Nebula has been enhanced with new features and improvements on January 31, 2019.
With this latest update, we’re continuing to improve our cloud platform for greater scalability and detection efficiency. These features also provide simplified management of common, everyday tasks to save time and expand usability, while also providing granularity needed for businesses with complex security requirements.
New Features
- Nebula now features adjustable startup options for service timeout periods for Windows endpoints. In some environments, applications that are installed as Windows services may require additional time to start or stop. This new policy setting option allows administrators to provide a flexible period of time for Windows services to start up when an endpoint is restarting:
- [For Endpoint Protection and Response only] Added option to create and display a custom Endpoint Isolation message. You can now craft a customized message that is displayed when an end user’s endpoint is locked. This provides reassurance to your end users that it is a legitimate alert from your IT department or helpdesk and enables you to mirror the same language and tone of your existing IT and security alerts.
- Administrators can make changes to the isolation message’s title and body of the message within the Endpoint Isolation settings section of the Policy Settings page. The Endpoint Isolation feature must be turned on to enable this functionality:
- When an end user’s endpoint is locked, they will be greeted with your customized isolation message next to their Windows profile picture:
Improvements
- [For Endpoint Protection and Response only] Added Isolate Endpoint (along with Remove Isolation) action options and added the endpoint name on the Suspicious Activity details page:
- Improved Self-Protection Module to now include additional components of the Endpoint Agent
- [For Endpoint Protection and Response only] Improved detection algorithms for Virobot ransomware
- [For Endpoint Protection and Response only] Improved warning message when isolating Windows servers
- Fixed: Endpoint Properties page may not display memory and storage information
- Fixed: Two restarts were needed to remove standalone Anti-Ransomware product
- Fixed: In some environments the endpoint agent tray icon on Windows endpoints may not appear after startup
- Fixed: Some policy settings for “Endpoint Interface Options” were incorrectly identified as being dependent upon other settings
- Fixed: Remediation may fail if a file contained the string “error” in the file name
- Fixed: Discovery & Deployment Tool hanging during network probes
- Fixed: Discovery & Deployment Tool generating an error during password recovery
- Fixed: [For Endpoint Protection and Response only] – Duplicate tasks may appear during Suspicious Activity file uploads
- Fixed: [For Endpoint Protection and Response only] – Clicking on Rules Triggered for a suspicious activity may display a blank page
- Fixed: [For Endpoint Protection and Response only] – Learning period could prematurely start prior to restart after the initial scan
- Fixed: [For Endpoint Protection and Response only] – Isolated endpoints could lose Wi-Fi connectivity
- Fixed: [For Endpoint Protection and Response only] – Suspicious Activity indicator may not appear for subsequent Suspicious Activity items (only if the item was previously closed without being excluded)
- Fixed: [For Endpoint Protection for Mac only] – Endpoint Agent may stop unexpectedly
- Fixed: [For Endpoint Protection for Mac only] – The “Last Refreshed” timestamp may not update after checking for Protection Updates
- Fixed: [For Endpoint Protection for Mac only] – The “Remediation Required” status indicator may not clear on macOS endpoints when multiple restarts are issued
Known Issues
- [For Endpoint Protection and Response only] – Remediating a grouped Suspicious Activity does not properly decrement the group counter
Our next cloud platform update is scheduled for March 2019.