Agent Version 5.21.7
The following updates have been applied to 5.21.7. Computers that are configured for the 5.21 major releases will automatically receive these updates on their next computer or service restart. You can force the restart from the computers page on the ThreatLocker portal.
- Fixed issue where unchecking the "Restrict access to the internet" checkbox without turning off ringfencing did not disable ringfencing internet policies.
- Added the ability to add Monitoring Only Mode for individual policies. Previously if a customer was in Monitoring Only Mode, all deny policies were monitored. Now you can override on a policy by policy basis. You can set a policy to inherit the monitoring only setting from the computer, disable monitoring only or enable monitoring only. This feature allows you to deny certain applications when in Monitoring Mode, or to enable monitoring only on a test policy. The monitoring only setting also applies with computers are in Learning Mode (Historically Installation Mode).
- Added the ability to start and stop Learning Mode directly from the computers page, by clicking on Starting Learning Mode. This allows you to enable a computer in Learning Mode before pushing out a custom software update.
- We have renamed "Installation Mode" and "Profiling Mode" to Learning Mode for consistency throughout the product.
- Added the ability to include global policies on a group basis, as well as an entire organization basis. Managed Services providers can now create a Global-Workstations policy, for example, and only apply policies to matching groups in their clients.
- When a computer is in Learning Mode, if the action would have been denied, the policy action is still recorded as deny with a green indication showing it was permitted. When expanding, you can view additional information as to why it was permitted. e.g., Monitoring Only Computer, Monitoring Only Policy, Learning Mode Computer, or Learning Mode Policy.
- Add the ability to use multiple wildcards in paths when creating ringfencing storage policies. Previously you could enter only a single wildcard. You can now enter multiple wild cards. e.g. c:\users\*\downloads\*
- Added the ability to use multiple wildcards in a path or process when adding rules to applications. Previously, if you wanted to use multiple wildcards, you needed to use a regular expression. This can now be done with wildcards.
- Changed the edit policy page to simplify the ringfence concept. Now when selecting an action, you can choose "Permit", "Deny", or "Permit with Ringfence".
- Added the ability to exclude computers installed within the last 4 or 7 days when reviewing your audit. This is useful when reviewing an audit to put computers in lockdown mode, but excluding newer installed computers from the audit.
- Added a button to send a reset password link from the Administrators page.
- We have fixed an issue where a file name in a policy prefixed with a ! could cause the file to match any file that does not match that name.
- We have changed the way active counts work on the Organizations page to speed up performance when logging in. The count can be updated using the Update Active Count button at the top of the page.
- Added the ability to delete computers that are offline for more than 5 minutes rather than 2 weeks. The computer will automatically be re-added if it is reinstated turned back on in the future.
- Added the ability to display date and time in the local format based on a user's browser settings.
- Removed ThreatLocker Version from Edit Computer Group page. The versions are now updated using the Update ThreatLocker Version button on the Computer Groups page, allowing you to upgrade multiple groups at the same time.