Product release information for VIPRE Cloud Agent for Linux® version 12.0.99.

What's New

We are excited to announce the release of the VIPRE Cloud Agent for Linux®. This release brings the power of VIPRE’s award-winning endpoint protection to Linux-based servers and workstations, ensuring your entire infrastructure is secured under a single web console. This release introduces comprehensive security coverage for Linux endpoints, including:

• Active Protection: Deploy real-time threat detection and prevention explicitly designed for Linux systems; the agent monitors file system activity to block malware and malicious scripts before they can execute
• Centralized Scan Policies: Configure and deploy on-demand and scheduled scans across your entire Linux fleet from a single location; manage scan schedules, exclusions, and remediation actions directly from the VIPRE Cloud Console, without accessing individual endpoints
• Endpoint Detection & Response (EDR): If you subscribe to VIPRE EDR or EDR+MDR, unleash deep forensic capabilities by reporting raw event types, such as process creation, user logons, and shell commands for advanced threat hunting

Special Instructions

For complete instructions on managing the new VIPRE Cloud Agent for Linux, please refer to the following guides:

• Install the VIPRE Cloud Agent for Linux
• Manage VIPRE Cloud Agent Software Updates
• VIPRE Cloud Agent Documentation and Release Notes for all Operating Systems
• Learn how to use Endpoint EDR+MDR, VIPRE EDR, or Endpoint Security Cloud

System Requirements

Known Issues and Workarounds

This section highlights issues identified at the time of release. Some are bugs that we are actively addressing in future updates, while others may be related to third-party software. We've provided workarounds to help you manage these situations effectively wherever possible.

If you need more information on a specific issue, please share the ticket number (if applicable) when contacting our Technical Support team.

Issue: Incomplete Network Context for Logon Events

• What's Happening: In the current release, the Linux agent successfully captures and reports system logon events; however, it does not yet attach the source IP address to these entries. While the core event of the user login is recorded, the metadata regarding where that connection originated (the IP) is missing from the event within the VIPRE Cloud web console.
• What you might see/experience: When reviewing security logs or incident reports in your VIPRE Cloud web console, you will see successful login records for your Linux endpoints, but the "Source IP" or "Remote Address" fields for these events will appear blank or 0.0.0.0.
• Workaround: For critical forensic investigations where the source IP is required, system administrators can verify connection origins directly on the Linux endpoint by checking the local auth logs (typically located at /var/log/auth.log or /var/log/secure), which will contain the full connection string, including the remote IP address.

Issue: Catch-up Quick Scan Not Triggering After System Resumes

• What's Happening: The scheduled scan catch-up mechanism is currently failing to initiate the required "catch-up scan" when the system returns to an active state, regardless of whether the scheduled time was missed due to the computer being shut down or in sleep mode.
• What you might see/experience: You may observe that a scheduled scan was skipped with no corresponding catch-up scan running shortly after the PC is powered on or wakes from sleep.
• Workaround: The agent may not run a scan until the next regularly scheduled scan time, which should run as normal. If you know a scheduled scan was missed while the system was unavailable, you can manually initiate a scan from the VIPRE Cloud console.