Knox Guard 25.04 release notes

API support for app blocklist policy

Starting with Knox Guard 25.04, if you have a Knox Guard Advanced license, you can now use the Update the app blocklist API to apply the app blocklist policy on a specific device, or the corresponding Async API to update the app blocklist for multiple devices in bulk.

Prevention of replay attacks with Knox Webhook Notification

To prevent replay attacks in Knox Guard, Knox Webhook Notification 25.04 introduces a new header parameter, x-knox-nonce, in callback POST requests sent to the subscriptions callback endpoint. The x-knox-nonce is a unique identifier that is generated and included in each callback triggered by Knox cloud services subscription events.

Each callback request contains a unique nonce value. The receiving server can validate that the nonce has not been previously used. If the server detects a duplicate nonce, it should reject the request and prevent further processing. If you use the Knox Webhook Notification API for Knox Guard, this security enhancement ensures every callback request is unique and verifiable, mitigating the risk of replay attacks.

For more information, see the Knox Webhook Notification 25.04 release notes.

Learn more about admin features

To learn about features available to admins in this release, see Knox Guard 25.04 release notes in the admin guide.

Back to release notes