New Features V5.2

With this update we are bringing a macOS utility tool that provides the ability to read/write content from removable devices that were previously encrypted on Windows endpoints. Once the device is attached to the macOS endpoint, the user will have access to the data only after the password is provided. This provides transparent access through Finder when the device is attached.

We have improved our integration with Active Directory and with the 5.2 release you can enforce policies on AD Organizational Units. By default, this option is disabled and needs to be changed from the settings. After enabling this option, if an integration exists, the OUs from AD will be visible under Machine-specific settings. Now, you can assign permissions as you would do on any group.

5.2 update brings additional tools for managing endpoints that are not connecting to the central server. The client has the option to export details related to:

• Attached devices
• Local users and endpoint information

This data can be imported into the management console and based on that, the administrator can tailor policies that can be exported and imported in the isolated endpoint.

A big step in improving the product security was made by changing the encryption algorithms for:

• Password derivation – from SHA-256 to Argon-2id and PBKDF2
• Disk encryption – from AES-256-CBC to AES-128-XTS

The administrator will have to decide what happens with devices that were encrypted with older algorithms. Three options are available:

• Allow the use of these devices
• Upgrade the encryption and after this process the device can be used.
• Deny the use of device

This update adds the option to show/hide device classes. It brings a better management by providing a cleaner interface. The feature works only on device classes that are not in use.

Groups under Machine-specific settings have additional options when using the contextual menu. This brings the possibility to enforce permissions on all the groups.

To be able to support more SIEM applications with update 5.2, we are providing two new implementations. One brings the option to feed data directly into Windows Event Viewer. The second one brings data in JSON format. The majority of SIEM applications will be able to consume the logs in this way.

This update provides a better integration with 3^rd party applications by exposing the SDK methods for the server application. You can enforce permissions on groups of endpoints and override the settings that you would usually do from the management console.

The client status window can now be hidden. The administrator can change this option from the default settings in the management console.

With this update, you can fine-tune the HDD detection by choosing how this kind of device should be identified. Based on the lack of removable capabilities, reported by the operating system, or by also taking into consideration the buses.

We have made a number of security improvements in this release.