Hi all,

We are happy to announce the release of Endpoint Security Client E83.20.

The complete list of improvements can be found in the version release’s Secure Knowledge sk168081.

But here are the most exciting ones…

New windows support

E83.20 has full support (all blades and packages) for Windows 10 20H1 (version 2004)

Browser Extension support Microsoft Edge (Chromium) & Chrome for Mac

SandBlast Agent Browser Extension now supports Microsoft Edge (Chromium) and Chrome for Mac with the following capabilities:

• URL Filtering (WebUI only)
• File Download Protection
• Credential Theft protection including Zero-Phishing and Corporate-password-reuse protection

The extension is installed automatically together with the new version

Supported & Next To Come:

E83.20 for macOS

The version supports the following capabilities:

• Anti-Malware blade is now GA
• URL Filtering with SandBlast Agent Chrome Browser Extension
• Advanced VPN features are now also available on Mac:
• Multiple Factor Authentication
• Multiple Entry Point
• Implicit Mode
• Secondary Connect

Follow sk166955 for more information on the E83.20 release for macOS.

New advanced protections

• "Pass The Hash" detection in Behavioral Guard has been enhanced, to recognize more “Pass The Hash” attempts.
  Pass The Hash is used by an attacker to do remote authentication by utilizing the hash of an account password. In other words, the attacker does not need the actual plaintext password.
  This technique in essence allows for lateral movement in an organization.
• Improved malicious LNK files detection
  Behavioral Guard was enhanced, to detect malicious LNK files (windows shortcut / direct link to a file). It analyzes the target of a LNK file to determine if the LNK file itself is malicious.
  LNK files are mostly though not exclusively utilized maliciously to start LOLBins (Living Off The Land Binaries) like Windows OS executables. Some common targets for malicious LNK files include CMD, powershell, and wscript.

In addition, the Forensics Analysis now can determine whether the attack originated from an LNK file and the Forensics Report shows the targets of all LNK files in an incident.

Content view in the Forensics report

The Forensics Report now has been enhanced to show all AMSI content and LNK targets in a new single view called the Content View. This view is accessible under the Incident Details Menu option

Full Disk Encryption – pre-boot screen

The Full Disk Encryption pre–boot has a modernized look and feel along with updates to the color-theme and background images.

Stay safe,

Guy A.

Hi,

R80.20 Jumbo Hotfix Take #173 is now our GA take.

This take is available for download to all via CPUSE (as recommended) and via sk137592

Thanks ,

Release Management Group

Hi All,

A new Ongoing Jumbo Hotfix Accumulator take for R80.40 (take 78) was released today,  and is available for download. Please refer to sk165456

Please note the following:

•        The new release is mentioned in  sk165456
•        The new releases will be published via CPUSE as a recommended version once it will be published as GA.
•        Availability:

                 o   Available to download the via sk165456

                 o   Available for download via CPUSE by using package identifier.

                 o   Can be provided by customer support

Content included in this take:

• List of resolved issue in this take can be found in sk165456

Thanks ,

Release Management Group

Hi all,

A new GA SmartConsole (Build #410) for R80.40 is available. Please refer to sk165473

A new R80.40 Jumbo hotfix Accumulator (Take #78) is also available, for more information See sk165456

Thanks, 

Release Management team  

Hi,

R80.40 Jumbo Hotfix Take #77 is now our GA take

This take is available for download to all via CPUSE (as recommended) and via sk165456

Thanks,

Release Management Group

A new Ongoing Jumbo Hotfix Accumulator take for R80.40 (take 77),  is available for download. Please refer to sk165456

 Release Highlights:

• Update dependencies of internal OS packages during Security Gateway installation 

Please note the following:

• The new releases are mentioned in R80.40 JHF sk165456

• The new release will be published via CPUSE as a recommended version when it becomes GA.

• Availability:
  • Available to download the via sk165456
  • Available for download via CPUSE by using package identifier.
  • Can be provided by customer support
  •  

For more information on Jumbo releases, please refer to this thread “R80.XX Jumbo Hotfix Accumulator - Did You Know?“

Thanks,

Release Management Group 

What's New:

New Features

• Anti-Malware blade for macOS.
• Anti-Malware contextual scan.
• Support for SandBlast Agent Chrome Browser Extension with URL Filtering capabilities.
  • Note - The feature is available for SandBlast Agent Web Management users.
• Support for additional VPN features:
  • Multiple Authentication Factors
  • Multiple Entry Point, Implicit Mode
  • Secondary Connect

 Enhancements

•        This release includes stability, quality and performance fixes.

Please see sk166955 for more information on the E83.20 release for macOS.

Hi All,

A new Ongoing Jumbo Hotfix Accumulator take for R80.30 (take 217) was released today and is available for download. Please refer to sk153152

Release Highlight 

• Stability Fixes

Please note the following:

•        The new release is mentioned in  sk153152
•        The new releases will be published via CPUSE as a recommended version once it will be published as GA.
•        Availability:
  • Available to download via sk153152
  • Available for download via CPUSE by using package identifier.
  • Can be provided by customer support

Thanks,

Release Management Group

A new Ongoing Jumbo Hotfix Accumulator take for R80.40 (take 74),  is available for download. Please refer to sk165456

Release Highlights:

• Stability fixes

Please note the following:

• The new releases are mentioned in R80.40 JHF sk165456

• The new release will be published via CPUSE as a recommended version when it becomes GA.

• Availability:
  • Available to download via sk165456
  • Available for download via CPUSE by using package identifier.
  • Can be provided by customer support

For more information on Jumbo releases, please refer to this thread “R80.XX Jumbo Hotfix Accumulator - Did You Know?“

Thanks,

Release Management Group 

Hi All

R80.30 Jumbo HF Take #215 is now our GA take (replacing take 214) and is available for download to all via CPUSE (as recommended) and via sk153152.

Release Highlight:

• Added support for Jumbo Hotfix installation on Check Point 3800, 6400, 6700, 7000, 16200, 16600HS and 28000 appliances. Refer to sk110052, sk139932 and sk152733

Full list of resolved issues can be found in sk153152.

Thanks,

Release Management groups

As of version E83.10 SandBlast Agent fully supports VMware Horizon versions 7.6 and above, it supports both Persistent and Non-Persistent installations.

The solution is in GA quality and is included in all package types, for more information - please use the following Endpoint Security VDI E83.10 Administration Guide.

I'd be delighted to reply to any questions that might arise.