What's New in This Release

Release 25.03 of the Anyware Trust Center contains bug fixes and stability enhancements. Additionally, it also includes the following:

Info

Anyware Trust Center 25.03 skipped two patch versions, making 25.03.4 the release immediately following 25.03.1.

Version 25.03.5

Darksite Downloads Now Available Through Two IP Addresses

Previously, darksite bundles were downloaded via dl.anyware.hp.com and utilized the global Content Delivery Network (CDN), requiring multiple IP addresses to be allowlisted. With version 25.03.5, darksite bundles will be downloaded through the prod.onboarding.hydra.teradici.com subdomain. This change simplifies allowlisting, as only the following two US-based IP addresses are now required:

• 166.117.189.248
• 166.117.55.125

Non-darksite (internet connected) installations continue to use the CDN, benefiting from its capabilities of supporting regionally distributed downloads. For more information, see Updating the config.yaml file.

25.03.4

Version 25.03.4 of the Anyware Trust Center is a maintenance release that replaces and deprecates 25.03.1.

25.03.1

Support for MongoDB 5.x

Trust Center has updated it's internal Mongo DB instance to version 5.x, which requires the AVX CPU extension. Therefore, machines without AVX support can no longer successfully deploy a new Trust Center or upgrade an existing Trust Center to 25.03.0.

25.03

Support for Imprivata Authentication

Version 25.03 of the Anyware Trust Center supports Imprivata OneSign for authenticating Trusted Zero Clients connecting to Horizon hosts. Imprivata OneSign enables users to access corporate networks, desktops, and applications with a single sign on. This reduces the need for maintaining separate passwords and prevents unauthorized access.

For more information, see Enabling Imprivata Authentication.

Trust Center Installation with DISA STIGs

In version 25.03, support has been added to enable the installation of the Trust Center on servers and virtual machines that comply with the security policies and configurations recommended by the US DOD Cyber Exchange. For this purpose, a new configuration called fapolicyd has been added, which allows the Trust Center components to run on servers that adhere to STIG requirements. For more information see Trust Center Installation with DISA STIGs.

SIPR/NIPR Network Migration

In version 25.03, support has been added for securely migrating Trusted Zero Clients between SIPR, NIPR, and insecure networks. When re-commissioning a Trusted Zero Client for use on a SIPR/NIPR or insecure network, specific steps must be followed to completely erase all local data and configurations. This prevents accidental or malicious access to critical data during network migrations, and ensures compliance with security recommendations.

Support for Darksite Upgrades

Version 25.03 now supports upgrade of Anyware Trust Center that does not have a connection to the public internet. Upgrading a Darksite requires a temporary internet-connected machine, which downloads the required packages to create an upgrade bundle. The upgrade bundle is transferred to the Darksite machine and used for upgrading Trust Center.

The Darksite installer for 25.03 also includes a few changes from how the commands are run, from the original 24.07 release.

For more information, see Darksite Upgrade of Trust Center.

Support for Uploading OTA packages to Darksite Trust Center

As Darksite Trust Center operates without internet connectivity, automatic OTA updates are not possible. Version 25.03 addresses this limitation by introducing a new command for managing firmware within the Trust Center. Administrators can now download as well as upload OTA packages to the Trust Center server without the need for opening an internet connection.

For more information see the following topics:

• Upgrading Trust Center
• Darksite Upgrade

Other Update

To limit the amount of sensitive data saved into Anyware Trust Center support bundles, the auto-generated Trust Center admin password, typically used as the default password, will no longer be saved to the configuration file. This limits the exposure of sensitive data, and prevents its accidental access.

Info

Support for RHEL 8 has been extended until the end of 2025.