Nebula has been updated on April 12, 2018 at 8:00PM EST / 5:00PM PST. As a customer of this platform, we want to take a moment to familiarize you with the changes that are about to become available.
- Added Syslog support. Now Nebula can transmit detections with Syslog servers and SIEM solutions capable of receiving Syslog messages. This allows organizations to centralize Nebula threat detections with their existing threat data. All of this is accomplished without the need to install any additional software. Administrators can enable Syslog support by clicking on the Settings tab in the cloud console, select Syslog Logging, and then pick an existing Windows endpoint to be the communication proxy. Syslog Settings include specifying the IP address/host, port, and protocol along with options for message severity and communication interval (default 5 minutes):
- Updated and redesigned Policies page to improve usability and match ongoing UI improvements. Policy settings are now feature-based vs. product-based:
- Updated Policies page to inform Incident Response customers of features available with Endpoint Protection:
Enhanced Detection notification emails to include additional information about detections.
Events are now recorded for Scheduled Scans, regardless if the scans were successful or failed.
Added text field validation (character count) in Policies for custom reboot messages.
Improved pagination performance for organizations with thousands of paginated pages of data.
Fixed: Tray icon would not appear for some users of Terminal Services.
Fixed: When a modal dialogue was open and an automatic log-out occurred, the modal was still visible.
Fixed: Some administrators were receiving their scheduled reports twice.
Fixed: Advanced Anti-Exploit settings dialog was saving changes even when the dialog was dismissed or canceled.
Fixed: Upon logging into the console, a large number of “Unable to retrieve one or more dashboard data summaries” errors were displayed.
Endpoint Protection for Mac: Not sending up Agent Information
- The tray icon is not visible for the builtin\Administrator user on Windows platforms.
- Endpoint Protection for Mac: Non-administrative users are unable to interact with the tray icon.
- Endpoint Protection for Mac: Scheduled scans can be triggered incorrectly.
- Endpoint Protection for Mac: For scans initiated from the endpoint, the cancel button loses focus.
- Endpoint protection for Mac: Scan History tab does not get information populated if threat scan does not detect any threats.
- Endpoint Protection for Mac: Shows enabled/disabled notification even if tray icon is not present.
- Endpoint Protection for Mac: Protection update version is reporting SDK version instead of DB version in Scan History, not reporting in Endpoint Details.
- Endpoint Protection for Mac: Timestamps in Scan History tab for macOS endpoints is in GMT and not the web browser’s locale.
- Endpoint Protection for Mac: Free Physical memory is being reported as “0” in the Overview tab of EndpointProperties.