out/focus change saves it.
  • Cleaner data presentation:Β Usernames, long values and dates/times are just better now.Β 
  • Agent registration: Duplicate Orchestration Agents registrations are better handled, rejecting ghost-twins.
  • Golang and libraries: updated.

Why this release matters

26.03 is not just a polish release.

It makes Knocknoc feel better for end-users, gives administrators much stronger visibility and support tooling, and strengthens important parts of the platform underneath. It is the kind of release that improves day-to-day use: clearer authentication flows, better operational insight, easier troubleshooting and stronger foundations for what comes next.

Release date: 19th March 2026

How do I upgrade?

We intentionally require you to update Knocknoc and any orchestration Agents through your operating system, such as Linux package management. This ensures you stay in control of change management and avoids automatic updates being pushed into critical systems.

Follow this guide to upgrade when you're ready.

Back to top