ITarian Release Notes 2022-09-21 (v7.3.0.0)

RELEASE NOTES LINK: Release notes for IT Operation Platform | Read Through Comodo Community
PDF File: Release Notes - 2022-09-21.pdf (292.4 KB)
Additional Notes: 2022-09-21_BillingProfileGuide.pdf (254.2 KB)

Introduction

This document contains notes about the ITarian Platform release for 21 September 2022.

The release schedule will be as follows:

  • Platform
    • US Region - Release will start on Wednesday 21st September 2022 at 9AM EDT
    • EU Region - Release will start on Thursday 22nd September 2022 at 2AM BST / 3AM CEST
  • Agents
    • US Regions - Release will start on Wednesday 21st September 2022 at 9PM EDT
    • EU Regions - Release will start on Thursday 22nd September 2022 at 2AM BST / 3AM CEST

The release is expected to take 2 hours to deploy, during that time the platform will be under maintenance mode, where you may observe minor glitches. If you observe any issues, please feel free to share with us.

ITarian Platform

Portal (PSA)

Improvements

  • Sign-up error message wording correction if attempting to use existing domain (ITA-86)
  • Updated quick start YouTube video showing new agent deployment method (ITA-157)

Endpoint Manager (RMM)

Patch Management

Nothing for this release.

Device Management

New Features

  • Remote Control – Remote printing for Windows (ITA-119)
  • Remote Control – Remote printing for Mac (ITA-120)

Improvements

Add a total number of devices next to profile names in profile list (ITA-127)

Mobile Device Management (MDM)

Nothing for this release.

Service Desk (SD)

Nothing for this release.

Miscellaneous

  • New profile management which brings in new licenses and billing (ITA-25)
  • SNMP backend API deployment, nothing usable outside of development at present (ITA-144)
  • Custom Reports beta bringing data access and query tools (ITA-145)

Xcitium Products

Comodo Client Security

New Feature / Improvement

  • Detection of WMI provider auto-runs. (COPRD-5530)
  • Enabled WMI provider registration detection from DLLs. (CODEV-1894)
  • Protection for Xcitium Client - Security Agent’s own processes and assets. (CODEV-59)
  • Ability to limit Xcitium Client - Security Agent resource allocation (CODEV-67)
  • Prevented report tool running in containment. (CODEV-1221)
  • Detection for macro script executions. (CODEV-56)
  • Detection of unsigned DLL’s loaded into trusted process (CODEV-4514)
  • Ability to add exceptions for script analysis. (CODEV-41)
  • Ability to send actual containment script content to portal. (CODEV-2552)
  • Performance Optimization and Monitoring (CODEV-174, CODEV-384)
  • Optimization of user scan interface. (CODEV-389)

Bug-Fixes

  • Fixed the issue of Windows Server 2022 not getting responsive with Xcitium Client Security 12.12 installed. (CODEV-5353)
  • Fixed the issue of Windows Server 2016 not getting responsive with Xcitium Client Security 12.9 installed. (CODEV-1178)
  • Fixed Windows Application Error event (Registry Lock) with Xcitium Client Security 12.10 installed (CODEV-4114)
  • Fixed the issue of CIS firewall driver not running after Windows and Xcitium Client Security binary upgrade. (CODEV-120)
  • Fixed Performance issues/ Higher CPU Utilization by cmdagent.exe (CODEV-3672, CODEV-4198)
  • Fixed the issue of Xcitium Client - Security Agent blocking BToE communication with Policom. (CODEV-238)
  • Fixed the issue of Xcitium Client - Security Agent blocking network share writes. (CODEV-5401)
  • Fixed the issue of Xcitium Client - Security Agent Firewall in Safe Mode blocking outgoing traffic from Trusted EDR service. (CODEV-128)
  • Fixed the issue of devices not getting responsive while listing Xcitium Client - Security logs. (CODEV-1208)
  • Fixed updated local verdicts DB errors (CODEV-1177)
  • Fixed errors for specific firewall & website definitions. (CODEV-1182)
  • Fixed errors for memory leak on firewall driver. ( CODEV-4286)
  • Fixed the issue of infected items not automatically cleaned after the full scan is completed. (CODEV-458)
  • Fixed quarantine issue of loaded malicious DLL when loaded into process (CODEV-233)
  • Fixed the issue of absent Quarantined files in Quarantine (CODEV-2885)
  • Fixed the issue of Xcitium Client - Security Agent not being able to read file hash. (CODEV-232)
  • Fixed the issue of winget.exe being contained and not logged. (CODEV-3729)

Security Operations Centre (SOCaaP)

Nothing for this release.

Secure Email Gateway (SEG)

Bug-Fixes

Released email not being delivered (CS-37745)

Secure Internet Gateway (SIG)

Bug-Fixes

  • DNS and other stats not showing up in the console (CS-38697)
  • Direct buy option going to wrong address / portal (CS-38822)

Miscellaneous

Nothing for this release.

1 Like

There was a release note the first time before this release was postponed, there was a new feature to monitor for ransomware on network resources/shares. I don’t see this in this release, will this still be implemented at some stage?

Hi @QuickSilverST

Can you let me know the exact wording or if listed the code for the item I’ll check for you.

Regards
Robin

Hi Robin,

See below:

File shares protection from remote ransomware encryption attacks (COPRD-3632)

Release-Notes-2022-08-03.pdf (itarian.com)

I’m attempting to install this on my PC to test and it appears Windows 11 22H2 is unsupported by CCS 12.12.1. Is this intentional?

Hi @Evernight2021

Unfortunately CCS / XCS is an Xcitium product. We offer integration for the product but it is not within our control to determine what features it has or to resolve any issues.

We can pass stuff to Xcitium via support@itarian.com or you can reach out to them on Xcitium Enterprise Forum - Forum Xcitium or via support@xcitium.com

I hope this helps.

Regards
Robin

1 Like

Hi @QuickSilverST

In regards to COPRD-3632 I have been informed by Xcitium the following

This is not going to be released, this is because there are technical issues stopping this that we currently cannot fix

Unfortunately I cannot offer any ETA, help or advise further than this.

I hope this answer helps or explains.

Regards
Robin

Hello,

It’s sad as this will be a great feature so hope this gets implemented. just strange that they will list it as a release and then only later sees it might not be possible…

THx for the follow up.

The “License Information” table on the Itarian portal doesnt seem to be accurate. The number of AEP licenses that it says I have seems to be larger than the number of devices actually running AEP.

Hi @minntech

AEP, ITarian Device etc are all licensed based on profile assignments.

If yiu assign an XCS profile to a device but do not install it you will still be charged.

This is done as you obviously intend to install the XCS software, or your doing a migration / deployment and have just not got to that stage yet.

As you can see you have full flexibility with the profiles to control what is applied and billed per device.

Hope this explains.

Regards
Robin

1 Like

Hi @QuickSilverST

I’ll chase again and see if I can get more details for you.

Regards
Robin

1 Like

This might be the laziest implementation of coding that I have ever seen.

So not only is it true that a device could be counted as licensed for AEP w/o even having AEP installed, but do the people who implemented this not understand you can have multiple device profiles assigned to device?. So not only is the former statement true, but also you guys are compounding licensing because more than 1 profile is assigned with licensed features.

This has to be the dumbest thing ever. Instead of writing some proper code to determine if active agents were in a licensed or free state you simply couldn’t be bothered to do any more than count checkboxes in a device profile?

This is a huge step backwards because now we can only have a single device profile assigned to our devices which limits the flexibility of the profile system.

It’s not even worth my time to try and fix this at this point. I am simply going to be removing all my Itarian and Comodo agents for now until you guys find a better way.

Hi @minntech

I’m not sure what you mean by lazy, this is by design as it gives the MSP / Enterprise 100% control and flexibility.

You can apply multiple layer profiles and all is counted correctly as needed.

If you have a RMM settings split across multiple profile, say one for an application like Sage and another for general desktop stuff… You still only get charged one license for ITarian device if you applied them both to a single device.

Due to this I’m not sure what your complaint is about.

Can you please give a full example so we can look at this correctly.

Regards
Robin

1 Like

Thats not what was showing on my account. The number of reported AEP licenses was more than I even had agents. So obviously something is not being counted correctly. The only thing I can attribute to that is because my devices had multiple profiles with licensed features. It would seem that your system is compounding the licensing based on profile assignment. The count happens to match the number of total devices that each profile was assigned to even when they are the same device.

On the topic of the new update, Anyone else getting false offline alerts ?

I have a couple of systems generating multiple alerts throughout the day about being offline, however they are in fact still active, I even maintained a remote connection while getting alerts.
This also occurred another time after a platform update, but was resolved after a day or so.

Do the endpoints need an agent update refresh?

one endpoint alerts last 24hrs
image

These that are online but have alerts active??

image

mcfproservices

Since 2 day’s I also have a server generating ‘offline’ warnings.
Multiple times a day.

Hi @minntech

I have passed this to dev to look at and resolve.

Regards
Robin

Hi @mcfproservices

Have you raised a ticket with support yet?

If you have not please do!
In the ticket please include you admin email for portal as well as the devices you know have done this.

They will then do some tests and might need some additional information from you, but they should confirm if an issues exists or not; and if exists they will pass to me and the dev team.

Regards
Robin

Hi @ailan

As per other message on here, please report to support so they can confirm issue and under what conditions.

Regards
Robin