Umbrella Chromebook client application version 1.2.12 has been released on 11 June, 2019. This version is compatible with the Umbrella Chromebook client extension version 1.2.9.
This release of the extension enhances Google G Suite integration.
Prior to this update, the Umbrella Chromebook client maintained two identities for a Chromebook:
- Device ID (the Chromebook user's email). This identity is created when the Chromebook device is registered.
- Email hash (the G Suite user's identity). This Identity is used by G Suite Policy.
A policy can be based on either identity 1 or 2, above. The Umbrella Chromebook client sends both identities in an EDNS packet. When both a Chromebook policy and a G Suite policy have been created in Cisco Umbrella, the policy listed first is applied.
The trusted network detection feature of the Umbrella Chromebook client provides integration with the Umbrella virtual appliance (VA). The identity of a Chromebook is posted to the VA, when present, and the VA forwards an EDNS packet to Umbrella, identifying the Chromebook. However, the VA sends either the email hash or the user email, not both.
This creates a potential issue when the policy applied in Umbrella does not recognize the identity received from the VA. The result can be that no Chromebook policy is applied when the VA is in use.
With the 1.2.12 release, the googleDirectoryService flag determines whether the Chromebook client app sends the email hash (the G Suite identity) or the Chromebook user's email (the device ID).
When the flag is enabled, the G Suite identity is sent to the VA in a trusted network and to Umbrella when roaming, and the G Suite policy is applied regardless of its priority order in Umbrella.
ID of the Cisco Umbrella Chromebook client app v1.2.12: cpnjigmgeapagmdimmoenaghmhilodfg
ID of the Cisco Umbrella Chromebook client extension v1.2.9: jcdhmojfecjfmbdpchihbeilohgnbdci
For details about implementing the Cisco Umbrella Chromebook client app and extension, refer to the Chromebook client deployment guide.