Product Roadmap

See what features and improvements we’re planning for ISL Online.

Delivered

Block Remote Input

Adds an option to disable remote input, giving the operator full control of mouse and keyboard during a session.

ISL Light Client (Windows)

Transition of ISL Light Client on Windows to the new codebase, aligning it with the ISL Light Client on macOS, Linux, and with ISL Light.

2FA improvements

Account owners and domain admins will be able to reset 2FA for users. The users panel will also display active 2FA methods.

In progress

Generic Clipboard

Extend clipboard functionality in ISL Light to support generic clipboard data, including files and folders, not just plain text.

Shortcuts for “Ctrl+Alt+Del” and Paste Typing

Provide users with new built-in keyboard shortcuts: Right Ctrl + Alt + End for Send Ctrl + Alt + Delete, and Right Ctrl + Shift + V for Paste Typing (simulate keystrokes).

Customization

Initial branding and interface customization options, allowing organizations to adjust the appearance of ISL Online.

Next

Persistent Login

Keeps users signed in across sessions to streamline access and reduce login repetition.

Device Lookup

Features to lookup for a device, such as advanced search, flexible filters, sortable columns, pagination, and bulk actions for improved management and navigation.

Launch installed app from browser

Introduce deep linking via ISL Light schema to enable launching the installed ISL Light application directly from the browser, instead of downloading a new executable.

July 2026link

ISL Conference Proxy 5.0.2617.45 ISL Conference Proxy 5.0.2617.45 link

🚀 New Features

Reset User 2FA and management improvements

Administrators now have more control and visibility when managing user authentication.

Reset 2FA for individual users
Domain admins can reset 2FA directly from the user details page, user list sidebar, or the 2FA Status section. This is useful when users lose access to their device or need to reconfigure authentication.

  • The user’s existing 2FA setup is removed
  • A notification email is sent automatically
  • An audit log entry is created

Web Portal >Administration > Users > Reset 2FA

Improved 2FA visibility in user management

  • 2FA status is now displayed in the sidebar for newly created users
  • User exports include detailed 2FA information, including status and enrolled methods (Phone, Email, TOTP, Passkey)

These updates make it easier to audit coverage and quickly identify users who are not yet protected.

Web Portal >Administration > Users > Columns (2FA, 2FA Email, 2FA Phone…)

Control 2FA methods

Administrators can now define which authentication methods users are allowed to register:

  • Authenticator apps (TOTP)
  • Passkeys
  • Phone numbers
  • Email

Web Portal >Administration > Settings > Security > Two-factor Authentication Methods

Disabling a method:

  • Prevents new registrations
  • Does not remove already registered devices

To fully remove a method already in use, disable it first and then reset 2FA for affected users.

2FA enforcement and fallback protection

We’ve strengthened how 2FA is enforced and added a fallback protection layer for accounts without 2FA.

Please note: A valid email address must be configured for the user, otherwise login cannot be completed.

Enforce 2FA
When Require 2FA is enabled:

  • Users must enroll in at least one 2FA method before login completes
  • The Turn OFF 2FA button is disabled for affected users
  • Users can still manage their existing methods

Email verification for non-2FA users
A new server/domain/user level setting, “Require email verification (non-2FA configured)”, adds protection for users who do not yet have 2FA.

When enabled:

  • Users without 2FA receive a one-time code at login
  • No setup or additional app is required
  • Once users enroll in 2FA, this step is no longer used

This ensures all accounts have at least a second layer of protection.

Audit 2FA

Audit logs

  • New audit events track 2FA email lockout scenarios
  • 2FA reset actions are fully logged for traceability’

Web Portal >Administration > Settings > Security > Two-factor Authentication Methods

Tag Manager

A new Tag Manager page was added where users can view and manage all their computer tags in one place. Tags are listed with columns showing whether each tag is in use or unused, making it easy to identify and clean up stale tags. Tags can be sorted by usage and bulk deleted directly from the list. Removing a tag also removes it from any owned computer connections. Tags from shared computers also appear in the All Tags dropdown.

Web Portal >Computers > All Tags (dropdown) > Manage Tags > Computer Tags

In the All Tags dropdown, search uses full-text matching, so typing any part of a tag name returns results. For example, typing pharmacy will find windows-pharmacy-london tag.

Tags can be deleted when they are owned by the user, or when they belong to a computer in a group where the user has computer manager or group admin role. Tags on computers shared with connect-only permission are visible in the list but cannot be deleted.

License usage history and reporting

License usage is now tracked over time and available through a new License Usage report on the Reports page. The report shows key metrics such as maximum license usage, connection counts, new session counts, and license limit hits, with support for server-wide or per-domain views, as well as hourly and daily aggregation. Data can also be exported for further analysis.

Access is permission-based: “View/control server sessions” allows full visibility across all domains, while “View/control domain sessions” limits access to the user’s own domain.

Password block list upgrade

The built-in password block list used to reject weak or compromised passwords has been significantly expanded, growing from around 40,000 to roughly 10 million entries sourced from widely known leaked password datasets. Users attempting to set a common or previously exposed password will now have it rejected, while passwords not on the list remain accepted.

Administrators can still override the default list by providing a custom password_blocklist.txt file in private storage.

SSL: External Account Binding and certificate lifecycle improvements

The SSL module now supports External Account Binding (EAB), which is required by some commercial certificate authorities. EAB links the ACME account to a CA account using a Key ID and HMAC key, both provided by the CA.

Additional improvements to the certificate lifecycle: the ACME client private key is now persistent across certificate actions (install, renew, revoke) instead of being regenerated each time. Certificate expiry warning emails are now only sent in the last 14 days before expiry, since certificates managed by the SSL module are automatically renewed at the one-third validity mark. Previously, expiry emails were sent just before auto-renewal triggered, causing unnecessary alerts.

ISL Meeting: session controls and improvements

ISL Meeting is now the default meeting application on web portal and is no longer marked as beta. The primary “New Meeting” button opens ISL Meeting in a new window, and the Reports dashboard shows a single “Meetings” tile for ISL Meeting sessions.

Web Portal >Meetings > New Meeting / Meeting Table > Meeting

A new “Default meeting application” setting is available under Server Administration (/conf) Settings > ISL Meeting > Basic, allowing administrators to choose between ISL Meeting and the legacy ISL Groop. When set to “ISL Groop (legacy)”, the interface reverts to the previous options, including multiple meeting types and separate report tiles for Groop and ISL Meeting. If the ISL Meeting module is not installed, the system automatically falls back to legacy behavior.

Several improvements were made to the meeting experience for both hosts and participants.

  • Chat design: message bubbles were updated with a new visual design.
  • Host controls: hosts can now control feature access for all attendees from a new Host Controls sidebar. Permissions for microphone, camera, screen sharing, and chat can be set when creating a meeting and adjusted in real time. If a permission is removed while a user is actively using that feature, it is disabled immediately.
  • License usage: ISL Meeting sessions now consume ICP licenses, with usage assigned to the host. The first 2 participants use 1 license, and each additional participant consumes additional license. License usage is visible on the Clients page and in the License Usage (ICP) view, where all licenses for a meeting are grouped together and can be ended at once. If no licenses are available, hosts cannot start a meeting.
  • Participant limit: Each meeting supports a maximum of 10 participants. When the limit is reached, additional participants receive a “Meeting is full” message and cannot join.
  • Side stream paging: side streams are now paginated instead of scrollable. Streams not currently visible are limited to audio only, reducing bandwidth usage. Video is loaded only for visible streams, with full quality reserved for the spotlight.

ISL Meeting: Cloudflare Realtime SFU support

Cloudflare Realtime SFU is now supported as an alternative streaming backend to Galene. The backend is selected based on server configuration. Cloudflare credentials are stored server-side and never exposed to the browser, and all API calls are proxied through ICP to ensure a consistent experience regardless of the backend in use.

Additional improvements were made to SFU performance and stability. Meetings with multiple participants toggling cameras on and off could previously become slow to respond, with delays as participants joined or changed streams. SFU behavior has been optimized so that video routing no longer blocks meetings and streams are not prepared for participants who are not actively sending audio or video. This results in improved responsiveness and overall meeting stability.

TCP TURN server support

The ISL Light module now supports ICE servers using TCP protocol. TCP TURN connection usage is also included in stats reporting.

Mail send throttle

Email sending is now rate-limited to prevent abuse. Separate limits apply per IP address, per recipient email, and for system/integrator emails. The throttle period and limits are configurable in server settings, and tracking can optionally be enforced GRID-wide.

reCAPTCHA score and reason code blocking

Web API requests protected by reCAPTCHA can now be automatically rejected based on a minimum score threshold or a list of specific reason codes. Two new settings were added under the reCAPTCHA category: Reject requests with score and Reject requests with reason codes.

Database writes statistics logging

The number of database writes (insert, update, delete) is now periodically logged. The flush interval is configurable via the Database writes statistics logging interval setting. Setting the interval to 0 disables logging.

SSL management moved to /conf

SSL pages are now available under Server Administration (/conf) via the new “SSL Certificate” button, including deployments using the SSL module.

The separate /users/ssl page is no longer available. As part of this change, the “User can create SSL certificates” permission has been removed from Security settings. SSL module operations are now handled exclusively through the administration interface and require administrator access.

Backup pages moved to /conf

Backup management has been moved from user pages to Server Administration (/conf) scope. Backups are now available under Configuration via the “Backups” button. The separate /users/backup page is no longer available.

As part of this change, the “User can create backups” permission has been removed from Security settings. Backup operations are now handled exclusively through the administration interface and require administrator access.

Content Security Policy, Permissions Policy and X-Frame-Options improvements

CSP and Permissions Policy now support per-path configuration. Different policies can be applied to different URL path prefixes, with top-to-bottom matching. Existing single-policy configurations continue to work without changes.

The Content Security Policy setting now has three modes: None, Report only, and Enforce (default). The same applies to the Permissions Policy setting. Policy violations are reported to the internal reporting API and logged.

The Disable framing of web pages setting was renamed to HTTP header X-Frame-Options mode with three options: None, Enforce with SAMEORIGIN (default), and Report use of frames.

The default CSP value was also updated to remove blob: from script-src, tightening the default security posture.

ISL AlwaysOn: connection options blocklist

Administrators can now specify a list of ISL AlwaysOn start option keys that should be hidden from the client. When configured, listed keys are filtered out of the options info returned to the client without being removed from storage. Useful for restricting which connection options are visible or accessible to end users.

ISL Light v5 version selector

The ISL Light Client version selector was updated to include v5 and now works as a boost rather than a filter. This means if v5 is incompatible with the client OS version, earlier versions are still available as a fallback. The v3 tag now applies only to 32-bit Windows programs. Version filtering can still be forced using isl_light_v3=1 or isl_light_v5=1.

Integrator: session tagging and new webapis

ISL Light sessions are now tagged with the integrator key of the user or domain that started the session. A new webapi allows integrators to query their own ISL Light session history filtered by time range with pagination support. A separate webapi allows integrators to query ISL AlwaysOn computer info for computers tagged with their integrator key.

A new integrator call was added to create integrators with a domain-scoped key. Empty key ID values in JWT requests are now automatically rejected without querying the database.

TLS 1.2 cipher tracking

TLS 1.2 connections are now split into two categories. Connections using stronger ciphers are counted as “TLS 1.2 (v2)”, while those using older or weaker ciphers remain under “TLS 1.2”, making it easier to identify less secure clients.

Connection log entries for “computer is online”, “supporter logged in”, and “session started” now include the TLS version and cipher used by the connecting client. For sessions, both the desk and client side are reported.

OpenSSL 3.0.21

OpenSSL has been upgraded to version 3.0.21.

PostgreSQL 16.13

PostgreSQL has been upgraded from version 16.8 to 16.13.

Go 1.26.3

Go has been upgraded to version 1.26.3.

Galene 1.0

Galene has been upgraded from version 0.9.1 to 1.0.

🐞 Bug Fixes

Main account could not log in with password when SSO was enabled on its domain

When SSO was configured on a domain, the main account was redirected to the identity provider instead of being allowed to use username and password login. An additional check was added so the main account can always log in with credentials regardless of domain SSO settings.When querying action info on web page, “events” field is now being updated between calls, so only new events are returned.

iPadOS join page offered macOS installer instead of iOS app link

Joining an ISL Light session from Safari on iPadOS routed to the macOS .dmg installer instead of the iOS app. iPadOS Safari defaults to requesting the desktop site and reports a macOS user agent, causing platform detection to misclassify the device as a Mac. The join page now detects touch-capable devices and correctly routes iPadOS users to the iOS app.

Deleted ICP files reappeared after server reconnect

Files deleted on ICP could reappear when a server that was offline or out of sync reconnected. The file synchronization algorithm was redesigned to track deletion confirmations across all servers in the GRID. Deleted file metadata is retained for 14 days to ensure all servers sync the deletion before cleanup.

Granted to and Owned by filters could not be changed on the Computers page

The Access granted to and Owned by filter dropdowns on the Computers page did not update correctly when switching between filter types. The filter state handling was corrected.

Computer action status did not return new events between calls

When polling action status on the web page, the events field was not updating between calls, so only the initial events were returned, which could lead to actions failing or requiring additional authentication attempts. The events field is now correctly updated, and each call returns only new events since the last query.

Uptime calculated incorrectly for machines running more than 48 days

The uptime counter overflowed for machines with an uptime longer than approximately 48 days. Switched from GetTickCount to GetTickCount64 to handle any practical uptime correctly.

Graceful GRID connection handling fix

File transfers between GRID servers previously generated misleading warning-level “grid connection down” log entries, and uploads to remote server storage via the configuration page could result in empty files. This has been redesigned so that file transfer connections now close gracefully, are logged at the correct notice level with proper server identification, and remote uploads preserve file contents correctly. The issue is no longer reproducible.

Domain delete check failed when domain had no users

In previous versions, attempting to delete a domain that contained no users would fail during the required actions check, preventing the domain from being removed. This was redesigned, and empty domains can now be checked and deleted as expected. The issue should no longer be reproducible.

Guest display name not shown in meeting remote control request

The remote control request dialog in a meeting showed an internal guest ID instead of the guest’s display name. The dialog now uses the resolved display name.

“Log in with browser” option missing from Try another way dialog

The Log in with browser option was not shown in the Try another way login dialog view. It is now included alongside other available login methods, with its visibility still controlled by the Allow “Log in with browser” in native applications permission.

Other fixes and improvements

Bug fixes, security updates, missing translations, and other general improvements.

June 2026link

ISL Light 5.0.2551.111 ISL Light 5.0.2551.111 link

Note: This release is available for Cloud License in all countries except Japan. Server License updates will follow in the coming weeks.

🚀 New Features

New ISL Light Client now default on Windows

Windows users now receive the redesigned ISL Light Client by default when joining a session. Built on the new unified codebase, the Windows client is now aligned with ISL Light Client on macOS and Linux, as well as with ISL Light.

ISL Light Client > Session

The refreshed experience introduces a redesigned chat interface, a new topbar with hidden and expanded states, improved access to session controls, and new client-side options. Read more in ISL Light 5.0.2551.64.

Block remote input (total control)

Operators can now fully suppress the remote user’s keyboard and mouse. This is useful when you need uninterrupted control, for example to prevent the user from accidentally clicking or typing while you support.

Block Remote Input is available in the session toolbar under the Desktop dropdown on Windows remote computers. The remote user can press Esc at any time to release the block. It is also released automatically when the session ends. The option is not shown if the remote OS or client version does not support it.

IMPORTANT: For remote access sessions, please update ISL AlwaysOn (Remote Agent) to version 5.0.2551.107 or newer; otherwise, the Block Remote Input feature will remain unavailable (disabled) when connecting to older ISL AlwaysOn devices. To upgrade the agent, please refer to the Upgrade ISL AlwaysOn manual.

ISL Light > Session > Desktop menu > Block Remote Input

In remote support sessions (ISL Light Client), enabling Block Remote Input requires confirmation from the remote user. In remote access sessions (ISL AlwaysOn), no confirmation is required. You can also enable Block Remote Input at the start of a session in the access password dialog under Connect Options.

ISL Light > Computers > Access Password Dialog > Options > Block Remote Input

Join a session directly from the login screen

The ISL Light login window was redesigned to make joining a session simpler. The new layout shows a Join a Session panel on the left and the operator login form on the right, so a user can enter a session code right when the app opens.

ISL Light > Join / Login Window

The session code field is focused automatically. The Join and Login buttons are only enabled once their respective fields are filled in. After entering a valid code, ISL Light switches to client mode for the duration of the session and returns to the main window when it ends.

The Join a Session panel can be hidden using --on-load "customization?disable_join=true".

Auto-save options for file transfer

A new setting was added that controls what happens when a file transfer completes. Previously, users had to manually save every received file. Three options are now available:

  • Show confirmation dialog — prompts the user to save manually (previous behavior)
  • Save automatically — saves the file to the default location without any prompt
  • Save and open file location — saves the file and opens its containing folder

The preference can be configured in Settings > File Transfer, or directly in the file transfer dialog by checking “Don’t ask me again” before clicking Save or Open Folder. The setting does not apply to File Manager or when sending files to ISL AlwaysOn.

ISL Light > Session > File Transfer Dialog > Don’t ask me again checkbox

Monitor Shortcuts

ISL Light > Settings > Remote Desktop > Monitor Shortcuts

Monitor shortcuts were introduced in previous versions to simplify switching between remote monitors using keyboard shortcuts.

This update improves the existing functionality by adding support for cycling between the first and last monitor, continuing monitor navigation while viewing all monitors, and using monitor shortcuts even when the keyboard is not captured.

Additional improvements were also made for exploded monitor layouts and overall shortcut handling.

Access Password field added to Set Unattended Access dialog

The Set Unattended Access dialog now includes an Access Password field. The password entered here is passed to ISL AlwaysOn on installation, so the computer is secured from the moment unattended access is granted without requiring a separate configuration step.

ISL Light > Set Unattended Access > Access Password

macOS permission prompt for Restart and Resume

When an operator enables Restart and Resume in a remote support session on macOS, ISL Light now triggers a TCC (Transparency, Consent and Control) permission prompt for the ISL Light Streaming component. This ensures the remote user is properly asked to grant screen recording permission, which is required for Restart and Resume to continue working across logout and fast user switching.

Show/hide toggle for password fields

A show/hide password icon was added to the password field on the Login page and the Access password dialog when connecting from the Computers tab. Clicking the icon toggles visibility, making it easier to verify what was typed without having to retype.

ISL Light > Computers > Access Password Dialog > Show/Hide Toggle for Password

My account submenu

A new My Account submenu was added to the dashboard dropdown, with direct links to Administration, License Usage, Reports, My Profile, and Security pages. On servers that support session-pass, clicking a link takes the user directly to the requested page without a separate login.

ISL Light > Dashboard > Menu > My Account (Web) > Administration/Usage/Reports/Profile/Security

Individual links can be hidden via customization flags: disable_administration_link, disable_usage_link, disable_reports_link, disable_account_link, disable_security_link.

The entire submenu is hidden when customization?disable_web=true is set or when the server does not provide the corresponding product page list.

Integration mode customization

A new integration mode customization was added for deployments where ISL Light is embedded in a third-party platform. When started with --on-load "customization?integration_mode=true", the standard login form is replaced with a dedicated integration screen, so end users are not presented with a login dialog on launch.

Sessions started from the web continue to bypass integration mode and behave normally.

ISL Light > Login Window > Integration mode customization

Taskbar icon blinks on new chat message

When ISL Light is minimized or inactive and a new chat message arrives, the taskbar icon now blinks until the window is opened. This applies both to the joining user in client mode and to the operator, so chat messages are no longer missed when ISL Light is in the background.

Customization: minimize ISL Light on start

ISL Light and ISL Light Client can now be configured to automatically minimize the window when a session starts. This is useful in integration scenarios where ISL Light should run in the background without occupying screen space on the joining side.

The behavior is controlled via --on-connect "main?minimize=true". An equivalent --on-load "customization?iconize=true" option is also available for backward compatibility. Both options can be found as read-only settings in General Settings > Session.

Customization: hide Settings button in ISL Light Client window

A new customization option hides the Settings button in the client-side ISL Light window during a session. Use --on-load "customization?disable_client_settings=true" to prevent end users from changing client settings.

Customization: hide Whiteboard tools or Change screen resolution

Whiteboard Tools and Change Screen Resolution can now be individually disabled in a session. Both are available as read-only settings under Customization Settings > Session.

  • Hide whiteboard tools: --on-load "customization?hide_whiteboard_tools=true"
  • Hide change screen resolution: --on-load "customization?hide_change_resolution=true"
  • Hide both: --on-load "customization?hide_whiteboard_tools=true&hide_change_resolution=true"

When whiteboard tools are hidden, the automatic marker tool is also suppressed when the client revokes remote control, so the operator cannot draw without having control.

Help page links migrated to HTTPS

All internal help and sign-up page links in ISL Light and ISL AlwaysOn have been updated from http:// to https://. Users clicking help links inside the application are now always directed to the secure version of the page.

Customization domain and integrator key enforcement

ISL Light now sends the active customization name to the server during the connection handshake. If the server determines the customization is not authorized for the user’s domain or integrator key, the session is blocked with the message: “The provided customization is not authorized to be used in this session.” When the server does not enforce this check, behavior is unchanged.

Improved whiteboard tool state consistency

Whiteboard tool state in session is now driven directly by the ISSC, removing a gap where the front end was managing state independently. This makes whiteboard behavior more consistent and predictable across session state changes.

🐞 Bug Fix

Fix for gray screen caused by QT_QUICK_BACKEND=software on Windows

If QT_QUICK_BACKEND was globally set to software on a Windows machine, ISL Light rendered text incorrectly and the remote streaming view appeared as a gray screen. ISL Light now forces QT_QUICK_BACKEND and QMLSCENE_DEVICE to rhi at startup, overriding any conflicting system environment. The override can be skipped by setting ISL_QT_QUICK_BACKEND_SKIP.

Black screen issue on Windows 11

An issue was fixed where Windows 11 Aero Peek could temporarily reveal the remote screen while black screen mode was enabled.

This happened when hovering over application preview windows in the Windows taskbar. ISL Light now disables the Windows “Enable Peek” option while black screen mode is active to prevent the remote screen from being exposed.

Session started even when SOS dialog was cancelled

Accepting or cancelling the SOS dialog before starting a session had the same effect, the session was created in both cases. Cancelling the dialog now correctly aborts session creation.

Topbar not visible on Linux when client shares their screen

The topbar was not displayed on Linux during a screen sharing session. The topbar component now correctly sets its minimum width and height when its dimensions change.

Operator sees incorrect screen when client is on Hyper-V and stops streaming

When a client was running on Hyper-V inside an RDP connection and the host device was locked, screen updates stopped arriving even after the device was unlocked. The issue is now resolved.

Toolbar icons cut off when moving session window between monitors with different DPI

When the session window was dragged between monitors with different DPI scaling, toolbar icons and icons in computer and session lists appeared cut off or visually mangled. Icon components now adapt to DPI changes correctly. A 1px rounding difference may still occur on uneven DPI values such as 125%.

Keyboard shortcuts required two key presses to activate

Shortcuts had to be pressed twice because both the menu item and its associated action registered the same key sequence, causing the first press to be treated as ambiguous. Shortcut handling was reworked so only one component registers each shortcut.

Join a Session launched client inside the same ISL Light process

When an operator selected Join a Session from the dropdown, the client was started inside the current process instead of a new one. This caused conflicts, including issues with Restart and Resume when two sessions were active. The client is now always launched as a separate process.

No confirmation shown before revoking remote control

Clicking Revoke Control in the client topbar or chat window revoked control immediately, so a misclick could cause the operator to accidentally lose remote control. A confirmation dialog is now shown before control is revoked.

Change resolution dropdown showed incorrect values after applying a change

After changing the remote screen resolution, the dropdown did not refresh to show the updated values. The modal window was closing before the resolution change callback completed, corrupting the state. The window close now waits for confirmation before proceeding.

Dragging a computer with non-default columns active caused broken UI

In the Computers tab, enabling additional non-default columns and then dragging a computer item caused the drag visual to render incorrectly. All columns except Alias are now hidden during a drag operation.

Monitors dropdown visible in toolbar when it should not be

The Monitors item in the session toolbar dropdown was shown even when fewer than four monitors were connected. The visibility condition was corrected so the dropdown only appears when more than three monitors are in use.

Toolbar entered inconsistent state when control was granted mid-session

If a session started without remote control granted and the operator manually selected a marker tool, the toolbar became inconsistent when control was later granted. The toolbar state is now forced into a consistent state whenever control transitions during an active session.

Spurious error messages on terminal exit on Linux

When ISL Light Client was started from a terminal on Linux and closed normally, the terminal showed error messages even though no real error had occurred. The errno value was not being reset correctly after a handled event.

Move Topbar drag area not locatable by accessibility tools

The draggable area of the session topbar could not be found or interacted with by accessibility tools. An accessibility name “Move Topbar” was added to the drag areas in the Sharing Screen topbar and the hidden viewer toolbar.

Extra separator line in toolbar when hide_recording=true

When ISL Light was started with customization?hide_recording=true, an extra line separator remained visible in the session toolbar dropdown where the Start Recording button had been. The separator visibility is now tied to the visibility of the Start Recording button.

String substitution in start options not working

String substitution for ISL AlwaysOn start options did not work correctly. The functionality was redesigned and the issue is resolved.

Other fixes and improvements

Bug fixes, security updates, missing translations, and other general improvements.

ISL AlwaysOn 5.0.2551.111 ISL AlwaysOn 5.0.2551.111 link

Note: This release is available for Cloud License in all countries except Japan. Server License updates will follow in the coming weeks.

🚀 New Features

Session end event added for full lifecycle tracking

Session history now records the full lifecycle of each unattended session. Four new events are written to sessions.xml: session_start, session_connected, session_reconnect, and session_end. The Overview window uses these to accurately report the state and timeline of each session. Existing history entries remain readable.

Richer context forwarded when granting computer access

When granting access, ISL AlwaysOn now collects and forwards additional invocation context to the server. This includes the Windows session ID, sanitized command-line, and startup_info.txt written by the launcher. The data is included in the grant request, making it possible to trace how the granting client was originally delivered and launched. This improves visibility for support and deployment teams when diagnosing installation and access issues.

Help page links migrated to HTTPS

All internal help and sign-up page links in ISL Light and ISL AlwaysOn have been updated from http:// to https://. Users clicking help links inside the application are now always directed to the secure version of the page.

🐞 Bug Fixes

Uptime reported incorrectly for machines running more than 48 days

The uptime counter overflowed for machines with an uptime longer than approximately 48 days, causing System Info to display an incorrect value. The calculation was switched to a 64-bit counter.

Remote user mouse clicks still registered when Block Remote Input was active

When Block Remote Input was enabled on a Windows remote computer, the remote user could still perform left and right mouse clicks. Input blocking logic was corrected so all local input from the remote user is suppressed as expected.

Operator sees incorrect screen when client is on Hyper-V and stops streaming

When a client was running on Hyper-V inside an RDP connection and the host device was locked, screen updates stopped arriving even after the device was unlocked. The issue is now resolved.

May 2026link

ISL Light Client 5.0.2551.89 ISL Light Client 5.0.2551.89 link

Note: This release is available for Cloud License in all countries except Japan. Server License updates will follow in the coming weeks.

🐞 Bug Fix

Monitor selection does not work if Admin mode is activated when single monitor is selected

Operators connecting to a Windows user via code were unable to switch remote monitors if Administrative Mode was enabled while a specific monitor was already selected. The root cause was that the monitor state was not reset during the enabling of Administrative Mode, so when the stream restarted, it remained stuck on the previously selected monitor.

Administrative Mode handling has been redesigned to reset the monitor state on enable, so operators can now freely switch to any remote monitor after Administrative Mode is enabled.

April 2026link

ISL AlwaysOn 5.0.2551.79 ISL AlwaysOn 5.0.2551.79 link

Note: This release is available for Cloud License in all countries except Japan. Server License updates will follow in the coming weeks.

🚀 New Features

Improved scam and fraud detection

Enhanced monitoring and traceability during the computer granting process, providing richer context for fraud detection and abuse prevention.

🐞 Bug Fixes

Incorrect Qt version in log

The Qt version displayed in the aon_service.out file was incorrect and now reflects the actual version used.

March 2026link

ISL Light 5.0.2551.64 ISL Light 5.0.2551.64 link

Note: All updates have the release date set to 2026-03-13. Your ESS should be the same or higher to be able to update your server. This release is available to all countries except for Japan.

The minimum operating system requirements for ISL Light have been updated to Windows 10 (all versions) and macOS 14.

Note: ISL Light 5 is built on Qt 6.10, which officially supports Windows 10 1809 and later. ISL Online has extended this to cover all Windows 10 versions.

🚀 New Features

Redesigned session toolbar

The session toolbar has been redesigned with a cleaner layout, labeled buttons, and improved icons for easier navigation during a remote session.

ISL Light > Session > New Toolbar

Key additions and changes:

  • Session menu: New dedicated menu centralizing all session-related actions, including the new Edit Session option
  • Whiteboard menu: Pen, Arrow, and Eraser tools grouped into a single menu, with auto-clear options (5 and 10 seconds)
  • View menu: New dedicated menu for quality, resolution, and display options
  • Tools menu: Previously separate Keyboard, Tools, and Settings menus have been merged into a single Tools menu
  • Camera/Microphone buttons: Now directly accessible from the toolbar, previously only available inside the chat window
  • Hide/Show Toolbar: Now available in windowed mode, not just full screen

For a full overview of all changes and feature relocations, see the ISL Light 5 Toolbar blog post or watch ISL Light Toolbar video.

Redesigned ISL Light Client (macOS, Linux)

The ISL Light Client interface has been redesigned for a more modern and intuitive experience. The following changes apply to ISL Light Client on macOS and Linux, and on Windows when joining via ISL Light (Menu > Join). On Windows, when joining via code or link, the previous ISL Light Client version is still used and these changes are not reflected.

ISL Light Client

Settings menu includes new actions:

  • Session Recording: Start or stop recording directly from the client
  • Enable/Disable Clipboard: Toggle clipboard sync from the client side
  • Topbar Position: Change the position of the topbar on screen

Chat has been updated with a modernized interface. User messages are displayed in darker blue with white text on the right, while incoming messages are lighter gray with dark text on the left. Message bubbles now fit the content width instead of stretching across the full window. When the client window becomes active, the chat input field is automatically focused, allowing the user to start typing instantly.

Topbar (Control Bar) has been completely redesigned with two states: hidden (screen sharing indicator) and expanded (control bar)

Hidden view ( screen sharing indicator)

Shows only a drag area for repositioning the control bar, and a screen sharing indicator. Pressing the indicator expands the control bar.

Expanded view (Control bar)

Control bar provides the following controls:

  • Stop Sharing: Stops screen sharing
  • Grant/Revoke Control: Grants or revokes operator control
  • Whiteboard Marker: Local whiteboard marker tool
  • Whiteboard Pointer: Local whiteboard pointer tool
  • Chat: Opens the chat window
  • Video Call: Starts or toggles video
  • Audio Call: Starts or toggles audio
  • Open Main Window: Opens the main application window
  • Hide: Collapses the topbar back to hidden view
  • End Session: Prompts the user to end the session

When a whiteboard tool is active, the control bar displays a hint to exit the local whiteboard by pressing ESC.

Additional computer info columns in dashboard

The computer dashboard now displays additional columns with more information about each computer.

ISL Light > Computers > Additional Computer Info

Columns can be toggled via right-click on the table header or the three-dot menu button in the table header.

  • Alias
  • Computer Name
  • Status (Active, Online, Offline)
  • Last Online
  • Group (computer group)
  • Owner (user or computer group)
  • Shares
  • Tags
  • Platform
  • Agent Version (ISL AlwaysOn version)
  • IP Address

Extended mouse button support

Remote sessions now capture and transmit additional mouse inputs:

  • Back and Forward buttons (thumb buttons)
  • Horizontal scroll (tilt wheel)

Session security (e2e)

ISL Light now uses a new schema for securing end-to-end connections. Both endpoints generate a public/private key pair and exchange the public key with the remote side via ISL Conference Proxy as a pre-start message. The certificate used to establish the end-to-end connection is then verified by both endpoints, replacing the previous static client-to-client certificates. EC certificates are used instead of RSA.

A new Session Security dialog has been added, accessible from the active session via the shield icon in the status bar (Security Menu > Session Security). It displays live end-to-end encryption details for the current session.

ISL Light > Session > Session Security (accessible from status bar)

The dialog shows:

  • Session Security Status: Optimal, Good, Medium, or Not Connected
  • Authentication:
    • full: Both sides supplied valid, verified certificates
    • old: One side supplied a valid, verified certificate
    • none: No certificate exchange, or verification failed
  • Remote Certificate Supplied:
    • Yes: The remote side provided a certificate
    • No: The remote side did not provide a certificate
  • Remote Certificate Verification:
    • Verified: The certificate is verified and trusted
    • Unverified: The certificate failed verification checks
    • Not Available: No certificate or verification was not possible
  • Connection Status:
    • Connected (Valid certificate supplied): Remote Certificate Supplied is Yes and Remote Certificate Verification is Verified
    • Connected (Invalid certificate supplied): Remote Certificate Supplied is Yes and Remote Certificate Verification is Unverified
    • Connected (Certificate not supplied): Other conditions do not apply
    • Not Connected: Session status is error
  • Cipher: Active cipher used for the session
  • Your Certificate Fingerprint
  • Remote Certificate Fingerprint

For ISL Light Client V4, the dialog is accessible via Tools > Session Security.

Persistent settings

Session settings have been replaced with general Settings, accessible from the toolbar “Session” dropdown while in session. Changes made during a session are now saved and will apply to future sessions as well.

ISL Light > Session > Settings

Note: Some settings are NOT applied to an already running session and will only take effect in the next session. These settings display the message “This change will not affect sessions that are already running.

  • Session: Pin toolbar in fullscreen, Inactivity time in minutes before session is ended, Duration in seconds of inactivity warning before session is ended
  • Desktop Sharing: Optimize resolution based on first local monitor, Leave background while sharing this desktop, Leave desktop effects while sharing this desktop, Lock computer when network connection is lost, Enable clipboard by default when viewing remote desktop
  • Black Screen (Curtain Mode): Delay clearing black screen after pressing ESC
  • Keyboard: Disable local inputs while sharing this desktop, Pass keyboard combinations unchanged
  • System: Stream only non-alpha windows (CAPTUREBLT)

Update session status bar

The session status bar has been updated with new status indicators:

  • Security Menu: Now visible in the status bar, provides quick access to Session Security, Session Details, About, and Log
  • Clipboard Status: Always visible on the right side, shows whether clipboard sync is enabled or disabled
  • Session Recording: Shows an active indicator while recording is in progress

ISL Light > Status Bar

The status bar layout has also been redesigned from a 3-column setup (left, middle, right) to a 2-column layout:

  • Left column: Security Menu, Session Time, Direct Connection and Server Connected, User Control
  • Right column: Zoom, Session Recording, Streaming Remote Sound, Black Screen (curtain), Clipboard Status, Keyboard Capture (on Windows), Refresh Button

The right column uses a responsive layout. Elements are hidden left-to-right (ZoomClipboard Status) as space decreases. If a larger element is hidden and space becomes available, a previously hidden smaller element will be shown again.

Reduced session creation delay and removed confirmation popup

When creating multiple ISL Light sessions, the delay between sessions has been reduced from 5 seconds to 1 second. The confirmation popup that previously appeared when creating a second or subsequent session has been removed.

Switch camera device from chat view

A new button has been added to the chat view in ISL Light Web, allowing users to switch between camera devices during a session without opening settings.

ISL Light streaming agent moved to macOS app bundle

The ISL Light streaming agent has been moved into a proper macOS app bundle (ISL Light Streaming.app), aligning with macOS packaging standards and improving compatibility with macOS security and permission requirements.

Command-line: Auto-close session on desktop stream stop

Two new command-line parameters have been added to ISL Light to automatically close the session when the client stops sharing their desktop or the operator stops viewing the remote desktop:

  • --on-connect "desktop?close_after_stop"
  • --on-connect "desktop?events=stream_stop_close"

Note: –on-connect “desktop?events=stream_stop_close” is used for backward compatibility with ISL Light Client on Windows.

Command-line: Skip end session confirmation dialog

A new command-line parameter has been added to end the session without showing a confirmation dialog:

--silent

Command-line: Add custom text to window title

A new command-line parameter has been added to append custom text to the ISL Light window title:

--add-title "<text>"

For ISL Light Web Client, the parameter can be passed via URL:

<icp>/users/start/isllight?platform=web&cmdline=--add-title+"<text>"

🐞 Bug Fixes

Clipboard sync active despite control being revoked

In ISL Light Client v4, clipboard content was still being transferred from the client to the operator even after control was revoked on the client side. This only occurred when the operator’s session window was in focus at the time of the copy on the client side, and only in the client to operator direction. The issue has been resolved and clipboard sync is now correctly disabled when control is revoked.

ISL AlwaysOn service not starting after macOS update

After updating macOS to Sequoia on Intel-based Macs, the ISL AlwaysOn service sometimes failed to start automatically due to unreliable daemon installation and configuration updates. The following issues have been resolved:

  • Parallel installation of launch daemon and agents is now serialized, preventing race conditions during install and update
  • ISL AlwaysOn service updates are now performed in a separate process, preventing conflicts with uninstall or reinstall operations

Application crash on logout after enabling Restart and Resume on macOS

ISL Light crashed when a user joined a session on macOS, enabled Restart and Resume, and then logged out. The issue has been resolved and is no longer reproducible.

Restart and Resume not enabled after daemon reinstall

When enabling Restart and Resume, the daemon was contacted before it had finished starting up, causing Restart and Resume to not be enabled correctly. A retry mechanism has been added to ensure the daemon is available before proceeding.

Application crash when Microsoft WebView2 framework is missing

ISL Light crashed when the Microsoft WebView2 Runtime was not installed on the system. The issue has been resolved and ISL Light no longer crashes when WebView2 is missing.

Application crash when restoring window geometry

ISL Light sometimes crashed when restoring the window position and size, due to an invalid screen reference. The issue has been resolved and is no longer reproducible.

Application crash on session window close

ISL Light sometimes crashed when closing a session window. The issue has been resolved and is no longer reproducible.

File Manager stuck on “Loading” in folders with many files

File Manager was stuck on “Loading” when navigating to a folder containing a large number of files. The issue has been resolved and is no longer reproducible.

Administrative mode incorrect credentials error not displayed

When entering incorrect credentials while enabling Administrative Mode, ISL Light now displays an error dialog informing the user that the administrator username or password is incorrect. Previously, no feedback was shown.

Whiteboard manual clear setting not applied correctly

When setting the whiteboard to clear manually, the setting was not applied correctly and whiteboard markings were cleared inconsistently. The functionality has been redesigned and the issue is no longer reproducible.

Chat clear removes messages from session report

Clearing the chat during a session caused the chat transcript to be blank in the session report. Chat clearing is now a display-only action and does not affect the transcript. Full chat history is always preserved in the session report.

Custom application icon not applied in ISL Light Client v4 on Windows

Custom application icons were not correctly applied to ISL Light Client v4 on Windows. The issue has been resolved.

TAB navigation and focus issues

TAB and SHIFT+TAB navigation did not work correctly in several cases:

  • On the login screen after entering incorrect credentials
  • In the chat window, where navigation only reached the message input field and send button
  • Input field focus border remained visible after focus moved to another element

All issues have been resolved and keyboard navigation now works correctly throughout the application.

Menu not accessible during “Connect to Computer” flow

The hamburger menu was not visible when connecting via the “Connect to Computer” flow, making it difficult to access log files when issues occurred. The menu is now accessible during this flow.

Command-line --on-connect "desktop?show&control" not working

The command-line parameter --on-connect "desktop?show&control" did not work correctly in some cases when used in ISL Light. The issue has been resolved and control is now correctly granted when the parameter is used.

Unable to join ISL Meeting from ISL Light Client v4 on Windows

Users were unable to join an ISL Meeting using ISL Light Client v4 on Windows. The issue has been resolved. When a valid meeting session code is entered, the meeting title is shown below the input field.

Additional improvements:

  • Joining a meeting via --connect command-line argument is now supported.
  • --username, --password, and --web-login arguments now work correctly with --gui-type join_session, allowing users to log in before joining via --connect.

Invalid session token errors in Meetings

Users experienced “Invalid post token” or “Authentication failed” errors when interacting with the Meetings tab, particularly after switching tabs or opening multiple ISL Light instances. The following issues have been resolved:

  • Session token was being restored multiple times, causing the previous session to expire
  • WebView session was not kept active, causing it to time out
  • Opening a second ISL Light instance overrode the session token of the first instance

Remote control clicks interfering with window action bar in Meetings

When joining a meeting from a browser and granting control to the remote user, mouse clicks targeting the minimize, maximize, and close buttons in the window action bar caused ISL Light to force quit. Clicks in that area from remote control are now ignored.

Missing Accessibility Names on Dialogs

Multiple dialogs in ISL Light did not have accessibility names set, causing issues with accessibility features and automated user-flow testing. Accessibility names have been added to all affected dialogs.

Other fixes and improvements

Bug fixes, security updates, missing translations, and other general improvements.


ISL AlwaysOn 5.0.2551.64 ISL AlwaysOn 5.0.2551.64 link

Note: All updates have the release date set to 2026-03-13. Your ESS should be the same or higher to be able to update your server. This release is available to all countries except for Japan.

🚀 New Features

Session security (e2e)

ISL AlwaysOn now supports end-to-end encrypted connections using dynamically generated certificates, replacing the previous static client-to-client certificates. Both endpoints generate a public/private key pair and exchange the public key hash with the remote side via ISL Conference Proxy as a pre-start message. The certificate used to establish the end-to-end connection is then verified by both endpoints.

A new Session Security dialog is accessible from the ISL AlwaysOn tray menu, displaying live end-to-end encryption details for the current session.

For more information see ISL Light 5.0.2551.64 What’s New.

Other fixes and improvements

Bug fixes, security updates, missing translations, and other general improvements.

ISL Light Client 5.0.2551.64 ISL Light Client 5.0.2551.64 link

Note: All updates have the release date set to 2026-03-13. Your ESS should be the same or higher to be able to update your server. This release is available to all countries except for Japan.

🚀 New Features

Session security (e2e)

ISL Light Client now supports end-to-end encrypted connections using dynamically generated certificates, replacing the previous static client-to-client certificates. Both endpoints generate a public/private key pair and exchange the public key hash with the remote side via ISL Conference Proxy as a pre-start message. The certificate used to establish the end-to-end connection is then verified by both endpoints.

For more information see ISL Light 5.0.2551.64 What’s New.

🐞 Bug Fixes

Chat clear removes messages from session report

Clearing the chat during a session caused the chat transcript to be blank in the session report. Chat clearing is now a display-only action and does not affect the transcript. Full chat history is always preserved in the session report.

Video call request rejection now reported to operator

When a client rejects a video call request in ISL Light Client v3, the operator is now notified that the request was rejected. Previously, no feedback was provided to the operator.

Other fixes and improvements

Bug fixes, security updates, missing translations, and other general improvements.

February 2026link

ISL Conference Proxy 5.0.2533.91 ISL Conference Proxy 5.0.2533.91 link

Note: All updates have the release date set to 2026-02-17. Your ESS should be the same or higher to be able to update your server. This release is available to all countries except for Japan.

These are the server side updates, meaning hosted service users do not need to do anything. Server license users please check Upgrading Server License.

⚠️⚠️⚠️ Important: Update ICP License File for Authenticode Signing (before 26 May 2026) ⚠️⚠️⚠️

ISL Conference Proxy (ICP) now supports HSM-compliant remote Authenticode signing to meet updated industry requirements for code signing certificates.

Legacy (non-HSM-compliant) Authenticode configurations included in older license files will expire after 26 May 2026.

To ensure continued signing of Windows executables and avoid SmartScreen warnings, administrators must:

  1. Generate a new ICP license file from their ISL Online account.
  2. Upload the new license file to their ICP server.

For detailed instructions, please refer to the Update ISL Conference Proxy License manual.

🚀 New Features

Hardware Security Module compliant Authenticode

Due to changes in CA/Browser Forum code signing baseline requirements, support for HSM-compliant remote Authenticode was added to ISL Conference Proxy. See https://cabforum.org/working-groups/code-signing/requirements/ section 6.2.7 Private key storage on cryptographic module.

Remote Authenticode is enabled when an encrypted Base64 configuration blob is provided either in the license field “Microsoft Authenticode” or “Microsoft Authenticode v2”, or in the setting “Use authenticode packed parameters (BASE64)”.

For most deployments, no additional configuration is required. Environments operating in restricted networks may use an HTTP proxy or controlled network forwarding to allow communication with the remote signing service. Remote signing service is available at https://updates.islonline.com.

New HSM-compliant Authenticode configuration will be available in the new license files. Legacy (non-HSM-compliant) Authenticode configuration present in the old license files will expire after 26 May 2026.

2FA Passkey Support

Support for general Passkeys (platform and cross-platform via USB, Bluetooth, or NFC) as a 2FA method has been added to ICP login.

A new Passkey management dashboard is available at:

Security → 2-Step Verification → Passkey

The dashboard includes the following features:

  • Create new passkey
    The passkey registration flow has been redesigned into a modal interface, where the user selects the type of Passkey to create and provides its description.
    Passkeys can now be registered using:
    • Platform authenticators (e.g. Windows Hello, browser password manager extensions, etc.)
    • Cross-platform authenticators (e.g. security keys or mobile devices)
  • List passkeys
    A new webapi2 security/login/tfa/passkey/list/1 method is used to list a user’s registered passkeys.
  • Edit passkey
    Passkey descriptions can be updated using the existing webapi2 security/login/tfa/u2f/description/update/1 method.
  • Set as default 2FA method
    Passkeys can be set as the default 2FA login method using the existing webapi2 security/login/tfa/method/default/set/1 method.
  • Remove passkey
    Passkeys can be deleted using the existing webapi2 security/login/tfa/u2f/remove/1 method.
    As before, removing the last passkey is rejected if the user does not have an alternative 2FA login method configured. In this case, the user is prompted to disable 2FA before removing the final passkey.

To ensure compatibility, when a native application does not support Passkeys directly, users can use the “Log in with browser” option to complete 2FA authentication in their browser. This behavior is controlled by the new permission:

/conf → Security → “Allow ‘Log in with browser’ in native applications”

The browser login option is offered only when Passkeys are configured but not supported by the client.

Migrate security key authentication from U2F to WebAuthn

In previous versions, using the legacy U2F authentication standard as a 2FA method could fail in modern browsers due to deprecated U2F support.

Security key authentication has been migrated from the U2F API to the WebAuthn standard, ensuring compatibility with current browsers.

Existing security keys registered using U2F remain supported, and new registrations use WebAuthn when supported by the browser.

Increased password hashing strength with automatic upgrade on login

The default number of islhash1 hashing rounds has been increased from 10,000 to 210,000 to align with modern security recommendations.

In addition, existing user password hashes are now automatically upgraded upon successful login when stronger hashing parameters are available.

If the configured hashing scheme, number of rounds, or salt size exceeds the stored values, the password hash is transparently re-generated using the stronger settings. Password storage strength is only increased and never reduced.

OpenSSL was updated to 3.0.19.

OpenSSL has been upgraded to version 3.0.19.

Upgrade Go to version 1.24.13

Go has been upgraded to version 1.24.13.

Update to libxslt 1.1.45

libxslt has been upgraded to version 1.1.45.

🐞 Bug Fixes

macOS application icons issue

In previous versions, customized macOS application icons were not displayed correctly in Finder, Dock, and macOS permission settings (such as Accessibility and Screen & System Audio Recording).

This occurred because the image tool generated macOS icons only in PNG format, which caused compatibility issues with certain icon sizes.

The image tool has been updated to generate smaller macOS icon sizes in RGB + mask format where required. Customized icons now display correctly across macOS system interfaces.

Miniplayer touch movement issue

In previous versions, moving the miniplayer window using touch input was either not possible or resulted in very jittery movement.

The coordinate handling logic has been redesigned to ensure consistent behavior between mouse and touch input. The miniplayer can now be moved smoothly using touch gestures.

To improve usability on touch devices:

  • The context menu is suppressed during drag operations to prevent it from appearing after a long press.
  • Default touch gestures (such as page panning) are disabled on the control bar while dragging.

Meeting window remaining open after logout

In previous versions, the (WebView) meeting window inside the ISL Light application could remain open after the user logged out. The window closing logic has been improved, and the meeting window now closes properly on logout without requiring user intervention.

Audio issues when participants join or leave a meeting

In previous versions, users sometimes could not hear audio streams that were already active before they joined the meeting.

This issue was caused by upstream encoding parameters being re-evaluated when participants joined or left the meeting. The upstream behavior has been stabilized, and audio streams should now remain consistent when participants enter or leave the meeting.

Camera and microphone selector stuck in “Enumerating devices” state

In previous versions, the camera and microphone selector on the create meeting page could remain stuck in the “Enumerating devices…” state if media devices were unavailable or access was blocked.

This was caused by an error during device detection that prevented proper error handling. The issue has been resolved, and device selection now behaves correctly.

Spotlight camera stream resizing issue

In previous versions, the spotlight camera stream could be incorrectly resized and appear off screen. This issue has been resolved.

Other fixes and improvements

Bug fixes, security updates, missing translations, and other general improvements.

ISL AlwaysOn 5.0.2551.33 ISL AlwaysOn 5.0.2551.33 link

Note: All updates have the release date set to 2026-02-11. Your ESS should be the same or higher to be able to update your server. This release is available to all countries except for Japan.

Minimal operating system requirement on Windows for ISL AlwaysOn application was changed from Windows 10 version 1809 (Build 17763) to initial Windows 10 release version.

🚀 New Features

Windows, macOS, Linux user password authentication for unattended access

Users can now authenticate unattended access using Windows, macOS or Linux user credentials instead of the existing Access Password model.

Note: This is a cloud license configuration change (Hosted Service), not a client-side change introduced in this release and it applies to all ISL AlwaysOn versions.

ISL Light > Computers > Password Dialog

This feature allows customers to simplify authentication and centrally manage unattended access using standard Windows, macOS or Linux accounts, while maintaining security by requiring the device password at connection time. When a session starts, the remote computer is locked and authentication is required on the remote machine.

Windows, macOS or Linux user password authentication is by default disabled and must be enabled per ISL AlwaysOn device, either:

ISL AlwaysOn > Settings > Basics > Authentication > Windows User Password

If you do not see this setting under ISL AlwaysOn settings, the AlwaysOn client must reconnect (restart the ISL AlwaysOn service) to apply the change.

Restart the service using the following commands:

net stop isl_always_on
net start isl_always_on

Use URL query parameter instead of cookie for SA GRID ID in HTTP tunnels

HTTP tunnels now use the URL query parameter CPLB=<serverid> instead of the cookie CPLBF=<serverid> when connecting to a single-address GRID.

Affected transports:

  • wininet-http
  • wininet-https
  • httpt-direct
  • httpt-proxy

🐞 Bug Fixes

Fix installation issues on older Windows 10 versions (Qt 6.10 compatibility)

In previous versions, installation could fail on Windows 10 version 1803 (Build 17134) and earlier due to Qt 6.10 compatibility issues. The affected functionality has been redesigned, and ISL AlwaysOn can now be installed successfully on all Windows 10 versions.

Replace obsolete wmic.exe usage on Windows 10 version 21H1

In previous versions, wmic.exe was used to gather operating system information. Since wmic.exe is obsolete, incorrect operating system information could be displayed. We have replaced wmic.exe, and the issue is no longer reproducible.