Security improvements: Deprecation and end of life (EOL) notices

Contents

September 2021

Deprecation of SmartRDP

As of October 1, 2021, SmartRDP connections to Skytap VMs will function but will not be supported.

After February 1, 2022, SmartRDP connections will no longer be available.

Direct RDP connections and SRA connections that use RDP (to enable audio) will still be supported for Windows VMs.

Removal of old VPN ciphers

As of July 30, 2021, the modp1024, md5, 3des, and hmac_md5 algorithms are no longer available for Skytap VPN settings.

VPNs that use any of these discontinued algorithms are no longer in compliance with Skytap security requirements.

If you have non-compliant VPNs, you must reconfigure them before October 31, 2021, or they will be shut down.

July 2021

Discontinuation of old VPN ciphers

As of July 30, 2021, the modp1024, md5, 3des, and hmac_md5 algorithms are no longer available for Skytap VPN settings.

If you have existing VPNs that use any of these discontinued algorithms, you must reconfigure them.

End of support for unsecured FTP access for shared drive and VM imports

As of September 1, 2021, Skytap, permits only SFTP access for shared drive and VM imports. Unsecured FTP access is disabled.

April 2021

End of support for Internet Explorer 11

As of September 1, 2021, Skytap ceased development, compatibility testing, and support for Microsoft Internet Explorer 11. Connections to Skytap from Internet Explorer 11 browsers are still permitted but Skytap won’t actively correct any rendering errors that occur only in Internet Explorer 11.

We recommend that users switch to a modern browser, such as Google Chrome, Mozilla Firefox, Microsoft Edge, or Apple Safari.

January 2021

Removal of old public templates

In March 2021, Skytap retired the public templates of operating systems that are no longer supported or have otherwise reached EOL.

The following public templates were removed:

  • Advanced Import Appliance on Ubuntu 18.04.1
  • Apache Mesos 0.19.0 - Ubuntu Desktop 14.04 - 64-bit
  • Apache Mesos 0.19.0 Slave - Ubuntu Desktop 14.04 - 64-bit
  • Chef Server v11.3.1 and Workstation - Ubuntu 12.10 and 14.04 - 64-bit
  • Cloud Foundry v2 - Dev Stack
  • Cloudera CDH 5.4 Cluster Node Host
  • Cloudera CDH 5.4 Manager and Workstation
  • Cloudera CDH4 Hadoop Cluster
  • Cloudera CDH4 Hadoop Host
  • Docker 18.06.0-CE on Ubuntu 18.04.1 LTS Desktop 64-bit - Firstboot
  • Docker Machine Template - Ubuntu Server 14.04 - 64-bit
  • GitLab
  • Hortonworks Hadoop Sandbox and Workstation
  • Jenkins v2.121.3 on Ubuntu 16.04.5 LTS Desktop - Firstboot
  • Kubernetes v1.1 - 2-node cluster pre-install - Fedora 23
  • Learning Puppet VM
  • Mesosphere Technology Stack - Ubuntu Desktop 14.04 - 64-bit
  • MongoDB v2.4.8
  • Nginx Web Server - Ubuntu Server 14.04 - 64-bit
  • OpenStack (DevStack) Single VM
  • Rational Team Concert 4.0.5 Trial Environment
  • Ruby on Rails Server and Workstation - Ubuntu Server 14.04 - 64-bit
  • Selenium 2.42.2 Server and IDE
  • Vagrant Box - Ubuntu 12.04.1 LTS Server (64-bit) Linux
  • XAMPP - CentOS 6.4 64 bit
  • Zevenet CE 5.02 Load Balancer

August 2020

Discontinuation notice for the Skytap Command Line Interface (CLI)

The Skytap Command Line Interface (CLI) public template and Ruby GEM are discontinued. We recommend that customers use the terraform provider or our API for automation.

March 2020

Discontinuation notice for TLS 1.1

Skytap support for TLS v1.1 ends on March 31, 2020. To continue connecting to Skytap, you must ensure that your browser security, automation, scripts, and custom applications can support TLS v1.2 or newer.

September 2019

Discontinuation notice for TLS 1.1 in SmartRDP

TLS v1.1 for SmartRDP connections has been discontinued.

Skytap uses Transport Layer Security (TLS) to secure the SmartRDP connection between your local computer and https://cloud.skytap.com. Support for TLS 1.1 has been discontinued. You must use TLS 1.2 or newer.

March 2018

Discontinued support for older VPN security protocols

On April 6, 2018, the modp768 encryption method for both Phase 1 Diffie-Hellman (DH) group and Phase 2 PFS group were removed from the Skytap VPN Settings. No new VPNs can be configured to use the modp768 DH group.

If you have existing VPNs that use the modp768 DH group, you must reconfigure them. We strongly recommend that you use the modp2048 (14) DH group.

Additional VPN changes

Also on May 4, 2018, support for the modp1024 DH group, the md5 Phase 1 hash algorithm, and the hmac_md5 authentication algorithm was discontinued.

June 2017

Discontinued support for TLS v1.0

Skytap support for TLS v1.0 ended on June 6, 2017. To continue connecting to Skytap, you must ensure that your browser security, automation, scripts, and custom applications can support v1.2.

Browser security

Skytap uses Transport Layer Security (TLS) to secure the connection between your local browser and https://cloud.skytap.com.

Skytap-supported browsers (Chrome, Firefox, Safari, Microsoft Edge, or Internet Explorer 11) aren’t affected by this upgrade. TLS v1.2 is supported on these browsers by default.

Automation, scripting, and custom application security

If you use automation, scripting, or custom applications to interact with https://cloud.skytap.com, make sure your tooling supports TLS v1.2, and that it can negotiate a TLS handshake without 3DES ciphers. For example, Python v2.7.8 and older aren’t compatible with TLS v1.2 encryption.

In PowerShell scripts, add [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls12 to enable TLS v1.2 for your session.

September 2016

Discontinued support for the SmartClient Java applet

June 2016

The following changes occurred due to phased out support for TLS v1.0.

Discontinued support for select macOS (Mac OS X) Remote Desktop clients

  • Support for Microsoft Remote Desktop Connection Client for Mac is discontinued.
  • Additionally, macOS users can no longer access VMs over SmartRDP using Microsoft Remote Desktop, version 8.0.0 or older.

Use Microsoft Remote Desktop, version 8.0.0 or newer.

Discontinued support for TLS v1.0 in older Microsoft Remote Desktop Connection Clients (Windows 7 and Windows Server 2008 R2)

March 2016

Discontinued support for Internet Explorer 9 and Internet Explorer 10

  • Microsoft has ended support for Internet Explorer 9 and Internet Explorer 10. Skytap no longer tests these browsers or fixes bugs related to them.