Browse your product documentation including release notes and installers
We are excited to announce the availability of a new release of the Cb Defense Sensor for Windows (version 18.104.22.168)! This minor release contains a few new features:
This minor release also contains improvements and fixes relating to:
This update is now available for download by browsing to the Enrollment > Manage Sensors page.
For more information, please see the release notes: https://community.carbonblack.com/docs/DOC-7732
Just as a note, if you install the new sensor before your backend/console is updated, it will disable any Microsoft antivirus you have in place as it now recognizes CBD as a certified "A/V" product. Once your backend is up to date, you'll be able to control this in the policies.
tboardman, thank you for reporting this!
To clarify - what you had observed after installing Cb Defense Windows Sensor v.22.214.171.124 is not the expected behavior. Per 126.96.36.199 Windows Release Notes.pdf, WSC integration should be disabled by default for existing Cb Defense orgs and only enabled by default for new orgs (created after the respective backend instance receives July 2017 Update).
As you correctly pointed out, the actual WSC integration functionality is in the new sensor; However, the policy setting that turns it on/off is part of the backend update that will be coming to all production Cb Defense instances over the next 2-3 weeks starting with the first environment (https://defense.conferdeploy.net/) that's getting the update tonight. It appears that installing the new sensor without having the corresponding policy setting present yet, defaults WSC integration to enabled versus disabled as intended for existing orgs.
Subsequently, for those who have not yet deployed sensor 188.8.131.52 and who rely on Windows' built-in malware protection, we recommend to hold off on updating until the respective policy setting is available in the UI and you can make sure that WSC integration is disabled before you push out the sensor update to endpoints in your environment. We apologize for any inconvenience this nuance may cause.
Alexey Popov | Technical Support Manager, Cb Defense
tboardman Thank you for bringing this issue to light. We issued a patch to the 2.1 sensor this afternoon and a 184.108.40.206 sensor is now available to change the default configuration for Windows Security Center integration. This will make the default configuration for existing clients OFF. Existing clients will still be able to integrate Cb Defense with WSC and designate Cb Defense as their antivirus provider on devices that are running Windows 10 or later by selecting this option on the policy page after the July Update of the Cb Defense UI. When it is enabled, Cb Defense is listed as the antivirus provider in the Security and Maintenance in Control Panel. For new organizations, WSC integration is enabled by default via a policy group setting in the Standard policy group. You can disable WSC integration; doing so does not disable Cb Defense.
Clients that have already downloaded the new 220.127.116.11 sensor and do not have the July version of Cb Defense can now upgrade to the new 18.104.22.168 sensor. This upgrade will remove WSC integration until they have received the July release.
Clients that have already downloaded the new 22.214.171.124 sensor and received the July version of the Cb Defense will have 2 options to update their windows security center default configuration:
1) The client can upgrade to the new 2.1.0. 9 sensor
2) An admin from the org makes a change to the policy page (checkbox).