Skip to main content

v7.5

Announcing Knocknoc 7.5  šŸš€

Weā€™reKnocknoc excited7.5 is a major redesign in user experience, bringing a simplified yet more powerful interface to introduce Knocknoc 7.5, a landmark release packed with features enhancing usability,Administrators and performance.users alike. Here's what's new:

New UI, including Workflow UI

ā€¢ 'Require   Click'A redesigned UI brings simplicity 

 

Knocknoc 7.5 marks a major milestone in our journey to redefine secure network access. This release is a comprehensive redesign of the user experience, delivering a streamlined, intuitive interface that empowers both administrators and end users with greater control and clarity ā€” without compromising on power.

But Knocknoc 7.5 isnā€™t just a facelift ā€” itā€™s a massive uplift in features, performance, and security.

Hereā€™s whatā€™s new and improved in Knocknoc 7.5:

  • Revamped UI/UX: A fresh, responsive interface that simplifies complex tasks while giving power users faster access to advanced controls. The new design enhances visibility across policies, activity, and access requests ā€” making real-time operations effortless.

  • Expanded Security Protections: With deeper behavioral intelligence and hardened access controls, 7.5 boosts resilience against modern attack vectors. Just-in-time network access is now backed by enhanced verification, granular logging, and real-time anomaly detection.

  • Tighter Integrations: Knocknoc 7.5 seamlessly integrates with the tools and platforms you already use, including:

    • Linux (systemd + auditd hooks) for Usertighter AccessOS-level Grants:access Accesscontrol

      controls
      • can

    • Palo Alto Networks and Fortinet firewalls for dynamic rule updates

    • HAProxy for intelligent traffic routing and access enforcement

    • Webhooks & REST APIs for automating workflows and triggering third-party actions

  • Policy Engine Upgrades: The updated policy engine allows for more granular rules, better role-based access control (RBAC), and easier management of multi-environment configurations ā€” from dev to prod.

  • Improved Performance & Scalability: Core components have been refactored for speed and efficiency, enabling faster access evaluations and better handling of large-scale, distributed deployments.

Knocknoc 7.5 is built for the environments where access canā€™t just be configuredcontrolled ā€” it needs to ā€˜requirebe aearned, clickā€™verified, and continuously protected. ThisWhether enforcesyou're usersmanaging critical infrastructure, complex networks, or hybrid environments, this release is designed to triggermeet theyou granting of an ACL manually after login, giving further fine grained controls over selected ACLs.there.

Expanded

Ready Compatibility

to

ā€¢upgrade Improvedyour IPv6network Privacyaccess Extensionsmodel? Support:Dive Seamlessinto operationwhatā€™s new in modern network environments.
ā€¢    Oracle Linux Packages: Knocknoc Server now fully supports Oracle Linux, complementing the existing compatibility for Knocknoc Agent.7.5.

Streamlined

 User Experience

ā€¢    IP Address Detection & Automated Change Polling: Stay on top of network changes with automated IP polling for detected updates.
ā€¢    Refined Allowlists Management: Simplified configuration and utilization for a smoother experience.
ā€¢    Self-Guided Documentation: Enhanced UI paired with built-in, step-by-step guides for effortless onboarding and troubleshooting.

Improved Performance

ā€¢    High-Throughput Stability: Significant improvements for better performance in demanding scenarios.
ā€¢    Logging Improvements: Greater insight and traceability with revamped logging.

Various Minor Bug Fixes and Improvements

As always, weā€™ve been listening to your feedback. Weā€™ve squashed some silly bugs, every little fix helps to provide you with a smoother experience.

These changes aim to improve security, usability, and overall system reliability. For detailed implementation notes, please refer to the full release documentation. Knocknoc 7.0 is a reflection of our dedication to delivering smarter, more efficient tools to meet your needs. Upgrade today and take your experience to the next level! Thank you for being a part of the Knocknoc community!

Release Date: 4th10th December 2024

Version 7.2

We're excited to announce the latest updates and improvements in this release!

New Features
  • Knocker: A new CLI tool for enabling and validating back-ends for use by the Knocknoc Agent, see more here.
  • IP Restriction for AllowList API Keys: API keys in the AllowList can now be restricted by IPv4 and IPv6 addresses, enhancing security by limiting access to trusted networks.
  • Admin User Enable/Disable Control: Admin accounts can now be temporarily disabled and re-enabled as needed, allowing controlled access without requiring repeat TOTP onboarding for local/non-IdP user accounts.
Enhancements
  • SP-Initiated SAML Login Support: Added support for Service Provider (SP)-initiated SAML logins to streamline user experience.
  • Improved SAML Reliability: Enhanced stability and performance of SAML integrations, ensuring broader support.
  • Administrator UI Upgrades: The admin interface has been refined for a more intuitive and efficient user experience.
  • Enhanced Logging: Server and agent logging have been improved to provide more detailed insights and streamline debugging processes.

Release Date: 14th JanuaryApril 2025

Version 7.2.3

Enhancement
  • Custom script backend and IPv6: The custom-scripting backend now receives the full /128 IPv6 address as part of the Grant process. Previously, the address was truncated and only provided the /64 address to automatically cater for RFC4941. Administrators can now decide to add a netmask to the received address as part of the custom-script, or to use the single /128 address.

Release Date: 30th January 2025

Version 7.3.0

New Features
  • Native IPSets: Linux IPSet management is now native to the Knocknoc Agent, greatly simplifying administration and deployment - no longer requiring the use of a script. Existing scripts will continue to function. Read more about this change here
  • Additional IP address discovery: Additional IP address information of the client can be collected for use within ACLs. This is useful in numerous situations including capturing internal and/or external IP source information through to detecting and supporting CGNat environments. See more information here.
Enhancements
  • Easier deployment: Linux IPSets are now enabled by default on Agent installation, making it easier to get up and running with native IPSet backends.
  • Improved Agent UI: The Agent UI now displays capabilities, allowing you to identity what IPSets or back-end systems it is ready to orchestrate.
  • Fortinet orchestration: Fortinet orchestration has been improved, supporting better visibility of errored states.
  • SAML config caching: Problematic SAML providers no longer disrupt the startup of Knocknoc, integration information is now cached.
  • Login routing: The Admin login experience is now simplified, supporting Admin users who attempt to log in to the main user component.
  • Backend enablement: Knocker now supports easier enabling of AWS, Plesk, Junos and more.
  • Scalability: Optimisations to concurrency have been made to support larger deployments.

Note that the location of the Fortinet ini file has changed, please see Fortinet config.

Thanks to all our customers who provided feedback and suggestions to this important update!

Release Date: 5th February 2025

Version 7.3.1

  • Knocker CLI helper: improvements to behaviour under RHEL during initial server setup.

Release Date: 7th February 2025

Version 7.4.0

Version 7.4 brings key improvements in usability, reliability, and performance, along with enhanced features and broader platform support.

New Features
  • Server installation: Now faster and simpler. Automatically generates Letā€™s Encrypt certificates for a branded, self-hosted deployment.
  • Licensing: Softer enforcement allows for overages without disrupting user creation, with entitlements now shown in admin portal.
  • ACL User Experience: ACLs can be selectively hidden and are automatically de-duplicated by description to reduce confusion after login.
  • Logging: Log output follows a consistent, parsable format, with key events clearly marked as ā€œKnocknocEventā€ ā€“ more details.
  • License activation: Now cached to minimise impact from network disruptions.
  • Palo Alto: Improved support for PAN-OS and Panorama, including active EDL refresh calls.
  • Amazon WAF: Added active orchestration for AWS WAF.
Enhancements
  • UI improvements - API IP-restriction management, User creation, Agent creation, Admin TOTP enrolment, table-sorting and elsewhere.
  • Performance - large numbers of concurrent local-user logins has been significantly improved.
  • Compatibility: RHEL and Amazon Linux support.

Release Date: 3rd March 2025

Back to top