09-November-2020

Endpoint Protector – Product Update

Server Version 5.2.0.9
Windows Client: 5.3.5.4
Mac Client: 2.0.2.9
Linux Client: 1.6.0.2
EasyLock Client: 2.0.2.4

Important: The Mobile Device Management module has been discontinued and removed.
Do not update to 5.2.0.9 if you would want to continue utilizing MDM.

Server Version: 5.2.0.9

General:

• Support for KEXTless macOS has been added.
• Change the legacy process name for KEXT macOS clients. Please ensure the necessary permissions within your system:
  • For KEXT – EppClientLegacy
  • For KEXTless - EppClient
• The Outside Network functionality has been extended and multiple IPs can now be assigned to a particular Fully Qualified Domaine Name.
• The IP List for monitored endpoints has been improved and link-local IP addresses are now ignored.
• File shadowing repository directory structure has been improved, aligning it with the path from the External Storage functionality.
• The option to enable or disable the file hash generation for monitored file transfers is now available.
• The maximum number of Regex Blacklists has been raised to 20.
• The Contextual Detection functionality has been extended and now provides the option to define a contextual rule starting from a regular expression.
• The Endpoint Protector Client now only blinks at manual policy updated.
• Various small SIEM improvements around the UTC timestamp formats.
• The Support section has been updated.

Bug fixes:

• Fixed some HTML tags (e.g.: < >) validations that could not be used in conjunction with the File Shadow Repository functionality.
• Due to validations restrictions, quotation marks could not be used within Custom Client Notifications. Fixed.
• Fixed upgrade issues that could occur when EPP services would require a reboot or driver where not properly updated.
• SAMBA shares File Shadow Repository were not working if NTLM2 authentication to SMB shares was disabled. Fixed.
• Fixed 32-bit Windows Endpoint Protector Client Installer.

Device Control

• The granularity on User Settings has been extended. It includes functionalities such as File Tracing and File Shadowing, Outside Network and Outside Hours, etc.
• The Bluetooth granularity category has been further extended and now includes Bluetooth Headsets.
• Improved Bluetooth device detection for barcode scanners, from within the Bluetooth Other category.
• Intel(R) Dual Band Wireless-AC 7260 devices are now controlled.
• Additional Xiaomi Redmi devices are now supported on macOS.
• Additional Fingerprint devices are now detected within the Chip Card Devices category.

Bug fixes:

• In particular cases, Specific Devices could not be added to Groups containing only Computers. Fixed.
• Some Filters on the List of Computers could display inaccurate information. Fixed.
• Fixed some visual form validation overlaps linked to Outside Network settings.
• Fixed notifier messages inconsistencies linked to the Allow Access if TD Level 1+, otherwise Read Only right.
• Fixed Allow Access if device is Trusted Device Level 1+ for storage devices with unusually long Serial Numbers.
• Multiple improvements in large scale deployments around Groups and the selected entities within.

Content Aware Protection

• When DPI is enabled, unsecured access through HTTP can now be blocked and user access restricted, while HTTPS transfers will be subject to the Content Aware Protection Policies.
• The default Print Screen functionality for Windows now also includes Snip & Sketch.
• The Clipboard functionality has been extended and now includes a Paste granularity option, based on monitored applications (exit points) but also a list of other applications such as Word, Excel, PowerPoint, Noters, Terminal, Script Editor, TextEdit, Stickies, OneNote, etc.
• Changes around various applications have been made to include updates done by their vendors (e.g.: updating process names for Zoom on Windows, Facebook Messenger, etc.)
• Managing Git as an exit point has been extended and now, certain domains can be blocked or whitelisted.
• The list of monitored applications has been extended and now includes, Remote Call, Whale, Notejoy, Apple Remote Desktop, Signal, etc.
• Linux applications installed via Snap can now be monitored.
• On Linux, the content scanner has been improved and is now also available for distros that do not include a GUI.
• Various content aware scanning optimizations when inspecting corrupted files.
• Credit Card detection improvements around digit separators, 16-digit length, 6 or more repeats of the same digit, increasing or decreasing digits, etc. All result in reducing false positives.
• Reduce false positive credit card number detections in .docx files.
• Source Code detection improvements when scanning small files.
• The detection accuracy of the Extended Source Code Detection functionality has been improved, as well as extended to also include RTF, XLS and XLSX file types.
• Improved PII detection in PDFs containing the Unicode hyphen.
• Improved PII detection in Excel files by excluding drawings, reducing false positives.
• Additional PIIs have been added like ISBN. Also, the detection rules for the Latvia ID and India SSN (Aadhar number) have been updated.
• Selected entities from within a Content Aware Protection policy has been adjusted to support larger scale deployments and better flexibility (e.g.: selecting a computer will no longer automatically also select the related users).
• An additional layer of granularity has been added for the Deep Packet Inspection functionality, allowing DPI to be enabled or disabled for various applications. Also, the option to monitor custom ports is now available. These settings can be found in the newly added Deep Packet Inspection subsection from within the Content Aware Protection submenu.
• Multiple Deep Packet Inspection improvements in functionality, as well as in reducing false positives:
  • Better interoperability with independent software vendors (ISVs) that provide deep packet inspection as well (e.g.: Sophos, ZScaler, etc.).
  • Proxy-tunnel support and autodetection has been added.
  • Improve Exchange Web Services support.
  • improved HTTP and SMTP header handling for multiple multi-part requests (e.g.: Evolution Mail did not support domain whitelists).
  • Several Mail related improvements around whitelist and domains.
  • Microsoft Teams has been added to the list of monitored application via the DPI functionality.
  • Web browsing speed improvements when using DPI.
  • Differentiate between Personal OneDrive and OneDrive for Business.
  • Extend the Deep Packet Inspection Whitelist to support also IP address.
  • Removed false positives caused by DPI when browsing the Internet.
  • Reduce DPI false-positives that occurred when using Google Spreadsheet.
  • Facebook or other online applications.
  • Monitor confidential text/typing on Teams, Skype, Slack and Mattermost applications.
  • Monitor confidential text/typing on browsers for the following online applications: Google Spreadsheet, Facebook Post, Facebook Comment and Instagram Comment

Bug fixes:

• In some cases, where the DPI functionality was enabled, Google accounts would be blocked while performing Automatic Authentication. Fixed.
• Windows Mail app send/receive action hangs when DPI is enabled.
• Some Java applications like Android Studio etc. could not be launched when DPI was enabled.
• When DPI was enabled, MP4 files could be transferred to Youtube, regardless of the content aware policies. Fixed.
• DPI policy violation notifications were not displayed on the computer where RDP (Remote Desktop) was used. Fixed.
• DPI “Cross origin resource sharing" plain text requests whose target have the same origin could be transferred. Fixed.
• E-mail Domain Whitelists could not be applied when DPI was enabled for the “Granular Windows Apps”. Fixed.
• In some cases, when multiple DPI policies were defined, these were not applied correctly. Fixed.
• Fixed issues linked to Custom Content Dictionaries that included “&” in the title.
• Fix file type detection of 7z password files.
• Minor typos have been amended.

EasyLock Enforced Encryption

• The List of EasyLock devices now includes the Department column, allowing the EasyLock Administrators to view and administrate only the devices they have been assigned.
• Deployment improvements, particularly around the Allow Access if TD Level 1+ right.
• On macOS, the EasyLock deployment for USB devices with the same mount point was improved.
• Fresh deployments of EasyLock no longer support Legacy License input.
• The option to preview images on the encrypted side is now available.
• Minor User Experience enhancements.

Bug fixes:

• On macOS, some actions sent from the Server appear behind the splash screen. Fixed.
• Bugfix on complex password settings.
• Fixed Master Password authentication issues that occurred in conjunction with the read-only rights.