Top menu

7.2.46357

FIXED

NetworkLock
- Fixed error that caused BSOD in "srvnet.sys" on Windows 7.

ContentLock
- Fixed issue with "Archives content inspection on read" and "Archives content inspection on write" options when inspecting MS Office documents for attachments and embedded images.

DeviceLock
- Fixed latency scenario where the DeviceLock Service operated with its default settings for a short period of time while waiting for group policy settings to arrive from the domain controller;
- Fixed compatibility issues with third-party hardware: Commerzbank Signature stick, Huawei E173 3G modem, and Vimicro USB web camera;
- Fixed compatibility issues with third-party software: think-cell plugin for Microsoft PowerPoint 2007, Microsoft ForeFront TMG, XIV management GUI, ArcGIS Desktop, AutoCAD 2010, AutoCAD 2011, Adobe Flash player, Kodak Prinergy, Kaspersky Internet Security 2013, and Remote Administrator 2.2.

IMPROVED

NetworkLock
- Increased data exchange speed for HTTPS and FTPS connections;
- Improved support for Facebook, XING, Google+, Vkontakte, Odnoklassniki, StudiVZ.de, MeinVZ.de, and SchuelerVZ.net social networks;
- Improved support for the Gmail, Hotmail (Outlook.com), Web.de, Mail.ru, Rambler Mail, and Yandex Mail webmail services;
- Improved support for the AOL Instant Messenger (AIM) protocol;
- Improved content-aware rules support for Mail.ru Agent;
- Improved support for IRC auditing and shadowing in Thunderbird client;
- SSL permissions for Jabber and Mail.ru Agent have been deprecated and merged. All communications (both Generic and SSL) are now controlled by Generic permission settings.

ContentLock
- Improved processing performance for PDF files that contain many embedded images;
- Significant improvements in the MS Office documents (doc, docx, ppt, pptx, xls, xlsx, rtf) processing speed and attachments extraction;
- Improvements in memory management when processing Content-Aware Rules with the "Word forms" option enabled for keywords.

DeviceLock
- Improved support of shadowing for printers. Now, PDF files are created for the shadow copies of printed data;
- Improved and optimized data compression for audit and shadow data sent to DeviceLock Enterprise Server;
- Major improvements in audit for devices. Several events that were considered redundant are not logged anymore;
- The search page of DeviceLock Search Server now shows the history of search queries for quick reference and re-use;
- Now it is possible to add computers from Active Directory or from any LDAP tree to the static list in DeviceLock Enterprise Server central monitoring tasks;
- DeviceLock Management Console now remembers credentials used to connect to DeviceLock Service, DeviceLock Enterprise Server, and DeviceLock Content Security Search Server and allows administrator to use them when connecting to the same computer;
- DeviceLock Management Console can now display the total license limit amount and the number of DeviceLock endpoint licenses actually used for audit and shadow data collection and monitoring by the DeviceLock Enterprise Server;
- DeviceLock Management Console can now display the total license limit amount and the actual number of DeviceLock Search Server licenses actually used for DeviceLock Enterprise Server shadow log and audit logs indexing;
- Devices in the USB White List are not treated as keyloggers anymore;
- Improvements in Temporary White List to restrict temporary device access to only the user who originally requested access with DeviceLock Control Panel applet code.
DeviceLock: The DeviceLock Management Consoles Enterprise Server Reports for "Top active computers", "Top active users", "Top copied files, "Top used USB devices" and "Copied files per channel" have been extended to show failed shadow copies;
- The DeviceLock Management Consoles Enterprise Server "Top inserted USB & FireWire devices" report has been extended to show separate ratings for allowed and denied operations;
- Improved certificate authorization logic in DeviceLock Enterprise Server (DLES). Now, when authorization based on DeviceLock Certificates is used, DeviceLock Enterprise Server uses less CPU time;
- Improved Temporary White List functionality in the VMware View versions 4.6 and 5.1 environment;
- Improved CPU load performance when Internet Explorer is launched on Windows XP in the Hyper-V environment;
- Many internal optimizations and improvements in DeviceLock Service;
- Many interface improvements in DeviceLock Management Console.

NEW

NetworkLock
- Added new protocol: "SMB" for handling local network files on shares. "SMB" control supports contextual blocking, allowing, auditing, alerting, shadowing, content analysis (for contingent shadowing) for incoming and outgoing files;
- Added new protocol: "MAPI" for handling Microsoft Exchange email transactions using the Microsoft Outlook client. "MAPI" supports blocking, allowing, auditing, alerting, shadowing and content analysis separately for outgoing messages and file attachments as well as auditing, alerting, shadowing and content analysis (for contingent shadowing) for incoming messages and file attachments;
- Added new protocol: "File Sharing" for web-based file exchange and synchronization services. "File Sharing" supports blocking, allowing, auditing, alerting, shadowing and content analysis of Dropbox, Amazon S3, Google Drive/Docs, MS SkyDrive, RapidShare, Yandex.Disk, Narod.ru and iFolder.ru (rusfolder) file-exchange services when using a web-based connection rather than the native application;
- Added new protocol: "Skype". "Skype" control supports blocking, allowing, auditing, shadowing and content analysis of outgoing instant messages and files as well as auditing, alerting, shadowing and content analysis (for contingent shadowing) for incoming instant messages and files. Also, supports blocking, allowing, alerting and auditing of incoming and outgoing audio/video calls;
- Added new feature: "Basic IP Firewall". "Basic IP Firewall" can block TCP and UDP connections via protocols that are NOT otherwise supported by NetworkLocks list of managed Protocols. "Basic IP Firewall" can be used as a "catch-all-others" control to prevent both inbound and outbound traffic over connections like Radmin, SSH, SFTP, TFTP, NFS, LDAP, and others with the ability to allow or deny specified hosts/ports/IP addresses/ranges and conditionally alert on the activity;
- Added support for the IPv6 data interception and control at the protocols level;
- Added support for Disqus comment system in the Social Networks control;
- Added support for social networks Tumblr and LiveInternet;
- Added support for Facebook API and Vkontakte API;
- Added support for blocking, allowing, auditing, alerting, shadowing and content analyzing of outgoing files as well as auditing, alerting, shadowing and content analysis (for contingent shadowing) for incoming files sent via the supported Instant Messengers;
- Added "Block proxy traffic" parameter in Security Settings that allows for the blocking of network communications through proxy servers HTTP/HTTPS, SOCKS4, and SOCKS5 protocols;
- Added new parameter "Content Inspection" to Protocols White List. It allows administrators to optionally enforce Content-Aware Rules checking for connections otherwise allowed by specific Protocols White List rules;
- Added new option "If this rule triggers" to Protocol White List for "ANY" and "SSL" rules. Ii allows administrators to enable/disable auditing and alert notifications for connections permitted by Protocols White List rules;
- Added support for SSL 2.0.

ContentLock
- Added support for Oracle IRM. ContentLock can check whether the file sealed or not; can detect the context, seal and last modification time. Also, the Oracle IRM control can unpack sealed files and perform analysis of the files content;
- Content-aware rules for Permissions can now be enabled for the Printers device type in addition to the Printer Shadowing content rules previously available. This control is Printer-independent and there is no requirement to save the file to the file system prior to printing for the content analysis filtering to occur;
- Added ability to perform content analysis for text and unidentified content copied via Clipboard for regular and virtual/terminal server Windows environments. Shadowing Content Aware Rules are supported for text, files and unidentified content copied via Clipboard for regular and virtual/terminal server Windows environments;
- Added new Regular Expression pattern templates: American Name, Austria SSN, China National ID, Danish Personal ID, Dollar Amount, Dominican Republic ID Number, Finnish ID, France INSEE Code, French NINO, German eTIN, German Phone Number, Health Insurance Claim, US/UK Home Address, Irish PPSN, Irish VAT, Norwegian Birth Number, National Provider Identifier, Polish ID Number, RAMQ, ROK Registration Number, Spanish DNI, Spanish NIF, Spanish SSN, Sweden Phone Number, Sweden Post Code, Sweden Personal ID, Scotland Community Health Index, Taiwan ID Number, UK NHS Number, and Canadian Postal Code;
- Added search morphology (linguistics) for keywords. It supports Catalan, English, French, German, Italian, Polish, Portuguese, Russian, and Spanish languages;
- New option for Regular Expression pattern content templates: "Count identical matches as one match";
- Added "Extended Document Properties" control. It allows ContentLock to logically block, allow, and shadow documents and identify content based on the following fields of compound documents: Title, Subject, Tags, Categories, Comments, Authors, Last saved by, Company and Manager;
- Added search support for Russian transliterated words in content-aware rules when the "Word Forms" flag is enabled.

DeviceLock
- Added real-time event-based alerts. Alerts can be sent via SMTP emails and/or SNMP protocols. There are two types of alerts: administrative (e.g. service settings change, DeviceLock agent termination, changes made in the list of DeviceLock Administrators, users unsuccessful attempts to change the policy and so on) and device/protocol specific alerts administrator can configure such alerts the same way as audit rules. DeviceLock provides a queue for alerts so the endpoints can send them later if either of the designated alert communication channels (SMTP and/or SNMP) are unavailable at the time the alerts are generated;
- Added new device type: TS Devices. It supports Removable drives, Serial ports and USB devices forwarded in terminal session. It also includes lipboard operations in terminal and/or virtual environments. Supported environments are: MS RDP/RDS (including MS RemoteFX), Citrix XenApp, Citrix XenDesktop, Citrix XenServer, VMware View, MS VirtualPC, and Oracle VM VirtualBox;
- Added new component: DeviceLock WebConsole. It brings the ability to manage DeviceLock Service, DeviceLock Enterprise Server, DeviceLock Content Security Search Server and edit DeviceLock Service settings files from any internet browser;
- Added "Safe File Overwrite" feature which prevents users original file deletion following write-denied file activities with the same file name. While the changes are not kept due to the content violation, the original file remains in the folder. An audit log event is recorded when the original file is restored by the "Safe File Overwrite" feature after an attempted file-save that included ContentLock-blocked content occurs;
- Now it is possible to enable/disable audit or send alerts for certain content-aware rules (devices & protocols);
- Added new Service Options parameter: "Audit folder operations" which allows administrator to enable/disable audit for users folder operations on storage devices;
- Added new Service Options parameter: "Audit log threshold for file operations" which allows administrator to roll-up similar audit events during specified period of time;
- Added new flag that simplifies configuration for enabling/disabling auditing and shadowing of removable, floppy and optical drives allowed via USB White List;
- Added new flag that simplifies configuration for enabling/disabling auditing and shadowing of optical media allowed via Media White List;
- Added new "Read-only" flag in USB White List and Temporary White List for removable, floppy and optical drives to simplify this configuration option;
- Added new column to the audit log viewer: "Reason". "Reason" displays the subsystem that allowed or denied access based on DeviceLock policy;
- Added "Format" permission to audit & shadowing options for storage devices;
- Added shadowing support for the Clipboard device type control;
- Added the "Switch PostScript printer to non-PostScript mode" parameter in Security Settings to enable shadowing and content-aware rules for PostScript printers;
- Added "Undefine ContentLock policy" and "Undefine NetworkLock policy" parameters in the management consoles user interface. These parameters allow administrators to quickly and completely remove the ContentLock and NetworkLock settings from the DeviceLock policy;
- Added NDIS driver support to better handle network interface cards (USB, WiFi, etc.) access control and auditing;
- Added new audit log reports: "DeviceLock Service versions", "DeviceLock Service versions by computers" and "Top used printers";
- Compatibility provided to run applications virtualized with VMware ThinApp;
- Added USB White List support for virtual USB devices that are forwarded using Thinstuff XP/VS Terminal Server and USB Redirector software;
- The user manual and program help files have been significantly updated to include information about all new features.