PRODUCT UPDATE BULLETIN 23.0 - January 21st 2016

  • 22 January 2016
  • 0 replies
  • 23 views

Userlevel 7
Badge +56
  • Retired Webrooter
  • 6752 replies
http://sw.nohold.net/Webroot/Images/wsab_endpoint_logo_v2.png

The number of devices deployed with Mac operating systems is increasing in business environments. A report by Statcounter (November 2015) states that 9.4% of all desktop browsers utilize a Mac OS version. This Mac OS ‘Reporting Parity’ release forms part of an ongoing programme to enhance the Administration experience for our Customers and Managed Services Partners administrating Mac OS devices within their environment. With this release Administrators will have visibility of all devices operating Mac OS, as this release is specifically designed to deliver data on Mac Endpoints in all views, reports, and management screens within the management console. These Mac features are present in both our Standard and Global Site Manager (GSM) consoles.

KEY FEATURES IN - GLOBAL SITE MANAGER CONSOLE:
  1. NEW – Macs will now report into the sites information panel for infection related data.
  2. NEW – Administrators of the Webroot SecureAnywhere Endpoint Protection Management Console, now have full visibility of all endpoints, irrespective of which operating system or version of operating system is used.
  3. NEW – Mac computers are included in all views, reports and managements screens.
 
  1. Sites Information Panel Visibility Macs will now report into the sites information panel for infection related data.  [img]http://sw.nohold.net/Webroot/Images/consoleupdate230img1.png[/img]Fig 1. Sites ‘More Information’ panel.  DASHBOARD/ SCHEDULED REPORTS  SummaryMac threats reported. Threa Detection History ChartMac threats reported. Data Point Charts *See point 9 in Notes sectionThe time of the last response on this ticket. Date CreatedNew data points added for Mac. Mac will now report all data points with the exception of those items listed below:Charts updated to show ‘Unsupported’, where functionality is not supported on the Mac agent.Mac’s will show ‘Unsupported’ for the following data points: Silent mode/Firewall status/ Infrared status/Offline shield/ USB Shield/Root kit shield /OS fire wall status. Dashboard Chart Drilldowns (Dashboard only) *See point 9 in Notes sectionAs above.  [img]http://sw.nohold.net/Webroot/Images/consoleupdate230img2.png[/img]Fig 2. Data Chart with ‘Unsupported’ data. [img]http://sw.nohold.net/Webroot/Images/consoleupdate230img3.png[/img]Fig 3. Dashboard chart drilldown with ‘Unsupported’ data. 
  2. Alerts  AlertsThreat Alerts now supported for Macs. ‘Active Directory’ and ‘Workgroup’ data points are not supported.  
  3. Global Site Management Console Administrators now have full visibility of all endpoints, irrespective of which operating system or version of operating system is used. Mac Endpoint data is now populated in all views, reports, and management screens. In addition Mac endpoints may now be controlled remotely, as per with Windows devices. STATUS  Endpoints Requiring attentionMac threats reported. Endpoints Not SeenMacs will continue to report in after their initial install check-in and will show an accurate ‘last seen’ time. Endpoints Encountering Threats ChartMac threats reported. 50 Most Recent Endpoints Encountering ThreatsMac threats reported. Threats Seen popupMac threats reported. This is also via Group Management > Scan History.  [img]http://sw.nohold.net/Webroot/Images/consoleupdate230img4.png[/img]Fig 4. Endpoints requiring attention. [img]http://sw.nohold.net/Webroot/Images/consoleupdate230img5.png[/img]Fig 5. Endpoints not seen recently. [img]http://sw.nohold.net/Webroot/Images/consoleupdate230img6.png[/img]Fig 6. Endpoints encountering threats in the last 7 days. [img]http://sw.nohold.net/Webroot/Images/consoleupdate230img7.png[/img]Fig 7. 50 most recent endpoints encountering threats. [img]http://sw.nohold.net/Webroot/Images/consoleupdate230img8.png[/img]Fig 8. All threats seen. 
  4. GROUP MANAGEMENT  Group Management > IPMac IP address reported. Group Management > All threats seen on EndpointMac threats reported. Group Management > Threats Detected popupMac threats reported. Group Management > Scan HistoryFull scan history for Macs reported.  [img]http://sw.nohold.net/Webroot/Images/consoleupdate230img9.png[/img]Fig 9. Threats detected. [img]http://sw.nohold.net/Webroot/Images/consoleupdate230img10.png[/img]Fig 10. Scan history. AlertsThreat Alerts now supported for Macs. Note: ‘Active Directory’ and ‘Workgroup’ data points are not supported. Reports > Threat History (collated)Mac threats reported. Reports > Threat History (Daily)Mac threats reported. Reports > All Threats SeenMac threats reported. Reports > Endpoints with threats on last scanMac threats reported. Agent CommandsAgent commands supported with the exception of uninstall. Deactivation of an endpoint will also not uninstall the product.  
NOTES:
  1. Cloud determination not visible for Mac threats.
  2. No restore from quarantine available.
  3. No undetermined history report, as undetermined files are not reported.
  4. Overrides are not supported.
  5. Policies not supported. Macs will show as ‘Unmanaged’.
  6. Macs can be added to group, but group based policies will not apply.
  7. Active Directory not supported on endpoint views.
  8. Vendor, product and version not supported on threat views.
  9. * Data may not be fully synchronized with the console dashboard and reporting, if the MAC UI is not open. This will be included in a future release.

KEY FEATURES IN - STANDARD MANAGEMENT CONSOLE:
 
  1. NEW – Administrators of the Webroot SecureAnywhere Endpoint Protection Management Console now have full visibility of all endpoints, irrespective of which operating system or version of operating system is used.
  2. NEW – Mac computers are included in all views, reports and managements screens.
 
  1. STATUS  Endpoints Requiring attentionMac threats reported. Endpoints Not SeenMacs will continue to report in after their initial install check-in and will show an accurate ‘last seen’ time. Endpoints Encountering Threats ChartMac threats reported. 50 Most Recent Endpoints Encountering ThreatsMac threats reported. Threats Seen popupMac threats reported. This is also via Group Management > Scan History.  [img]http://sw.nohold.net/Webroot/Images/consoleupdate230img11.png[/img]Fig 1. Endpoints requiring attention. [img]http://sw.nohold.net/Webroot/Images/consoleupdate230img12.png[/img]Fig 2. Endpoints not seen recently. [img]http://sw.nohold.net/Webroot/Images/consoleupdate230img13.png[/img]Fig 3. Endpoints encountering threats in the last 7 days. [img]http://sw.nohold.net/Webroot/Images/consoleupdate230img14.png[/img]Fig 4. 50 most recent endpoints encountering threats. [img]http://sw.nohold.net/Webroot/Images/consoleupdate230img15.png[/img]Fig 5. All threats seen. 
  2. GROUP MANAGEMENT  [img]http://sw.nohold.net/Webroot/Images/consoleupdate230img16.png[/img]Fig 6. Threats detected. Group Management > IPMac IP address reported. Group Management > All threats seen on EndpointMac threats reported. Group Management > Threats Detected popupMac threats reported. Group Management > Scan HistoryFull scan history for Macs reported.  [img]http://sw.nohold.net/Webroot/Images/consoleupdate230img17.png[/img]Fig 7. Scan history. AlertsThreat Alerts now supported for Macs. Note: ‘Active Directory’ and ‘Workgroup’ data points are not supported. Reports > Threat History (collated)Mac threats reported. Reports > Threat History (Daily)Mac threats reported. Reports > All Threats SeenMac threats reported. Reports > Endpoints with threats on last scanMac threats reported. Agent CommandsAgent commands supported with the exception of uninstall. Deactivation of an endpoint will also not uninstall the product.  
NOTES:
  1. Cloud determination not visible for Mac threats.
  2. No restore from quarantine available.
  3. No undetermined history report, as undetermined files are not reported.
  4. Overrides are not supported.
  5. Policies not supported. Macs will show as ‘Unmanaged’.
  6. Macs can be added to group, but group based policies will not apply.
  7. Active Directory not supported on endpoint views.
  8. Vendor, product and version not supported on threat views.

0 replies

Be the first to reply!

Reply