Prevx 3.0 Enterprise Software Releases
Prevx 3.0 Enterprise - Service Pack 5
We are pleased to announce the release of Prevx Enterprise Service Pack 5.This Service Pack focuses on the implementation of server performance- and scalability improvements, new management features, stronger endpoint protection and remediation capabilities as well customer requested functionality and bug fixes.
| NEW: New Report Engine | A new report engine has been implemented, allowing the generation graphical status -, infection- and machine reports with great details about infection history, short- and long term server statistics as well an advisory section which will ensuring the Prevx Enterprise environment is running trouble-free. |
|---|---|
| NEW: Official 64Bit endpoint support | The Prevx Enterprise Endpoints are now supported for 64 bit architectures. x86 and x64 endpoint installers can be downloaded via the "Updates" Panel in your Prevx Enterprise Console |
| NEW: Improved endpoint protection and remediation capabilities | The cleanup and remediation capabilities of the Prevx Enterprise Endpoints have been greatly improved to be able to tacke the very latest Trojans, virii and rootkits. |
| NEW: Improved server scalability | The Enterprise Server has been streamlined and communications enhanced further to improve scalability. This service pack of Prevx Enterprise will allow the deployment of 10.000 endpoints per server. |
| NEW: New Protection Modes | Service Pack 5 implements 2 new protection modes which can be run on single machines or group of machines. These protection modes are for advanced users only and allow to the endpoints to operate in "Override Only" or "Whitelist Lockdown" mode. Please refer to the operators guide for more information. |
| NEW: Remote Endpoint Control | The Enterprise Endpoint supports a new UDP-based control port, over which Scans and Polls can be triggered from the central Enterprise Server. (UDP Port 21001 must be enabled on firewalls for this feature to work) |
| NEW: Policy driven Endpoint appearance configuration | New policy options have been introduced which allow selectively enabling shutdown menu, self-protection and Explorer context menu integration. |
| NEW: Endpoint MSI Configurator | After downloading a MSI endpoint installer, the server hostname property can now be freely configured to be either hostname, DNS name or physical IP address . |
| UPDATE: Bugfixes | Various bugs have been fixed across all components of the product. |
| UPDATE: Remote Deployment Wizard Updated | The remote deployment wizard has been updated to make it more user-friendly and less error prone. The MSI installer will now also setup Windows Firewall exceptions automatically to ensure seemless deployment. |
| UPDATE: Improved QuickStart Wizard | The QuickStart wizard has been refined and allows now the pre-configuration of the default security policy |
| UPDATE: Improved Alert Rule Editor | The AlertRule editor has been enhanced for easier creations of parameterized text and contains now a preview section and a variable list. New variables such as %FILENAMES% are now available for maximum customization. |
How to update
This Service Pack is cumulative.This release includes changes to both, the endpoint as well the enterprise server/console, therefore, all components need to be updated.
To upgrade any existing version, please follow these steps:
Updating the enterprise server and console:
- Navigate to the “Updates” Panel in the Enterprise Console and download the corresponding Enterprise Server installer
- Shutdown Prevx Enterprise and run the installer. The installer will automatically upgrade your server software
- Start the Enterprise Server again via the StartMenu
Update the enterprise endpoints:
- Navigate to the “Updates” Panel in the Enterprise Console and download the corresponding Enterprise Agent installer
- Download the agent installer with the architecture and language of your choice
- Configure the server hostname to be used within the installer
- Use the preferred deployment method of your choice such as SMS, Login-Script, NetworkScript, Remote Deployment Tool or manual installation, to upgrade existing endpoints or perform fresh installations
Note for Service Pack 4 Users:
The new enterprise server is backward compatible with Server Pack 4 Endpoints, however, not all features will be available until endpoints are upgraded to latest version.
Note for users of Service Pack 1, 2 and 3:
This version of the enterprise server is no longer compatible with ServicePack 1, 2 and 3 Endpoints. Please upgrade all endpoints to latest version to ensure you can benefit from all improvements.
Changes in System Requirements
Due to the new Endpoint Backchannel support, firewalls need to be configured to allow UDP communications on port 21001.
Prevx 3.0 Enterprise - Service Pack 4
Prevx 3.0 Enterprise Service Pack 4 is now available.
Prevx CSI-Enterprise has been rebranded to Prevx 3.0 Enterprise.
This service pack has significant functional and architectural changes in Prevx 3.0 Enterprise server as well the end-point agents.
IMPORTANT UPGRADE INFORMATION:
Before you upgrade, please ensure that you follow these steps in this order:
1. Upgrade the Prevx 3.0 Enterprise console from the link located in the Update section in the console (1.4.2.92)
2. Download the new agent from the update section (3.0.1.56 Prevx 3.0 Agent)
3. Deploy the new agent via the “Remote deployment Tool” or any other MSI deployment method
| NEW: | Rebranding and new look & feel |
|---|---|
| NEW: | Advanced end-point agent protection now with optional real-time protection |
| NEW: | Server console architecture changed, boasting separate server and console applications with logon/authentication capablities |
| NEW: | Infection and Scan history allows easy click-and-go override handling |
| NEW: | Improved parallel processing via multiplexed queues for realtime and scan events |
| NEW: | Policies options extended to support "Silent" agents |
| UPDATE: | Status screen enhanced |
| UPDATE: | Support is now entirely webbased |
| UPDATE: | Streamlined communication between Agent and Serve console with massive performance improvements |
| UPDATE: | Minor bugfixes across all components |
CSI-E Update 1.3.2.2 R514
| NEW: | CSIE-Server: Multithreading enabled (max. 16 threads) for improved performance |
|---|---|
| NEW: | CSIE-Server: Context sensitive help has been introduced across the application |
| NEW: | CSIE-Server: Client configuration screen redesigned for enhanced useability and management for very large amount of agents introducing advanced Drag&Drop, extended multi-selection and filters |
| UPDATE: | CSIE-Agent: New agent deployed with improved performance and stability |
| UPDATE: | CSIE-Server: Bug fixed which prevented to run the CSIE server behind a proxy server |
| UPDATE: | CSIE-Server: New core deployed improving load balancing and connection management |
| UPDATE: | CSIE-Server: bug in the report preset's fixed |
| UPDATE: | CSIE-Server: minor changes to the user interface to improve useability |
| UPDATE: | CSIE-Server: minor bugfixes |
CSI-E Service Pack 3 (1.3.1.234 R490) - Final
| NEW: | A new CSI-E agent has been introduced including great improvements in stability, compatibility, improved scanning and cleanup by raw file system parsing and vastly improved rootkit detection and cleanup. |
|---|---|
| NEW: | The first version of the RDW (Remote Deployment Wizard) has been introduced as a stand-alone application which allows 'single-click' remote deployment of CSI-E agents across the network from one desktop. |
| NEW: | A New communication interface between agent and server has been introduced which improves parsing reliability in order to minimize memory corruption issues and crashes. |
| NEW: | Compression has been added to the communication layer between agent and console to minimize and speed up network traffic within the corporate network. |
| UPDATE: | Performance improvements have been made all over the product code to ensure faster data throughput on the server side, improving performance in some areas by 60 per cent. |
| UPDATE: | LDB-Data sanity checks have been introduced to improve server console stability. |
| NEW: | Several Debug and troubleshooting options have been added such as LDB journaling, MDB-only mode and suppression of crash dumps. |
| NEW: | A Server Watchdog has been introduced in conjunction with improved exception handling in order reduce potential memory corruption issues and the ability to automatically restart the server console on any unexpected termination - reducing the management overhead for the administrator even further. |
| NEW: | All important product executables are now properly signed. |
| NEW: | An option to query the determination of a particular PX5 has been introduced. |
| NEW: | Filename support has been added which allows the system to track proper localized file and pathnames of each infections within all audit trails and reports. |
| NEW: | Overrides and Agents can now be deleted permanently from the servers data cache. |
| NEW: | A TimeToLive (TTL) value has been introduced, allowing the administrator to specify the maximum age of any PX5 determination locally cached before a re-lookup is forced. |
| UPDATE: | improved memory management for graphics in the console on very large scale agent deployments. |
| UPDATE: | Legacy code has been remove and cleaned up (Stats code). |
| UPDATE: | LDB Batch processing added for improved performance and reduced locking contention. |
| UPDATE: | TCPIP service is now dependant on the server console and will no longer function if the server console is not running. |
| UPDATE: | Logging in the TCPIP service has been improved to uniquely identify each message to its origin machine (IP). |
| UPDATE: | Numerous fixes to bugs discovered in previous versions. |
| ISSUE: | Windows Vista Clients There is only limited support for Microsoft Windows Vista client when deploying using hte Remote Deployment Tool. After deployment, the machine needs to be rebooted, while that is not neccessary for Agents on other Microsoft Operating Systems. |
| ISSUE: | Vista UAC and Remote Deploment Wizard Rollouts using the Remote Deployment Tools on Windows Vista clients with UAC turned on will fail. This is due to the new security policies enforced by Vista. UAC needs to be turned off the Remote Deployment Wizard is used for deployment. |
| ISSUE: | Firewalls and Simple File Sharing in conjunction with Remote Deployment Wizard Firewalls can block the remote deployment wizard and must be turned off. Windows Simple File Sharing needs to be turned off on the client machine if the Remote Deployment Wizard is used for deployment. |