What do I need to know about Altiris® Endpoint Security Solution™ 6.0 SP1,
Removable Storage Security Solution™ 6.0 SP1, and
Wireless Security Solution™ 6.0.
Altiris® Endpoint Security Solution™ 6.0 SP1
Altiris® Removable Storage Security Solution™ 6.0 SP1
Altiris® Wireless Security Solution™ 6.0
This document provides the Known Issues information for Altiris Endpoint Security Solution 6.0, Removable Storage Security Solution 6.0, and Wireless Security Solution 6.0 software.
Within this document, references to Endpoint Security Solution can be replaced with Removable Storage Security Solution or Wireless Security Solution as applicable to your situation.
Endpoint Security Solution provides complete, centralized security management for all endpoints in the enterprise. Because Endpoint Security Solution applies security at the most vulnerable point, the endpoint, all security settings are applied and enforced regardless of whether the user is connecting to the network directly, dialing in remotely, or even not connecting to corporate infrastructure at all.
Removable Storage Security Solution provides centralized security management of removable storage devices, such as flash drives, USB devices, floppy disks, and DVD/CD drives. This solution lets you control the flow of data from the computer (endpoint) onto removable storage devices, thus helping you protect your data and prevent unauthorized distribution.
Wireless Security Solution provides centralized wireless security management for all user computers (endpoints) in the enterprise. You can control the level of wireless access a user has and ensure that data is adequately protected.
- Notification Server 6.0 SP3
Where to Download
You can download released versions of Altiris products from http://www.altiris.com/Download.aspx.
You can download beta versions of Altiris products from http://beta.altiris.com.
Due to changes in the way security policies are encrypted with Endpoint Security Solution, the 6.0 Endpoint Security Agents cannot decrypt or apply 6.0 SP 1 policies. Therefore, a 6.0 agent cannot receive policy updates from Endpoint Security Solution 6.0 SP1 until the agent is upgraded and will continue to use the last successfully applied 6.0 policy.
When installing Endpoint Security Solution 6.0 SP1, we recommend that you upgrade the agent as soon as possible after installing the solution.
1. Install the solution from the Solution Center (in the left pane of the Altiris Console Configuration tab, select Upgrade/Install Additional Solutions).
2. Enable the security agent upgrade policy if it is not already enabled. After the agent is upgraded, changes are not effective until after the next time the endpoint is restarted.
Improvements for this release include the following new features:
The Endpoint Security Agent has been enhanced to provide comprehensive diagnostics reports for use in troubleshooting system errors. This feature records binding information, software and driver status, log files, and reporting with system registry information, driver bindings information, network environments, the current security policy, and the current group policy object. This information is packaged into an encrypted and compressed file, which can be sent to Altiris Technical Support for analysis and assistance with correcting any issues. Administrator overrides can also be performed for each endpoint through the diagnostics tool (using the policy password).
An advanced scripting tool has been added to Endpoint Security Solution, which gives administrators the ability to create extremely flexible and complex security rules and remediation actions. The triggers or events that cause the execution of the rule include startup, location change, time interval, time of day, adapter instillation or removal, media connect or disconnect, policy update, and process change.
To prevent accidental or intentional uninstalling of the Endpoint Security Agent, an optional uninstall password can be specified. If an end-user attempts to uninstall the Endpoint Security Agent, the user will be prompted for that password and will not be permitted to uninstall the agent without it. The password can be updated on a regular basis.
The following are unresolved issues in this release. For additional information regarding a known issue, click the Article ID link.
|Known Limitations||Article ID|
|Multiple policy pay-loads can occur on overlapping collections. The Endpoint Security Agent will apply the first policy found in the pay-load.|
|There is no Delete button in the “grid toolbar.” To delete a row you must select the row using the mouse and press the delete key on your keyboard.|
|The agent installation requires a reboot. Policies will not be enforced until the reboot has completed.|
|When the license count is exceeded or the license has expired, an all open, default policy is assigned. The policy name “Unlicensed” will open in the Endpoint Security Agent About dialog when this occurs.|
|Disk Management on the local hard drives may not work properly when Hardware Device Control is enforcing NO ACCESS to removable media. This is a bug in Microsoft’s Disk Management code. We have been assisting them in solving this problem, and we are awaiting a hot fix from them.|
|A CD Burning session could start even though the CD device should be read only.|
|The Endpoint Security Agent might not block applications already open when a new policy is applied and the application has been configured for blocking.|
|Although WPA Wireless Access Points filtering is supported, Endpoint Security Solution does not support WPA, TKIP, or AES key management.|
|For Wi-Fi Key Management, the key must be entered in Hex, using key lengths of 10 for WEP 64 and 26 for WEP 128.|
|Although the Environment definition allows an IP and MAC address for matching with the DNS, only IP is supported.|
|When Wi-Fi is disabled in the policy, a location setting does not override it.|
|When using the “Block All Traffic” firewall setting, all traffic is blocked, including new policies. If you want to use a firewall setting that blocks traffic, we recommend that you create a setting that allows DNS and DHCP, and an ACL to your Notification Server, but blocks all other traffic.|
|If an Endpoint Integrity rule definition is incomplete (no triggers selected or tests defined) it will be excluded from the policy until configuration has been completed.|
|The About Endpoint Security Solution dialogue is not accessible when the Altiris icon is hidden, so password override will not work.|
|Removable Storage Security Solution cannot be installed or used concurrently with Wireless Security Solution. If you want the functionality of Removable Storage Security Solution and Wireless Security Solution, use Endpoint Security Solution. If you want to run Removable Storage Security Solution or Wireless Security Solution concurrently with Endpoint Security Solution, you must install Endpoint Security Solution 6.0 Hot Fix 2.|
|Endpoint Security Solution is not supported in virtualized environments such as VMWare or Xen.|
|When Removable Storage Security Solution (RSSS) or Endpoint Security Solution (ESS) applies a policy (this happens when a policy is changed or at computer startup) on an endpoint that restricts access to removable storage devices, the solution enables/disables the device in device manager. This enabling/disabling can cause autorun to run if the device is connected and there is media in the drive (example: a CD left in the drive). If autorun runs, an explorer window might pop open. (Note: In a secure environment, consider disabling autorun so malicious code cannot be executed without the users knowledge.)|
|Known Defects||Article ID|
|Disallowing change to the firewall does not affect the Agent dialog. However, if you change firewalls with the setting on, the Agent dialog loses the default firewall.|
|In W2K the agent dialog will allow you to select a different firewall when integrity fails; however, it is not applied. In Windows XP, a message will be given to the user that it cannot be applied due to Integrity failure. This message also has an SSC caption.|
|The Endpoint Security Agent dialog does not protect itself from being shutdown through the task manager.|
|If a removable storage device is entered or imported in the Storage Devices tab of a policy and that device has a name that includes a period, such as “PY USB 2.0 FD USB Device,” a violation error is generated. This also occurs for some older devices, such as “LEXAO DIGITAL FILM USB Device,” where the serial number is captured as: “6&20b9259c&0&______________0000001030225488950100000000000”.|
Altiris product documentation is available in Microsoft* HTML Help (.CHM) and Adobe Acrobat* (.PDF) formats. To view Altiris product documentation in .PDF format, use Adobe Acrobat Reader (available at: http://www.adobe.com/products/acrobat/readstep2.html).
Documentation files are installed in the following directory on the Altiris® Notification Server™ computer:
C:\Program Files\Altiris\Notification Server\NSCap\Help.
The following documentation is provided:
Altiris Endpoint Security Solution Product Guide
Altiris Removable Storage Security Solution Product Guide
Altiris Wireless Security Solution Product Guide
Altiris Information Resources
|Source||What Information it Includes||Location|
|Altiris Documentation||Information about new features, update instructions, and known issues for each release. Includes Altiris formal documentation such as release notes, help, reference guides, best practice articles, and technical reference articles.||http://www.altiris.com/support/documentation|
|Altiris Knowledgebase||Comprehensive collection of articles, incidents, and issues for Altiris solutions.||http://kb.altiris.com/|
an online magazine for Altiris users
|Best practices, tips and tricks, and articles for users of Altiris solutions.||http://www.altiris.com/juice|
|Online Forums||Forums for Altiris solutions and suites.||http://forums.altiris.com/|