Improvements and changes

In addition to the new features, this version offers further improvements in the following areas:

Application Control

  • A new setting leads to a significant improvement in performance because rules are now evaluated much faster. (Reference EI-2429)

Device Control

  • The content check for Unicode text files (<FORMFEED> allow; <NUL> don't allow) has been improved. (Reference EI-2397)

DriveLock Agent

  • macOS Agent: In the DOC in the Installations section, the macOS Agent can be easily installed via the command line with the appropriate parameters (Reference: EI-2366)

  • The installation of DriveLock Agent via DLSetup.exe is no longer possible. The agent can be installed and updated via the command line with appropriate parameters. (Reference EI-2351)

  • The DriveLock Agent (x64).msi supports a new parameter: REMOVEDATA. This parameter can be specified during uninstallation (REMOVEDATA=1), so that not only the program files but also all configuration data of the agent are deleted during uninstallation.

  • Agent Remote Control:

    • It is now possible to disable both HTTP and HTTPS for remote control. (Reference: EI-2121)

    • Remote access to agents can now be secured using role-based access rights. Two new roles or permissions have been added to the DOC that determine whether agents can be accessed read-only or whether changes are also allowed.

DriveLock Enterprise Service (DES)

  • If a user is to be added in the DOC from a domain to which the DES has no authorization, a password dialog is now displayed. This only affects the on-premise version of DriveLock. (Reference EI-2280)

DriveLock Operations Center (DOC)

  • Audit events are now displayed in their own tab.

DriveLock Pre-Boot Authentication (PBA)

  • For better error analysis, an event is now reported (event number 757) that the PBA could not be installed because the requirements for SecureBoot are not met. The reason is the missing Microsoft Corporation UEFI CA 2011 certificate.

Event Encryption

  • As of version 2023.1, the ability to change or configure settings for client-side event encryption is removed. Events are basically no longer encrypted. The data masking function in the DOC completely replaces the previous pseudonymization by encryption.

Inventory

  • A new event (ID 2710) is now triggered when a computer is selected by the server to perform an AD inventory. This only affects DriveLock Managed Services. (Reference EI-2289)

Licensing

  • The Risk&Compliance (EDR) module has been incorporated into the Zero Trust platform. The "Evaluate event filters" and "Evaluate 3rd party events" options can now be activated or explicitly deactivated.

  • The Native OS Security license has been renamed to Security Configuration Management. The functional scope remains unaffected and still includes firewall management and administration of local users and groups.