Changelog

New features, fixes, and changes to ScoutDNS. Newest first.

#

Windows Client (v2) beta adds adapter-aware local forwarding

Added

In environments where the device runs alongside a VPN or ZTNA tool, the right resolver for an internal namespace is often whichever resolver the tunnel itself provides, not a single static address. This update lets the v2 Windows Client honor that.

What’s new

  • Adapter-aware resolver selection in Local Forwarders. For configured internal namespaces, the client can select DNS resolvers associated with the adapter that owns that namespace, including tunnel-provided DNS from VPN or ZTNA clients such as SonicWall CSE, Enclave, and similar tools.
  • Configured split-DNS namespaces can resolve through the intended local, domain-controller, or tunnel-provided resolver path while other DNS traffic continues through ScoutDNS encrypted DNS for policy and visibility when the client is healthy.

Beta status

This update is part of the ongoing Windows Client (v2) public beta. The v1 Scout360 agent remains the recommended default until V2 reaches general availability.

For configuration details, see the Windows Client (v2) deployment guide.

#

Windows Client (v2) public beta available

Added

The next-generation ScoutDNS Windows Client is now available as a public beta, open to all customers and MSPs who want to try it.

What it changes

  • System-level enforcement, not adapter-level. A Microsoft-attested Windows Filtering Platform (WFP) kernel driver intercepts outbound DNS at the network stack. Adapter DNS settings, NRPT entries, GPO-pushed DNS policy, and ZTNA-supplied namespace routing all stay as the customer’s network configured them.
  • Better fit with VPN and ZTNA. Because the client does not compete for adapter ownership, it sits cleanly alongside VPN and ZTNA tools such as SonicWall CSE, Enclave, and similar.
  • Encrypted-DNS bypass paths. Blocks known public DoH provider IPs and standard DoT/DoQ ports so browsers and apps have fewer ways to route DNS around policy.
  • Rust-based system service for predictable long-running behavior on every endpoint.

What stays the same

Control Plane management, profile-based local forwarding, Remote Disable / Forget / Uninstall, automatic updates with rollback, and reporting all work the way customers expect from the v1 agent.

Beta status

The v1 Scout360 agent remains the recommended default until V2 reaches general availability. The two clients can coexist in a tenant during rollout, but a single device should run only one. We are actively taking feedback during the beta.

See the Windows Client (v2) deployment guide for prerequisites, install, and verification.

#

New product documentation site at scoutdns.com/docs

Added

We launched a complete product documentation site at scoutdns.com/docs, replacing the legacy help knowledge base.

What’s in it

  • Getting Started, quickstart for WAN forwarding, dynamic IP setup, setup guide for MSPs.
  • Admin Console, walkthroughs of users and roles, MFA, notifications, and how objects (sites, networks, policies) relate.
  • Deployment & Agents, roaming client setup, relay setup, VPN considerations, browser HTTPS errors, agent diagnostics.
  • Policies & Filtering, working with policies, allow/block lists, Safe Search, YouTube Restricted Mode, custom block pages, category reference.
  • Integrations & SSO, Entra ID, generic SSO, SIEM data export.
  • API & Reference, API access and authentication.

What’s new about it

  • Fast in-page search powered by Pagefind.
  • Three-column article layout with section nav and scroll-spy table of contents.
  • GitHub-style callouts, numbered procedures, copy-to-clipboard on every code block, image lightbox.
  • Mobile-friendly with a collapsible section nav.
  • Direct deep-link support from inside the Admin Console.

The legacy help.scoutdns.com knowledge base will be retired in a future release; all article URLs will 301-redirect to their new home.

#

Introducing the ScoutDNS changelog

Added

This is the new home for everything we ship to ScoutDNS, our product, our admin console, our agents, our docs, and our integrations.

What you’ll find here

  • New features when we add them ([Added]).
  • Behavior changes when we adjust how something works ([Changed]).
  • Bug fixes when we resolve issues ([Fixed]).
  • Deprecations and removals with as much advance notice as we can give ([Deprecated], [Removed]).
  • Security advisories for anything customers should act on ([Security]).

Entries are listed newest-first. Each one has a permalink so the Admin Console (and you) can deep-link straight to a specific update.

Subscribe

There’s an RSS feed at /changelog/rss.xml for anyone who’d rather read changes in their feed reader.

Why now

We’ve outgrown the “tucked in a blog post” approach to release notes. A dedicated changelog gives admins a single, scannable place to see what’s changed since they last logged in, and it gives our team a clean contract to commit to: if it ships, it gets an entry here.