你在这里

DeviceLock 7.2 发布

DeviceLock,Inc.,全球领先的端点数据泄漏防护 (DLP) 软件解决方案供应商,今天宣布软件版本 7.2 DLP 已正式发布。这个新版本包括备受期待的警报功能,以及通过几个额外的网络协议、 应用和社交网络延伸 DLP 控制功能。

DeviceLock 7.2 管理员或审计员可通过 SMTP 或 SNMP在终端外设端口/设备和网络协议的违规使用事件发生时得到及时通知。这使 DeviceLock 客户端具备无缝集成到其现有的日志管理和基础设施或简单地使用新内置警报功能的灵活性。

DeviceLock 7.2 保护组织内部数据防止通过流行且难于管理的 Skype 、 Facebook,以及基于 Web 的文件共享服务的服务与协议泄漏。此外,DeviceLock 的终结点 DLP 软件通过对MAPI 协议强制执行细微的上下文和内容过滤 为客户提供了前所未有的数据泄漏预防。

为了进一步支持 BYOD 倡议,DeviceLock 端点 DLP 现在提供了虚拟的 DLP,以减少桌面和应用程序虚拟化数据泄漏的威胁,并且支持自主要虚拟化技术供应商,如微软、 Citrix 和 VMware 的虚拟化方案。这种支持BYOD 设备连接到虚拟 Windows 环境,可以在虚拟终端做数据泄漏预防 。

DeviceLock 7.2 新功能(对比 7.1)

兼容性方面:支持 Windows 8

DeviceLock方面:

  • 增加实时基于事件的警报。可以通过 SMTP 电子邮件和/或 SNMP 协议发送警报。有两种类型的警报: 管理行为 (例如:服务设置更改,DeviceLock 代理终止,DeviceLock 管理员、 用户的不成功尝试更改策略等的列表中所做的更改) 和设备/协议特定警报 — — 管理员可以配置此类警报相同的方式作为审核规则。DeviceLock 警报提供队列,因此终端可以通过任一指定通道发送警报 (SMTP / SNMP),如果该通道暂时不可用则会稍后发送出去
  • 增加新的设备类型: TS 设备。它支持可移动驱动器、 串行端口和 USB 设备在终端会话中转发。它还包括 сlipboard 操作终端或虚拟环境中。受支持的环境是: MS RDP RDS (包括 MS RemoteFX)、 Citrix XenApp、 Citrix XenDesktop、 Citrix XenServer、 VMware 视图、 MS VirtualPC 和 Oracle VM VirtualBox
  • 增加新的组件: DeviceLock WebConsole。使得从任何互联网浏览器就可以管理和设置Devicelock服务器,客户端,以及DL的内容服务器
  • 增加"安全文件覆盖"功能,可防止用户的原始文件拒绝删除后做操作记录。
  • 新增针对内容识别规则启用/禁用审计或 发送警报
  • 增加新的服务选项参数:"审核文件夹操作",管理员可以启用/禁用审计用户的文件夹操作
  • 增加新的服务选项参数:"文件操作审计阈值",允许管理员汇总指定的时间段的事件审计
  • 增加新标志,简化了USB白名单配置中启用/禁用用户的审核/留档操作
  • 在 USB 白名单和临时白名单中增加"只读"标志选项
  • 审计日志查看器增加新列:"reason"。"reason"显示子系统执行操作原因
  • 在存储设备的日志选项选项中增加"格式化"子项,可以避免格式化存储设备也做文件留档的问题.
  • 增加剪贴板设备的留档功能
  • 留档用于打印机的改进的支持。现在,为打印文件的留档创建 PDF 文件
  • DeviceLock 服务可以配置为仅将留档文件的文件名发送到 DeviceLock 企业服务器存储库而原始文件存储在客户端本机
  • 改进和优化的数据压缩,审计和留档文件发送到 DeviceLock 企业服务器
  • 设备审计中的重大改进。被认为是多余的几个事件不再记录
  • 增强预防本地管理员篡改功能。现在 DeviceLock 可以监视并还原被用户修改或删除的文件和设置。此外,DeviceLock 可以保护系统的 hosts 文件避免非法篡改
  • DeviceLock 管理员配置中增加"使用强大的完整性检查"参数。启用后 DeviceLock 服务会检查所有可执行文件的数字签名
  • DeviceLock 搜索服务器能够执行内部文件进行全文搜索内部档案,并可以做文件留档
  • DeviceLock 搜索服务器的搜索页现在显示的搜索查询,以便快速引用和重复使用的历史记录
  • 现在就可以将计算机从 Active Directory 或任何 LDAP 树增加为 DeviceLock 服务器监测任务的静态列表
  • 在打印机安全设置中增加"将 PostScript 打印机转换为非PostScript打印机"选项
  • 在管理控制台用户界面中增加了"undefine ContentLock policy"和"undefine NetworkLock policy"参数。这些参数允许管理员迅速从 DeviceLock 政策完全删除 ContentLock 和 NetworkLock 的设置
  • DeviceLock 管理控制台可以显示总的许可证限制数和实际使用数量
  • DeviceLock 管理控制台现在可以显示搜索服务器总的许可证数和许可证实际使用数
  • USB 白名单中的设备不被视为KeyLoger程序了
  • 改进临时白名单中临时设备只有最初请求的用户可用
  • 增加 NDIS 驱动程序支持,以更好地处理网络接口卡 (USB、 WiFi 等) 的访问控制和审核
  • 在 DeviceLock 企业服务器改进的证书认证逻辑 .当使用基于 DeviceLock 证书认证时,DeviceLock 企业服务器使用较少的 CPU 时间
  • 缩短客户端在AD环境中等待域控组策略时使用默认策略的时间
  • 改进在 VMware 4.6 和 5.1 环境中临时白名单功能
  • 提高与 VMware ThinApp 虚拟化的应用程序的兼容性
  • 降低客户端 CPU 消耗,HYPER-V 虚拟机中在 Windows XP 用 IE 浏览器
  • 修复与第三方硬件的兼容性问题: 德国商业银行签名棒、 华为 E173 3g 调制解调器和中星微 USB 网络摄像头
  • 修复第三方软件的兼容性问题: Microsoft PowerPoint 2007 插件、 TMG、 XIV 管理 GUI、 ArcGIS 桌面、 AutoCAD 2010、 AutoCAD 2011、 Adobe Flash Player、 柯达印能捷、 卡巴斯基互联网安全2013 ,和远程管理员 2.2
  • DeviceLock 客户端许多内部优化和改善
  • DeviceLock 管理控制台中许多接口的改进

Network Control 方面:

  • 添加新的协议:"SMB"处理本地网络共享上的文件。"SMB"控件支持对传入和传出文件的上下文阻止、 允许、 审核、 警报、 留档、 内容分析 (适用于文件留档)
  • NetworkLock: 添加新的协议:"MAPI"处理 Microsoft Exchange 电子邮件使用 Microsoft Outlook 客户端的事务。"MAPI"支持阻止、 允许、 审核、 警报、 留档传出邮件和文件附件,审核、 警报、 留档内容分析和内容分析 (适用于文件留档) 传入消息和文件附件
  • 添加新的协议:"文件共享",管控基于 web 的文件交换和同步服务。"文件共享"支持阻止、 允许、 审核、 警报、 留档和内容分析.目前支持下列供应商: Dropbox、 Amazon S3、 Google Drive/Docs, MS SkyDrive, RapidShare, Yandex.Disk, Narod.ru 和 iFolder.ru (rusfolder).他们的 文件交换服务使用 web 连接,而不是通过应用程序建立特别的连接
  • 添加新的协议:"Skype"."Skype"控件支持阻止、 允许、 审核、 留档和传出的即时消息和文件,以及审核、 警报、 留档内容分析和内容分析 (适用于文件留档) 传入即时消息和文件。此外,还支持阻止、 允许、 警报和审核的传入和传出的音频和视频呼叫
  • 添加新的功能:"基本 IP 防火墙"。"基本 IP 防火墙"可以通过TCP/IP协议来阻止 NetworkLock 的列表不支持的协议。"基本 IP 防火墙"可以用作"控制其他所有协议"控件来控制协议通信如: Radmin、 SSH,SFTP,TFTP,NFS,LDAP ,以允许或拒绝指定主机/端口和 IP 地址/范围建立连接并有条件地警报
  • 增加支持 IPv6 数据截取和协议级别的控制
  • NetworkLock: 添加对社交网络 Tumblr 和 LiveInternet 的支持
  • NetworkLock: 添加对 Facebook API 和 Vkontakte API 的支持
  • NetworkLock: 对支持的即时聊天软件增加支持阻止、 允许、 审核、 警报、 留档和内容分析传出文件,以及审核、 警报,留档和内容分析 (文件留档))传入的文件
  • NetworkLock: 添加允许阻止通过代理服务器 HTTP/HTTPS、 SOCKS4、 SOCKS5 协议的网络通信的安全设置中的"阻止代理交通"参数
  • NetworkLock: 添加新参数"内容检查"到协议白名单。它允许管理员可以选择在协议白名单中的通讯强制执行内容识别规则检查
  • 添加对 SSL 2.0 的支持
  • 提高 HTTPS 和 FTPS 数据交换连接速度
  • 改进了对社交网站 Facebook、XING、 Google +、 Vkontakte、 Odnoklassniki、 StudiVZ.de、 MeinVZ.de 和 SchuelerVZ.net 支持
  • 改进了对 Gmail、 Hotmail (Outlook.com)、 Web.de、 Mail.ru、 Rambler Mail、 Yandex webmail 服务支持
  • 改进了对 AOL 即时信使 (AIM) 协议支持
  • 改进的 IRC 审核支持
  • SSL Jabber 和 Mail.ru 代理权限已被弃用和合并。所有通信改为通用权限设置控制。

Content Lock方面

  • 增加了对 Oracle IRM 支持。ContentLock 可以检查该文件是否密封 ; 或可以检测到上下文、 密封和最后修改时间。此外,Oracle IRM 控件可以打开包装密封的文件并对该文件的内容进行分析
  • 现在除了打印机留档内容规则以前可用的打印机设备类型启用内容识别规则的权限。此控件是打印机独立,无需将文件保存到文件系统上打印的内容分析筛选发生之前
  • 增加的文本和不明的内容执行内容分析的能力复制剪贴板通过经常和虚拟/终端服务器 Windows 环境。留档内容了解规则所支持的文本和不明的内容复制剪贴板通过经常和虚拟/终端服务器的 Windows 环境
  • 增加新的正则表达式模式模板: 美国人名、 奥地利 SSN、 中国国家/地区 ID、 丹麦个人 ID、 美元金额、 多米尼加共和国的 ID 号、 芬兰 ID、 法国 INSEE 代码、 法国 NINO、 德国 eTIN,德国的电话号码、 健康保险索赔,美国 / 英国家庭地址、 爱尔兰 PPSN、 爱尔兰增值税、 挪威出生人数、 国家的提供程序标识符、 波兰的 ID 号、 RAMQ、 韩国登记编号、 西班牙保护儿童国际运动西班牙 NIF、 西班牙 SSN、 瑞典的电话数目,瑞典邮政代码,瑞典个人 ID、 苏格兰社会健康指数、 台湾 ID 号,英国 NHS 号和加拿大的邮政编码
  • 增加的搜索形态(语言学)的关键字。它支持加泰罗尼亚语、 英文、 法文、 德国、 意大利、 波兰语、 葡萄牙语、 俄语、 和西班牙文的语言
  • 增加"扩展的文档属性"控制。它允许 ContentLock,逻辑上阻止,允许,和文件留档并确定基于下列字段的复合文档的内容: 标题、 主题、 标签、 类别、 评论,作者,上次保存公司的经理
  • 增加的搜索支持俄罗斯转译中的词的内容了解规则时启用"单词的各种形式"标志
  • 改善处理包含许多嵌入的图像的 PDF 文件的性能
  • 显著改善MS Office 文档 (doc、 docx、 ppt、 pptx、 xls、 中兑换 xlsx、 rtf) 加工速度和附件的萃取
  • 显著改善处理内容识别规则关键字时内存管理

 


以下是原文:

DeviceLock, Inc., a worldwide leader in endpoint data leak prevention (DLP) software solutions, announced today that version 7.2 of the popular Endpoint DLP Suite software has been released for general availability. This new version includes highly anticipated alerting capabilities as well as pioneering DLP control features over several additional network protocols, applications and social networks commonly accessed by endpoints.

DeviceLock 7.2 administrators or auditors can now be conditionally alerted via SMTP email or SNMP traps when particular endpoint events occur with peripheral ports, devices, and network protocols. This gives DeviceLock customers the flexibility of either integrating seamlessly with their existing log management and SIEM infrastructure or simply using the new DeviceLock built-in alerting capabilities.

DeviceLock 7.2 protects organizations against data leakage through such popular and difficult to secure services as Skype™, Facebook, and web-based file sharing services without disrupting their acceptable use for approved business communications and processes. In addition, DeviceLock’s Endpoint DLP Suite software provides unprecedented data leak prevention for customers who use the MAPI protocol by enforcing granular contextual controls and content filtering of native Microsoft Exchange email communications and attachments directly at the endpoint. MAPI implementation makes DeviceLock DLP a strategic security component for those migrating to hosted Exchange solutions where the messaging gateway is generically controlled by a third party and may not stop sensitive email content as desired or as necessary for compliance.

To further support BYOD initiatives, DeviceLock Endpoint DLP now offers Virtual DLP to mitigate the threat of data loss in desktop and application virtualization scenarios from major vendors, such as Microsoft, Citrix and VMware. This support allows platform and device-independent data leak prevention for BYOD devices connecting to virtual Windows environments, which can be managed side by side with the physical endpoints.

What's New in DeviceLock® 7.2 (versus 7.1):

  • NetworkLock: Added new protocol: "SMB" for handling local network files on shares. "SMB" control supports contextual blocking, allowing, auditing, alerting, shadowing, content analysis (for contingent shadowing) for incoming and outgoing files.
  • NetworkLock: Added new protocol: "MAPI" for handling Microsoft Exchange email transactions using the Microsoft Outlook client. "MAPI" supports blocking, allowing, auditing, alerting, shadowing and content analysis separately for outgoing messages and file attachments as well as auditing, alerting, shadowing and content analysis (for contingent shadowing) for incoming messages and file attachments.
  • NetworkLock: Added new protocol: "File Sharing" for web-based file exchange and synchronization services. "File Sharing" supports blocking, allowing, auditing, alerting, shadowing and content analysis of Dropbox, Amazon S3, Google Drive/Docs, MS SkyDrive, RapidShare, Yandex.Disk, Narod.ru and iFolder.ru (rusfolder) file-exchange services when using a web-based connection rather than the native application.
  • NetworkLock: Added new protocol: "Skype". "Skype" control supports blocking, allowing, auditing, shadowing and content analysis of outgoing instant messages and files as well as auditing, alerting, shadowing and content analysis (for contingent shadowing) for incoming instant messages and files. Also, supports blocking, allowing, alerting and auditing of incoming and outgoing audio/video calls.
  • NetworkLock: Added new feature: "Basic IP Firewall". "Basic IP Firewall" can block TCP and UDP connections via protocols that are NOT otherwise supported by NetworkLock’s list of managed Protocols. "Basic IP Firewall" can be used as a "catch-all-others" control to prevent both inbound and outbound traffic over connections like Radmin, SSH, SFTP, TFTP, NFS, LDAP, and others with the ability to allow or deny specified hosts/ports/IP addresses/ranges and conditionally alert on the activity.
  • NetworkLock: Added support for the IPv6 data interception and control at the protocols level.
  • NetworkLock: Added support for Disqus comment system in the Social Networks control.
  • NetworkLock: Added support for social networks Tumblr and LiveInternet.
  • NetworkLock: Added support for Facebook API and Vkontakte API.
  • NetworkLock: Added support for blocking, allowing, auditing, alerting, shadowing and content analyzing of outgoing files as well as auditing, alerting, shadowing and content analysis (for contingent shadowing) for incoming files sent via the supported Instant Messengers.
  • NetworkLock: Added "Block proxy traffic" parameter in Security Settings that allows for the blocking of network communications through proxy servers HTTP/HTTPS, SOCKS4, and SOCKS5 protocols.
  • NetworkLock: Added new parameter "Content Inspection" to Protocols White List. It allows administrators to optionally enforce Content-Aware Rules checking for connections otherwise allowed by specific Protocols White List rules.
  • NetworkLock: Added new option "If this rule triggers" to Protocol White List for "ANY" and "SSL" rules. Ii allows administrators to enable/disable auditing and alert notifications for connections permitted by Protocols White List rules.
  • NetworkLock: Added support for SSL 2.0.
  • NetworkLock: Increased data exchange speed for HTTPS and FTPS connections.
  • NetworkLock: Improved support for Facebook, XING, Google+, Vkontakte, Odnoklassniki, StudiVZ.de, MeinVZ.de, and SchuelerVZ.net social networks.
  • NetworkLock: Improved support for the Gmail, Hotmail (Outlook.com), Web.de, Mail.ru, Rambler Mail, and Yandex Mail webmail services.
  • NetworkLock: Improved support for the AOL Instant Messenger (AIM) protocol.
  • NetworkLock: Improved content-aware rules support for Mail.ru Agent.
  • NetworkLock: Improved support for IRC auditing and shadowing in Thunderbird client.
  • NetworkLock: SSL permissions for Jabber and Mail.ru Agent have been deprecated and merged. All communications (both Generic and SSL) are now controlled by Generic permission settings.
  • NetworkLock: Fixed error that caused BSOD in "srvnet.sys" on Windows 7.
  • ContentLock: Added support for Oracle IRM. ContentLock can check whether the file sealed or not; can detect the context, seal and last modification time. Also, the Oracle IRM control can unpack sealed files and perform analysis of the file’s content.
  • ContentLock: Content-aware rules for Permissions can now be enabled for the Printers device type in addition to the Printer Shadowing content rules previously available. This control is Printer-independent and there is no requirement to save the file to the file system prior to printing for the content analysis filtering to occur.
  • ContentLock: Added ability to perform content analysis for text and unidentified content copied via Clipboard for regular and virtual/terminal server Windows environments. Shadowing Content Aware Rules are supported for text and unidentified content copied via Clipboard for regular and virtual/terminal server Windows environments.
  • ContentLock: Added new Regular Expression pattern templates: American Name, Austria SSN, China National ID, Danish Personal ID, Dollar Amount, Dominican Republic ID Number, Finnish ID, France INSEE Code, French NINO, German eTIN, German Phone Number, Health Insurance Claim, US/UK Home Address, Irish PPSN, Irish VAT, Norwegian Birth Number, National Provider Identifier, Polish ID Number, RAMQ, ROK Registration Number, Spanish DNI, Spanish NIF, Spanish SSN, Sweden Phone Number, Sweden Post Code, Sweden Personal ID, Scotland Community Health Index, Taiwan ID Number, UK NHS Number, and Canadian Postal Code.
  • ContentLock: Added search morphology (linguistics) for keywords. It supports Catalan, English, French, German, Italian, Polish, Portuguese, Russian, and Spanish languages.
  • ContentLock: New option for Regular Expression pattern content templates: "Count identical matches as one match".
  • ContentLock: Added "Extended Document Properties" control. It allows ContentLock to logically block, allow, and shadow documents and identify content based on the following fields of compound documents: Title, Subject, Tags, Categories, Comments, Authors, Last saved by, Company and Manager.
  • ContentLock: Added search support for Russian transliterated words in content-aware rules when the "Word Forms" flag is enabled.
  • ContentLock: Improved processing performance for PDF files that contain many embedded images.
  • ContentLock: Significant improvements in the MS Office documents (doc, docx, ppt, pptx, xls, xlsx, rtf) processing speed and attachments extraction.
  • ContentLock: Fixed issue with "Archives content inspection on read" and "Archives content inspection on write" options when inspecting MS Office documents for attachments and embedded images.
  • ContentLock: Improvements in memory management when processing Content-Aware Rules with the "Word forms" option enabled for keywords.
  • DeviceLock: Added real-time event-based alerts. Alerts can be sent via SMTP emails and/or SNMP protocols. There are two types of alerts: administrative (e.g. service settings change, DeviceLock agent termination, changes made in the list of DeviceLock Administrators, user’s unsuccessful attempts to change the policy and so on) and device/protocol specific alerts – administrator can configure such alerts the same way as audit rules. DeviceLock provides a queue for alerts so the endpoints can send them later if either of the designated alert communication channels (SMTP and/or SNMP) are unavailable at the time the alerts are generated.
  • DeviceLock: Added new device type: TS Devices. It supports Removable drives, Serial ports and USB devices forwarded in terminal session. It also includes сlipboard operations in terminal and/or virtual environments. Supported environments are: MS RDP/RDS (including MS RemoteFX), Citrix XenApp, Citrix XenDesktop, Citrix XenServer, VMware View, MS VirtualPC, and Oracle VM VirtualBox.
  • DeviceLock: Added new component: DeviceLock WebConsole. It brings the ability to manage DeviceLock Service, DeviceLock Enterprise Server, DeviceLock Content Security Search Server and edit DeviceLock Service settings files from any internet browser.
  • DeviceLock: Added "Safe File Overwrite" feature which prevents user’s original file deletion following write-denied file activities with the same file name. While the changes are not kept due to the content violation, the original file remains in the folder. An audit log event is recorded when the original file is restored by the "Safe File Overwrite" feature after an attempted file-save that included ContentLock-blocked content occurs.
  • DeviceLock: Now it is possible to enable/disable audit or send alerts for certain content-aware rules (devices & protocols).
  • DeviceLock: Added new Service Options parameter: "Audit folder operations" which allows administrator to enable/disable audit for user’s folder operations on storage devices.
  • DeviceLock: Added new Service Options parameter: "Audit log threshold for file operations" which allows administrator to roll-up similar audit events during specified period of time.
  • DeviceLock: Added new flag that simplifies configuration for enabling/disabling auditing and shadowing of removable, floppy and optical drives allowed via USB White List.
  • DeviceLock: Added new flag that simplifies configuration for enabling/disabling auditing and shadowing of optical media allowed via Media White List.
  • DeviceLock: Added new "Read-only" flag in USB White List and Temporary White List for removable, floppy and optical drives to simplify this configuration option.
  • DeviceLock: Added new column to the audit log viewer: "Reason". "Reason" displays the subsystem that allowed or denied access based on DeviceLock policy.
  • DeviceLock: Added "Format" permission to audit & shadowing options for storage devices.
  • DeviceLock: Added shadowing support for the Clipboard device type control.
  • DeviceLock: Improved support of shadowing for printers. Now, PDF files are created for the shadow copies of printed data.
  • DeviceLock: Shadowing content-aware rules now apply only to that type of data which is specified in the rule. For example, if administrator creates a rule for Windows Mobile "contacts" data type, this rule will not affect files shadowed for other data types for Windows Mobile device.
  • DeviceLock: Optionally, the DeviceLock Service can now send just the filenames of shadowed data files to the DeviceLock Enterprise Server’s repository and continue to store the original file data locally on the source endpoints if desired.
  • DeviceLock: Improved and optimized data compression for audit and shadow data sent to DeviceLock Enterprise Server.
  • DeviceLock: Major improvements in audit for devices. Several events that were considered redundant are not logged anymore.
  • DeviceLock: Major enhancements in protection against local administrator tampering. Now DeviceLock can monitor and restore its files and settings in case they were modified or removed by the user. Also, DeviceLock can protect system’s hosts file from tampering.
  • DeviceLock: Added "Use strong integrity check" parameter to DeviceLock Administrators tamper protection feature. When enabled it allows DeviceLock Service to check the digital signature of all its executable components.
  • DeviceLock: DeviceLock Search Server now able to perform full-text search inside files within archives that have been shadow-copied.
  • DeviceLock: The search page of DeviceLock Search Server now shows the history of search queries for quick reference and re-use.
  • DeviceLock: Now it is possible to add computers from Active Directory or from any LDAP tree to the static list in DeviceLock Enterprise Server central monitoring tasks.
  • DeviceLock: Added the "Switch PostScript printer to non-PostScript mode" parameter in Security Settings to enable shadowing and content-aware rules for PostScript printers.
  • DeviceLock: Added "Undefine ContentLock policy" and "Undefine NetworkLock policy" parameters in the management consoles user interface. These parameters allow administrators to quickly and completely remove the ContentLock and NetworkLock settings from the DeviceLock policy.
  • DeviceLock: DeviceLock Management Console now remembers credentials used to connect to DeviceLock Service, DeviceLock Enterprise Server, and DeviceLock Content Security Search Server and allows administrator to use them when connecting to the same computer.
  • DeviceLock: DeviceLock Management Console can now display the total license limit amount and the number of DeviceLock endpoint licenses actually used for audit and shadow data collection and monitoring by the DeviceLock Enterprise Server.
  • DeviceLock: DeviceLock Management Console can now display the total license limit amount and the actual number of DeviceLock Search Server licenses actually used for DeviceLock Enterprise Server shadow log and audit logs indexing.
  • DeviceLock: Devices in the USB White List are not treated as keyloggers anymore.
  • DeviceLock: Improvements in Temporary White List to restrict temporary device access to only the user who originally requested access with DeviceLock Control Panel applet code.
  • DeviceLock: Added NDIS driver support to better handle network interface cards (USB, WiFi, etc.) access control and auditing.
  • DeviceLock: Added new audit log reports: "DeviceLock Service versions", "DeviceLock Service versions by computers" and "Top used printers".
  • DeviceLock: The DeviceLock Management Console’s Enterprise Server Reports for "Top active computers", "Top active users", "Top copied files, "Top used USB devices" and "Copied files per channel" have been extended to show failed shadow copies.
  • DeviceLock: The DeviceLock Management Console’s Enterprise Server "Top inserted USB & FireWire devices" report has been extended to show separate ratings for allowed and denied operations.
  • DeviceLock: Improved certificate authorization logic in DeviceLock Enterprise Server (DLES). Now, when authorization based on DeviceLock Certificates is used, DeviceLock Enterprise Server uses less CPU time.
  • DeviceLock: Fixed latency scenario where the DeviceLock Service operated with its default settings for a short period of time while waiting for group policy settings to arrive from the domain controller.
  • DeviceLock: Improved Temporary White List functionality in the VMware View versions 4.6 and 5.1 environment.
  • DeviceLock: Compatibility provided to run applications virtualized with VMware ThinApp.
  • DeviceLock: Improved CPU load performance when Internet Explorer is launched on Windows XP in the Hyper-V environment.
  • DeviceLock: Added USB White List support for virtual USB devices that are forwarded using Thinstuff XP/VS Terminal Server and USB Redirector software.
  • DeviceLock: Fixed compatibility issues with third-party hardware: Commerzbank Signature stick, Huawei E173 3G modem, and Vimicro USB web camera.
  • DeviceLock: Fixed compatibility issues with third-party software: think-cell plugin for Microsoft PowerPoint 2007, Microsoft ForeFront TMG, XIV management GUI, ArcGIS Desktop, AutoCAD 2010, AutoCAD 2011, Adobe Flash player, Kodak Prinergy, Kaspersky Internet Security 2013, and Remote Administrator 2.2.
  • DeviceLock: Many internal optimizations and improvements in DeviceLock Service.
  • DeviceLock: Many interface improvements in DeviceLock Management Console.
  • The user manual and program help files have been significantly updated to include information about all new features.