ADVANCE NOTICE: EDR Windows and Linux Agent Update Wednesday, January 12

Posted on January 7, 2022 by carlagajdecki

We are pleased to announce that Wednesday, January 12, the Endpoint Detection and Response (EDR) product will be releasing new agents for both Windows and Linux. The Windows agent will see an update to 21.7 SP1 (21.7.4.1043) and the Linux agent will see an update to 21.10 GA (21.10.3.3). We strongly recommend upgrading these agents as soon as possible to provide the maximum level of protection available.

New and improved in Windows 21.7 SP1 (21.7.4.1043):

This release brings general bug fixes including the resolving the PowerShell module load errors.

For the full list of Bug Fixes please see the Release Notes link below

New and improved in Linux 21.10 GA (21.10.3.3):

New Supported Distros

Added Support for RHEL 8.5, RockyLinux 8.4, AlmaLinux 8.4 and Debian 11. Please note, To run the System Log Remote Script Orchestration (RSO) script on RockyLinux endpoints, rsyslog must be installed on the endpoint first.

CPU Capping

Introducing the ability to limit and specify the maximum CPU usage of all SentinelOne Agent processes out of the total CPU capacity of an endpoint. Policy Override now offers an additional config parameter to setting CPU use limit.

Suppress Application Control Alerts

The Agent now suppresses repeated threat alerts from executables not part of the original system or container image. Application Control now sends only one foreign executable alert during the configured time period (by default, 24 hours).

  • If Application Control is enabled for Linux servers and containers, this feature is enabled by default.
  • Agent automatically restarts when Application Control is enabled or disabled.
  • To configure using policy override:
  • The logs will show a suppressed alert.

Agent Performance

To further improve Agent performance, we are using the Extended Berkeley Packet Filter (eBPF) to collect operating system telemetry events (where the OS supports it). eBPF features will be enabled gradually over future Agent releases.

This is the eBPF feature of this Agent release: The perf provider is enhanced to track file_close_write and mount events using eBPF.

eBPF is enabled by default. To make sure it is enabled on your 21.10 Agents, run:

For the full list of Bug Fixes please see the Release Notes link below

For full details on all updates please check out our Release Notes: https://success.n-able.com/nc-edr-documentation/

Posted in N-central | Comments Off on ADVANCE NOTICE: EDR Windows and Linux Agent Update Wednesday, January 12

Release Take Control Admin Area – Installer repository

Posted on January 7, 2022 by brianmackie

We are very pleased to announce the new version of the Take Control admin area, which includes an installer repository.

Continue reading
Posted in Take Control | Comments Off on Release Take Control Admin Area – Installer repository

Apache Log4j Vulnerability – Updated 1:00 p.m. EST, December 22, 2021

Posted on December 20, 2021 by carlagajdecki

Updated: December 21, 2021

Risk Intelligence deployed appropriate patches as of 4 1.m. EST December 21, 2021.

Original Post:

As you may know, a vulnerability within the Apache Log4j tool was identified on Friday, December 10, 2021 – tracked as CVE-2021-44228. Log4j is a logging framework created by Apache and used widely across the internet. Many, many services are potentially vulnerable to this exploit.

Our Security, Engineering and DevOps teams, under the direction of our CSO, conducted a full impact assessment once the vulnerability was initially identified December 10 and found no evidence of successful exploitation. In addition, our internal Red Team completed a deep analysis of our code as well as testing.

Continue reading
Posted in Cove Data Protection, Mail Assure, MSP Manager, N-central, Passportal, Risk Intelligence, Security Notices, Take Control | Comments Off on Apache Log4j Vulnerability – Updated 1:00 p.m. EST, December 22, 2021

End-of-Life Announcement for N-able Threat Monitor

Posted on December 20, 2021 by Marilena Levy

This notification announces the upcoming end of life for N-able Threat Monitor product.

N-able is discontinuing the Threat Monitor product and all related services, with a target shutdown date of Thursday, December 30, 2021.

Customers with existing contracts can access all product data available until the shutdown date. After the discontinuation, data archived up to one year can be provided upon request.

If you have any concerns regarding this product phase out, please reach out to your Partner Success representative.

Posted in N-sight | Comments Off on End-of-Life Announcement for N-able Threat Monitor

Advance Notice: Standardization of Password Complexity Settings For NCOD Partners

Posted on December 17, 2021 by Matt Miller

UPDATE: The changes outlined in this blog entry will be taking place on the following dates:

  • February 15th: APAC Partners
  • February 16th: EMEA Partners
  • February 17th: Americas Partners

As part of our continuing efforts to keep our hosted offerings secure, and to implement industry best practices, the password complexity settings for our NCOD Partners will be updated on Friday, January 14th.

Continue reading
Posted in N-central | Comments Off on Advance Notice: Standardization of Password Complexity Settings For NCOD Partners

N-able RMM: Mandatory 2FA Coming Soon

Posted on December 17, 2021 by brianmackie

In keeping with industry best practices to help protect you and the devices you manage, users of N-able RMM will be required to enable two-factor authentication (2FA) in order to continue using the product.

RMM already provides multifactor authentication, with the option to use IP address verification or 2FA, or both. From 21 January 2022, we will start to make 2FA mandatory for all user logins. IP address verification will continue to be available and can optionally be used alongside 2FA.

We encourage partners to make 2FA mandatory in RMM by going to Settings > General Settings > Security in the dashboard. After January 21st, we will automatically enable this feature for all accounts. The option to disable 2FA will be removed at that point.

RMM’s 2FA feature uses the Time-based One-Time Passcode (TOTP) standard and is compatible with many standard third-party authenticator apps. To find out more, click here.

Posted in N-sight | Comments Off on N-able RMM: Mandatory 2FA Coming Soon

Release Take Control Windows Agent 7.00.30 – Integrated

Posted on December 16, 2021 by brianmackie

We are very pleased to announce the new version of the Take Control Integrated for Windows agent 7.00.30 for RMM and N-central, including pinpointed bug fixes.

Fixes and Improvements:

  • The credentials provider module is now even more robust in case of errors: if something fails with a specific application, instead of being completely disabled by the agent, it will now only be disabled for working with that application, while keeping the functionality to inject credentials at all other applications at the remote device.
  • The credentials provider dll file was not being removed when the Take Control agent was uninstalled. This has been resolved.
  • There were some rare situations where the Take Control agent could lose connectivity to the assigned gateway, and not request a new one, becoming unreachable. This has been resolved.
Posted in N-central, Take Control | Comments Off on Release Take Control Windows Agent 7.00.30 – Integrated

N-central 2021.3 GA and NCOD Upgrade Schedule

Posted on December 15, 2021 by Matt Miller

Hello!

We are very excited to announce that N-central 2021.3 has gone GA, and is now available for download!

For a complete list of changes in this release, read on! To access the documentation or grab the installers, please head over to the 2021.3 download page.

Continue reading
Posted in N-central | Comments Off on N-central 2021.3 GA and NCOD Upgrade Schedule

N-able Risk Intelligence: Apache Log4j Vulnerability Fix

Posted on December 15, 2021 by carlagajdecki

We have released an update to Risk Intelligence to address the recent Apache Log4j vulnerability. We have evaluated risk within Risk Intelligence and have deployed patches for any vulnerable components as of 3:00 am EST on December 15, 2021. 

Please note that no Risk Intelligence agent updates are required.

Bug fixes:

  • Addressed Log4j vulnerability (CVE-2021-44228)
  • Fixed intermittent issue where scans crashed after large number of errors trying to read files

More detail can be found in our original post.

Posted in Risk Intelligence, Security Notices | Comments Off on N-able Risk Intelligence: Apache Log4j Vulnerability Fix

Release Take Control Windows Agent 7.00.30

Posted on December 15, 2021 by brianmackie

We are very pleased to announce the new version of the Take Control standalone Windows Agent 7.00.30, which includes pre-session chat, push announcements to devices with the Take Control agent installed and enhanced in-session notifications.

Continue reading
Posted in Take Control | Comments Off on Release Take Control Windows Agent 7.00.30