New Features

Faster Remote Desktop with Cloudflare Calls and Google STUN

The latest update to ISL Conference Proxy (ICP) optimizes remote desktop performance through improved ICE functionality, enabling faster and more efficient connections with expanded connectivity options.

By default, direct connections will use the Cloudflare Calls STUN address.

ICE functionality has been updated in ISL Conference Proxy to support Cloudflare Calls and Google STUN. The following updates were made:

• “List of ICE servers for RPC” setting under /conf -> ICE Configuration now defaults to: {{google}}, {{cloudflare}}, {{turn_servers}}.
• “Use Cloudflare Calls STUN Address” is enabled by default, so direct connections will use the Cloudflare Calls STUN address when the ICE server list includes {{cloudflare}}.
• “Use Google STUN Addresses” is disabled by default. When enabled, direct connections will use Google STUN addresses if included in the ICE server list.

The DB settings section has been renamed from “Cloudflare API Settings” to “Cloudflare Spectrum API Settings”. Error levels when Spectrum query credentials are not set have been reduced, and faster queries for Spectrum credentials are now performed.

Notify user about email or password change

ISL Conference Proxy now supports sending email notifications to users when their email or password is changed (whether by the user, a domain admin, or a server administrator). New server and domain-level settings have been added under /conf -> Configuration -> General -> Mail -> Templates, allowing you to customize email templates:

• Account name: This setting allows you to personalize the service name that appears in the email subject and body. For instance, the subject could display “[Account Name]: Reset Your Password”. If no name is specified, the installation or server name will be used, in that order of priority.
• Customer service URL: Define a support URL (e.g., www.support.company.com) or an email address (support@email.com) to use as the [customer_service_url] parameter in system emails. By default, this parameter is only included in the “Email Change Notification” template, but it can be added to other emails. If you don’t want to include a customer service URL, leave this field empty.
• Password change notification: When enabled, users receive email notifications when their account password is changed. These notifications do not include the new password for security reasons. If disabled, users will not receive any notifications for password changes. This setting is enabled by default.
• Email change notification: When enabled, users are notified when their account email is changed. These notifications help users stay informed about unauthorized changes. If disabled, users won’t receive any notifications for email changes. This setting is enabled by default.
• Mail template for password change notification
• Mail template for email change notification

Additionally, existing email settings have been reorganized into new groups, renamed, and enhanced with updated descriptions.

Email change notification > Password change

A new log subsystem, [Core] Change User Email (User Action), was added to record user email changes (whether by the user, a domain admin, or a server administrator).

Add icon for mobile platforms in computer and sessions list

Support has been added for displaying a mobile platform status icon for computers. When the platform is “Android”, a mobile icon is shown for connection status. If all connected clients are mobile, a mobile icon will be displayed, otherwise, a computer icon will be used. The icon for the number of connected clients has also been updated.

ISL AlwaysOn – ISL Light integration has been modified so ISL Light reports the operator’s platform.

ISL Conference Proxy > Sessions

Icons on the Sessions page have been updated as follows:

• Icons now adjust based on the client/operator platform.
• Sessions in the “Waiting for Client” state now display the operator’s icon (mobile/desktop).
• Sessions in the “Waiting for Operator” state now show the active icon (previously a grey icon).

File type check for web-based uploads

A file type check was added to ISL AlwaysOn for remote file uploads and downloads via the web. If a file type is not allowed, uploads or downloads will fail. Blocked and allowed file extensions are defined by the existing settings: “Blocked file extensions for user upload” and “Allowed file extensions for user upload”.

Configurable password history

A password history feature was added, preventing users from reusing recently used passwords. The default history size is 24 passwords, with a maximum of 100. Password history is updated only when users change their own passwords; administrative changes do not affect it. When a new password is added, older entries are removed to maintain the defined history size.

The following settings were added under /conf -> Security -> Password:

• Password history size: Specifies how many of a user’s recent passwords will be stored. Default: 24.
• Maximum password history size: Upper limit for the password history size. Default: 100.
• Minimum password age: Defines the minimum time between consecutive password changes. Default: not set.
• Password expiration interval (renamed to “Maximum password age”): Sets the maximum time allowed between password changes before the user is forced to change their password. Default: not set.

Emphasize join session warning

The warning “Only join sessions with people you recognize and trust!” has been emphasized across all session types (ISL Light, ISL AlwaysOn, ISL Groop), including older versions of the session pages and the mobile join page.

ICP > Join Page > Thank you for downloading (Client)

Customization .zip upload support

Support for uploading customizations as .zip files was added. The .zip must contain a manifest.json file and customization files (files listed in the manifest), following this format:

{
    "type": "customization",
    "name": "my_customization",
    "default": "1", //This is set to 1 only if you want to apply this customization as default server wide
    "spec": [
        {
            "key": "program_setting::ISL+Light::grid_nice_name::system",
            "value": "Example ICP Grid"
        },
        {
            "key": "program_setting::ISL+Light::icon",
            "value": "icon.png"
        }
    ]
}

Limit GRID file transfers file size

File transfers via GRID storage are now limited to a maximum of 256 MB. Attempting to transfer files larger than this will fail.

Android Device Limit

A new setting, “Maximum number of owned remote access Android devices within a domain”, was added to limit the number of Android devices that can be owned for remote access within a domain. This setting can be found under /conf -> ISL AlwaysOn -> Owned Remote Access Devices Limit.

If users attempt to add more Android devices than allowed, an error message will appear, indicating that the maximum number of owned devices has been reached. Note that Android devices shared with the user do not count toward this limit.

Minimum window size in ISL Pronto

New settings for ISL Pronto have been added to enforce a minimum size for the browser chat window. The new settings are:

• Minimum chat window width: This setting specifies the minimum width of the chat window in pixels, including the width of the vertical scroll bar (if present). It excludes any toolbar, window chrome, or resizing borders/handles. The chat window will automatically resize to this minimum if reduced below the set width.
• Minimum chat window height: This setting specifies the minimum height of the chat window in pixels, including the height of the horizontal scroll bar (if present). It also excludes any toolbar, window chrome, or resizing borders/handles. The chat window will automatically resize to the minimum height if reduced below this size.

Use consistent subjects in ICP system mail

The email subject prefix “ISL CP” has been replaced with “ISL Conference Proxy” for consistency. Subsystem emails now include the prefix “ISL Conference Proxy: “ to ensure uniformity across all emails.

ICP Go TLS Client

TLS client support with public certificate checking using the trusted system certificate store has been added. Two features were introduced:

• A new SMTP connection type, “SSL/TLS”.
  • existing types were renamed to “STARTTLS without certificate check” and “SSL/TLS without certificate check”
• Existing types were renamed to “STARTTLS without certificate check” and “SSL/TLS without certificate check”.

Additionally, the Map Path to HTTP Backend now includes the option ssl=1 to enable HTTPS (e.g., {path=/test123&remote=www.google.com&ssl=1}).

Added Authorization header to HTTP event sender

A new setting, “Global HTTP Events Authorization Bearer Token”, was added under /conf -> Integration. Similarly, the “Per-domain HTTP Events Authorization Bearer Token” was introduced in the domain settings. When set, the Authorization header will be added to HTTP event senders with the value Bearer VAL, where VAL is the value of the setting.

Require Windows 10 / Windows Server 2016

The minimum required version for running ISL Conference Proxy on Windows has been raised to NT 10.0, meaning Windows 10 or Windows Server 2016 is now required.

Introduce new web version v2400 and switch default to v2400

A new web version, “v2400”, has been introduced and is now the default. Web pages from version v2200 were copied to v2400.

Update database to GeoLite2-City 2024-11-01T16:05:45Z

Updated GeoIP to use the database GeoLite2-City 2024-11-01T16:05:45Z.

Upgrade OpenSSL to 3.0.15

OpenSSL was updated to 3.0.15, osslsigncode tool was updated to version 2.8.

Upgrade to Go 1.22.1

Go was upgraded to 1.22.1.

Upgrade to libxml2 2.12.9

Libxml2 was upgraded to version 2.12.9. Libxslt was upgraded to version 1.1.40.

Bug Fixes

Bulk delete of computers in computer group

In previous versions, bulk deletion of computers was not allowed if some computers were shared. This has been redesigned—deletions are now performed in a loop, and failed attempts are tracked. If a computer cannot be removed due to insufficient permissions, its name will appear in the error message. If all succeed, a success message will be shown.

The defect was fixed.

Do not show computer or computer group owner in the list of shared users/user groups

In previous versions, the computer owner was shown in the “Share Computer” modal under the “Selected” tab. The owner is no longer shown in the “Selected” tab and is disabled in the “Users” tab. The “Selected” table now displays “No results” when the computer or group is not shared with any users or groups.

The defect was fixed.

Users and user groups lists does not load additional items when bottom of list is reached

In previous versions, the list of users did not always load fully when sharing groups. This has been redesigned to ensure additional items load when the bottom of the list is reached.

The defect was fixed.

Show actual reason for killed session instead of generic concurrent error 

In previous versions, when an ISL Light session was terminated before starting, a generic error message indicated that the concurrent limit was reached. The error message has been redesigned to display the correct reason for the termination, such as being terminated by the user or server.

The defect was fixed.

Administration – Use FixPublicCodeAPI

In previous versions, creating external groups did not set the public code, causing the group to be invisible in the Administration pages. This has been redesigned so that public codes are always set.

The defect was fixed.

Operator end chat permission

A new setting was added to allow or disallow ISL Pronto operators to end chats. The new setting is “Allow operator to end chat”.

Other fixes & improvements

Security updates, bug fixes, added missing translations, and log improvements were made to enhance stability, security, and performance.

New Features

Remote access for Android devices

With the new ISL Light for Android, you can remotely access Android devices, including smartphones and tablets. Once remote access is configured on an Android device, it will appear under the Computers tab in ISL Light (desktop or mobile app), allowing you to access and manage the Android device at any time.

Note: Full Remote Control (remote user has full control of your mobile device (rather than view only), and Unattended Access (remote access without user confirmation) are supported on:
• LG devices (add-on downloaded automatically)
• Cyrus devices (add-on downloaded automatically)
• Honeywell devices (add-on downloaded automatically)
• Zebra devices
• Samsung devices (if using Samsung Knox)

Devices without specific add-ons will require confirmation for remote access session and permit only viewing access. For other devices, please contact support. A universal add-on that supports more devices is planned for release soon.

ISL Light (Desktop App) > Computers > Android device aka Google Pixel 9

Additional management options are now available, allowing users to enable or disable remote access directly on the Android device and to manage access credentials by setting or changing the main or connection access passwords. Users can also manage the list of accounts who have access to the device, providing expanded control over Android device management.

ISL Light (Mobile App) > Remote Access

Transition to codebase v4

ISL Light for Android has migrated from v3 to the v4 framework, bringing re-implemented support for Samsung Knox, redesigned chat, and enhanced v4 plugin integration for audio, and screen-sharing capabilities. This update includes improved session control, viewer options, and system information support, along with high-quality desktop streaming and new translation support.

Connect options for remote access

ISL Light for Android now includes support for connect options within the remote access computer information screen, matching the options available on the desktop version. These options will be saved for the next session on mobile device if the connection is successfully established.

ISL Light (Mobile App) > Computers > Computer > Connect Options

Audio/Video call

ISL Light for Android now supports audio or video call, with ringtone alerts for incoming calls.

ISL Light (Mobile App) > Session > Audio/Video Call

Raise target SDK to version 34

ISL Light for Android has raised the target SDK to version 34 to comply with Google Play’s requirement for apps targeting Android 14 (API level 34) or higher, effective August 31, 2024. The following updates were made:

• Android SDK: Updated from version 33 to 34
• Gradle: Updated from version 4.10.2 to 7.5
• Android Gradle Plugin (AGP): Updated from version 3.2.0 to 7.4.2
• sourceCompatibility: Updated from VERSION_1_8 to VERSION_11
• Android Studio: Required upgrade from Chipmunk 2021.2.1 Patch 2 to Koala 2024.1.1 Patch 2

Bug Fixes

Session start issue on non-default server from web

An issue prevented session start when initiated from a web browser with a non-default ISL Conference Proxy server in ISL Light. The functionality has been redesigned, and the issue is resolved.

File storage access issue on Android 11+ devices

On Android 11+ devices, users could not download files from the Files tab due to outdated permission handling. The app now checks the device’s Android version, requesting permissions on Android 10 and lower, while allowing direct downloads on Android 11+ without additional permissions.

Incorrect black screen button state

The black screen button did not update when the remote user ended the black screen. This functionality has been corrected, and the button state now reliably reverts to ‘Enable Black Screen’ as expected.

Note: ISL Light Integration 1.0 for Freshdesk by Freshworks is available only for Cloud licenses. This integration is not supported for Server license or Managed Private Cloud license.

​​​​​​​The official ISL Light Integration 1.0 for Freshdesk by Freshworks is now available. This integration enables users to initiate and oversee remote desktop sessions within the Freshdesk ticketing interface.

Open Freshworks Marketplace

Freshdesk portal > Ticket > Start New Session > Invite via Email

New Features

OAuth2 login

Freshdesk integration now supports ICP’s OAuth2 authorization, eliminating the need for users to input ISL Online credentials directly into Freshdesk. This also allows users to have 2FA enabled on their ISL Online accounts still use them to authorize Freshdesk integration (not possible with utils/login/1).

Start ISL Light session from Freshdesk

Agents can start an ISL Light session directly from Freshdesk.

Session details

Each ISL Light session is automatically populated with:

• infoSessionName: Freshdesk ticket ID
• infoClientEmail: Client’s email from Freshdesk

This data provides immediate session context without additional input.

Session invitation via Freshdesk

Freshdesk’s communication system can now be used to invite clients to ISL Light sessions. The invite message body is generated by calling isllight/session/email/2.

Session status

ISL Light session states (e.g., waiting for client, active, paused, ended) are visible from within Freshdesk, with a 10-second refresh interval.

End session from Freshdesk

Agents can now end ISL Light sessions directly from Freshdesk. Upon ending, session information is posted back to Freshdesk, providing a log of the session details.

Instructions

1. Log in to your Freshdesk portal.
2. Open the “Admin” tab.
3. Open “Apps”.
4. Locate “ISL Light” app and click “Install”.
5. Now, you can view your “ISL Light” widget right below the ticket sidebar in the ticket details page.
6. Click “Authorize” button and login to your ISL Online account to authorize the app.
7. Click “Start New Session” to generate a session code.
8. Share the code or send an email invitation to your customer.
9. Once the customer runs ISL Light Client on their side you’ll start to provide remote desktop assistance.

Find out more about our Freshdesk Integration and explore the full capabilities of ISL Online. For further assistance, read the documentation below or contact us via our Live Chat.

Install Freshdesk integration

Video Tutorial

ISL Light Client 4.4.2332.59 for Windows provides new features and some bug fixes.

New Features

Support for sending the results of the “Start of Session” and “Start of Dialog” dialog

The application now supports sending the results of the “Start of Session” and “Start of Dialog” dialog. To ensure these reports are sent to the ISL Conference Proxy, the dialog must contain the “result” attribute.

Hefa watchdog functionality updates

• Main Thread ID Switch: The new functionality now allows the main thread ID to be switched to the ID of the current thread. This adjustment is crucial for correctly associating the main thread when watchdog crash dumps are generated.
• Timing Adjustment for Main Thread Checks: The initial check of the main thread was previously set to occur after 60 seconds. This has been corrected to happen after 90 seconds.
• Timeout Extensions: Both the scheduler and watchdog timeouts have been extended from 90 seconds to 120 seconds. This increase aims to provide more leeway in processing before a timeout condition is triggered.
• Default Timeouts Update: Similarly, the default timeout settings have been increased from 90 seconds to 120 seconds, enhancing the system’s tolerance to longer task durations before flagging an error.

These changes are designed to improve the robustness and reliability of the watchdog mechanism in handling process monitoring and error detection.

Bug Fixes

Fixed issue with “Stream in best quality” selection

User experienced an issue with reduced desktop sharing performance when connected to an ISL Light Client and having the option to stream in best quality. The issue was that the streaming side chose to stream in “Full Quality (ZRLE codec)” instead of using the “Quality Optimized (ISSC codec)”.

When direct connection functionality was introduced this issue also became apparent. There are two special channels -1 and -2 which are used for program initialization, status and reliability messages. The special channels should have priority when sent over the network, however due to an issue they were not prioritized.

When desktop streaming is initialized it sends its init messages to remove side on channel -1 and when remote side received init messages it starts desktop streaming on desktop channel. This caused an issue because desktop stream was sent to other side before all desktop init messages were received, causing to start streaming with incorrectly selected codec.

The issue was fixed.

“Start of Dialog” window is often displayed behind other windows

In certain cases, the “Start of Dialog” window, which appears when launching the executable, was displayed behind the main window. The creation process for the “Start of Dialog” dialog has been updated, and the window now includes a “topmost” flag, ensuring it is displayed above other windows.

Other fixes & improvements

Bug fixes, security updates and other improvements.

ISL Light 4.4.2332.207 for Desktop and ISL Light Client 4.4.2332.46 for Linux and macOS provide bug fixes.

Bug Fixes

End of session dialog is not displayed in case of ISL AlwaysOn session

In the previous version, users with the end of session dialog enabled did not get the dialog on the operator side when connecting to an unattended computer (ISL AlwaysOn session). The end of session dialog functionality has been redesigned, and the dialog will now be displayed on the operator side, even when connecting to unattended computers.

Other fixes & improvements

Bug fixes and other improvements.

ISL Light 4.4.2332.204 for Desktop and ISL Light Client 4.4.2332.45 for Linux and macOS provide new features and bug fixes.

New Features

Support for monitor selection using keyboard shortcuts

ISL Light has added support for monitor shortcuts on Windows, allowing users to switch between monitors more efficiently using two types of shortcuts:

• Move to next, previous or all monitors: Users can navigate between adjacent monitors or view all monitors using the default shortcut, Right Ctrl + Arrow keys. These keys can be customized to suit individual preferences and this feature is enabled by default.
• Direct monitor shortcuts (numeric 1-9): This allows users to switch directly to any monitor by pressing Right Ctrl followed by a number key corresponding to the desired monitor. This feature is disabled by default.

Shortcut customization options are available in the settings (Remote Desktop > Monitor Shortcuts).

ISL Light > Settings > Remote Desktop > Monitor Shortcuts

Users have the option to display the selected shortcuts in a window at the beginning of each session, which can be managed in the settings (Remote Desktop > Monitor Shortcuts) as “Show monitor shortcuts window on session start” checkbox.

ISL Light > Monitor Shortcuts dialog

Last active tab memory

In the ISL Light settings (under General – Default Dashboard tab), users previously had the option to choose whether the Sessions tab or Computers tab would be displayed after login. A new option, “Last Active Tab,” has been added. When selected, ISL Light will remember the last tab the user had open and will automatically open that tab after relaunching and logging in.

Support for sending the results of the Start of Session dialog and Start of Dialog

The application now supports sending the results of the Start of Session (SOS) dialog and Start of Dialog (SOD). To ensure these reports are sent to the ISL Conference Proxy, the dialog must include the “result” attribute.

Command line support for URL actions

Support for the open_url command line argument has been added to ISL Light. This argument can be used with the following event types:

• on-load (when the application starts)
• on-connect (when a session is successfully established)
• on-disconnect (when a session ends)

For instance, to open a webpage at the end of a session, the following command line argument should be added to ISL Light:

–on-disconnect “main?open_url=https://www.islonline.com”

Additionally, the open-at-end command line argument has been introduced as a shorthand for the on-disconnect event type.

Manual session join control for ISL Light Client

In the updated version of the ISL Light Client for macOS and Linux, the process to join a session with a prefilled session code has been modified. Previously, entering the session code on the website and launching the executable would automatically connect the user to the session. Now, users must manually click the “Join” button to initiate the connection after starting the executable. This change was made to enhance user control during session initiation.

Bug Fixes

Fixed window resizing issue with pop-up dialogs on macOS

In previous versions of ISL Light on macOS, certain pop-up dialogs caused full-screen or maximized windows to resize to a smaller size. The handling of pop-up windows has been redesigned, and the main window should now remain at its original size when a dialog appears.

Resolved desktop shortcut creation issue on localized linux systems

Linux users with a localized setup had an issue where the Desktop location was not at /home/username/Desktop, as the “Desktop” folder name was localized to the selected language during installation. This caused problems when creating a desktop shortcut for an unattended computer. The method for locating the user’s desktop folder has been redesigned to query the Linux system for the correct Desktop location instead of assuming the default. As a result, desktop shortcuts should now be correctly created on localized Linux systems.

Improved memory handling to prevent crashes in high session loads

In some cases, the ISL Light application could crash due to excessive RAM usage when handling a large number of sessions, exceeding the memory limits of a 32-bit process. To address this, the /LARGEADDRESSAWARE flag has been added to the ISL Light build, allowing the application to access more RAM than the default 32-bit process limitation. This change should reduce crashes during high usage, such as when connecting to multiple computers simultaneously.

Fixed cursor navigation and border display in end of session dialog

The end of session dialog, which allows users to enter text when a session ends, had an issue where the text cursor could not be moved using the keyboard arrow keys. Additionally, the textbox border was not displayed correctly in certain cases. The end of session dialog has been redesigned to address these issues: the border is now correctly displayed, and users can navigate through the text using the keyboard arrow keys as expected.

Fixed custom icon display for unattended desktop shortcuts on Windows

In previous versions of ISL Light, if users had a custom program icon and created a desktop shortcut for an unattended remote machine, the shortcut would display the default ISL Light icon instead of the custom one (Windows only). The shortcut creation process has been redesigned, and the shortcut will now correctly display the customized icon.

Resolved file transfer loading issue between Linux operator and client machines

Some users experienced an issue where they couldn’t transfer files between a Linux operator’s machine and a client machine. The problem was caused by file transfer failing to load due to unresolved symbols. This issue has been resolved, and file transfer functionality should now work correctly between the two machines.

Ensured consistent display of refresh button in remote desktop sessions

In the previous version of ISL Light, the option to refresh the view of the remote desktop (the button in the center of the bottom bar) was sometimes hidden. The visibility of the refresh button has been redesigned and will now always be shown when a session is established, provided there is enough space in the bottom bar to accommodate it.

Other fixes & improvements

Security updates, bug fixes and other improvements.

ISL Light 4.4.2332.175 for Desktop and ISL Light Client 4.4.2332.32 for Linux and macOS provide bug fixes.

Bug Fixes

Resolved password retrieval

The application’s signing process has been updated so that only the binaries are signed, rather than the entire bundle. This change resolves the password retrieval issue. When initiating password retrieval, macOS users will see a dialog box asking for permission to retrieve the password. It is recommended to select the “Always Allow” option to streamline the process.

Disabled support for gestures

In the previous version of ISL Light, macOS users controlling a remote computer with a touchpad encountered issues due to gesture support. Specifically, touchpad inputs were sometimes mistakenly interpreted as gestures. For instance, attempting a right-click with two fingers could inadvertently cause the remote screen to zoom, leading to mouse offsets and a truncated screen view. To resolve this, gesture support has been removed, ensuring that touchpad use no longer triggers these issues.

Fixed icon on sessions dashboard

Previously, when an operator connected to a remote device, a grey line appeared at the top of the monitor icon. This issue has been resolved, and the icon should now display correctly without any grey line.

Fixed separator selection in the stream quality dropdown

When an operator attempted to connect to a remote ISL AlwaysOn computer, selecting separators in the stream quality dropdown caused unexpected behavior. The dropdowns have been redesigned to prevent separators from being selectable.

Session list showing correct information

Previously, when entering information in the “Invite operator” or “Edit session” dialog, it was not displayed correctly in the session list. The update process has been redesigned to ensure that information is now accurately reflected in the session list.

Improved accessibility features

Various accessibility features were fixed and improved.

Other fixes & improvements

Some other minor bug fixes and improvements.

ISL Light 4.4.2332.169 for Desktop and ISL Light Client 4.4.2332.31 for Linux and macOS provide new features and some bug fixes.

New Features

Optimized Quality is enabled by default

For remote desktop sessions the default color depth is now “Quality Optimized” instead of “Speed Optimized”.

Speed Optimized vs Quality Optimized (Default)

Users can set the default color depth via the “Settings > Remote Desktop” menu. When starting a session, users have the option to set the color depth for that specific session via the “Session Invitation” or “Edit Session” dialog. Additionally, quality settings can be accessed and modified from the main toolbar during the session.

For unattended sessions, the option to choose a quality optimized color depth is now integrated into local settings, allowing users to specify their preferred color depth configuration via “Access Password” dialog.

Virtual background

Users now have the option to modify their video background by applying an image background or blur effect.

Note: Initiate a call first in order to load the settings.

ISL Light > Settings > Talk

When “Blur Background” is specified as a Virtual Background Mode, it will activate the blur functionality. The Virtual background privacy level slider is used to fine-tune the background separation.

When “Use Background Image” is specified, the behavior will be as follows:

• If an image is set as part of a customization, that specified image will be used.
• If an image is set in the registry (indicating user preference from settings), that registry image will be used.
• If no image is set anywhere, the application will fallback to the blur mode.

Increased resolution for video calls

The resolution for video calls in ISL Light is now supported up to 480p (640×480 pixels). This can be changed by right-clicking on the video panel.

ISL Light Client > In Session > Video Call

Create desktop shortcut for a computer

An option to create a desktop shortcut for ISL Light has been added. Running the shortcut will launch ISL Light and attempt to connect to a remote computer by prompting for login credentials, followed by the access password for the specific computer.

To create a desktop shortcut, users need to select a computer and click “Create Shortcut” from the menu. The shortcut will be named after the computer’s alias if set, or its original name if no alias is provided.

ISL Light > Computers > Menu > Create Shortcut

Add server address to instructions

The text labels for the Session Invitation dialog, Set Unattended Access dialog, and Start New Session window have been updated to include the server address (islonline.net or the server address for self-hosted setups) in the usage instructions.

ISL Light > Start New Session > Session Invitation

Updated icons in Session and Computers Dashboard

A mobile icon has been added to the “Sessions” and “Computers” dashboards for easier identification of mobile devices. The large icon indicates the client’s device, and the small icon indicates the operator device.

ISL Light > Sessions

Settings available at program startup

ISL Light settings for “Remote Desktop”, “File Transfer”, “Recording” etc. are now available at program startup. This allows users to modify ISL Light settings prior to creating a session.

Bug Fixes

Remember window position with maximized window

Window coordinates are now only modified when the window is not maximized, ensuring that the window consistently returns to its last known location before it was maximized. This maintains the window’s position and size accurately across different window states.

Session pauses when exiting ISL Light during RDP connection

When the dashboard window is closed while an RDP session is active, the application will now prompt the user to confirm if they want to terminate the session. This prevents the RDP session from being left in a hanging state, and an ISL Light session from being left in a paused state.

Camera not started when video call is initiated

In some cases, when an operator initiated a video call from ISL Light to ISL Light Client (Windows), there was an issue where the camera did not display correctly on the first call. Additionally, the camera button incorrectly indicated an active state even when the camera was not active. The initialization process for video calls to ISL Light Client (Windows) has been redesigned to ensure the camera starts correctly on the first call and that the camera button accurately reflects the camera’s state. This issue has now been resolved.

Computer history chat transcript fix

Computer history now loads the chat transcript correctly and has been updated to match the web version.

Other fixes & improvements

Security updates, bug fixes and other improvements.

ISL Conference Proxy 4.4.2335.124 provides new features and bug fixes.

New Features

OAuth2 authorization: Integration for external services

OAuth2 Authorization is now integrated into ISL Conference Proxy, providing a secure and standardized protocol for enabling integration with external services. This feature allows third-party applications to securely access resources on ISL Conference Proxy without exposing user credentials. In upcoming releases, users can expect full compatibility with popular platforms like Freshdesk and ServiceNow, among others.

A new dashboard in Security > Authorized Apps offers improved control over OAuth2 integrations. It displays a list of OAuth2 authorizations, with an option to revoke each one.

https://[ICP_SERVER_ADDRESS] > Security > Authorized Apps

Here’s an overview of the implementation:

1. User Authorization Request

A new endpoint is opened at https://[ICP_SERVER_ADDRESS]/users/authz/oauth2/grant. This URL requires a valid user session. Upon a GET request, the user is redirected to the login page if they don’t have an active session. Subsequently, the user is presented with a confirmation dialog where they can inspect the access request and then choose to grant or reject access to their account. If the user clicks “Reject Access,” they are redirected to /users/main/logout, which logs them out.

2. User Authorizes Application

If the user clicks “Authorize Access,” a POST request is sent to the same endpoint at https://[ICP_SERVER_ADDRESS]/users/authz/oauth2/grant.

3. Authorization Code Grant

Upon confirming access to their account, an authorization code is prepared by ISL Conference Proxy. The user is then redirected to the pre-registered redirect URI with the prepared authorization code in the URI.

4. Access Token Request

In the subsequent step, the OAuth2 client exchanges the authorization code received in the previous step for an actual access token. For this, another endpoint was opened at https://[ICP_SERVER_ADDRESS]/authz/oauth2/token, which does not require a user session. The authorization code is validated, and if successful, the process continues to the next step.

5. Access Token Grant

A new access token is generated, stored in the database, and ISL Conference Proxy responds with it to the OAuth2 client. The access token is set to expire after one year or after 90 days of not being used.

Additionally, a new table “integrator_oauth2_user_authorizations” was registered, which stores users’ OAuth2 authorizations. The existing integrator table “integrator_jwt_api_access_public_rsa_keys” is expanded with OAuth2 client columns: oauth2_app_description, oauth2_app_homepage_url, oauth2_client_redirect_urls, oauth2_client_secret_hash, and oauth2_require_pkce.

Integration with external cloud Hardware Security Module (HSM) for code signing

ISL Conference Proxy now integrates with external cloud Hardware Security Module (HSM) code signing providers like Google Cloud HSM. This enhancement introduces support for external certificates and keys within the authenticode tools, utilized for code signing Windows executables.

Administrators can configure the following settings in Server Administration:

Use an external certificate and key for Authenticode: when enabled local certificate file, key file and passphrase will not be used
Authenticode tool environment: can be used to set environmental variables for authenticode tool (process)
Authenticode tool arguments: can be used to provide additional command line arguments for authenticode tool
Platform specific lines can be used in environment and arguments setting (“{platform=linux}”).

Example of setup for Google HSM:

New options in “Set Unattended Access” dialog

The “Set Unattended Access” dialog now mirrors the ISL Light program, ensuring a unified experience across platforms.

New options for adding remote computers via “Link” and “Code” have been incorporated. Furthermore, users can specify the computer group, name, and tags when adding a new computer using either the “Email” or “Link” method.

ISL Conference Proxy Web Portal > Computers > Set Unattended Access

Chat notifications in ISL Pronto

ISL Pronto’s web client now supports sound and native notification functionalities, ensuring users are promptly notified about new chat messages when the chat window is minimized.

Customers now have the ability to manage chat notification settings through a new modal, accessible via the “Settings” button in the ISL Pronto web client. Furthermore, an option to enable notifications has been integrated into the web client, providing users with access to notification settings when starting a chat. These settings are stored locally in the user’s browser.

New Server Administration Settings:

• Link to Notification Icon: Customize the notification icon for chat notifications.
• Enable Notifications by Default: This setting enables notifications by default when users enter a chat session. By default, this setting is disabled. Enabling it overrides the user’s preference checkbox when starting a chat.

Regardless of server settings, live chat users can enable/disable notifications by clicking on the “Settings” button in ISL Pronto web client.

ISL Pronto web client > Settings

Option to disable SSL certificate auto-renewal

A new feature now allows users to disable the automatic renewal of SSL managed certificates. This option can be set either during the initial installation of certificates or later via the GUI. By default, certificates retain their automatic renewal functionality, maintaining consistency with previous versions.

Improvements to CSV export formatting

Previously, when exporting reports, CSV fields containing special characters were URL-encoded, resulting in them being displayed incorrectly. Additionally, fields were always enclosed in quotes, trailing delimiters were present, and special characters were not correctly displayed. To address these issues, the CSV export functionality has been redesigned. Now, CSV exports are properly formatted, with fields enclosed in quotes only when necessary. Quotes are escaped, trailing delimiters are removed, and special characters are correctly displayed.

Speed optimizations

We’ve made several improvements to ISL Conference Proxy, focusing on speed enhancements. These optimizations include using cache on product page levels, accessing XPP variables on demand, optimization of legacy logs and deprecating exceptions to speed up error handling. Additionally, we’ve optimized HTTPS connection times by caching SSL context objects and improved DNS request speed by logging failed attempts differently.

Upgrade to OpenSSL 3.0.13

The OpenSSL library has been upgraded to version 3.0.13.

Upgrade to LibXML 2.11.7

Library LibXML2 has been upgraded to version 2.11.7.

Bug Fixes

Add reported direct transferred bytes to total transferred bytes

Bytes transferred by Direct Connection are now added to “totalTransferredBytes” when reported by the client. Before, only data transferred through ISL Conference Proxy was counted and data was inaccurate when direct connection was used. Clients now report the number of transferred bytes since the last report of transfers (30s), a log is also created every time that new number of transferred bytes is received.

Safari JavaScript errors resolved

In the previous version, the Sessions and Computers tabs were not rendered correctly on older versions of the Safari browser due to script errors and incompatibilities. This issue has been addressed, and both affected tabs should now display correctly.

Introduce separate server position cache for use in load balance calls

In previous versions when load balancing a server call on a grid of ISL Conference Proxy servers, server’s location was not used correctly when server had service disabled, which resulted that load balance score was not computed correctly. This was redesigned, server’s location should be correctly retrieved and correct server should now be selected by load balancer.

Custom Deployment Link page fixes

In the previous version, computer groups on the Custom Deployment Link web page were unordered. This has been redesigned, and now groups are ordered alphabetically by name. Additionally, in the previous version, tags in the text area could only be separated with commas. Support for separating them with a new line has been added.

Session History bug fixes

In previous versions, the “Duration” field in ISL AlwaysOn computer session history details would inaccurately grow even after the session had finished. This issue has been resolved, ensuring that the correct value is now returned.

Additionally, the “Location” field has been fixed and will be set to “/” when not available for clients. Previously, it would display as “undefined” in such cases. Missing translations for status have also been added.

Email authorization timer fixes

In the previous version, there were instances where the countdown timer failed to appear when waiting for email authorization in the connection dialog. This issue has been addressed, ensuring that the timer is now consistently displayed as expected.

Email authorization fixes for Android devices

Previously, older clients lacking support for newer protocols faced difficulties initiating remote access when email authorization was set as required. We’ve addressed this by redesigning the system to check session status based on the client’s protocol compatibility. This fix resolves issues affecting Android and older pre-2018 desktop clients, ensuring seamless session initiation.

Other fixes & improvements

Security updates, bug fixes, added missing translations and log improvements. These changes are aimed at improving the stability, security, and performance.

ISL AlwaysOn 4.4.2332.78 provides a bug fix.

Fixed issue with “Stream in best quality” selection

User experienced an issue with reduced desktop sharing performance when connected to an ISL AlwaysOn machine and having the option to stream in best quality. The issue was that the streaming side chose to stream in “Full Quality (ZRLE codec)” instead of using the “Quality Optimized (ISSC codec)”.

When direct connection functionality was introduced this issue also became apparent. There are two special channels -1 and -2 which are used for program initialization, status and reliability messages. The special channels should have priority when sent over the network, however due to an issue they were not prioritized.

When desktop streaming is initialized it sends its init messages to remove side on channel -1 and when remote side received init messages it starts desktop streaming on desktop channel. This caused an issue because desktop stream was sent to other side before all desktop init messages were received, causing to start streaming with incorrectly selected codec.

The issue was fixed.

ISL Light > Computers > Connect to Computer > Connect Options