Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Other security for Windows, Mac, Linux
Harmony Endpoint Release Notes and Roadmaps
Message
<blockquote data-quote="Trident" data-source="post: 1083439" data-attributes="member: 99014"><p>Harmony Endpoint for Windows 88.30 Released 17th of April 2024.</p><p></p><h2>List of New Features and Enhancements in E88.30 for Windows</h2><p></p><p></p><p></p><p></p><table style='width: 100%'><tr><td>ID</td><td>Description</td></tr><tr><td>General</td><td></td></tr><tr><td>EPS-55958</td><td>Enhancement: Endpoint Security Clients now supports uploading CPInfo to Amazon Simple Storage Service (S3) through push operation and manually using the S3 application.</td></tr><tr><td>EPS-56017,<br /> EPS-56084</td><td>Enhancement: Administrators now have the ability to set a timeout and require a password for the Disable Capabilities feature in the General section of Client Settings. This password prompt, currently available only in English, allows control over who can disable capabilities on any Windows client by requiring password authentication before accessing the Disable Capabilities screen on the Client User Interface. Once capabilities are disabled, the specified timeout interval determines the duration after which the disabled capabilities are automatically restored to operational status.</td></tr><tr><td>EPS-55626</td><td>Enhancement: The Threat Emulation Blade in Client UI is displayed as File Protection. </td></tr><tr><td>Anti-Bot and URL Filtering</td><td></td></tr><tr><td>AHTP-29728</td><td>Enhancement: The Anti-Bot Blade now includes DNS Inspection support, which utilizes Check Point ThreatCloud. This protection allows Anti-Bot to block access to malicious domains during the DNS resolution process.</td></tr><tr><td>Anti-Malware E1</td><td></td></tr><tr><td>EPS-56022</td><td>Enhancement: The Anti-Malware E1 Blade now allows to specify the processes which are spawned from trusted processes (for example, their descendants) that should be excluded from malware scans and monitoring. This minimizes unnecessary resources utilization and potential false positives.</td></tr><tr><td>Anti-Malware E2 (US-DHS and EU compliant)</td><td></td></tr><tr><td>AHTP-29459</td><td><strong>NEW</strong>: Added ability to update SA and OFR offline. Refer to <a href="https://support.checkpoint.com/results/sk/sk180690" target="_blank">sk180690</a> to preform Offline Update.</td></tr><tr><td>AHTP-29036</td><td>Enhancement: It is now possible to install only the Anti-Malware E2 Blade, independently from installing the Threat Emulation blade. </td></tr><tr><td>Anti-Ransomware, Behavioral Guard and Forensics</td><td></td></tr><tr><td>EPS-56719</td><td>Enhancement: Improved the time it takes to upload events to threat hunting.</td></tr><tr><td>EPS-56439</td><td>Enhancement: The detection of ransomware is now faster. Implemented a new mechanism that can potentially pause and prevent ransomware encryption from occurring in certain scenarios, particularly during the initial stages of an attack.</td></tr><tr><td>AHTP-30039,<br /> AHTP-30236,<br /> AHTP-30230,<br /> AHTP-30209,<br /> AHTP-30096,<br /> AHTP-30207,<br /> AHTP-29600,<br /> AHTP-28396,<br /> AHTP-30208</td><td>Enhancement: Improved the signature capabilities.</td></tr><tr><td>AHTP-29652</td><td>Enhancement: Improved the signature accuracy.</td></tr><tr><td>AHTP-29396</td><td>Enhancement: Improved visibility of sensors into processes.</td></tr><tr><td>AHTP-28910</td><td>Enhancement: Improvements in remediation.</td></tr><tr><td>Full Disk Encryption</td><td></td></tr><tr><td>EPS-54915</td><td>Enhancement: PIV Smartcard driver now supports IDEmia Cosmo 8.1 cards and compressed certificates.</td></tr><tr><td>EPS-55613,<br /> EPS-55187</td><td>Enhancement: Both the FDE classic Pre-boot and Smart Pre-boot flows are now refined to a smoother flow for visually impaired users.</td></tr><tr><td>Threat Emulation</td><td></td></tr><tr><td>AHTP-28907</td><td><strong>NEW</strong>: In Advanced Capabilities, added Detect/ Prevent/ Off modes for these sensors:<br /> <ul> <li data-xf-list-type="ul">ThreatCloud Reputation</li> <li data-xf-list-type="ul">Offline Reputation</li> <li data-xf-list-type="ul">Static Analysis of Office Files</li> <li data-xf-list-type="ul">Static Analysis of Executable files</li> <li data-xf-list-type="ul">Static Analysis of DDL Files</li> </ul> For more information about configuring these modes, see <a href="https://sc1.checkpoint.com/documents/R81.20/WebAdminGuides/EN/CP_R81.20_HarmonyEndpointWebManagement_AdminGuide/Default.htm" target="_blank">Harmony Endpoint EPMaaS Administration Guide</a> > Configuring the Endpoint Policy > Configuring the Threat Prevention Policy > Web & Files Protection.</td></tr></table><h2></h2> <h2>List of Resolved Issues in E88.30 for Windows </h2><p></p><p></p><table style='width: 100%'><tr><td>ID</td><td>Description</td></tr><tr><td>Installation</td><td></td></tr><tr><td>EPS-55909</td><td>In a rare scenario, the Firewall and Application Control process becomes unresponsive, resulting in repeated failures during client upgrades.</td></tr><tr><td>Anti-Malware E1</td><td></td></tr><tr><td>EPS-54953</td><td>No data is fetched with the "GetQuarantineFileData" API command. In <em>cpda.log</em>, there is the "<em>Failed to get list [cpda::QuarantineFiles::GetList]</em>" error. </td></tr><tr><td>EPS-56269</td><td>In a rare scenario, after an upgrade, the Anti-Malware Blade may crash and restart.</td></tr><tr><td>Anti-Ransomware, Behavioral Guard and Forensics</td><td></td></tr><tr><td>AHTP-30187</td><td>When Registry Save Block detection is triggered, the Anti-Ransomware detection pop-up may appear instead of the Behavioral Guard detection notification. </td></tr><tr><td>AHTP-30019</td><td>Processing many large PowerShell scripts leads to increased memory consumption. </td></tr><tr><td>AHTP-30073</td><td>CPU consumed by the EFR process may be high.</td></tr><tr><td>Threat Emulation</td><td></td></tr><tr><td>AHTP-30103</td><td>When reaching the Threat Emulation Quota limit, the Threat Emulation Blade reports to the Management the "<em>Not Connected</em>" status instead of "<em>Quota reached</em>".</td></tr><tr><td>Remote Access VPN</td><td></td></tr><tr><td>ESVPN-4257</td><td>In rare scenarios, Watchdog may restart the VPN UI process multiple times.</td></tr><tr><td>ESVPN-4267</td><td>After an upgrade to E88.00, the "<em>Create site from link</em>" feature may stop functioning as expected.</td></tr></table></blockquote><p></p>
[QUOTE="Trident, post: 1083439, member: 99014"] Harmony Endpoint for Windows 88.30 Released 17th of April 2024. [HEADING=1]List of New Features and Enhancements in E88.30 for Windows[/HEADING] [TABLE] [TR] [TD]ID[/TD] [TD]Description[/TD] [/TR] [TR] [TD]General[/TD] [TD][/TD] [/TR] [TR] [TD]EPS-55958[/TD] [TD]Enhancement: Endpoint Security Clients now supports uploading CPInfo to Amazon Simple Storage Service (S3) through push operation and manually using the S3 application.[/TD] [/TR] [TR] [TD]EPS-56017, EPS-56084[/TD] [TD]Enhancement: Administrators now have the ability to set a timeout and require a password for the Disable Capabilities feature in the General section of Client Settings. This password prompt, currently available only in English, allows control over who can disable capabilities on any Windows client by requiring password authentication before accessing the Disable Capabilities screen on the Client User Interface. Once capabilities are disabled, the specified timeout interval determines the duration after which the disabled capabilities are automatically restored to operational status.[/TD] [/TR] [TR] [TD]EPS-55626[/TD] [TD]Enhancement: The Threat Emulation Blade in Client UI is displayed as File Protection. [/TD] [/TR] [TR] [TD]Anti-Bot and URL Filtering[/TD] [TD][/TD] [/TR] [TR] [TD]AHTP-29728[/TD] [TD]Enhancement: The Anti-Bot Blade now includes DNS Inspection support, which utilizes Check Point ThreatCloud. This protection allows Anti-Bot to block access to malicious domains during the DNS resolution process.[/TD] [/TR] [TR] [TD]Anti-Malware E1[/TD] [TD][/TD] [/TR] [TR] [TD]EPS-56022[/TD] [TD]Enhancement: The Anti-Malware E1 Blade now allows to specify the processes which are spawned from trusted processes (for example, their descendants) that should be excluded from malware scans and monitoring. This minimizes unnecessary resources utilization and potential false positives.[/TD] [/TR] [TR] [TD]Anti-Malware E2 (US-DHS and EU compliant)[/TD] [TD][/TD] [/TR] [TR] [TD]AHTP-29459[/TD] [TD][B]NEW[/B]: Added ability to update SA and OFR offline. Refer to [URL='https://support.checkpoint.com/results/sk/sk180690']sk180690[/URL] to preform Offline Update.[/TD] [/TR] [TR] [TD]AHTP-29036[/TD] [TD]Enhancement: It is now possible to install only the Anti-Malware E2 Blade, independently from installing the Threat Emulation blade. [/TD] [/TR] [TR] [TD]Anti-Ransomware, Behavioral Guard and Forensics[/TD] [TD][/TD] [/TR] [TR] [TD]EPS-56719[/TD] [TD]Enhancement: Improved the time it takes to upload events to threat hunting.[/TD] [/TR] [TR] [TD]EPS-56439[/TD] [TD]Enhancement: The detection of ransomware is now faster. Implemented a new mechanism that can potentially pause and prevent ransomware encryption from occurring in certain scenarios, particularly during the initial stages of an attack.[/TD] [/TR] [TR] [TD]AHTP-30039, AHTP-30236, AHTP-30230, AHTP-30209, AHTP-30096, AHTP-30207, AHTP-29600, AHTP-28396, AHTP-30208[/TD] [TD]Enhancement: Improved the signature capabilities.[/TD] [/TR] [TR] [TD]AHTP-29652[/TD] [TD]Enhancement: Improved the signature accuracy.[/TD] [/TR] [TR] [TD]AHTP-29396[/TD] [TD]Enhancement: Improved visibility of sensors into processes.[/TD] [/TR] [TR] [TD]AHTP-28910[/TD] [TD]Enhancement: Improvements in remediation.[/TD] [/TR] [TR] [TD]Full Disk Encryption[/TD] [TD][/TD] [/TR] [TR] [TD]EPS-54915[/TD] [TD]Enhancement: PIV Smartcard driver now supports IDEmia Cosmo 8.1 cards and compressed certificates.[/TD] [/TR] [TR] [TD]EPS-55613, EPS-55187[/TD] [TD]Enhancement: Both the FDE classic Pre-boot and Smart Pre-boot flows are now refined to a smoother flow for visually impaired users.[/TD] [/TR] [TR] [TD]Threat Emulation[/TD] [TD][/TD] [/TR] [TR] [TD]AHTP-28907[/TD] [TD][B]NEW[/B]: In Advanced Capabilities, added Detect/ Prevent/ Off modes for these sensors: [LIST] [*]ThreatCloud Reputation [*]Offline Reputation [*]Static Analysis of Office Files [*]Static Analysis of Executable files [*]Static Analysis of DDL Files [/LIST] For more information about configuring these modes, see [URL='https://sc1.checkpoint.com/documents/R81.20/WebAdminGuides/EN/CP_R81.20_HarmonyEndpointWebManagement_AdminGuide/Default.htm']Harmony Endpoint EPMaaS Administration Guide[/URL] > Configuring the Endpoint Policy > Configuring the Threat Prevention Policy > Web & Files Protection.[/TD] [/TR] [/TABLE] [HEADING=1] List of Resolved Issues in E88.30 for Windows [/HEADING] [TABLE] [TR] [TD]ID[/TD] [TD]Description[/TD] [/TR] [TR] [TD]Installation[/TD] [TD][/TD] [/TR] [TR] [TD]EPS-55909[/TD] [TD]In a rare scenario, the Firewall and Application Control process becomes unresponsive, resulting in repeated failures during client upgrades.[/TD] [/TR] [TR] [TD]Anti-Malware E1[/TD] [TD][/TD] [/TR] [TR] [TD]EPS-54953[/TD] [TD]No data is fetched with the "GetQuarantineFileData" API command. In [I]cpda.log[/I], there is the "[I]Failed to get list [cpda::QuarantineFiles::GetList][/I]" error. [/TD] [/TR] [TR] [TD]EPS-56269[/TD] [TD]In a rare scenario, after an upgrade, the Anti-Malware Blade may crash and restart.[/TD] [/TR] [TR] [TD]Anti-Ransomware, Behavioral Guard and Forensics[/TD] [TD][/TD] [/TR] [TR] [TD]AHTP-30187[/TD] [TD]When Registry Save Block detection is triggered, the Anti-Ransomware detection pop-up may appear instead of the Behavioral Guard detection notification. [/TD] [/TR] [TR] [TD]AHTP-30019[/TD] [TD]Processing many large PowerShell scripts leads to increased memory consumption. [/TD] [/TR] [TR] [TD]AHTP-30073[/TD] [TD]CPU consumed by the EFR process may be high.[/TD] [/TR] [TR] [TD]Threat Emulation[/TD] [TD][/TD] [/TR] [TR] [TD]AHTP-30103[/TD] [TD]When reaching the Threat Emulation Quota limit, the Threat Emulation Blade reports to the Management the "[I]Not Connected[/I]" status instead of "[I]Quota reached[/I]".[/TD] [/TR] [TR] [TD]Remote Access VPN[/TD] [TD][/TD] [/TR] [TR] [TD]ESVPN-4257[/TD] [TD]In rare scenarios, Watchdog may restart the VPN UI process multiple times.[/TD] [/TR] [TR] [TD]ESVPN-4267[/TD] [TD]After an upgrade to E88.00, the "[I]Create site from link[/I]" feature may stop functioning as expected.[/TD] [/TR] [/TABLE] [/QUOTE]
Insert quotes…
Verification
Post reply
Top
