Release Notes for VIPRE Cloud Agent - April 14, 2020

Written By Marissa Fegan (Super Administrator)

Updated at June 17th, 2020

Product information for VIPRE Cloud Agent released on April 14, 2020.

What's New

Over the past few years, we've made many significant improvements to our core file- and process-based detection engines in the Windows agent to the point where we are now consistently scoring exceptionally well in independent antivirus (AV) testing (see AV-Comparatives, AV-Test, Virus Bulletin).

The one major subsystem that hasn't gotten as much attention is the network protection stack—firewall, intrusion detection systems (IDS), and web protection—which provides essential security against network-based attacks. The components built into VIPRE Agent for Windows v11 continue to provide reliable protection but in v12 we are introducing a major update to the network protection stack!

Info

We have been notified that a very small number of server systems, typically underpowered Microsoft Windows Server hosts, may experience network delays when the new network features in the version 12 agent are enabled. See Known Issues, below, for a workaround.

DNS Protection

The most exciting new feature we've added is our brand-new DNS Protection. Built right into the VIPRE agent, this new feature helps prevent your users from ever visiting a known malicious website. This new layer of protection is something many of our customers have historically purchased from third-party DNS providers or as a separate product or add-on, but which we are now including as part of our base offering. Any time your users attempt to look up an internet domain name, VIPRE will perform a comprehensive series of checks leveraging our threat intelligence cloud service to ensure that that remote host is not a known malicious domain. If it is at all suspicious, we'll immediately redirect the user to a block page and tell them that there's an issue: the user's browser will never have a chance to download any content from a potentially malicious webpage.

Refer to Related Articles to learn more about DNS Protection.

Web Access Control

Piggy-backing on this DNS Protection feature, we are also introducing a new add-on called Web Access Control. Although not strictly intended to protect your organization against malware, Web Access Control allows you to define business policies around which types of websites your employees are or are not allowed to visit, choosing from among over 40 categories including Social Media, Violence, Sports, among many others. If you want to make sure that your employees aren't wasting time streaming videos, or have a duty-of-care to protect your employees from accidentally seeing offensive content, then you need Web Access Control.

Refer to Related Articles to learn more about Web Access Control.

Other Improvements

In addition to these major new features, we've made many improvements up and down our network protection stack:

Firewall Improvements

The firewall is now faster and more efficient, providing a solid foundation for the other components. The firewall is designed to protect typical endpoints out of the box with just a few clicks to enable blocking but is easily configurable to allow special services if needed in your environment.

Upgraded IDS

An entirely new Intrusion Detection System (IDS) now provides vastly expanded signature-based detection of common network attacks plus increased performance. Now hosting over 8000 (over 15 times more than v11!) individual detection rules, we've greatly expanded our ability to guard against the latest threats. And for those rare cases where a specific rule conflicts with some custom application in your environment, you can easily disable affected rules to keep your business humming along.

IDS Automatic Monitoring

The new IDS is also more intelligent and can automatically detect dozens of network protocols to provide deep introspection - no more manually specifying which ports to monitor. It won't matter if a service, or even malware, attempts to hide your users' activities by using custom ports. The new IDS decodes all network traffic, automatically identifies the appropriate protocols and services, and applies the appropriate IDS rules to that traffic.

Malicious URL Blocking

In many cases, blocking an entire site (like GitHub) might cause too much disruption, but there is some page or another resource on that site that delivers undesirable content. To solve this problem, VIPRE also scans entire URLs seen in HTTP traffic to ensure that your users don't hit pages that could get them in trouble. This service leverages our global threat intelligence network for up-to-the-minute information about bad URLs and informs your users if they attempt to click on a bad URL link.  

Refer to Related Articles to learn more about Web Protection and Malicious URL Blocking.

Browser Extensions

Two new agent-managed browser extensions—for Firefox and Chrome browsers—provide visibility into encrypted HTTPS web traffic and leverages the same URL blocking service mentioned above. The VIPRE agent pushes these into installed browsers automatically if enabled in your policy, and ensures your browsers stay protected.

Refer to Related Articles to learn more about Web Protection.

Malicious Content Blocking

New Web Exploit Protection replaces our retired Edge Protection feature to find and block malicious embedded content within web pages. Malicious JavaScript code and other risky content is now scanned for automatically and, if found, results in the page being blocked. Effective against malvertising, watering hole attacks, and spoofed websites, Web Exploit Protection protects your users even if they are visiting a brand-new malicious web page.

Refer to Related Articles to learn more about Web Protection.

Warning

Port Scans are no longer available in v12. It is still available in Agent v11 and lower, however.

Overall, the improved network protection stack gives you fast, efficient blocking of malicious IPs, URLs, and network exploits across many more network protocols, as well as plain text and encrypted web traffic. Plus, the new architecture expands our options for future extensions and improvements. We hope you enjoy the improvements!

System Requirements 

This section contains all of the system requirements for VIPRE Endpoint Security Cloud.

Component

Minimum Requirement

Web-Based Console

We support the latest release of the following browsers:

  • Chrome
  • Edge
  • Firefox
  • IE
  • Safari 

VIPRE Update Proxy

  • A PC with a network connection
  • Any Desktop or Server version of Windows
  • Microsoft .NET Framework 4.0 or higher

VIPRE Update Proxy is a supplemental application tool that works with your existing deployment of VIPRE Endpoint Security - Cloud Edition. For more information, view the VIPRE Update Proxy Guide.

VIPRE Agent for Mac

OPERATING SYSTEMS

  • macOS Catalina 10.15
  • macOS Mojave 10.14 
  • macOS High Sierra 10.13
  • macOS Sierra 10.12
  • OS X El Capitan 10.11

HARDWARE

  • 1GB free disk space
  • 2GB of RAM or better recommended

VIPRE Agent for Windows

OPERATING SYSTEMS

  • Windows 10 (32- & 64-bit, all versions)
  • Windows 8.1 (64-bit)
  • Windows 7 SP1 (32- & 64-bit)

 

  • Windows Server 2019 (64-bit, excluding Server Core) †
  • Windows Server 2016 (excluding Server Core) †
  • Windows Server 2012 R2 (excluding Server Core) †
  • Windows Server 2008 R2 SP1 (excluding Server Core) †
  • Windows Small Business Server 2011 †

† VIPRE Advanced Active Protection is not supported on these Operating Systems

HARDWARE

  • Dual-core processor recommended
  • 1GB free disk space
  • 2GB RAM or better recommended

MISCELLANEOUS

  • Internet Explorer 8 or later

SUPPORTED EMAIL APPLICATIONS

  • Microsoft Outlook 2003+
  • SMTP/POP3 (Thunderbird, IncrediMail, Eudora, etc.)
  • SSL supported in Outlook only

 

Known Issues and Workarounds

This section lists issues that are known at the time of release. In some cases, these are bugs that we are working to resolve with a subsequent release. Other items may be due to causes outside of our control, such as bugs with other vendors' software. In all cases, we have tried to provide a workaround for you to consider, should you experience an issue.

If you have questions about a specific issue, please provide the issue ID (if applicable) when contacting our Technical Support team.

At this time, there are no new known issues with this release.

Bugs Fixed in this Release

The following bugs have been resolved with this release.

  • Computers are not booting after install of VIPRE [VPBAGENT-4644]
  • Deep scans are not completing [VPBAGENT-5387]
  • Agent sending hello call to Localhost after migration to Endpoint Cloud [VPBAGENT-4810]
  • Agents stop downloading definitions after a period of time [VPBAGENT-5596]
  • Agents converting to consumer version [VPBAGENT-4667]
  • Unprotected Popup after update to 11.0.7627 [VPBAGENT-4330]
  • Logoff considerably slower on Windows 7 with AAP enabled [VPBAGENT-4838]
  • Agent GUI displays inconsistent data [VPBAGENT-5393]
  • Finding machine type not working properly in Agent service [VPBAGENT-4486]
  • Browser protection interfering randomly with secure sites [VPBAGENT-5406]
  • Agent does not check for newer definitions on startup [VPBAGENT-4856]
  • % Scan Complete is reported incorrectly [VPBAGENT-4853]
  • GoogleEarthPro 7.3.2.5491 patch is breaking Google Earth [VPBAGENT-4136]
  • Device Control not correctly identifying device types [VPBAGENT-4004]
  • Device Control is breaking the encrypted keyboard driver included with IBERIABANK TreasuryConnect Secure Browser [VPBAGENT-4137]
  • BSOD using Arcserve with Agent 11.0.7628 [VPBAGENT-4576]
  • FW Port rules are not blocked [VPBAGENT-4209]

Previously Known Issues

Ticket Description Workaround
VPBAGENT-3920

This is a condition that occurs due to changes in Windows Server 2019 security settings.

Endpoint devices running Windows Server 2019 will not reboot when the "Reboot Now" button is selected - unless the user account is added to a specific Windows Local Security Policy. The default "Administrators" group cannot restart the Agent using this method.


Workaround 1: Add the user to the "Shut down the system" policy

To add a user account to the "Shut down the system" policy

  1. On the Agent machine, open the Windows Local Security Policy
  2. Add the required user account to the "Local Policies" > "User Rights Assignment" > "Shut down the system" policy
  3. Sign Out and Sign In to the machine (or reboot) for the policy change to apply

The next time VIPRE requires a reboot, the modified user will be able to reboot the computer using the "Reboot Now" button.

Workaround 2: Restart the Agent manually

Instead of using the Reboot Now button, users can manually restart the Agent through the Windows Start menu.


VPBAGENT-3187
The VIPRE Agent does not recognize IPv6 trusted zone ranges and treats any IPv6 traffic as non-trusted. Therefore, any firewall rules for non-trusted traffic will still apply.

There is no known workaround at this time.


VC-1279
On some systems, Windows Defender's Smart Screen blocks the agent installer. This appears to be an error in Microsoft's software registration process which we are tracking down.
Select More Info from the Windows Defender popup and then select Run Anyway.

Microsoft Windows Defender continues to run even if the policy has Disable selected. For policies applying to machines running Windows Server 2016 or higher, selecting "Disable Windows Defender" does not actually disable Windows Defender.

You may manually disable Windows Defender on these machines. Refer to these articles for more information:



When changing Active Protection settings within a VM environment, the changes take up to 15 minutes to apply

This is normal, as communication between the Console > VM takes some time to propagate.



When VIPRE scans an email archive, files are not quarantined properly


Through your email client, perform a manual cleanup of the email archive containing the infected email. Once the infected email has been removed, re-scan the endpoint to confirm the removal.

Anti-Phishing does not work if Outlook is open during agent install. If Outlook is running when enabling Anti-Phishing in the VIPRE Console before pushing an agent installation, it will not function properly until Outlook is restarted.

Workaround 1: Shut down Outlook during agent installation when enabling Anti-Phishing

Workaround 2: Restart Outlook after agent install when enabling Anti-Phishing


VPBAGENT-275
Logging into a Citrix device with Active Protection enabled fails. This is a known conflict between VIPRE Active Protection and Citrix User Profile Management (UPM). Attempting to login to a Citrix device with both services enabled causes the login to hang and eventually fail.
 Temporarily disable Active Protection for Agents that need to access Citrix devices.

Outdated Citrix drivers may cause BSOD on Windows 7 agents. Updating a Windows 7 agent to VIPRE Endpoint Security 9.6 or earlier can cause a blue screen state on systems with older versions of Citrix drivers on them.

Updating the Citrix driver should resolve the issue.