Endpoint Privilege Management Cloud 21.8 Release Notes

December 14, 2021

New Features and Enhancements:

  • New Microsoft Sentinel SIEM Integration.
  • Policy delivery improvements.
  • Improved grid filtering
  • Added new API calls for Computers:

    API CallDescription
    GET /ComputersRetrieve computer list
    POST /Computers/RetrieveStatusInfoRetrieve computer detail
    POST /Computers/RetrieveLogsRequest computer logs
    GET /Computers/{ID}/LogsGet computer logs
    GET /Computers/ComputerLog/{ID}/ContentDownload computer log
    GET /Computers/{ID}/CommandLogsGet computer command logs
    POST /Computers/DeactivateDeactivate computer
    DELETE /Computers/DeleteDelete computer
    POST /Computers/AuthoriseAuthorize computer
    POST /Computers/RejectReject computer
    POST /Computers/{ID}/RenewCertificateRenewCertificate computer

  • Added new API calls for Computer Groups:

    API CallDescription
    GET /GroupsRetrieve group list
    GET /Groups/{ID}Retrieve group detail
    POST /GroupsCreate group
    PUT /GroupsUpdate group
    DELETE /GroupsRemove group
    PUT /Groups/{ID}/MarkasdefaultGroup set default
    PUT /Groups/{ID}/AssignComputersAssign computers to group
    PUT /Groups/{ID}/AssignPolicyRevisionAssign policy revision to group
    POST /Groups/{ID}/ClearPolicyClear policy from group

  • PM Cloud Adapter
    • PM Cloud Windows Adapter now runs as LocalSystem by default.
    • Privilege Management for Windows can now query for Authorization Request Management updates on-demand.
  • Web Policy Editor
    • TAP can now be enabled via the Web Policy Editor.
    • Users can now merge or overwrite existing policies with a template policy (Discovery, QuickStart for Mac, QuickStart for Windows, Server Roles, TAP High Flexibility and TAP High Security) within the Utilities menu of a policy. Users have the option to export an existing policy to XML before overwriting a policy to ensure the policy is not lost.
    • Password Safe integration within the Web Policy Editor enables customers to set Allow application and On-Demand Application Rules, allowing Password Safe users to help manage access to applications.

Customers require Password Safe to be installed and configured as a prerequisite to use this new feature.

Components:

  • PM Reporting: 21.2.79
  • Web Policy Editor: 21.8.259

Compatibility:

 

Do not install a new adapter version before you are running a version of PM Cloud that supports it. Installing an unsupported adapter can result in endpoints that no longer connect. You will be notified before your instance of PM Cloud is upgraded.

 

If using the ServiceNow User Request Management (URM) feature, your instance of PM Cloud and all adapters must be updated to 21.8 or above before updating your endpoint agents to version 21.7.Using the newer agent with earlier versions of PM Cloud will cause request messages to become stuck in the Pending state.

Endpoint Privilege Management for Windows 21.7 and Endpoint Privilege Management Cloud 21.8 have enhanced the URM feature to be more user-friendly. Pending user request checks now happen whenever the requested application is run.

This affects only the PM Cloud and ServiceNow User Request Management (URM) feature specifically. If you are not using this feature, please disregard this warning.

  • PM MMC snap-in: 21.7.152 (Recommended), 21.6.153
  • PM for Windows: 21.7.152 (Recommended), 21.6.153
  • PM Windows adapter: 21.8.760 (Recommended), 21.7.622, 2.4.44585
  • PM for macOS: 21.7.0.1 (Recommended), 21.6.0.153
  • PM macOS adapter: 21.7.0.1 (Recommended), 21.6.0.153, 2.4.74915.0
  • PM Rapid Deployment Tool for macOS: 21.7.0.3 (Recommended), 21.6.0.2

Notes:

  • PM Cloud 21.8 supports upgrades from 21.7.622.