Release Take Control Admin Area – Installer repository

We are very pleased to announce the new version of the Take Control admin area, which includes an installer repository.

Continue reading
Posted in Take Control | Comments Off on Release Take Control Admin Area – Installer repository

Apache Log4j Vulnerability – Updated 1:00 p.m. EST, December 22, 2021

Updated: December 21, 2021

Risk Intelligence deployed appropriate patches as of 4 1.m. EST December 21, 2021.

Original Post:

As you may know, a vulnerability within the Apache Log4j tool was identified on Friday, December 10, 2021 – tracked as CVE-2021-44228. Log4j is a logging framework created by Apache and used widely across the internet. Many, many services are potentially vulnerable to this exploit.

Our Security, Engineering and DevOps teams, under the direction of our CSO, conducted a full impact assessment once the vulnerability was initially identified December 10 and found no evidence of successful exploitation. In addition, our internal Red Team completed a deep analysis of our code as well as testing.

Continue reading
Posted in Backup & Recovery, Mail Assure, MSP Anywhere, MSP Mail, MSP Manager, MSP Remote Monitoring & Management, MSP Service Desk, N-central, Passportal, Risk Intelligence, Security Notices, Take Control | Comments Off on Apache Log4j Vulnerability – Updated 1:00 p.m. EST, December 22, 2021

End-of-Life Announcement for N-able Threat Monitor

This notification announces the upcoming end of life for N-able Threat Monitor product.

N-able is discontinuing the Threat Monitor product and all related services, with a target shutdown date of Thursday, December 30, 2021.

Customers with existing contracts can access all product data available until the shutdown date. After the discontinuation, data archived up to one year can be provided upon request.

If you have any concerns regarding this product phase out, please reach out to your Partner Success representative.

Posted in MSP Remote Monitoring & Management release notes | Comments Off on End-of-Life Announcement for N-able Threat Monitor

Advance Notice: Standardization of Password Complexity Settings For NCOD Partners

UPDATE: The changes outlined in this blog entry have been postponed from January 14th. This blog entry will be updated to specify a new date once it’s been confirmed. We apologize for any inconvenience this scheduling change may cause.

As part of our continuing efforts to keep our hosted offerings secure, and to implement industry best practices, the password complexity settings for our NCOD Partners will be updated on Friday, January 14th.

Continue reading
Posted in N-central | Comments Off on Advance Notice: Standardization of Password Complexity Settings For NCOD Partners

N-able RMM: Mandatory 2FA Coming Soon

In keeping with industry best practices to help protect you and the devices you manage, users of N-able RMM will be required to enable two-factor authentication (2FA) in order to continue using the product.

RMM already provides multifactor authentication, with the option to use IP address verification or 2FA, or both. From 21 January 2022, we will start to make 2FA mandatory for all user logins. IP address verification will continue to be available and can optionally be used alongside 2FA.

We encourage partners to make 2FA mandatory in RMM by going to Settings > General Settings > Security in the dashboard. After January 21st, we will automatically enable this feature for all accounts. The option to disable 2FA will be removed at that point.

RMM’s 2FA feature uses the Time-based One-Time Passcode (TOTP) standard and is compatible with many standard third-party authenticator apps. To find out more, click here.


Posted in MSP Remote Monitoring & Management, MSP Remote Monitoring & Management release notes | Comments Off on N-able RMM: Mandatory 2FA Coming Soon

Release Take Control Windows Agent 7.00.30 – Integrated

We are very pleased to announce the new version of the Take Control Integrated for Windows agent 7.00.30 for RMM and N-central, including pinpointed bug fixes.

Fixes and Improvements:

  • The credentials provider module is now even more robust in case of errors: if something fails with a specific application, instead of being completely disabled by the agent, it will now only be disabled for working with that application, while keeping the functionality to inject credentials at all other applications at the remote device.
  • The credentials provider dll file was not being removed when the Take Control agent was uninstalled. This has been resolved.
  • There were some rare situations where the Take Control agent could lose connectivity to the assigned gateway, and not request a new one, becoming unreachable. This has been resolved.
Posted in MSP Remote Monitoring & Management release notes, N-central, Take Control | Comments Off on Release Take Control Windows Agent 7.00.30 – Integrated

N-central 2021.3 GA and NCOD Upgrade Schedule

Hello!

We are very excited to announce that N-central 2021.3 has gone GA, and is now available for download!

For a complete list of changes in this release, read on! To access the documentation or grab the installers, please head over to the 2021.3 download page.

Continue reading
Posted in N-central | Comments Off on N-central 2021.3 GA and NCOD Upgrade Schedule

N-able Risk Intelligence: Apache Log4j Vulnerability Fix

We have released an update to Risk Intelligence to address the recent Apache Log4j vulnerability. We have evaluated risk within Risk Intelligence and have deployed patches for any vulnerable components as of 3:00 am EST on December 15, 2021. 

Please note that no Risk Intelligence agent updates are required.

Bug fixes:

  • Addressed Log4j vulnerability (CVE-2021-44228)
  • Fixed intermittent issue where scans crashed after large number of errors trying to read files

More detail can be found in our original post.

Posted in Risk Intelligence, Risk Intelligence service updates, Security Notices | Comments Off on N-able Risk Intelligence: Apache Log4j Vulnerability Fix

Release Take Control Windows Agent 7.00.30

We are very pleased to announce the new version of the Take Control standalone Windows Agent 7.00.30, which includes pre-session chat, push announcements to devices with the Take Control agent installed and enhanced in-session notifications.

Continue reading
Posted in Take Control | Comments Off on Release Take Control Windows Agent 7.00.30

Apache Log4j Vulnerability – Updated 12 p.m. EST, December 15, 2021

Updated 2:30 p.m. EST, December 20, 2021

The Apache Software Foundation (ASF) has rolled out another update – version 2.17.0 – for its Java-based open-source logging library Log4j to address a third security vulnerability first discovered December 10, 2021.

In response, N-able engineers have removed the log4j package from the RMM platform.  RMM is no longer at risk from this vulnerability or any potential future log4j vulnerabilities.  Risk Intelligence has scheduled deployment of patches for 4 a.m. EST December 21, 2021.

Find more details in our latest blog post https://status.n-able.com/2021/12/20/apache-log4j-vulnerability-updated-230-p-m-est-december-20-2021/

Continue reading
Posted in Backup & Recovery, Backup & Recovery service updates, Mail Assure, MSP Anywhere, MSP Mail, MSP Mail service updates, MSP Manager, MSP Remote Monitoring & Management, MSP Remote Monitoring & Management service updates, MSP Service Desk, MSP Service Desk service updates, N-central, Passportal, Risk Intelligence, Risk Intelligence service updates, Security Notices, Take Control | Comments Off on Apache Log4j Vulnerability – Updated 12 p.m. EST, December 15, 2021