[March] What's New on Endpoint Manager?

Hello everyone!

We are excited to inform you that we are planning to have a new release scheduled to go live Saturday 14th of March, 2020. morning!

The release is expected to take 15 minutes to deploy, during that time platform will be under maintenance mode. Post-deployment tests are expected to continue until 4 pm EST during which you may observe minor glitches. If you observe any issues, please feel free to share with us.

Endpoint Manager
Endpoint Manager Core
New Features
Forward Audit Logs to SIEM tools
● You can now forward audit logs to a SIEM server, emulating the existing feature in CCS.
● Users can configure syslog forwarding at ‘Settings’ > ‘Portal Set-Up’ > ‘Logging Settings’ > ‘Audit Logs’.

More Granular RBAC for devices, device groups, and remote control
● We improved role based access control (RBAC) for device operations, and to differentiate device operations with remote control permissions:

    ○ Updated the description of the “users.allow-portal-login” permission.

    ○ Device group permissions now have a more granular structure:
      ■ Create
      ■ Rename
      ■ Delete Assign
      Remote control permissions now have a separate structure with the following permissions:
        ■ Takeover, ■ File-Transfer, ■ File-Transfer(Upload), ■ File-Transfer(Download)

      …and more granular RBAC for procedures
      We separated alerts and procedure management controls. Procedures now have the following sub-permissions:

        ○ Create Procedure
        ○ Edit Procedure
        ○ Delete Procedure
        ○ Approve Procedure
        ○ Execute Procedure
        ○ Export Procedure List

      Alerts now have the following, separate, permissions:

        Read only > configuration.alerts
        ○ Full Control > configuration.alerts, manage

      Here is the wiki of this feature.

      Results per Page Option for Device Tree
      You can now view device tree with additional pagination options, as you can already in the regular device list. Users can now limit the device tree results with the following number of item options:

        ○ 20
        ○ 50
        ○ 100
        ○ 200

      Added support for Ubuntu 19.0
      Endpoint Manager clients now support devices using Ubuntu 19.04.
      Public API Sharing - Must Have Items Part 1
      ● We aim to make all our common APIs public. This release sees stage 1 of this process, with the release of APIs for:

        ○ Users
        ○ Devices
        ○ Device Group categories

      Dark Mode for Android MDM Client
      ● Devices on Android 10+ can now switch to the MDM client to dark mode.

      CCS - End of Support for Windows 7
      In line with Microsoft policy and security best practices, we are ending official support for CCS on Windows 7 devices. We encourage all customers to upgrade their Windows based systems to Windows 8 /8.1/ 10.
      ● CCS on Windows 7 will continue to work up-to previous version. New versions of CCS will not be supported.
      ● The following operating systems are affected:

        ○ Windows 7
        ○ Windows Server 2008 R2

      Bug Fixes

      • Fixed the issue of Windows Communication Client breaking during upgrade.
      • Fixed the issue of "Installed Apps" tab not opening for macOS devices on portal.
      • Fixed the issue of Windows devices with Comodo Internet Security installed are considered in count within "Advanced Endpoint Protection" in "Bill Forecast" page on the License Management section.
      • Fixed the issue of RMMService.exe using too many UDP ports on Windows Server 2012 R2.
      • Fixed the issue of ITSMService.exe not present after deploying the latest version of Windows Communication Client.
      • Fixed the issue of widget statistics numbers don't matching up.
      • Fixed the issue of ITSMService.exe initiating random restart of endpoint.
      • Fixed the issue of resetting screen passcode on iOS device through portal doesn't work.
      • Fixed the issue of iOS enrollment email not properly displayed on Safari 601.1 (iOS9.3.5)
      • Fixed the issue of entered user credentials disappearing from DEP profile Setting after navigating across DEP profile tabs.
      Security New Features Profile Section Addition with Default Settings - Windows profile (HIPS/Antivirus/Containment sections): Import profile settings while adding new section ● You can now schedule virus scans on specific days of the week in a Windows profile. ● AV usability improvements, Windows: On demand items request operation from portal: Quarantined items Data Loss Prevention: You can now populate keyword groups by importing keywords from a file. This, for example, allows customers to populate the ‘Names’ group with a list of client users or employees. ● New DLP monitoring rules let you block users from copying or moving files to USB devices. ● Added ‘Quarantine’ action to DLP discovery rules. This lets admins isolate files containing sensitive information to prevent their exfiltration while a review of the files is in progress

      Here is the wiki of this feature.

      Best Regards,
      Product Management Team