Dell Data Security Technical Newsletter

Volume 91, June 2023

Important Update: Dell Endpoint Security North America Phone Number Has Changed

Dell Endpoint Security has a new number for support tickets. Customers in North America should now call +1 877.459.7304, ext. 6236710.

Updated Software Versions

For up-to-date versions of Dell Endpoint Security, Dell Endpoint Security Suite Enterprise, Dell Security Management Server/Virtual, and Dell Trusted Device, please review Dell Endpoint Security – Current Versions.

Dell Trusted Device v5.5

• New Features

• • BIOS Verification, BIOS Events & Indicators of Attack, and Intel ME Verification now support the following platforms:
  • • OptiPlex 3000
    • OptiPlex 5000
    • XPS 9530
    • XPS 9730
  • Intel ME Verification and Secured Component Verification (On Cloud) responses are now cryptographically signed allowing for external verification of the results.

• Resolved Security Advisories v5.5

• • Trusted Device certificate verification workflows have been hardened. [DPS-5587]
  • BIOS Verification signature validation has been hardened. [DPS-5588]

• Resolved Technical Advisories v5.5

• • An issue resulting in missing Image Capture entries in Event Viewer is resolved. [DPS-6760]
  • The Secured Component Verification (On Cloud) registration workflow is improved. [DPS-7167]

• Technical Advisories v5.5

• • https://dl.dell.com/content/manual54380268-dell-trusted-device-technical-advisories-v5-5.pdf?language=en-us

Dell Security Management Server 11.7 Release

• Versions in this release:

• • EE - 11.7.0.4 A43
  • VE - 11.7.0.9 A43
  • • Hyper-V
    • VMWare ESXi

• Changes in this release:

• • BitLocker PIN Reset Policy know properly allows a 0 policy to never force PIN Reset
  • Improvements to help reduce database size with larger customers
  • Inventory processing has been improved
  • BitLocker Last seen in system time showing in UTC has been improved

• Resolved Security Advisories:

• • The Dell Security Management Server v11.7 includes a security update addressing an OpenSSL vulnerability (OpenSSL CVE-2022-3602).

• Resolved Issues:

• • McAfee Firewall Policy Settings Fix
  • Activations via Front-End Proxy

• Technical Advisories:

• • SMS-Virtual: https://dl.dell.com/content/manual84370318-dell-security-management-server-virtual-technical-advisories-v11-7.pdf?language=en-us
  • SMS-Enterprise: https://dl.dell.com/content/manual48702772-dell-security-management-server-technical-advisories-v11-7.pdf?language=en-us

Dell Encryption 11.7.1

• Versions in this release:

• • MI - 11.7.1.2, A52
  • Suite - 3.7.1
  • Shield - 11.7.1

• Changes in this release:

• • Set PIN delay prompt for Bitlocker

• Technical Advisories:

• • https://dl.dell.com/content/manual83007367-dell-encryption-enterprise-technical-advisories-v11-7-1.pdf?language=en-us

 

Netskope Version 105.0.0

https://docs.netskope.com/en/netskope-release-notes-version-105-0-0.html

• IoT

The IoT security solution utilizes HyperContext, an agentless smart device security platform providing granular device context, and TruID, a unique device identifier and authenticity rating technology, to discover managed and unmanaged devices on your corporate network. The solution analyzes hundreds of parameters from the discovered devices and leverages the rich contextual intelligence for device classification, risk assessment, granular access control and network segmentation, facilitating zero trust security for IoT devices.

• New Dashboard
• New UI for Device Inventory
• Kaseya VSA integration

• CASB Real-Time Protection

• • ChatGPT App Connector
  • ChatGPT dedicated app connector is now available. With this admins can have full visibility and control over sharing of data to the application. The following activities are covered:
  • • Delete
    • Edit (DLP)
    • Post (DLP)
    • Login related activities

• SWG - URL Categorization

• • Netskope added a new application and web category for Generative AI domains. This covers traffic to AI apps like ChatGPT, Google Bard, Jasper AI, etc. 

• Printer DLP

• • You can create polices to restrict or allow access to printers based on attributes of the printer or connection.
  • Customer Print DLP violation coaching messages can be created to help end users know what they did wrong.
  • Printer DLP will display alerts to administrators in the console.

 

Carbon Black Update

• Backend

• • Current - 1.15

  • • Alerts v7 API!
    • “Observations” replaces “Enriched Events” see this Tech Zone article
    • Device Control - Export Device Inventory & Approvals

• Windows Sensor

• • Current - 3.9.1.2464 (7 March 2023)

  • • Authentication Events for Enterprise EDR
    • Bug fixes

• macOS Sensor

• • Current -3.7.3.159

  • • Tamper protection for sensor process, IPC, service, and uninstall protection
    • Anti-ransomware using canary improvements
    • IT Tools support
    • Dyld modload detection
    • Base cross process

• Linux Sensor

• • Current - 2.14.1 (May 2023)

  • • Bug fixes