We are very pleased to announce the new version of the Take Control for Mac Agent 6.00.57, which includes a new feature:
We are pleased to let you know that we have rolled out the latest update to N-sight’s EDR integration, as part of a set of EDR feature updates: It is now possible to update your check alert settings for EDR at a global policy level.
We have also released a new Windows RC agent, v10.14.1, with general performance updates.
Here are all the details…
Edit the Alert Policy for EDR Checks
It’s now possible to set your preferred global alert settings for the EDR checks. For example, if you wish to have workstation alerts turned on by default for one or both of the EDR checks, you can now adjust this setting by going to Settings > Alerts > Alert Policy.
It means technicians can save time by changing alert settings at a policy level and respond more proactively in the event of an issue on a device. The EDR-Agent Health Status and EDR Threat Status checks are grouped under one Integration Check.
Continue readingWe are pleased to announce that on Sunday March 3 during the SentinelOne’s regular scheduled Maintenance Window Endpoint Detection and Response (EDR) will be updated to SentinelOne’s “X” SP5 for the consoles detailed below. This release delivers significant enhancements to the management console.
Consoles scheduled for update include:
We are pleased to announce a new version of PME has been released.
This build has been released for the CVSS scoring release within N-central 24.1, however does contain some other improvements within it.
CVSS scoring update:
PME has been collecting CVSS scores for some time, this build is required to clear and resync the cache for N-central version 24.1. If you are not on this build, you might not see older CVSS Scores. Note: this update is for N-central only.
Verbose 3rd Part Patch Logging default
We have enabled verbose logging for 3rd party patch by default due to the unnecessary steps of requiring customers to enable and replicate a problem for advanced investigations
Other minor changes:
Updated PME publisher to N-able from MSP Platform and improvements for internal testing
| PME | 2.10.4.5454 |
| MSPPlatform | 2.10.4.5025 |
| PME.Diagnostics | 2.10.4.5006 |
| PME.ThirdPartyPatch | 2.10.4.5010 |
Please be advised that due to technical difficulties during the upgrade the following consoles will remain on “W” SP5 at this time. Agents will continue to connect to the Management console over the next hour.
A new Maintenance Window will be scheduled for Sunday March 3rd bringing the remaining consoles up to “X” SP5.
Thank you for your patience
Continue readingPlease be advised the scheduled Maintenance Window has been extended to run until 19:00 UTC. For the following Consoles:
https://usea1-swprd1.sentinelone.net
https://usea1-swprd2.sentinelone.net
https://euce1-swprd2.sentinelone.net/login
Original Post: https://status.n-able.com/2024/02/21/advance-notice-edr-x-sp5-release-mac-agent-23-3-sunday-feb-25th/
We will be releasing a new version of the Mac agent on Tuesday 27th February. This is a minor agent release focusing on 2 bug fixes.
MSAD-3692: Resolves an issue where curl 8.4.0 being installed on a device breaks scheduled tasks/script running. In this scenario, a task would run and complete on its first attempt but subsequent attempts would fail.
MSAD-3702: Improved Sentinel One deployment where it would not install due to issues with the configuration profile
We are delighted to announce we have started rolling out the heavily-requested feature of restoring tickets that have previously been deleted.
In this first release, we have added a new page and widget to the default helpdesk workspace
From here you can select the desired tickets and choose to restore them. Further enhancements are planned for future release including an additional tab within the helpdesk area of the left-hand nav.
Please note, to use this functionality in full you will be required to add your own version of this tab to your custom pages.
N-central 2024.1.0.17
Download link (login required)
The first release of N-central in 2024 is packed with a lot of goodies to help our partners stay secure as well as get the most out of N-central and their chosen tech stack. From enhancements to our EDR integration ready for all, new CVSS scoring for Microsoft Patching, and continuing to expand our growing set of REST API’s.
The current EDR integration can now be upgraded to the new EDR integration! This new and improved EDR integration will give you full SentinelOne functionality while continuing to utilize N-central for bulk deployment (Windows and MacOS) and real-time monitoring of your devices. With full dashboard access to SentinelOne, including SSO access via Azure AD, you can now view detailed threat reports, configure granular notifications, and access the SentinelOne API. You can also try advanced security features like Complete, Threat Hunting, also known as “Deep Visibility”, and Ranger.
How to upgrade? To upgrade your EDR integration, navigate to the Integration Management screen within N-central and click the ‘Upgrade’ button.
Watch the video on how to upgrade your EDR to the new integration!
There are several new REST API endpoints included in 2024.1! These updates include endpoints with GET methods for:
After upgrading to 2024.1, you can view the updated list of REST API endpoints by navigating to your Swagger documentation page located at https://Your_FQDN/api-explorer/. The new endpoints can be identified as any endpoint with ‘Preview’ label on the endpoint description.
We are delighted to announce a significant enhancement to patch management which brings brand new security focused functionality with the Common Vulnerability Scoring System (CVSS) data being shown alongside patch information with the Patch Management workflows. CVSS provides a standardized and consistent way to assess and communicate the severity of vulnerabilities.
By combining information including CVSS from Microsoft’s Security and Response Centre direct into Patch Management you can see which patches are solving vulnerabilities allowing you to focus efforts on those If and when needed.
Please note, a Patch Management Engine (PME) release was launched prior to 2024.1 GA. PME has been able to gather CVSS information for some time pending the finish of the UI. For PME to re-submit older patches that have already been discovered, you will need to clear the cache located here: C:\ProgramData\MspPlatform\PME\data\Cve\CveHash.txt or you can update PME to 2.10.4RC (which is planning to go live in a few days)
What is in this first release?
The patch approval work flows now include a CVSS score column. For patches solving multiple vulnerabilities the highest score will show.
A filtering option to focus on specific score ranges is available within the filter pop out window
Clicking a CVSS score shows a pop up which includes all vulnerabilities being solved by the patch including the ID’s and scores. The pop up includes clickable links which direct you to the MSRC database
What’s next for CVSS?
The next stages are planning to add CVSS scoring into the auto approval rules. This would allow you to target patches of a certain score and above. One way you might want to use this would be to immediately approve and install anything that is a 10 on the CVSS scale due to the severity of it.
Another quick add currently being planned will come in the form of highlighting colors dependent on the range so that it is easier to identify in the workflows.
N-central DMA functionality has been improved by adding an icon to the features column within the All-Devices view, providing a quick and easy way to see the enrollment status of a device. This new icon includes multiple states, such as DMA Enrolled, Waiting for User, DMA not Enabled, and more.
A new ‘Managed Patch for mac’ report has been added to provide a much better experience when determining the patch install state over several devices.
Apple devices have the possibility of updating over 200 3rd party applications using the Run Managed Patch script available within the N-central repository. This list of patches is maintained by N-able and all updates are tested before being pushed live to production.
In addition to all the feature enhancements, we have made over 40 updates to issues that have been reported by partners, all of which are outlined in the detailed release notes page.
Please note that Tuesday February 27th we will be publishing an update for Web Protection. This release will be in place across all regions by Thursday February 29th. This release brings in an update to our Web Protection Service and targeting general infrastructure improvements.
Continue reading
You must be logged in to post a comment.