Hello everyone,
This document contains detailed notes about Endpoint Manager release, scheduled to go live Saturday 04/13/2019.
The release is expected to take 3 hours to deploy, during that time platform will be under maintenance mode. Post-deployment tests are expected to continue until 4pm EST during which you may observe minor glitches. If you observe any issues, please feel free to share with us below.
Endpoint Manager
Endpoint Manager - Core
New Features
-
License Management for Advanced Endpoint Protection
You can now manage Advanced Endpoint Protection (AEP) licenses in the Endpoint Manager. Apart from general license management, you can also:
- Distribute seats from a single license to different customers, and assign seats from multiple licenses to the same customer.
- Create license usage reports to track the activities of a specific license.
- Get notifications when your licenses are about to expire. Here is the wiki of this feature.
-
Maintenance Windows
You can now define maintenance windows in order to create a planned update calendar. With this feature, you can:
- Create maintenance windows for specific time frames.
- Schedule procedures to a specific window.
- Randomize task running order to prevent performance issues.
- Stop monitors in the defined maintenance window time frame
This is the first phase of this feature. Future releases will see the ability to block specific tasks, pause maintenance windows on holidays and procedures to handle offline devices. <a href="https://wiki.itarian.com/frontend/web/topic/how-to-create-maintenance-windows">Here </a>is the wiki of this feature.
-
Management of Communication and Security Client Versions
You can now set a specific version of the communication and security clients as your default. The default version will be used for enrollment, bulk installation, client updates and dashboard sections. You can also specify which version of the client can be installed or updated by your staff. This helps admins to ensure that older versions of the clients are not introduced to the network, and that incompatible clients are not inadvertently installed.
Here is the wiki of this feature.
-
Support for operating systems
We continue to develop Endpoint Manager as the platform which lets you manage EVERY device on your network or your customer’s network. In addition to the existing list, you can now enroll devices which run the following operating systems:
- Windows Server 2003 SP2
- Windows Server 2008 SP2
- Windows Server 2012
- Fixed the issue of uninstallation of softwares from global software inventory.
- Fixed the issue of event count alignment with portal dashboard and list in security sub systems.
- Fixed the issue with CCSM version in device list exported report.
- Fixed the issue of e-mail and help link shared in question mark at top right of the screen.
- Fixed the issue of addition of file group with sign “?”.
- Fixed the issue with warning while adding iOS application to iOS app store.
- Fixed the issue of high CPU usage for Android mobile device management clients.
New Features
- Countdown timer for ‘Training Mode’ lets you specify that HIPS and Firewall only run in training mode for a specific period. Staying in training mode for extended periods can create an excessive amount of rules, resulting in performance issues on endpoints. Here is the wiki of this feature.
- Added Valkyrie sections to MacOS and Linux profiles. Unknown executables detected on MacOS endpoints can now be uploaded to Valkyrie for testing. Once enabled, unknown files like dmg, Mach-o and .elf are automatically sent to Valkyrie to establish whether they are trusted or malicious. Here is the wiki of this feature.
- Security Dashboards - Device View. The new view aggregates security events by device, letting you view the latest events on a particular device the related CCS component. Here is the wiki of this feature.
- Restore suspicious autorun entries. You can now monitor the current status of suspicious Windows Services and scheduled tasks etc, and restore the item and any quarantined files affiliated with the entry.
-
New management capabilities for the Virtual Desktop:
- Password Protection. If enabled, users will need to enter a password in order to close the virtual desktop. This prevent guests or regular-users from closing the virtual desktop and potentially exposing the computer to danger.
- Launch Virtual Desktop upon user login. Starts the virtual desktop automatically as soon as the endpoint is booted. Enable this setting in CCS at ‘Advanced Settings’ > ‘Containment’ > ‘Virtual Desktop’.
- Automatically reset Virtual Desktop on session termination. Resetting the virtual desktop provides privacy and security by removing all user data and undoing all system changes.
- Added WerFault.exe, the Windows error reporting tool, to "Windows system applications" file group. It can now be easily excluded from security policies in CCS.
Ayhan Epik,
Product Manager, Endpoint Manager