diff --git a/calico-enterprise_versioned_docs/version-3.20-2/release-notes/index.mdx b/calico-enterprise_versioned_docs/version-3.20-2/release-notes/index.mdx
index 3c4e32ef1..69493a5d3 100644
--- a/calico-enterprise_versioned_docs/version-3.20-2/release-notes/index.mdx
+++ b/calico-enterprise_versioned_docs/version-3.20-2/release-notes/index.mdx
@@ -18,6 +18,45 @@ Learn about the new features, bug fixes, and other updates in this release of {{
 
 ## New features and enhancements
 
+<!-- 3.20-2-->
+
+### Network security for hosts and VMs (tech-preview)
+
+Calico can now be used on hosts and VMs running outside of Kubernetes.
+This tech-preview provides RPM packages for RHEL 8 and 9 that allows users to install Calico for network policy and flow logs.
+
+[Link to documentation](../getting-started/bare-metal/about.mdx)
+
+### Search by policy name or namespace
+
+{{prodname}} now includes search-to-filter capabilities on the policy board and listing pages, which helps you find a specific policy or a subset of policies more quickly.
+
+### Envoy deployment as a sidecar
+
+{{prodname}} now provides the ability to deploy Envoy as a sidecar so application layer policy and logging are compatible with other features such as egress gateways, Wireguard for data-in-transit encryption, and Calico’s eBPF dataplane.
+
+For more information, see [Application layer policy](../network-policy/application-layer-policies/alp.mdx) and [L7 logs](../visibility/elastic/l7/configure.mdx).
+
+### Configurable rules for deep packet inspection
+
+{{prodname}} now provides the ability for administrators to configure and customize the Snort rules that are used in deep packet inspection.
+This gives customers greater control over the types of rules that are evaluated.
+It also ensures that they can effectively tune and selectively enable rules to phase their deep packet inspection and network-based threat detection.
+
+For more information, see [Deep packet inspection](../threat/deeppacketinspection.mdx).
+
+### BGPPeer now supports configurable BFD timers
+
+{{prodname}} has enhanced the BGPPeer custom resource so admins can configure BFD timers to improve and tune session management for their environment.
+
+### Calico early networking (for dual ToR) preserves post-boot default routes
+
+{{prodname}} includes improvements so that early network configuration will be superseded by any BGPPeer or BGPConfiguration resources after successful startup
+
+For more information see [Deploy a dual ToR cluster](../networking/configuring/dual-tor.mdx).
+
+<!-- 3.20-1-->
+
 ### Support for OpenShift hosted control planes
 
 You can now install Calico Enterprise on OpenShift clusters that use hosted control planes.
@@ -87,7 +126,7 @@ For more information, see [Packet capture](../visibility/packetcapture.mdx), [En
 
 :::
 
-* ***Breaking change***: Upgrading from Calico Enterprise 3.18 or earlier {{prodname}} will alter the UID of all `projectcalico.org/v3` resources.
+* ***Breaking change:*** Upgrading from Calico Enterprise 3.18 or earlier {{prodname}} will alter the UID of all `projectcalico.org/v3` resources.
   If you're using the Calico API server, you must restart any controllers, including `kube-controller-manager`, that manage these resources after the upgrade.
   This change addresses an issue where duplicate UIDs on different API resources could disrupt Kubernetes garbage collection.
 
@@ -107,7 +146,7 @@ To update an existing installation of Calico Enterprise 3.18, see [Install a pat
 
 ### Calico Enterprise 3.20.0-2.0 (early preview)
 
-November 4, 2024
+November 5, 2024
 
 Calico Enterprise 3.20.0-2.0 is now available as an early preview release.
 This release is for previewing and testing purposes only.