Release Notes

Version 25.03.4 of the Anyware Trust Center is a maintenance release that replaces and deprecates 25.03.1.

Previous Releases in This Version

25.03.1

Support for MongoDB 5.x

Trust Center has updated it's internal Mongo DB instance to version 5.x, which requires the AVX CPU extension. Therefore, machines without AVX support can no longer successfully deploy a new Trust Center or upgrade an existing Trust Center to 25.03.0.

25.03.0

Version 25.03.0 of the Anyware Trust Center contains bug fixes and stability enhancements. Additionally, it also includes the following:

Support for Imprivata Authentication

Version 25.03 of the Anyware Trust Center supports Imprivata OneSign for authenticating Trusted Zero Clients connecting to Horizon hosts. Imprivata OneSign enables users to access corporate networks, desktops, and applications with a single sign on. This reduces the need for maintaining separate passwords and prevents unauthorized access.

For more information, see Enabling Imprivata Authentication.

Trust Center Installation with DISA STIGs

In version 25.03, support has been added to enable the installation of the Trust Center on servers and virtual machines that comply with the security policies and configurations recommended by the US DOD Cyber Exchange. For this purpose, a new configuration called `fapolicyd` has been added, which allows the Trust Center components to run on servers that adhere to STIG requirements. For more information see Trust Center Installation with DISA STIGs.

SIPR/NIPR Network Migration

In version 25.03, support has been added for securely migrating Trusted Zero Clients between SIPR, NIPR, and insecure networks. When re-commissioning a Trusted Zero Client for use on a SIPR/NIPR or insecure network, specific steps must be followed to completely erase all local data and configurations. This prevents accidental or malicious access to critical data during network migrations, and ensures compliance with security recommendations.

Support for Darksite Upgrades

Version 25.03 now supports upgrade of Trust Center that does not have a connection to the public internet. Upgrading a dark site requires a temporary internet-connected machine, which downloads the required packages to create an upgrade bundle. The upgrade bundle is transferred to the dark site machine and used for upgrading Trust Center.

The dark site installer for 25.03 also includes a few changes from how the commands are run, from the original 24.07 release.

For more information, see Darksite Upgrade of Trust Center.

Support for Uploading OTA packages to  Darksite Trust Center

As Darksite Trust Center operates without internet connectivity, automatic OTA updates are not possible. Version 25.03 addresses this limitation by introducing a new command for managing firmware within the Trust Center. Administrators can now download as well as upload OTA packages to the Trust Center server without the need for opening an internet connection.

For more information see the following topics:

• Upgrading Trust Center
• Darksite Upgrade

MariaDB Requirement Removed

In version 25.03, MariaDB has been merged into MongoDB. As a result, MariaDB is no longer deployed with the Trust Center. This simplifies end-user management of persistent stores and reduces memory and CPU footprint within the Trust Center.

Other Update

To limit the amount of sensitive data saved into Anyware Trust Center support bundles, the auto-generated Trust Center admin password, typically used as the default password, will no longer be saved to the configuration file. This limits the exposure of sensitive data, and prevents its accidental access.