We’re migrating product documentation to docs.vmware.com, starting with Carbon Black Cloud. Learn more.

CB Protection Server 8.1.4 Released!

CB Protection Server 8.1.4 Released!

I'm excited to announce the release of CB Protection Server 8.1.4. This release adds the following improvements:

  • Server, default rules and Windows agents are now released separately in order to provide fixes and updates more rapidly and to ease deployment of the Mac and Linux agents. It is important to note that no agents or rules come with the server installation package which will require you to download the default rules and agent packages from the User Exchange. Please see the “Uploading Agent Installer and Rules to the Server” chapter in the CB Protection 8.1.4 User Guide for more details.
  • Changes to dascli
    • In a new CB Protection deployment, per-agent CLI passwords will be disabled.
    • During an upgrade, the existing Agent Management settings will be used.
    • We now recommend using User or Group permissions to manage the agent or to use the Global password and use a high entropy password. By design the per-agent CLI password is low entropy.

  • SQL Server 2016 SP2 and SQL Server 2017 are now supported for CB Protection Server installs.
  • Customers that have a CB Predictive Security Cloud license can now look up files, computers, and events using the PSC integration Connector found on the connectors tab. Once configured, links will appear on the file and computer details page. Clicking these links will take you to the relevant PSC page.
  • You can now export File Prevalence to Syslog.
  • The Password hashing algorithm has been updated to use SHA256.
  • There is a new Script rule to track *.hta files when the process is *\mshta.exe. This rule is enabled by default due to the security value it provides. Upon upgrade of the server, all agents will automatically run a cache consistency check to discover and approve any pre-existing HTA files. This cache consistency check may cause temporary I/O overhead on endpoints. Carbon Black recommends considering potential user impact when scheduling the server upgrade.
  • New options for excluding the tracking of Microsoft support files.  You can now exclude tracking these files at the server or the Agent.  You can find more information about these new options in the “Excluding Tracking of Microsoft Support Files” section of the CB Protection 8.1.4 User Guide.
  • New RapidConfig – Windows Installer Embedded File Protection. Existing customers will have received this Rapid Config via the cloud if configured to connect.

In addition to the new features, we've continued to improve quality by addressing several defects. Additional details can be found in the release notes.

You can download CB Protection Server 8.1.4 along with installation instructions from here.

 

Labels (2)
Comments

I did not get a notification that this was released. Your Announcements page lists the label as "CBP_announce" and I am subscribed to that as was suggested by CB, but the label here is not the same. Other posts related to the release utilize the correct label, such as "https://community.carbonblack.com/t5/Announcements/Announcing-General-Availability-of-CB-Protection-...".

If you're going to have a subscription system for critical notifications then you should probably standardize on what label to use.

 

@nverrill sorry, this was an oversight.  The labels on this post are completely independent of the labels used on the Announce board.

Thanks

Ed

Curious - what does this change "New Script rule to track *.hta files when the process is *\mshta.exe. This rule is enabled by default." mean for agents? Will it trigger a scan following upgrade?

Looks like a KB was posted for the CCC question, should anyone else need to decouple server/agent changes for this console upgrade: https://community.carbonblack.com/t5/Knowledge-Base/CB-Protection-How-to-avoid-cache-checks-on-HTA-f...

Is there any impact if we disable the HTML application rule?

Article Information
Author:
Creation Date:
‎05-30-2019
Views:
3318
Contributors