Security improvements: Deprecation and end of life (EOL) notices

Contents

April 2021

End of support for Internet Explorer 11

As of September 1, 2021, Skytap will cease active development and support for, and will no longer test for compatibility with, Microsoft Internet Explorer 11. We will still permit connection to Skytap from Internet Explorer 11 browsers but we will not actively correct any rendering errors that occur only in Internet Explorer 11.

We recommend that users switch to a modern browser, such as Google Chrome, Mozilla Firefox, Microsoft Edge, or Apple Safari.

January 2021

Deprecation of old public templates

In March 2021, Skytap will retire public templates of operating systems that are no longer supported or have otherwise reached EOL. If you rely on older public templates, we recommend that you save copies of those templates to your account.

The following public templates will be removed:

  • Advanced Import Appliance on Ubuntu 18.04.1
  • Apache Mesos 0.19.0 - Ubuntu Desktop 14.04 - 64-bit
  • Apache Mesos 0.19.0 Slave - Ubuntu Desktop 14.04 - 64-bit
  • Chef Server v11.3.1 and Workstation - Ubuntu 12.10 and 14.04 - 64-bit
  • Cloud Foundry v2 - Dev Stack
  • Cloudera CDH 5.4 Cluster Node Host
  • Cloudera CDH 5.4 Manager and Workstation
  • Cloudera CDH4 Hadoop Cluster
  • Cloudera CDH4 Hadoop Host
  • Docker 18.06.0-CE on Ubuntu 18.04.1 LTS Desktop 64-bit - Firstboot
  • Docker Machine Template - Ubuntu Server 14.04 - 64-bit
  • GitLab
  • Hortonworks Hadoop Sandbox and Workstation
  • Jenkins v2.121.3 on Ubuntu 16.04.5 LTS Desktop - Firstboot
  • Kubernetes v1.1 - 2-node cluster pre-install - Fedora 23
  • Learning Puppet VM
  • Mesosphere Technology Stack - Ubuntu Desktop 14.04 - 64-bit
  • MongoDB v2.4.8
  • Nginx Web Server - Ubuntu Server 14.04 - 64-bit
  • OpenStack (DevStack) Single VM
  • Rational Team Concert 4.0.5 Trial Environment
  • Ruby on Rails Server and Workstation - Ubuntu Server 14.04 - 64-bit
  • Selenium 2.42.2 Server and IDE
  • Vagrant Box - Ubuntu 12.04.1 LTS Server (64-bit) Linux
  • XAMPP - CentOS 6.4 64 bit
  • Zevenet CE 5.02 Load Balancer

August 2020

Discontinuation notice for the Skytap Command Line Interface (CLI)

The Skytap Command Line Interface (CLI) public template and Ruby GEM are discontinued. We recommend that customers use the terraform provider or our API for automation.

March 2020

Discontinuation notice for TLS 1.1

Skytap support for TLS v1.1 ends on March 31, 2020. To continue connecting to Skytap, you must ensure that your browser security, automation, scripts, and custom applications can support TLS v1.2 or newer.

September 2019

Deprecation notice for TLS 1.1 in SmartRDP

TLS v1.1 for SmartRDP connections are deprecated.

Skytap uses Transport Layer Security (TLS) to secure the SmartRDP connection between your local computer and https://cloud.skytap.com. Support for TLS 1.1 will be discontinued. We recommend that you use TLS 1.2 or newer.

March 2018

Discontinued support for older VPN security protocols

On April 6, 2018, the modp768 encryption method for both Phase 1 Diffie-Hellman (DH) group and Phase 2 PFS group will be removed from the Skytap VPN Settings. After April 6, no new VPNs can be configured to use the modp768 DH group.

On May 4, 2018, VPNs that still use the modp768 DH group will be disabled.

If you have existing VPNs that use the modp768 DH group, you must reconfigure them. We strongly recommend that you use the modp1536 DH group.

Additional VPN changes

Also on May 4, 2018, the modp1024 DH group, the md5 Phase 1 hash algorithm, and the hmac_md5 authentication algorithm will be deprecated. Though it will still be possible to create new VPNs with these protocols, we strongly recommend that you use modp1536 DH group, sha1 hash algorithm, and hmac_sha1 authentication algorithm.

June 2017

Discontinued support for TLS v1.0

Skytap support for TLS v1.0 ends on June 6, 2017. To continue connecting to Skytap, you must ensure that your browser security, automation, scripts, and custom applications can support TLS v1.1 or v1.2. Skytap has created a temporary test domain, cloudtest.skytap.com, that you can use to test connection security.

Browser security

Skytap uses Transport Layer Security (TLS) to secure the connection between your local browser and https://cloud.skytap.com. If you use a recent version of Chrome, Firefox, Safari, Microsoft Edge, or Internet Explorer 11 to access cloud.skytap.com, this change is unlikely to affect you (TLS v1.1 and v1.2 are supported by these browsers by default).

If you or your customers use Microsoft Internet Explorer 9 or 10, you won’t be able to access https://cloud.skytap.com or shared environments after June 6, 2017, unless you do one of the following:

  • Switch to a supported browser. Skytap support for Internet Explorer 10 and older ended earlier this year when Microsoft officially ended support for those browsers.

    or

  • Change the Internet Explorer browser settings to enable support for TLS v1.1 and v1.2:

    1. In Internet Explorer 9 or Internet Explorer 10, navigate to Tools > Internet Options > Advanced.
    2. Check the boxes for Use TLS 1.1 and Use TLS 1.2.

    For more detailed information, see the Microsoft Developer blog post about TLS support for Internet Explorer.

Skytap-supported browsers (Chrome, Firefox, Safari, Microsoft Edge, or Internet Explorer 11) are not affected by this upgrade. TLS v1.1 and v1.2 are supported on these browsers by default.

Automation, scripting, and custom application security

If you use automation, scripting, or custom applications to interact with https://cloud.skytap.com, make sure your tooling supports TLS v1.1 or v1.2, and that it can negotiate a TLS handshake without 3DES ciphers. For example, Python v2.7.8 and older are not compatible with TLS v1.1 encryption.

In PowerShell scripts, add [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls12 to enable TLS v1.2 for your session.

Testing the secure connection to Skytap

Skytap has created a new temporary domain, cloudtest.skytap.com, that is already configured with the new TLS profile. We strongly recommend that you test your browser, scripts, and automation at cloudtest.skytap.com, which uses the same live production resources as https://cloud.skytap.com. Note that any changes you make on cloudtest.skytap.com will also appear on https://cloud.skytap.com.

The temporary domain, cloudtest.skytap.com, will be retired on June 6, 2017, when https://cloud.skytap.com is fully updated to use the new TLS profile.

Legacy TLS connections to Skytap

Skytap will add a second temporary domain, legacy.skytap.com, to provide temporary support for legacy TLS v1.0. This domain will become available on June 1, 2017 and will be retired on July 5, 2017, 30 days after cloud.skytap.com is fully updated to use the new TLS profile.

September 2016

Discontinued support for the SmartClient Java applet

June 2016

The following changes occurred due to phased out support for TLS v1.0.

Discontinued support for select macOS (Mac OS X) Remote Desktop clients

  • Support for Microsoft Remote Desktop Connection Client for Mac is discontinued.
  • Additionally, macOS users can no longer access VMs over SmartRDP using Microsoft Remote Desktop, version 8.0.0 or older.

Use Microsoft Remote Desktop, version 8.0.0 or newer.

Discontinued support for TLS v1.0 in older Microsoft Remote Desktop Connection Clients (Windows 7 and Windows Server 2008 R2)

March 2016

Discontinued support for Internet Explorer 9 and Internet Explorer 10

  • Microsoft has ended support for Internet Explorer 9 and Internet Explorer 10. Skytap will no longer test these browsers or fix bugs related to them.