.NET Agent: Security Enhancements and Legacy Framework Deprecation

To allow our customers the maximum amount of time and flexibility to transition their legacy .NET code and runtimes, New Relic has supported older .NET Frameworks long past Microsoft’s end of support dates. As part of our security evolution, we have decided to phase out mainstream support for Microsoft .NET Framework 4.0 and older because of its limited ability to support TLS 1.2. By deprecating legacy .NET Framework support, we can deliver agents with better security, reduced overhead, and better performance.

This is not an End-of-Life (EOL) announcement. Legacy Microsoft .NET applications and services built with these older .NET Framework versions can still be instrumented with New Relic .NET Agents up to v6.x and these agents will continue to be able to send telemetry into the New Relic Platform. However, these legacy agents will only have “Limited Support” and will not receive new feature development or enhancements moving forward outside of essential security patches and serious bug fixes.

Even though standard telemetry (Application metrics, traces, and errors) sent from APM agents is considered non-sensitive information, New Relic is committed to protecting customer and user data with the highest security standards. At New Relic we constantly review our security practices, processes, and undergo regular third party audits to ensure our platform, products, and your data is always safe.

We look forward to working with you to get the most visibility out of your .NET applications and will continue investing in the latest Microsoft technologies such as .NET Core and Azure Services.

Details

  • The deprecated agent will continue to function and report into New Relic as usual.
  • The deprecated agent will receive security patches and serious bug fixes if necessary.
  • The deprecated agent will not receive new features and enhancements moving forward.
  • Customers using .NET Framework v4.5+ will be able to use the latest agent version and enjoy the new features and functionality as they become available.

FAQ

Q: I have .NET Framework version 4.5 installed and am running a mix of apps compiled for CLR2 and CLR4. What agent should I use?
A: You should use the latest agent version, but you may see mixed results.
Apps compiled for CLR4 will report.
Apps compiled for CLR2 but running on .NET Framework 4.5 may run into issues.

Q: Will I still be able to instrument my application built for Microsoft .NET 3.5 and running on CLR2?
A: You will still be able to use your existing or New Relic .NET Agent up to the latest 6.x version to instrument applications and services built for .NET 3.5 and 4.0.

Q: If I leave my application running on Microsoft .NET Framework 4.0 or earlier, I understand I will not get access to new features, but what if the application stops reporting or crashes as a result of a bug in the old agent?
A: If you are running an app in an older Microsoft .NET Framework with the deprecated New Relic agent and the agent stops reporting, New Relic will still work with you to troubleshoot the issue. However, deprecated agents will only have limited technical support. If a feasible fix or solution can be found, New Relic may issue a patch as long as the environment meets the compatibility and requirements for the deprecated agent.

Q: If I leave my application running on Microsoft .NET Framework 4.0 or earlier, I understand I will not get access to new features, but what if there is a security flaw that can be remedied with a patch?
A: New Relic will make every effort to ensure that deprecated agents receive security patches and updates for vulnerabilities as necessary.

Resources