Product Roadmap

See what features and improvements we’re planning for ISL Online.

In progress

Customization

Initial branding and interface customization options, allowing organizations to adjust the appearance of ISL Online.

ISL Light Client (Windows)

Transition of ISL Light Client on Windows to the new codebase, aligning it with the ISL Light Client on macOS, Linux, and with ISL Light when joining via ISL Light > Menu > Join a Session.

Replace “Desk” with Name/Email in Chat

The in-chat display will show the user’s name or email instead of “Desk.”

Next

Generic Clipboard

Extend clipboard functionality in ISL Light to support generic clipboard data, including files and folders, not just plain text.

Block Remote Input

Adds an option to disable remote input, giving the operator full control of mouse and keyboard during a session.

2FA improvements

Account owners and domain admins will be able to reset 2FA for users. The users panel will also display active 2FA methods and last active user information.

  • All Products
  • ISL Light
  • ISL Light Client
  • ISL Light Integration
  • ISL AlwaysOn
  • ISL Conference Proxy

October 2025link

ISL AlwaysOn 4.4.2526.58 ISL AlwaysOn 4.4.2526.58 link

Note: All updates have the release date set to 2025-09-28. Your ESS should be the same or higher to be able to update your server. This release is available to all countries except for Japan.

πŸš€ New Features

ISSC desktop streaming

The ISSC desktop plugin was adapted to work correctly with ISL AlwaysOn. The ISSC ZRLE codec was fully rewritten with a simpler and clearer implementation that improves performance of desktop sharing and allows future enhancements. Cursor grabbing with the polling driver was redesigned to properly display text input cursors at high DPI settings.

Region sharing was improved by removing the need for a proxy window. ISSC now uses the window provided by the user, improving the accuracy of region streaming.

Whiteboard handling was updated across all platforms. The whiteboard is now refreshed before showing or hiding, fixing flickering after clearing and restarting. On Windows, native GDI functions are now used, improving drawing performance.

Improved SSL compatibility with SNI

AutoTransport methods (wsstun-direct, https-proxy, etc.) now include SNI (Server Name Indication) in the SSL handshake. This improves compatibility with third-party services such as Cloudflare.

Increase timeout on “watcher” watchdog thread

The watchdog implementation on Windows was updated with:

  • updated timeouts
  • added log for thread IDs
  • added NOX on failed thread create
  • removed use of the rand function that uses enter critical section

The time for the unresponsive scheduler check is 2.5 min (previously 2 min). The time for the unresponsive watcher check is now 10 min (previously 2 min). We now also report the WD count that was reached when the watchdog crashed.

Upload only 2% of watchdog crash reports

In the previous version, all ISL AlwaysOn watchdog crashes were uploaded to ISL Conference Proxy, but they did not contain enough useful information. We have limited watchdog crash report uploads to 2% of reported crashes to the ISL Conference Proxy.

ECDH algorithm logging

Log lines now include the ecdh_ctx key, indicating which algorithm was used to establish the shared secret.

Replace islhtml_filter_and_escape with implementation in common code

Per-product specific text escaping functionality was moved to a unified implementation of text escaping.

Update Mbedtls to 2.28.10

Internal mbedTLS library was updated to version 2.28.10.

Upgrade to libdatachannel-0.22.6 and libjuice-1.5.9

The libdatachannel and libjuice libraries were updated to the latest versions (libdatachannel-0.22.6 and libjuice-1.5.9).

Upgrade zlib to 1.3.1

The zlib library that is used in the ISL AlwaysOn application was upgraded to version 1.3.1.

🐞 Bug Fixes

Update libjpeg turbo to 3.1.0

In certain cases, desktop streaming stopped working. The operator log showed an issue with JPEG decoding due to incorrect JPEG encoding on the streaming side of the sent screen update, which caused the streaming to stop. libjpeg-turbo was updated to version 3.1.0 and the issue with JPEG decoding was resolved.

Increase delay when injecting keys on Windows

Users experienced an issue when using the “Paste (simulate typing)” feature while in session, as the pasted characters were not the same as they were in the shared clipboard. The functionality was redesigned and the issue is no longer reproducible.

Fix ISL AlwaysOn clean command

The clean and clean_silent commands were not working when uninstalling ISL AlwaysOn. The uninstaller froze and granted connections were not removed. The functionality was redesigned, the commands are now working correctly, and user grants will be removed during uninstall if either of the clean commands is supplied.

Always enable TLS when opening AT MUX channel

In the previous version, some MUX connection channels were not protected by a TLS session. A TLS session is now enabled on all MUX channels.

Black screen status not updating instantly

Users experienced an issue where sometimes the Black screen status was not updated instantly upon enabling or disabling the Black screen in session. The functionality was redesigned and the issue is no longer reproducible.

Key modifier remains set after injecting Unicode characters

In some cases, when operators were controlling the remote macOS computer and typing into the remote computer something that required modifier keys, after typing those modifiers could remain stuck. Handling of modifier keys was redesigned, and the keys are now correctly released after typing.

Fix querying for CPU features gcc

In some cases, the application crashed when checking for CPU features on Linux. Checking for CPU capabilities was redesigned, so the application will no longer crash.

Incorrect version display in executable details

ISL AlwaysOn was previously displaying incorrect version information when viewing the properties of plugin .dll files. The correct version is now shown.

Customized program name overlapped in the about window

In the ISL AlwaysOn about screen, the application name could overlap the logo in cases where customers specified a long name. The about screen was redesigned; the application name is now wrapped, meaning if it is too long, it will display the name in multiple rows.

Default ISL AlwaysOn directory still created when using custom installer defaults

If users had defined a customization for ISL AlwaysOn on Linux and it used a custom installation location, the default installation folder was still created. Handling of the custom installation location was redesigned; the default installation folder is no longer created.

Force screen refresh for Windows machines with no screen attached

Users experienced an issue where the remote computer’s screen did not refresh correctly when there was no screen attached to the computer. The functionality was redesigned and the issue is no longer reproducible.

Increase setup timeout and update check installed

Users experienced an issue where they were unable to enable restart & resume during a session. The issue was in the ISSC Daemon timeout being reached. This timeout was increased and should no longer cause inability to activate restart & resume.

Detect when running Windows Sandbox environment during connect procedure

Users experienced an issue with delays when connecting to ISL AlwaysOn computers in a Windows Sandbox environment. The functionality was redesigned and the issue is no longer reproducible.

Delay daemon init procedure on macOS

The ISSC Daemon init procedure was moved to a later stage because the ISSC daemon was initialized before flags were dumped. This improves the readability of the log and simplifies debugging.

macOS reports wrong architecture

Users experienced an issue where ISL AlwaysOn on Mac M-series computers with arm64 architectures, but running ISL programs with Rosetta, would report the Mac computers as having x86_64 architectures. The functionality was redesigned and the issue is no longer reproducible.

Change dots to underscores for filename on Linux

In previous versions, the filename version was delimited with dots. This caused an issue when the build number was less than 10, as the application opened as a text editor. The dots were replaced with underscores, and the application now always executes correctly.

Switch monitor handling to ISSC

Handling of monitor switching was ported to ISSC, which now prevents the application from crashing when the operator switches between monitors.

Skip monitor detect on virtual machines

In some cases, a “no monitors attached” driver was enabled when connecting to virtual machines. The application now checks if it’s being run on a virtual machine and skips the “no monitors attached” driver if it detects it’s running in a virtual machine.

Other fixes and improvements

Bug fixes, security updates, missing translations, and other general improvements.

Read full release info

September 2025link

ISL Light Client 4.4.2526.55 ISL Light Client 4.4.2526.55 link

Note: All updates have the release date set to 2025-09-24. Your ESS should be the same or higher to be able to update your server. This release is available to all countries except for Japan.

πŸš€ New Features

Update logo – ISL Online powered by PDQ.com

The ISL Light Client application logo has been updated to include the label “powered by PDQ.com”.

Update ISSC encoder/decoder logs

The format of issc_decoder logs (located in the ISL Light log) has been updated.
Each log entry now includes the ID of the stream that generated it, improving traceability and debugging.

🐞 Bug Fixes

Switch monitor handling to issc

Fixed an issue that could cause ISL Light Client to crash on Windows systems with multiple monitors, especially when some monitors were connected but inactive.
The crash occurred when the operator selected a specific monitor, and ISL Light Client incorrectly enumerated available displays, selecting a non-existent region.
Monitor switching is now handled by ISSC, preventing these crashes when switching between monitors.

Read full release info

ISL Light 4.4.2526.50 ISL Light 4.4.2526.50 link

Note: All updates have the release date set to 2025-09-16. Your ESS should be the same or higher to be able to update your server. This release is available to all countries except for Japan.

πŸš€ New Features

ISSC desktop streaming

The ISSC desktop plugin was adapted to work correctly with ISL Light Client. The ISSC ZRLE codec was fully rewritten with a simpler and clearer implementation that improves performance of desktop sharing and allows future enhancements. Cursor grabbing with the polling driver was redesigned to properly display text input cursors at high DPI settings.

Region sharing was improved by removing the need for a proxy window. ISSC now uses the window provided by the user, improving the accuracy of region streaming.

Whiteboard handling was updated across all platforms. The whiteboard is now refreshed before showing or hiding, fixing flickering after clearing and restarting. On Windows, native GDI functions are now used, improving drawing performance.

Meetings (beta)

A new setting has been added in Settings β†’ Meetings to enable the “Meetings (beta)" tab. Once enabled, the tab appears in the ISL Light dashboard, and new meetings can be created from the β€œ+” dropdown as “New Meeting“.

Note: Operators can host meetings from the ISL Light desktop app or a browser, while customers can join only through a browser (using a direct link or meeting code).

Currently in beta, Meetings are merged with legacy ISL Groop meetings, so the table also lists older sessions.

ISL Light > Meetings (beta) > In Meeting

In Meeting Features:

  • Camera and microphone support.
  • Screen sharing with stream control.
  • Give control to another participant and revoke it when needed.
  • Chat panel
  • People panel; privileged users can request or mute devices.
  • Whiteboard (Pen tool) for drawing on shared screens, toggle or exit with ESC.
  • Video backgrounds: none, blur, or image.
  • Mini player when sharing screen.
  • Mobile browser gesture support: pinch-to-zoom, drag to pan, tap for click, two-finger tap for right-click, and swipe to scroll.

Support has also been added for the --get-code-meeting command line argument, which opens the ISL Meeting create view.

Added support to hide the Meetings tab in ISL Light when ISL Meetings is disabled on ISL Conference Proxy.

Branding Update

The ISL Online logo has been updated to ISL Online powered by PDQ.com.

Upgrade zlib to 1.3.1

The zlib library used in ISL Light was upgraded to version 1.3.1.

Replaced yuv2rgb.neon.S with libyuv

The video plugin now uses libyuv instead of yuv2rgb.neon.S.

Updated SoundTouch library

The audio plugin now uses SoundTouch v2.4.0.

Replace islhtml_filter_and_escape with implementation in common code

Per product specific text escaping functionality was moved to unified implementation of text escaping.

🐞 Bug Fixes

Computers tab: custom color not applied to mobile icon

When using a customization with a custom color and connecting a mobile device to a remote machine, the phone icon did not fill with the custom color correctly. Applying the custom color to the icon was redesigned and is now displayed correctly.

Hide signup on Server License

Users experienced an issue where “Sign Up Now” was displayed on Server License when no internet connection was available during login. The functionality was redesigned and the issue is no longer reproducible.

Modifier keys stuck after Unicode input

When operators controlled a remote macOS computer and typed characters requiring modifier keys, the modifiers could remain stuck after typing. Handling of modifier keys was redesigned, and keys are now correctly released after typing.

Detect Windows Sandbox environment

Users were unable to enable Administrative Mode and Restart & Resume in sessions connected to machines running Windows Sandbox. Detection was redesigned, and the issue is no longer reproducible.

macOS reports wrong architecture

On Apple M-series Macs with arm64 architecture running ISL programs under Rosetta, ISL Light reported x86_64 instead of arm64. Reporting was redesigned, and the correct architecture is now shown.

File metadata corrections

Some DLLs, executables, installer/uninstaller files, and application details (copyright and version) displayed incorrect information in file properties. All version and copyright information is now correct.

Black screen status not updating instantly

In some cases, Black screen status was not updated instantly when enabling or disabling it in session. The functionality was redesigned and the issue is no longer reproducible.

Increase delay when injecting keys on Windows

When using the β€œPaste (simulate typing)” feature, injected keystrokes could fail due to timing issues. Delay handling was redesigned, and the issue is no longer reproducible.

Skip monitor detection on virtual machines

In some cases, the β€œno monitors attached” driver was enabled when connecting to virtual machines. The application now detects virtual machines and skips loading this driver.

Other fixes and improvements

Bug fixes, security updates, missing translations, and other general improvements.

Read full release info

ISL Conference Proxy 4.4.2533.19 ISL Conference Proxy 4.4.2533.19 link

Note: All updates have the release date set to 2025-09-09. Your ESS should be the same or higher to be able to update your server. This release is available to all countries except for Japan.

These are the server side updates, meaning hosted service users do not need to do anything. Server license users please check Upgrading Server License.

πŸš€ New Features

Meetings (beta)

Meetings (beta) has been introduced with a new interface and core collaboration features. It is available in the web portal sidebar under “Meetings”.

Currently in beta, Meetings are merged with the legacy ISL Groop meetings, and the dropdown item “New Meeting (beta)” represents the new version. New meetings can run directly in the browser and, with upcoming releases, will also be available in the ISL Light desktop application as the “Meeting (beta)” tab in dashboards.

Web Portal > Meetings (side navigation) > In Meeting

Key updates include:

  • Camera and microphone support: join with either or both, manage devices from the People sidebar.
  • Screen sharing with stream control: give or revoke control while sharing, viewers can request or cancel control.
  • Give control: hand over keyboard and mouse control to another participant, then take it back when needed.
  • Chat: exchange text messages.
  • People panel: manage participants, privileged users can request or mute camera and microphone.
  • Whiteboard (Pen tool): draw on the shared screen, available to all participants, toggle on/off or exit with ESC.
  • Video background: choose none, blur, or image for video background when creating or joining a meeting.

On mobile, ISL Meeting supports gestures such as pinch-to-zoom, drag to pan, single tap for click, two-finger tap for right-click, and swipe to scroll.

Meeting history is now stored in /conf, showing details like creator, timestamps, duration, participants, and session information.

PostgreSQL improvements

Database upgrade procedures have been improved for reliability, visibility, and performance.

Key updates include:

  • Data verification during upgrade: restored data is now checked using MD5 hash comparison of table rows (with partial checks for large tables), instead of only comparing row counts. Estimated upgrade time now includes hash verification.
  • Progress logs: detailed logs added for dump/restore and verification steps.
  • GRID awareness: /conf now shows pending PostgreSQL upgrades for all servers in the GRID. Each server reports available upgrades to others.
  • Log preservation: old PostgreSQL log files are kept during upgrades and renamed with an old- prefix.
  • Version visibility: installed PostgreSQL version is displayed in /conf (Activity monitor β†’ Servers).
  • Cleanup on failure: temporary folders from failed upgrades are automatically removed on server startup.
  • Asynchronous estimation: space and time estimation for upgrades is now performed asynchronously, so ICP startup is no longer blocked on large databases. Until estimation is complete, /conf shows β€œPreparing upgrade” and the upgrade option is disabled.

gjrpc2grid & SSO Cache Management

Expired Core Login SAML identity provider certificates are now properly removed from cache when new certificates are acquired. Updating SAML IdP metadata triggers a GRID message that flushes outdated cache entries across all Core Login servers.

For SSO identity providers with rollover certificates, multiple certificates from the same metadata are now grouped under a β€œmeta-group” tag in the /conf certificates panel. Expiry checks are based on an optimistic validity interval, assuming no gaps between certificates and using the maximum validity for evaluation.

User and Domain Deletion Checks

Server administration now verifies ownership of computers and groups before allowing a user or domain to be deleted. A new β€œRequired actions” step lists all associated computer groups or connections that must be reassigned or removed. Deletion can only proceed once these actions are completed. If no ownership is detected, related data is displayed and the deletion continues as before.

SSO SAML Service Provider ECDSA Key Support

The SAML service provider configuration now supports PKCS8-encoded ECDSA keys for the β€œSAML service provider PEM key file” setting (/conf β†’ Security β†’ Other). Authentication request signing methods have also been extended to include ECDSA-SHA1, ECDSA-SHA256, and ECDSA-SHA512.

Read customization zips on startup

ISL Conference Proxy now loads customization packages automatically during startup. Administrators can place one or more .zip files into ICP/customizations/ and restart the server. If a customization with the same name already exists, the existing one is kept and a warning is shown in /conf with a logged alert. Invalid packages, such as those missing a manifest or containing an invalid zip, block startup until removed or corrected. Successful loads are recorded in the debug logs.

DNS CAA and TXT Record Support

ISL Conference Proxy now supports DNS CAA records, which previously caused errors when added to a zone. Handling of DNS TXT records has also been improved. Quoted strings are now processed correctly by removing surrounding quotes and unescaping characters, ensuring only raw values are stored. Unquoted strings continue to be handled as before.

Raise minimal OS requirements for Linux to CentOS 7.4

The minimum supported environment for ISL Conference Proxy is now Linux 3.10.0 with glibc 2.17, equivalent to RHEL/CentOS 7.4.

Copy Web Pages v2400 to v2500

Web pages from version v2400 were copied into v2500, which is now set as the default.

Update logo “powered by PDQ.com”

Updated ISL Online logo to add “powered by PDQ.com” in v2500 main web_template.html. Logo is now saved in SVG format instead of PNG.

Upgrade Go to 1.24.4

Go has been upgraded to version 1.24.4.

Upgrade libxslt to 1.1.43

libxslt has been upgraded to version 1.1.43.

Upgrade libxml2 to 2.13.8

libxml2 has been upgraded to version 2.13.8.

Upgrade OpenSSL to 3.0.17

OpenSSL has been upgraded to version 3.0.17.

Upgrade libjpeg-turbo to 3.0.3

The internal ImageMagick-based toolchain now uses libjpeg-turbo 3.0.3 (previously 1.0.0).

🐞 Bug Fixes

Optimize Active Sessions Page Queries

The /conf β†’ Activity monitor β†’ Sessions page no longer performs multiple database reads for sorting and fetching active sessions. The logic was redesigned to reduce the number of queries.

Fix Time Range Filtering in Safari

Timestamp filters in Administration pages (Add Filter modal) caused errors in Safari, and navigation produced excessive history.replaceState calls. Both issues have been resolved.

Upgrade jQuery-UI in v2400 v2

The Administration module now uses the latest version of jQuery-UI, loaded from core instead of a bundled copy. Required plugins are included in jquery-ui.min.js, and unused code has been removed from Reports.

Set correct Content-Type in Webapi request

Content type in WebAPI2 requests previously defaulted to application/x-www-form-urlencoded, causing decoding issues with some firewalls. Content type in requests is now set to application/json.

Handle Unknown Query Arguments in /start Links

Unregistered arguments in /start links previously caused β€œapplication not found” errors. These arguments are now ignored during initialization.

Fix web_login_cmdline Handling in Program Downloads

Program download links with web_login_cmdline=1 were rejected when the user was not authenticated. ICP now safely expands --web-login and continues with authentication in the application.

Ignore Empty Customization Names

Customizations with an empty name were incorrectly applied as defaults in /conf β†’ Customize. These are now ignored and return an empty string.

Include Customization in Deployment Links

Custom deployment links now correctly include the customization name when a user or domain has a default customization set.

Read full release info

ISL Light Client 4.4.2526.40 ISL Light Client 4.4.2526.40 link

Note: All updates have the release date set to 2025-09-03. Your ESS should be the same or higher to be able to update your server. This release is available to all countries except for Japan.

πŸš€ New Features

ISSC desktop streaming

ISL Light Client on Windows now uses the same desktop streaming plugin as the main ISL Light application (ISSC). With this change, some desktop sharing settings were removed as obsolete (Black screen driver install/uninstall driver, Enable console window streaming, Enable code injection while grabbing OpenGL and DirectX application, Manage hardware acceleration settings).

Improve application sharing

Application sharing was improved. The top bar is now redrawn when a shared application is moved, and background window behavior has been aligned with the old plugin, as ISSC no longer provides its own background window.

Removed use of FFMPEG codec

FFMPEG, previously used for certain video codecs, has been removed.

Replaced yuv2rgb.neon.S with libyuv

The video plugin now uses libyuv instead of yuv2rgb.neon.S.

Updated SoundTouch library

The audio plugin now uses SoundTouch v2.4.0.

Upgrade libjpeg turbo to 3.1.1 and add support for rgb565

Upgraded libjpeg turbo to version 3.1.1, with re-added support for rgb565 encoding on systems using 16-bit graphics capture.

🐞 Bug Fixes

Skip monitor detection on virtual machines

In some cases, a no monitors attached driver was enabled when connecting to virtual machines. The application now checks if it is running on a virtual machine and skips the driver accordingly.

Incorrect version display in executable details

ISL Light Client was previously displaying incorrect version information when viewing the properties of plugin .dll files. The correct version is now shown.

Read full release info

June 2025link

ISL Light 4.4.2447.61 for Android ISL Light 4.4.2447.61 for Android link

Note: All updates have the release date set to 2025-05-16. Your ESS should be the same or higher to be able to update your server. This release is available to all countries except for Japan.

πŸš€ New Features

Autodownload option for Universal Add-on

A new dialog is now shown when ISL Light is launched, offering users the option to download the Universal Add-on. If accepted, users are redirected to the Google Play Store. This add-on is provided instead of the device-specific signed add-on on supported devices.

Additionally, a new button has been added to the settings screen, allowing users to access the same download option manually.

The dialog and button are displayed on all devices, regardless of compatibility.

ISL Light Android > Universal Add-On Dialog / Settings “Install Universal Add-On”

Add SNI support for AutoTransport in permissive SSL mode

The AutoTransport methods wsstun-direct, wsstun-proxy, https-direct, and https-proxy were updated to include Server Name Indication (SNI) during the SSL handshake. This change improves compatibility with third-party load balancers such as Cloudflare, which rely on the hostname being sent as part of the handshake.

Update to mbedTLS 2.28.10

The internal mbedTLS library has been updated to version 2.28.10.

🐞 Bug Fixes

Starting call from Light Desk when app is minimized leads to crash or incorrect UI

Users experienced an issue where ISL Light on Android would crash when they were connected with ISL Light Desk as the operator, minimized the app, and the operator started a call. The functionality was redesigned, and the issue is no longer reproducible.

Crash when app is minimized and mic is remotely enabled from ISL Light Desk

Users experienced a crash in the ISL Light Android application when connected to a session where ISL Light Desk was used as the operator, and the operator enabled the microphone while ISL Light was minimized on the Android device. The functionality was redesigned, and the issue is no longer reproducible.

Always enable TLS when opening AT MUX channel

In previous versions, some MUX connection channels were not protected by a TLS session. TLS is now enabled on all MUX channels.

Change default for scaling – make scaling disabled by default

In previous versions scaling of device screen was always enabled if device exceeded 1024px on either of the sides of the device. This caused lower quality of remote device screen on operator side. Scaling of device screen is now disabled by default.

Disable selector for MediaProjection streaming

In previous versions users were able to select to stream ISL Light application instead of whole screen. The functionality was redesigned, the selector is now disabled, so streaming is always performed on whole screen.

Prefer Universal addon over Samsung Knox

Users experienced an issue where the Universal Addon dialog was not shown before the Samsung Knox dialog on Samsung devices. The functionality was redesigned, Universal Addon is now preferred over Knox on Samsung devices where it is available.

Connection to macOS does not send uppercase letters

Users experienced an issue where uppercase letters were not sent during a connection from an Android device to a macOS device. The functionality was redesigned, and the issue is no longer reproducible.

Read full release info

ISL Light Client 4.4.2447.49 ISL Light Client 4.4.2447.49 link

Note: All updates have the release date set to 2025-05-27. Your ESS should be the same or higher to be able to update your server. This release is available to all countries except for Japan.

πŸš€ New Features

Change screen resolution

The “Change Resolution” feature has been extended to support ISL Light Client for Windows, in addition to the existing support on ISL AlwaysOn and ISL Light Client for macOS and Linux.

This functionality allows you to adjust the screen resolution on the remote computer during a session. You can either match the resolution with your local monitor or manually select a different resolution that better suits your setup. If the remote computer has multiple monitors with varying resolutions, you can configure the resolution for each monitor individually.

In cases where the selected resolution isn’t supported by the remote system, ISL Light will automatically switch to the next closest supported resolution to ensure a smooth experience.

Importantly, once the session ends, all resolution settings and desktop icon positions on the remote computer will revert to their original state, preserving the user’s environment.

ISL Light > Session > Change Screen Resolution Dialog

Download button for unattended access

A download button has been added to the unattended access setup dialog during a session. It provides a more intuitive way to retrieve the ISL AlwaysOn application, which was previously only accessible through a hyperlink.

ISL Light Client > Set Unattended Access Dialog

Smarter reconnect delay on network failures

A delay mechanism has been introduced between failed reconnect attempts when the connection is not fully established. The delay increases progressively from 1 to 30 seconds. A missing stop call on connection failure was also added for improved stability.

New watchdog in ISL Light Client v3

The legacy watchdog has been replaced with the hefa watchdog implementation. A crash test option is now available in the settings for testing the new watchdog functionality.

Improved SSL compatibility with SNI

AutoTransport methods (wsstun-direct, https-proxy, etc.) now include SNI (Server Name Indication) in the SSL handshake. This improves compatibility with third-party services such as Cloudflare.

ECDH algorithm logging

Log lines now include the ecdh_ctx key, indicating which algorithm was used to establish the shared secret.

Updated mbedTLS to 2.28.10

The internal mbedTLS library has been upgraded to version 2.28.10 for improved security and compatibility.

Updated libdatachannel to 0.22.6 and libjuice to 1.5.9

We upgraded libdatachannel to version 0.22.6 and libjuice to version 1.5.9.

🐞 Bug Fixes

Add support for unicode clipboard

In some cases, copying and pasting Unicode characters between operator and client did not work correctly. The clipboard functionality was redesigned, and the issue is no longer reproducible.

Reduced stack usage in administrative mode

An issue causing occasional crashes during elevation to administrative mode has been resolved by optimizing stack consumption.

Fixed ALTGr key translation

Key combinations involving ALTGr (e.g. ALTGr + C, ALTGr + H, ALTGr + I) now translate properly when operator and client use different keyboard layouts.

Detection of Windows Sandbox environment

Users experienced an issue where they were unable to enable Administrative Mode and Restart & Resume in session where they were connected to a machine with Windows Sandbox environment. The functionality was redesigned and the issue is no longer reproducible.

Fixed crash caused by calculate_string_size

Users sometimes experienced a crash of ISL Light Client application caused by calculate_string_size. The functionality was redesigned and the issue is no longer reproducible.

TLS enabled for all MUX channels

All MUX channels now use TLS encryption. In previous versions, some connections were not protected.

Histogram filtering improved

Only histogram entries that begin with an ASCII character are now sent to the server, ensuring cleaner and more relevant data collection.

Other fixes and improvements

Bug fixes, security updates, missing translations, and other general improvements.

Read full release info

May 2025link

ISL Light Integration 1.0 for ServiceNow ISL Light Integration 1.0 for ServiceNow link

Note: Cloud license is NOT supported. Requires an ISL Online Server License or Enterprise Managed Private Cloud license.

​​​​​​​The official ISL Online Remote Support Integration for ServiceNow is now available.

The ISL Light integration allows ServiceNow users to securely launch and manage remote desktop sessions directly from within ServiceNow tickets.

Sessions can be started from any task-based ticket type, such as incidents, problems, change requests, and service requests. Ticket details like the ID and client email are automatically passed into the ISL Light session for a seamless setup.

Agents can invite clients using ServiceNow’s communication tools, view session status (waiting, active, paused, ended), and end sessions from the ticket interface. Once a session ends, session information and chat transcripts are logged as work notes in the ticket.

Open ServiceNow Store

ServiceNow portal & ISL Light Session

πŸš€ New Features

Launch ISL Light sessions directly from ServiceNow tickets

Initiate remote support sessions with a single click from incident or service request records.

Automatically populate session details

Ticket ID and client email are automatically included in the ISL Light session.

Invite clients through ServiceNow’s communication tools

Send session invites via the platform’s integrated email or messaging systems.

Live session status display

Track session statusβ€”waiting, active, paused, or endedβ€”within the ticket interface.

End sessions remotely via API

Use the β€œdrop” command to terminate sessions directly from the ServiceNow ticket.

Automatic work notes with session summary

Once a session ends, a detailed summary and chat transcript are posted as work notes in the original ticket.

Secure OAuth2-based authentication

Authorize the application securely using industry-standard OAuth2 protocol.

Supports ISL Conference Proxy (self-hosted deployments)

Fully compatible with both MPC and SL (self-hosted) environments.

Optimized for both Classic and Service Operations Workspace

Works across ServiceNow’s Classic UI and the modern Service Operations Workspace.

Read full release info

ISL Light 4.4.2447.77 ISL Light 4.4.2447.77 link

Note: All updates have the release date set to 2025-05-07. Your ESS should be the same or higher to be able to update your server. This release is available to all countries except for Japan.

πŸš€ New Features

Default dashboard tab now set to β€œLast active tab” by default

In the previous version of ISL Light, we introduced a new setting under the Default Dashboard configuration, which determines which tab is shown after logging in. The setting, called Last Active Tab, ensures that if users exit the application while on the Computers tab, the same tab will be shown upon relaunching and logging in. The same behavior applies if the Session tab was active before closing the application. This option is now the default value for the Default Dashboard setting.

Add SNI support for AutoTransport in permissive SSL mode

The AutoTransport methods wsstun-direct, wsstun-proxy, https-direct, and https-proxy were updated to include Server Name Indication (SNI) during the SSL handshake.
This change improves compatibility with third-party load balancers such as Cloudflare, which rely on the hostname being sent as part of the handshake.

Update to mbedTLS 2.28.10

The internal mbedTLS library has been updated to version 2.28.10.

Upgrade to libdatachannel 0.22.6 and libjuice 1.5.9

We upgraded libdatachannel to version 0.22.6 and libjuice to version 1.5.9.

🐞 Bug Fixes

Multiple monitor button behavior

An issue was identified when using the multiple monitors feature (opening each remote monitor in a separate view). Although separate views were created, the monitor selection was incorrectβ€”view one would select monitor 1, but view two would show the entire desktop. This functionality has been redesigned to correctly assign each view to the respective remote monitor.

Monitor shortcuts not working with multiple monitor views

In case users used multiple monitors functionality ( each remote monitor in it’s own view ), the monitors shortcuts did not work. Support for monitor shortcuts was added, so users are now able to switch between monitors also when they are using multiple monitors functionality.

Always enable TLS for AT MUX channels

Previously, some MUX channels were not protected by a TLS session. TLS is now always enabled for all MUX channels.

Change dots to underscores for filename on Linux

In previous versions, Linux filenames used dots as delimiters in the version string. This caused an issue when the build number was below 10, as Linux systems sometimes interpreted the file as a manual page and opened it in a text editor. Filenames now use underscores instead of dots, ensuring the application always starts correctly.

Incorrect copyright

When checking the file properties of the downloaded ISL Light application, users would see incorrect copyright information. This issue has been resolved. The application’s details now correctly display XLAB d.o.o. as the copyright.

One-time password prompt appearing incorrectly

If ISL AlwaysOn was configured to support both one-time password and native-only authentication (e.g., Windows, macOS, or Linux account passwords), ISL Light would incorrectly show a one-time password promptβ€”even when native-only authentication was active. The connection prompt has been redesigned to hide the one-time password input in such cases.

Removed “Verify your email” screen during signup

Previously, after clicking the Sign up button in the ISL Light application, a browser would open, and ISL Light would display a β€œVerify your email” screen. This intermediate screen has been removed. Now, clicking Sign up simply opens the signup page in the browser, while ISL Light remains on the login screen.

Fix icon copy in secure part on macOS

On macOS, resources could be injected in a way that caused copying to the destination folder to fail. This occurred because the operation was appended in the unsigned part of the package. It is now allowed in the signed part, enabling proper execution in the unsigned portion.

Other fixes and improvements

Bug fixes, security updates, missing translations, and other general improvements.

Read full release info

April 2025link

ISL Conference Proxy 4.4.2424.180 ISL Conference Proxy 4.4.2424.180 link

Note: All updates have the release date set to 2025-04-15. Your ESS should be the same or higher to be able to update your server. This release is available to all countries except for Japan.

These are the server side updates, meaning hosted service users do not need to do anything. Server license users please check Upgrading Server License.

πŸš€ New Features

Computers Administration

A new Computers tab has been added to the Administration section, enabling the account owner and domain admin(s) to centrally manage all remote computers registered under their domain, including those added by other users. The page provides a complete overview and essential tools to view, organize, and control access to these computers.

Screenshot of the Administration section of a web portal displaying a table with remote computers, highlighting 'Bobs Computer' with its status, owner, and associated tags.

Web Portal > Administration > Computers

  • Overview of all computers
    View all remote computers linked to your account, including those registered by users within your domain. The table includes columns such as: Alias, Computer Name, Status, Last Online, Computer Group, Owner, Shares, Tags, Platform, Agent Version, IP Address, MAC Address
  • Change computer group
    Move computers between groups to keep them organized.
  • Change computer owner
    Reassign ownership of a computer to another user.
    Note: If a computer is added to a computer group, ownership is automatically transferred to the group owner. The group owner can be changed by users with appropriate permissions (e.g., Group Admin, Computer(s) Manager, or Computer Owner).
  • Share computer
    Share access to a specific computer with users or user groups in your domain.
    Note: We recommend sharing via “Computer Groups“, as this allows you to set the permission level when sharing the group with other users. Additionally, when you add a new computer to an existing computer group it will automatically be shared with users and user groups with whom the computer group is already shared.
  • Add tags
    Use tags to categorize and filter computers based on your own criteria.
  • Export to CSV
    Export the computer list and metadata to a .csv file.
  • Quick view
    A quick view panel has been added to the computer list. It opens when you click any row in the table.
  • Computer details page
    A detailed view is available and can be accessed via quick view or by clicking the computer name in the table.

βš™οΈ New Setting: Edit computers (domain admin only)

Screenshot of the Administration Settings page, displaying the Domain Administration section with options for enabling and managing domain admin privileges.

Web Portal > Administration > Settings > General > Edit Computers (domain admin only)

  • When enabled (default):
    Domain admins can manage the Computers tab β€” rename computers, assign groups or owners, share access, and set tags.
  • When disabled:
    The user (domain admin) can only view the list of remote computers.
    Note: The user must be an account owner or domain admin to access the Administration section (see the Domain Admin setting).

Computer group administration

Support for managing computer groups has been added to the Administration section. You can now create and delete groups through the Computer Groups tab using Quick View. Once a group is created, computers can be added to it.

Web portal interface showing the administration section for computer groups, indicating the successful creation of the 'ADMINS' group. It displays a list of groups with columns for group names and the number of computers associated with each group.

Web Portal > Administration > Computer Groups

The Quick View now includes a list of computers in the group, allowing you to easily add or remove them with confirmation prompts.

Additionally, a new Computers subtab has been introduced in the Computer Group Details page, providing a full overview of all computers assigned to the selected group.

Screenshot of the ISL Online Administration portal showcasing the 'Computer Groups' section. The 'TECH' computer group is displayed with a list of associated computers, their statuses, shares, tags, and agent versions.

Web Portal > Administration > Computer Groups > Computers

βš™οΈ New Setting: Create, edit and delete computer groups (domain admin only)

Administration web page displaying the settings for creating, editing, and deleting computer groups, highlighted in red, with options enabled and disabled for domain admin access.

Web Portal > Administration > Settings > General > Create, edit and delete computer groups (domain admin only)

  • When enabled (default), domain admins can view, create, manage members, and delete computer groups.
  • When disabled, groups are read-only.
    Note: The user must be an account owner or domain admin to access the Administration section (see the Domain Admin setting).

New WebAPI methods:

  • domain/admin/computergroup/create/1:
    Creates a new computer group with the given name, owner, and members (connect-only). Returns the public code of the new computer group.
  • domain/admin/computergroup/delete/1:
    Deletes the specified computer group. The group is not deleted if it is external or still contains computers and/or members.

ISL Light for Web (beta)

The ISL Light for Web (beta) version allows users to view a remote desktop directly from their browser, eliminating the need to download or install the desktop application. While this version offers added convenience, certain features are unavailable due to browser limitations.

Web portal interface displaying ISL Light remote desktop features, including options for remote support, remote access, and remote work.

Web Portal > Sessions/Computers > Session in browser

βœ… Advantages of the web version:

  • No installation required
    Ideal for one-time sessions or situations where installation is not feasible or permitted. Access ISL Light directly from your browser without downloading or installing the application.

🚫 Features NOT supported in the web version:

  • Screen sharing
    Operators can view the remote desktop but cannot share their own screen.
  • Clipboard sharing/syncing
    Copying and pasting between the local and remote machines is not supported.
  • File transfer
    Transferring files between the local and remote machines is not supported.
  • Session recording
    Recording a session is not available in the web client.
  • Multiple monitor management (explode monitors)
    Opening each remote monitor in a separate window is not supported.
  • Simulated typing for paste operations
    The Paste (Simulate Typing) feature is not supported.

Browser compatibility:

  • Google Chrome: Version 95 or newer
  • Mozilla Firefox: Version 90 or newer
  • Microsoft Edge: Version 91 or newer
  • Safari: Version 14 or newer

Accessing the web version:

You can start a web session from the Sessions page, Computers page.

Sessions page:

A new option to start/open/resume a session using ISL Light in browser was added to the Sessions pages.

Screenshot of the ISL Light web portal showing the Sessions page, featuring options to start a new session and a new session in the browser (beta) with details about the existing session.

Web Portal > Sessions > New Session Browser (beta)

  • “Start New Session” was renamed to “New Session” and is now a split button:
    • New Session (default) – standard app download flow
    • New Session in Browser (beta) – opens in a browser tab via ISL Light
  • Active sessions:
    • Open in App (default)
    • Open in Browser (beta)
  • Paused sessions:
    • Resume in App (default)
    • Resume in Browser (beta)

βš™οΈ New Setting: Browser session support

Screenshot of a web portal settings page showing various options under the 'Other' category, including checkboxes and dropdown for session methods and browser session support.

/conf > Configuration > ISL Light > Browser session support

  • Enabled by default
  • If disabled, only New Session (default flow) is available

Computers page:

A new option to connect to a remote computer using ISL Light in browser was added to the Computers pages.

Screenshot of the ISLonline Computers administration interface, displaying a list of remote computers with options to connect, set unattended access, create groups, and perform bulk actions.

Web Portal > Computers > Connect in Browser (beta)

  • The Connect button now offers:
    • Connect in App (default)
    • Connect in Browser (beta)

βš™οΈ New Setting: Browser connect support

Screenshot of the ISL AlwaysOn configuration page showing settings for browser connect support and other related options in a web browser interface.

/conf > Configuration > ISL AlwaysOn > Browser connect support

  • If disabled, only the default flow is available
  • Enabled by default

Join a session in browser:

⚠️ Limitations:
The browser version currently does not support screen sharing from the client side. This means that if the client is expected to share their screen with the operator, the browser version will not be suitable.

However, it can still be useful for viewing the operator’s shared screen (e.g., presentations, guided instructions).

βš™οΈ New Setting: Join session method

Screenshot of the ISL Conference Proxy administration settings page showing various configuration options, including session methods and chat transcript settings.

/conf > Configuration > ISL Light > Join session method

Options:

  • Ask every time
  • Join in app (default)
  • Join in browser

Behavior:

  • If Ask every time is selected: The join page shows two buttons:
    • Join in App (downloads app)
    • Join in Browser (redirects to ISL Light in browser)
  • If Join in app is selected: Uses the standard app-based flow.
  • If Join in browser is selected: The page shows only Join in Browser.

Executable signing to prevent false virus detections

Build of Go modules was fixed to sign all .exe files. Executables now contain digital signature which should reduce the probability of being incorrectly detected as virus by antivirus programs.

Add option to upgrade PostgreSQL version on demand

Manual PostgreSQL upgrade support was added (required for major version changes, e.g., 9.3 β†’ 16). Minor version upgrades remain automatic. Manual upgrade is required when upgrading to a major version (e.g., 9.3 β†’ 16). Minor version updates are still performed automatically.

When a new version is available, /conf displays: A new PostgreSQL version (16) is available for installation.

This includes estimated time and disk usage (based on DB row count).
The upgrade process mimics PostgreSQL installation:

  • Step 1: Click Upgrade to PostgreSQL version 16...
  • Step 2: Click Execute

Bundled PostgreSQL version upgraded from 9.3.25 to 16.8.

Use CPSESSID Cookie in WebAPI2 Handler

Web session cookie support was added to WebAPI2. Clients can now call /users/webapi2 and use the session cookie.

New request format (JSON2):

jsonCopyEdit{
  "hs": "<session web token>",  // optional
  "pt": "<post token for current web session>",
  "hedata": { ... },  // request body (old JSON1 format)
  "ignore_cookie": true  // optional
}
  • Use of plain hs token in requests was removed.
  • All WebAPI2 requests now rely on the new JSON2 format and cookie-based session control (v2400 pages).

Password history settings

Password history controls are now exposed under:
Administration > Security > Password

These settings help enforce password reuse policies and aging rules.

βš™οΈ New Settings:

  • Password history size: Number of recent passwords stored (default: 24)
  • Maximum password history size: Upper limit for history entries (default: 100)
  • Minimum password age (1w 2d 3h 4m 5s): Minimum time between password changes
  • Maximum password age: Formerly Password expiration interval; users must change passwords after this time

Notes:

  • Password history only updates when a user changes their own password.
  • Administrative password resets do not affect history.
  • Older entries are removed when the limit is exceeded.

Remove timeout from moduleapp startup

The 120s timeout exception when starting or restarting a Go moduleapp process was removed. It is now replaced with a critical log line: module app process has not started yet, logged every 10 seconds.

Support for reCAPTCHA Enterprise and automated browser detection/blocking

Support for reCAPTCHA provided by Google Cloud Services was added. Previously, only standalone reCAPTCHA v2 and v3 were supported.

βš™οΈ New Settings:

  • Project ID: Google Cloud project ID with reCAPTCHA enabled.
  • API key: Google Cloud API key associated with the project.
  • reCAPTCHA required: Controls if reCAPTCHA is required on protected WebAPIs.
  • reCAPTCHA site key: The key associated with the website or application.
  • Fail 2 ban reason codes: A list of interpreted reason codes to be flagged for fail2ban (must be prefixed with rc_).

When Google Cloud reCAPTCHA is enabled, v2 and v3 are ignored even if set up. Settings were reorganized and grouped accordingly.

Documentation for supported reason codes: Understand reason codes – Google Cloud reCAPTCHA

To enable better monitoring and abuse detection, a specific user action can now be passed via the new URL parameter: captcha_action.

Add support to send email notification when creating user account

A new email notification is sent when a user account is created. Controlled via two new settings in /conf > Configuration > General > Mail > Templates:

  • Account created notification
  • Mail template for account created notification

Triggers for sending the notification:

  • Server administration
  • Domain administration
  • Integrator
  • SAML login
  • External authenticator

Update confirmation and verification code emails

The appearance of confirmation and verification code emails was updated. These emails are sent when logging in with email set as the preferred 2FA method.

SSO username mapping

SSO username mapping allows mapping a username from an identity provider to a domain-specific username (case-insensitive).

Example: If your domain user is \example\joesmith and SSO username is joe.smith@example.com, you can map the two.
When logging in via SSO, the system will authenticate the user as \example\joesmith.

βš™οΈ New Setting: SSO username mapping

Administration > Security > Authentication > Single Sign-On (SSO)

Add Option to Send Chat Content in HTTP Events

βš™οΈ New Setting: Send live chat transcripts in HTTP events

Screenshot of a web portal settings page, specifically the 'Other' section, showing options for sending live chat transcripts and session settings.

/conf > Configuration > ISL Light > Send live chat transcripts in HTTP events

  • Requires Send live chat transcripts to be set to Yes
  • Disabled by default

New HTTP event type: CHAT_CONTENT

Transcript content is included in the text field.

Chat transfer system messages

System messages for chat transfer and takeover were added. Examples include:

  • "Y has taken over the chat"
  • "X wants to transfer the chat to Y"

Upgrade OpenSSL to 3.0.16

OpenSSL was upgraded to version 3.0.16.

Upgrade to libxml2 2.12.10 and libxslt 1.1.42

  • libxml2 upgraded to 2.12.10
  • libxslt upgraded to 1.1.42

Upgrade jemalloc to 5.3.0

jemalloc upgraded from 4.0.4 to 5.3.0 (Linux only)

Upgrade jQuery-UI to 1.14.1 (v2400 Pages)

jQuery-UI was upgraded to 1.14.1 for v2400 pages.

Remove v1 template and web pages v1, v2, v3, v4

Support for the v1 web template and legacy web pages (v1–v4) has been removed. The /join endpoint now redirects to join.html. Deprecated handlers and XPP expressions used exclusively in the removed pages were also removed.

🐞 Bug Fixes

Pass ciphers global map by reference on SSL accept

Previously, the ciphers global map was passed by copy, affecting performance. This was redesigned to pass the map by reference.

The defect was fixed.

Wait for user account to be replicated in loginsso handler

SSO logins could fail if the user was created on one server but not yet replicated to the Web page server. This was redesigned to wait until the user is replicated before proceeding.

The defect was fixed.

Support WebSocket upgrade of existing HTTP connection

WebSocket support was improved to allow upgrades to WebSocket even after preceding HTTP requests on the same TCP connection, and not just at the start of a TCP connection. This should also fix connection issues when ISL Conference Proxy is placed behind a load balancer.

Bulk share did not allow sharing of non-owned computers

In previous versions, bulk sharing of computers in a group failed with the message: "Some computers have been omitted – shared computers cannot be edited."

Redesigned behavior:

  • Bulk Share modal now lists all computers, not just owned ones.
  • Sharing/unsharing works even for entries with user groups in shares.
  • Results are split between success and failure messages.
  • A scroller is added when many computers are listed.

The defect was fixed.

Support certificate authorities without a Terms of Service link

Previously, SSL module raised an error: "Could not retrieve terms of service." This occurred when a certificate authority (CA) did not provide a terms link, which is optional under ACME.

Fixes:

  • The checkbox to accept terms is hidden if no link is provided.
  • A new message was added: "Please install the SSL certificate to enable secure connections."

The defect was fixed.

tlsext_ticket_refresh_task should not use a static watchdog

This task was incorrectly protected by a watchdog, which triggered false alerts when the TLS ticket refresh interval setting changed. Now the task is rescheduled dynamically and no longer monitored by the static watchdog.

The defect was fixed.

Maximum password age lower than minimum caused lockout

Previously, it was possible to set the maximum password age to a lower value than the minimum password age, which could cause user lockouts. The validation logic was updated to prevent this misconfiguration.

The defect was fixed.

Other fixes and improvements

Bug fixes, security updates, missing translations, and other general improvements.

Read full release info