1:1 outbound NAT for IPSec connectors expands deployment flexibility for more complex network environments. Global Status accuracy improvements make outage conditions easier to trust at a glance, and Global Alert Settings provide a centralized way to manage alerting behavior across environments. Admins also gain per-agent release channel overrides, plus bug fixes that improve responsiveness and reporting clarity.

What’s New

• IPSec connectors now support 1:1 outbound NAT, enabling more predictable source mapping for customer environments that require outbound address translation.
• Global Alert Settings add a centralized way to configure alerting behavior across your environment, improving consistency for operational notifications.
• Per-agent release channel overrides allow admins to assign a specific release channel to an individual agent when targeted testing or staged rollouts are needed.
• Global Status data quality improvements better align Global Status page results with real-time outage conditions, improving confidence in what the page reports.
• Bridge assignment views now respond more reliably, improving usability when reviewing or updating assignments.
• Device posture check failure summaries now display clearer failure reasons in reporting, improving troubleshooting and audit readiness.

Why You’ll Love It

Expanded NAT options reduce networking workarounds when deploying IPSec in environments that need strict outbound mapping. Centralized alert settings and improved Global Status accuracy make it easier to monitor service health and respond quickly when issues occur. Release channel overrides support more controlled rollouts, and the UI and reporting fixes reduce time spent waiting on pages to load or digging for the real reason a device failed posture requirements.

How to Access It

• 1:1 outbound NAT for IPSec connectors, Global Alert Settings, Global Status improvements, and per-agent release channel overrides are available now.
• The bridge assignment responsiveness and reporting failure summary fixes are included in this release.

This release focuses on improving reliability across UCaaS mobile and desktop experiences and delivering clearer, faster access to Insights reporting data. 

What’s New

• Mobile app reliability improvements across iOS and Android.
• Call Detail Reports now include the Answered Resource field in CSV exports, which clearly identifies who answered each call, alleviating the need to review individual call records. 
• Insights search performance has been optimized, resulting in faster phone number lookups and eliminating timeouts.
• Resolved a bug where parked call retrieval on UCaaS Desktop did not work as expected. 
• Resolved an iOS issue where calls failed after uninstalling and reinstalling the mobile app.
• Resolved authentication issues that caused contact synchronization errors for some users.

How to Access It

Most improvements are live now with no action required.

• Mobile users should update to the latest app versions: iOS version 26.1.1 or later and Android version 26.1.2 or later.
• Desktop users should update to version 26.4.1. 

Executive Summary reporting adds a clean, non-technical export for client QBRs, with scorecards and an action plan that are easy to share. Astra (the helpful AI agent within Telivy) now provides environment-specific remediation guidance for Critical and High severity findings, and MSPs can manage beta feature access without submitting requests. Compliance coverage also expands with NIST 800-171(a) guidance data for Tentacle ingestion, along with fixes that improve accuracy across the Compliance experience.

What’s New

• Executive Summary reports provide a 2-page, client-friendly export with scorecards and action plans for QBRs and executive readouts.
• Self-Serve Early Access Features lets MSPs manage beta feature access directly in Telivy, reducing back-and-forth for enablement changes.
• Environment-specific remediation guidance is now available through Astra (the helpful AI agent within Telivy) for Critical and High-severity findings. (Early Access).
• Clickable scorecards enable one-click filtering of issues by status, speeding up the transition from summary to triage.
• AI Insights Summary generation is faster, and Astra insights can now be exported to PDF or DOCX, or added directly to Reports.
• NIST 800-171(a) guidance data is now available for Tentacle ingestion, expanding compliance coverage and reporting alignment.
• Compliance tab mapping and display fixes improve accuracy and readability across compliance views.
• CIS 5.1 mapping was added for Shared Mailbox scenarios to improve compliance reporting coverage.
• Google Workspace integration improvements and OS normalization for CVE matching improve data quality across findings and compliance workflows.
• Account image uploads no longer fail in common scenarios, improving account management reliability.
• Findings table pagination is now more consistent, reducing navigation issues when reviewing large result sets.
• Bulk export of external scans as CSV is now more reliable, simplifying data sharing and offline review.

Why You’ll Love It

Executive Summary reports make it easier to deliver client-ready updates without rewriting technical findings, while faster AI Insights and export options help teams package recommendations for follow-up. Self-serve Early Access management reduces delays when enabling beta capabilities, and Astra guidance helps analysts move from detection to action with recommendations tailored to the environment. Compliance enhancements improve coverage and accuracy, reducing time spent validating mappings and explaining results.

How to Access It

• Executive Summary reports, clickable scorecards, faster AI Insights, and export options are available now in Telivy.
• Self-Serve Early Access Features are available from the Early Access Features section.
• Astra remediation guidance is available for Critical and High-severity findings. (Early Access).
• NIST 800-171(a) guidance data is available for Tentacle ingestion, and compliance mapping fixes are live now.

Advanced IPSec connector options add the flexibility needed for more complex network designs, including broader Phase 2 selector support and configurable NAT mappings. The macOS agent also adds macOS Tahoe device posture check support, along with usability and analytics improvements for a more consistent day-to-day experience.

What’s New

• IPSec connectors now support custom local subnet input for NAT scenarios, improving flexibility for non-standard internal networks.
• IPSec connectors now support a 0.0.0.0 Phase 2 selector, making it easier to deploy in environments that require broader selector definitions.
• IPSec connectors now support bidirectional NAT mappings to better accommodate routed and policy-based IPSec configurations.
• The macOS agent now supports macOS Tahoe device posture checks, improving compatibility with newer macOS environments.
• Analytics reliability and maintainability improvements reduce noise and improve overall telemetry consistency.
• The macOS agent now keeps the app window positioned correctly across multi-monitor setups.

Why You’ll Love It

More flexible IPSec NAT and Phase 2 selector options reduce deployment friction in complex customer environments and help avoid one-off configurations. macOS updates keep device posture checks current with the latest OS releases, while improved multi-monitor behavior makes the agent easier to use for people who regularly switch between displays. Reliability improvements to analytics also help teams trust what they see when reviewing device and connection signals.

How to Access It

• Advanced IPSec NAT configuration is available now for IPSec connectors.
• macOS Tahoe device posture check support and the multi-monitor window behavior improvement are available in the latest macOS agent build.

Insights reporting is easier to export and faster to search, especially for phone number lookups, with an updated CSV that includes more complete call details. Bug fixes also improve mobile stability across iOS and Android and address Desktop park call behavior so retrieval works as expected.

What’s New

• Call Detail Report CSV exports now include an Answered Resource column, reducing manual click-through when exporting complete call data.
• Insights general search performs better for phone number lookups, reducing timeouts and improving search speed.
• iOS calling no longer breaks after an uninstall and reinstall in common scenarios, improving calling reliability for reinstall workflows.
• Android stability improvements reduce crashes across key app areas, including contacts, connection handling, and screen lifecycle behavior.
• Mobile contact sync authentication is more reliable, improving consistency during sync and refresh events.
• Desktop now supports park call retrieval as expected, fixing an issue that prevented the retrieve action from appearing in common scenarios.

How to Access It

• Insights export and search improvements are available now in Insights.
• Mobile stability improvements and bug fixes are available now in UCaaS.
• Park call retrieval is available in the latest Desktop experience.

Advanced NAT options for IPSec connectors make it easier to support complex customer networking requirements without one-off configurations. Device Posture Check (DPC) now supports macOS Tahoe, and the macOS agent window placement update improves usability for multi-monitor setups.

What’s New

• IPSec connectors now support bidirectional NAT mappings, expanding flexibility for routed and policy-based network designs.
• IPSec connectors now support 0.0.0.0 in Phase 2 configuration, simplifying deployments that require broader selector definitions.
• IPSec connectors now allow custom local subnet input, improving support for environments that do not use standard local subnet defaults.
• Device Posture Check (DPC) now supports macOS Tahoe (macOS 15), improving compatibility for customers on newer macOS versions.
• The macOS agent now opens on the monitor nearest the user’s cursor, rather than always defaulting to the primary display.

Why You’ll Love It

Advanced IPSec NAT options reduce deployment friction in complex customer environments and help avoid special-case configurations when NAT mappings, selectors, or non-standard subnets are required. macOS updates keep posture checks up to date with the latest OS releases, and improved window behavior makes day-to-day use smoother for people working across multiple displays.

How to Access It

• Advanced NAT configuration is available now for IPSec connectors.
• macOS Tahoe DPC support and the multi-monitor window placement improvement are available in the latest macOS agent build.

This release delivers new Desktop and PBX capabilities that reduce admin overhead and speed up everyday workflows, including smarter contact exports and role-based access to the Call Center experience. Media Hub, AI Call Intelligence in Desktop, and automated AI processing for recorded calls are now available for Early Access, making it easier to manage PBX audio in one place and review AI-generated transcripts, summaries, and classifications directly in Desktop. Reliability updates across Desktop, queue reporting, and Android also improve consistency in calling and analytics.

What’s New

• Contact exports in Desktop now allow users to choose which contact types to export, including manually created contacts, Microsoft 365 contacts, and internal extensions.
• Call Center tab visibility can now be hidden per user in Desktop using a setting in PBX extension advanced settings, and changes take effect immediately.
• Centralized PBX audio management is now available through Media Hub, including downloads, visibility into where files are used, and the ability to reuse existing audio when configuring resources. (Early Access)
• AI call transcripts, summaries, classifications, action items, and sentiment are now available directly in Desktop call history through the View Call details modal when call recording is enabled. (Early Access)
• Automatic AI processing for recorded calls can now be configured to run transcription, summarization, and classification without manual steps after calls. (Early Access)
• Call routing dropdowns no longer include the obsolete Phone resource type, while existing routes that use it will still display it until they are updated.
• Long call transcripts and summaries in the new call details view now support scrolling for better readability.
• Queue and reporting now reflect agent name updates without requiring relogging in common scenarios.
• Agent Event Report no longer shows deleted queues with blank names or extra separators, improving report clarity.
• Clearing a Marketplace search filter in Desktop no longer redirects users to the Voice page, improving navigation consistency.
• Android call history taps no longer dial the wrong contact due to UI state issues.
• Android analytics no longer records duplicate ringing events for the same call, improving reporting accuracy.
• Android now captures Answered Elsewhere events, so calls answered on desk phones no longer appear to disappear.
• Android call events now include additional metadata, such as call ID and caller or recipient details, to improve troubleshooting.
• Android Bluetooth switching is more reliable when multiple devices are connected, such as a headset and smartwatch.

Why You’ll Love It

Admins can tailor the Desktop experience by role and export only the contact data they actually need, cutting down on cleanup and confusion. Media Hub reduces duplicate uploads and makes it easier to keep on-hold and greeting audio consistent across the PBX, while call intelligence in Desktop keeps post-call review in one place, and automated AI processing helps generate insights without extra effort. Updates to call routing, call details readability, reporting accuracy, and Android calling improve day-to-day reliability and reduce support friction.

How to Access It

• Contact export improvements and Call Center tab visibility are available with the latest Desktop release.
• Media Hub is available in PBX Account settings when Early Access is enabled.
• AI Call Intelligence in Desktop is available with Early Access enrollment, with call recording enabled, and can be used by selecting View Call from the call history.
• Automated AI call processing can be configured by admins with Customer: Admin role or higher in WSAPI, and transcription is enabled by default when automation is turned on.
• Learn more: https://help.cytracom.com/hc/en-us/articles/42612756796685-AI-Powered-Call-Intelligence-for-Desktop
• Learn more: https://help.cytracom.com/hc/en-us/articles/42612942964749-Enable-Automated-AI-Call-Processing

Device Health v1 adds historical, device-level scan status so teams can spot failures and trends without losing the full scan run. The Issues Table now includes richer investigation details for typosquatting, browser password risks, and vulnerabilities, reducing context switching during triage. Normalized risk scoring is also available in Early Access, providing fairer scoring across different environment sizes and showing progress as remediation improves over time.

What’s New

• Device Health v1 adds scan events and device-level status history, making it easier to see which devices succeeded or failed during a scan and review performance across runs.
• The Issues Table now includes additional investigation context, including domain intelligence for typosquatting findings, password details, and reuse counts for browser password risk findings, and a unified Vulnerabilities by Asset view across application, OS, and network sources.
• Normalized risk scoring now calculates per-category scores using device, user, and domain counts plus expected maximums, improving score consistency across different customer sizes. Continuous positive credit also reflects partial remediation progress over time, so scores improve as issues are reduced, even before everything is fully closed. (Early Access).
• Risk dashboards now show a simplified Open count with visual indicators for new and regressed issues, and risk cards were reorganized to consistently present High, Medium, and Low with consistent color coding.
• AI Insights now shows when summaries were last generated and includes fixes to AI suggestions, improving clarity and confidence in what you are reviewing.
• Tentacle integration updates include disabled email notifications for Tentacle assessments generated by Telivy, corrected assessment auto-close dates, mandatory multi-factor authentication for Tentacle production accounts, and fixes to role-based access issues affecting legacy Tentacle users.

Why You’ll Love It

Device Health makes scanning easier to troubleshoot by showing which devices failed and when, while keeping the rest of the scan run moving. The richer Issues Table reduces back-and-forth during investigation by surfacing the details needed to assess typosquatting, password risk, and vulnerabilities in fewer clicks. Normalized scoring makes risk trends more comparable across customers of different sizes, and continuous positive credit helps demonstrate momentum by reflecting measurable improvement as remediation work progresses. Dashboard and AI refinements improve day-to-day readability, while Tentacle changes strengthen consistency and account hygiene.

How to Access It

• Device Health v1 and Issues Table enrichment are live now in Telivy.
• Normalized risk scoring with continuous positive credit is available to accounts enrolled in Early Access.

See it in action

• Device Health v1 Demo

Policy-based routing now supports fully qualified domain names (FQDNs), making it easier to route traffic based on the destinations customers actually use. Device Posture Check (DPC) presets and global policy templates help standardize posture and agent settings across customers, endpoints, and zones without repetitive setup. Additional reliability updates improve licensing defaults, platform resiliency, reporting accuracy, and agent connectivity.

What’s New

• Policy-based routing now supports full FQDN matching for bridges and agents, expanding routing flexibility without relying on static IP lists.
• DPC presets are now available, making it faster to apply standardized posture policies without manual, per-policy setup.
• DPC templates now support global, reusable posture policy templates that can be created once and applied across customers, endpoints, and zones.
• Agent Control Policy templates now support global, reusable agent settings that can be created once and applied across customers and endpoints.
• Onboarding now disables auto-license assignment by default, reducing friction during initial setup.
• The platform now recovers more reliably from bridge tunnel configuration inconsistencies, reducing provisioning risk during drains and migrations.
• DNS static records now support underscores, improving compatibility with common naming patterns.
• Agent status indicators now display consistently across portal pages, reducing confusion during troubleshooting.
• Reporting exports now align blocked versus allowed status correctly for security information and event management (SIEM) workflows.
• Reporting now consistently displays blocked events with the correct red indicator.
• Authentication sessions are now more reliable by preventing cases where users appear signed in but cannot reconnect due to expired refresh tokens.
• Windows agents now block IPv6 traffic while connected, preventing IPv6 bypass scenarios.

Why You’ll Love It

FQDN-based routing reduces maintenance overhead by allowing policies to follow real-world destinations rather than shifting IP ranges. Presets and global templates help teams quickly standardize posture requirements and agent settings across many customers, improving consistency without repetitive configuration work. The stability and reporting fixes reduce troubleshooting time, improve confidence in enforcement and reporting signals, and remove common friction points in onboarding and daily operations.

How to Access It

• Policy-based routing with FQDN support is available now. Learn more: https://help.cytracom.com/hc/en-us/articles/35438291924493-ControlOne-Policy-Based-Routing
• DPC templates and Agent Control Policy templates are available now. Learn more: https://help.cytracom.com/hc/en-us/articles/42436217059469-ControlOne-Global-Policies-Overview-Configuration-Guide
• DPC presets are available now. Learn more: https://help.cytracom.com/hc/en-us/articles/42232146859149-Cytracom-ControlOne-Configure-DPC-process-presets-in-Device-Posture-Policies

Android users will experience more consistent call behavior, especially when receiving calls on locked devices. Unified Contacts Early Access continues to improve with updates that keep names and details aligned across desktop and mobile. Additional fixes strengthen daily reliability for calling, and contacts.

What’s New

• Contact updates now appear on mobile as soon as changes are made on another device so caller names and details stay current
• Edits to contacts on desktop or mobile now stay in sync across devices within a few seconds
• Android devices now ring consistently for the full duration of an incoming call even when the screen is locked
• Calls that are declined no longer show as active when the phone is unlocked

How to Access It

These updates are rolling out now.

• Unified Contacts enhancements are available through Early Access
• Android calling improvements are included in Android version 24.50.8+111