What's New
|
New Features and Enhancements |
|---|
|
E88.41 - Released on 23 June 2024 |
|
Enhancement: It is now possible to scan Active Directory using custom filters. |
|
Enhancement: The system now employs a more accurate language detection mechanism to automatically select the appropriate localized user interface language based on the Operating System default settings, providing a seamless experience without manual selection. |
|
Enhancement: Added the URLF Popups Suppression feature, which controls the frequency of URL Filtering popups for the same blocked URL. |
|
Enhancement: Added integration with the Media Encryption Blade for scanning connected removable drives. |
|
Enhancement: Enhanced the Threat Prevention methods against some types of attacks. |
|
Enhancement: Improved visibility into processes attached to a debugger. |
|
Enhancement: Improved the honeypot files naming algorithm to enhance the security against targeted attacks. |
|
Enhancement: Improved the efficiency of executing advanced threat signatures. |
|
Enhancement: Improved visibility into files mounted from disc image or CD image. |
|
Enhancement: Added support for performing Mobile Enrollment from the Endpoint Security Client UI when using the FDE Smart Pre-boot (EA feature). If Smart Pre-boot features that require Mobile Login are enabled, users are now prompted to enroll their mobile devices for authentication purposes. |
|
Enhancement: Added support for the Media Encryption and Port Protection Blade on systems running the ARM architecture. |
|
Enhancement: In Media Encryption authorization scanning, improved the dialog for Anti-Malware scanning progress. |
|
E88.31 - Released on 03 June 2024 |
|
This Hotfix complements the E88.30 release with important fixes. If you installed E88.30, we recommend upgrading to E88.31. |
|
E88.30 - Released on 17 April 2024 |
|
NEW: Added ability to update SA and OFR offline. Refer to sk180690 to preform Offline Update. |
|
NEW: In Advanced Capabilities, added Detect/ Prevent/ Off modes for these sensors:
For more information about configuring these modes, see Harmony Endpoint EPMaaS Administration Guide > Configuring the Endpoint Policy > Configuring the Threat Prevention Policy > Web & Files Protection. |
|
Enhancement: Endpoint Security Clients now supports uploading CPInfo to Amazon Simple Storage Service (S3) through push operation and manually using the S3 application. |
|
Enhancement: Administrators now have the ability to set a timeout and require a password for the Disable Capabilities feature in the General section of Client Settings. This password prompt, currently available only in English, allows control over who can disable capabilities on any Windows client by requiring password authentication before accessing the Disable Capabilities screen on the Client User Interface. Once capabilities are disabled, the specified timeout interval determines the duration after which the disabled capabilities are automatically restored to operational status |
|
Enhancement: The Threat Emulation Blade in Client UI is displayed as File Protection. |
|
Enhancement: The Anti-Bot Blade now includes DNS Inspection support, which utilizes Check Point ThreatCloud. This protection allows Anti-Bot to block access to malicious domains during the DNS resolution process. |
|
Enhancement: The Anti-Malware E1 Blade now allows to specify the processes which are spawned from trusted processes (for example, their descendants) that should be excluded from malware scans and monitoring. This minimizes unnecessary resources utilization and potential false positives. |
|
Enhancement: It is now possible to install only the Anti-Malware E2 Blade, independently from installing the Threat Emulation blade. |
|
Enhancement: Improved the time it takes to upload events to threat hunting. |
|
Enhancement: The detection of ransomware is now faster. Implemented a new mechanism that can potentially pause and prevent ransomware encryption from occurring in certain scenarios, particularly during the initial stages of an attack. |
|
Enhancement: Improved the signature capabilities. |
|
Enhancement: Improved the signature accuracy. |
|
Enhancement: Improved visibility of sensors into processes. |
|
Enhancement: Improvements in remediation. |
|
Enhancement: PIV Smartcard driver now supports IDEmia Cosmo 8.1 cards and compressed certificates. |
|
Enhancement: Both the FDE classic Pre-boot and Smart Pre-boot flows are now refined to a smoother flow for visually impaired users |
|
Enhancement: Added ability to change Endpoint Security clients language from the Management UI, under Policy > Client Settings > User Interface. |
|
E88.20 - Released on 13 March 2024 |
|
Enhancement: Implemented security measures for validation of software components, mitigating risks from unverified code. This enhances the Endpoint Client security posture and promoting reinforced computing environment. |
|
Enhancement: The Anti-Bot, URL Filtering, Threat Emulation and Anti-Malware E2 DHS Blades now better exclude specific processes and their associated subprocesses, improving analysis focus and streamlining the monitoring process. |
|
Enhancement: It is now possible to see the installed hotfixes in the Endpoint Security Clients UI. |
|
Enhancement: Added support for the "SameFile" rule parameter for matching behavioral indicators. |
|
Enhancement: Added sensor to detect attack initiation from emails. |
|
Enhancement: Modified the ranking algorithm to detect only file wipers. |
|
Enhancement: Improved stability of Endpoint Security Clients. |
|
Enhancement: Remediation now returns a new status - "FileAlreadyQuarantined", if the file is already handled as part of the incident. Previously, Remediation manager showed "File already deleted", when files were quarantined. |
|
Enhancement: Harmony Endpoint now supports Posture Automatic Deployment configured in policy. |
|
Enhancement: The installer no longer switches the FDE Pre-boot type to FDE Smart Pre-boot (EA feature) by default, now it requires applying a specific policy prior to installation. When installed, switching the type of Pre-boot can be done in policy settings during regular operations, eliminating the need for upgrades for switching as it was in previous versions. |
|
Enhancement: Improved the FDE database maintenance, preventing memory allocation issues during long running installations. |
|
E88.10 - Released on 19 February 2024 |
|
Enhancement: Endpoint Security Client installer now supports the Czech, Greek, Ukrainian, and Portuguese languages. |
|
Enhancement: The Client UI now sets the English language as the default if the provided LCID value corresponds to a language that is not officially supported. |
|
Enhancement: Performance improvements of the anti-tampering mechanism for network drives accessed by users. |
|
Enhancement: Improved remediation against persistent malware. |
|
Enhancement: Improved the detection of malware masquerading. |
|
Enhancement: Improved evasion techniques detections. |
|
Enhancement: Improved the accuracy of wipers detection. |
|
Enhancement: Improved the remediation process for detected DLLs. |
|
Enhancement: Improved the detection of credentials theft. |
|
Enhancement: Added support for advanced signatures. |
|
Enhancement: Harmony Endpoint management now enforces a new Global policy if it is changed, and Endpoint Security Client applies URLS changes without a reboot. |
|
Enhancement: Improved the detection of shadow copy creation. |
|
Enhancement: The VSMON process now speeds up the opening of listen sockets by 20% when dealing with high network loads, like those encountered by DNS servers. |
|
Enhancement: Wi-Fi card for the Lenovo L14 Generation 3 is now supported in FDE Smart Pre-boot (EA feature). |
|
Enhancement: The TESvc service is now renamed to CPFileAnlyz (Check Point Endpoint Security File Analyzer). |
|
E88.00 - Released on 22 January 2024 |
| NEW: Harmony Endpoint now supports Microsoft Entra ID (previously Azure Active Directory) Domain Services. |
| Enhancement: Harmony Endpoint now sends hardware info to the Server. |
| Enhancement: Harmony Endpoint now supports uninstalling Trellix (as part of McAfee product). It can be done using the "REMOVEPRODUCTS" parameter. |
| Enhancement: Harmony Endpoint now supports Quarantine Management with the external Server API. |
| Enhancement: Date format now consists of three letters of the month, followed by the day, year and time. For example, Oct 5, 2023 2:47 PM. |
| Enhancement: Endpoint Client now supports Windows 11 with Smart App Control on also when the machine is offline. |
| Enhancement: Anti-Malware E1 license is now updated automatically also on VDI and in Super Node environments. |
| Enhancement: The Anti-Malware E2 Blade now supports critical area scans. |
|
Enhancement: Expanded Windows component monitoring, which translates to enhanced protection. |
|
Enhancement: When detection occurs, the reports to Threat Hunting are now sent faster. |
|
Enhancement: Performances improvements for advanced signatures. |
|
Enhancement: Improved injections logic for better detections of malicious operations. |
|
Enhancement: Improved the protections against advanced malware. |
|
Enhancement: Silent signatures for leads are no longer forwarded to Threat Hunting to minimize the risk of the user confusing them with actual attacks. |
|
Enhancement: Improved the AMSI exclusion mechanism. |
|
Enhancement: Improved the AMSI performance on Exchange Servers. |
|
Enhancement: Behavioral Guard and Forensic Blade now better exclude specific processes and their associated subprocesses, improving analysis focus and streamlining the monitoring process. Note: This functionality is available only for customers using Smart Exclusions. |
|
Enhancement: Improved Behavioral analysis by scanning of event related data blocks. |
|
Enhancement: SHA1 exclusions can now be used to exclude files based on the macro hash, similar to excluding a file using its regular hash. This feature expands the existing file exclusion capability by allowing targeted exclusions focused on the macro content instead of the entire file. |
|
Enhancement: Improvement in the Posture Management Installation rate. |
|
Enhancement: Application Control Custom Rules evaluation is optimized for performance. |
|
Enhancement: Updated the Full Disk Encryption Smart Pre-boot Wi-Fi drivers. |
|
Enhancement: The Full Disk Encryption Blade now supports users from Microsoft Entra ID, previously known as Azure Active Directory. See the Known Limitations section. |
|
Enhancement: Full Disk Encryption Preboot now supports longer user names (up to 64 symbols) and passwords (up to 256 symbols), removing the previous 31-symbol limit. This change applies to user credential fields in both FDE Preboot and the FDE Recovery Tool. |
|
Enhancement: Added browser-based Data Leak Prevention (DLP) capability for Early Availability (EA) customers. In the initial phase, when the browser extension is activated, security is enhanced through the scanning of both uploaded and downloaded files. |