-
Approval Center â RevampedView in browser View our showcase video of this feature here The release of ThreatLockerâs new Approval Center brings about a plethora of changes. Here we will cover the significant differences between the two builds. Previously the Approval Center allowed you to either permit a file or ignore it by the use of the following two buttons: The approval center has eliminated these buttons and now allows for optimum configuration.
-
Branding - Changing the App NameView in Browser Along with changing the logos that appear in the ThreatLocker popup windows, and the Tray icon, you can also change the App Name that appears at the top of the request popup. Navigate to your Organizations page and select the pencil icon (edit button) next to the organization you want to change the default branding on. In the edit window, click on the 'Branding' tab.
-
Computers Page: ThreatLocker 6.0The first improvement you will notice is that the âMonitor Onlyâ mode box has been removed. It has been replaced with a quick dropdown âStatusâ box which represents the current security status of ThreatLocker and provides a quick way of changing this status. Enabling Protection The âEnable Protectionâ box ends all maintenance periods and secures all the selected computers. At any time, to end all maintenance periods and re-enable protection, select the box next to the computer you wish to end maintenance on and enable protection on and click the âEnable Protectionâ box placing the selected computer into a âSecuredâ status.
-
Creating a New OrganizationView in Browser Navigate to the Organizations Page. Choose the 'New Organization' button at the top of the screen. It will populate a window where you can configure the settings for your new organization. General Tab Under the 'General' tab, you can enter the name of the organization. In the 'Identifier' blank, you will need to put the name of the organization as it is in your RMM if you use one.
-
Creating TagsThe use of Tags requires Agent version 6.0 or greater Tags are a collection of items that can be applied to Network policies with Ringfencing. They can contain strings, with or without wildcards, IPv4 addresses or IPv6 addresses. Tags are very efficient to manage and any changes made to the tag are automatically applied to the endpoints. The same tag can be easily applied to multiple policies. Creating Tags To create a tag, navigate to 'Application Control'.
-
Disable Tamper ProtectionView in browser Overview The following article covers the steps required to disable Tamper Protection. Tamper Protection can be disabled on a single device or be disabled on multiple devices at once. Please note that disabling Tamper Protection will place computers that are in Learning Mode into Secured Mode. To avoid this, computers should be placed into Monitor Only Mode before disabling Tamper Protection. Disabling Tamper Protection For a Single Computer Log into the ThreatLocker Portal.
-
Email on Policy MatchWe do not suggest doing this to a default policy. Setting this up on a default policy may lead to a large amount of unwanted emails. If you would like to set up ThreatLocker to email you when a particular policy is matched, first navigate to the Organizations page and manage the organization you want to enable this on. Navigate to Application Control > Policies. Change the dropdown in the Applies To menu to reflect your desired policy location.
-
Guide to Using the Reports PageThreatLocker has incorporated some very useful reports to help our clients consolidate needed information into an easy and useable form. To access these reports, navigate to the Reports page. Here you will see 2 dropdown menus: Category and Report. Category All - this will show you all the report options Applications - this is the location of your application reports Approval - this will show you your approval request report options Audit - this is where you access your blocked file reports and process count Computers - this populates a list of computer reports you can run Policies - this provides your policy reports Storage Control - this shows deleted file reports and processes accessing a UNC report Storage Devices - this will give you a report of your USB Serial Numbers
-
Help DeskView in Browser When you click 'Get help from a Cyber Hero' a ticket will be automatically opened for you. To view, edit, or close any ticket, navigate to the Help Desk Page by clicking 'Help Desk' in the menu down the left-hand side. New tickets can also be opened from the Help Desk Page. To Open A New Support Ticket Click the 'Open New Ticket' button located at the top right of the screen.
-
How to Implement Tray Branding (Or Hide the Tray Icon)View in Browser This guide will cover how to change your Tray branding icon You can freely change your Tray branding icon in addition to the banner now. We'll include the pre-requisites for the Tray branding below: Must be Agent 6.0 (or newer) 16x16 image format (may automatically compress to formatted size) Image must be web-hosted Has to be a .ico file (cannot be renamed) -- must be converted to true .
-
How to Use the New Policies Page on ThreatLocker Version 6.0Log into the ThreatLocker Portal and navigate to âApplication Controlâ and then to âPoliciesâ. You can select who the policy applies to in the upper right-hand corner of the portal. Policy Group Hierarchy Global Global Workstations or Global Servers Entire Organization Computers Computer Groups Global policies run first, then the global workstations or servers, then the entire organization, followed by computers and computer groups are last.
-
Login SettingsView in Browser The Login Settings Page provides a central location to manage the Geo Restrictions and MFA settings on your ThreatLocker account. Here, you can set restrictions on organization-wide Geo Restrictions by countries and/or IP addresses, restrict MFA options, and override the MFA restrictions for specific users. Navigate to Security Center > Login Settings. Geo Restrictions In the Geo Restrictions tab, you can specify countries and/or IP addresses from which logins to your ThreatLocker account are permitted or prohibited.
-
Multi-Level ApprovalComing soon
-
Navigating the Administrators PageThe "Administrators" tab is located in the menu under the ThreatLocker logo on the left-hand side of the portal. After you've chosen your organization and managed it, the Administrators tab will populate any and all relevant admins for your organization. This guide will talk about the different buttons found on this part of the portal. New Administrator This button is used for creating a new administrator for your organization.
-
OTC AuthenticationView in Browser OTC (one-time-code) authentication enables you to use the authentication application of your choice for 2-Factor Authentication. Navigate to the Administrators page. Select the 'Edit' button next to the user you would like to enable OTC for. In the popup window, scroll to the 2-Factor Authentication section. From the dropdown menu, select OTC. A QR Code will appear below the dropdown menu. Scan this QR Code with the authentication application of your choice.
-
Passwordless AuthenticationView in Browser This feature has currently been released for public Beta testing. Passwordless Authentication allows you to enable 2-factor authentication without using an authentication application. Once configured, an automated phone call will be made to the phone number you have set up. You will be required to answer the phone and input your preconfigured 4-8 digit PIN number into the telephone's keypad before being logged into the ThreatLocker Portal.
-
System Audit PageView in Browser The System Audit Page is where the activity in your ThreatLocker organization is logged. Navigate to Security Center > System Audit. You can view this System Audit per organization, or you can view all your organizations' activity by selecting 'Show audit for all child organizations' in the parent organization's System Audit. Search Filters Much like the Unified Audit page, there are multiple filters you can apply when searching this audit to refine your search results.