Endpoint Privilege Management ePO Extension 5.5 Release Notes

November 14, 2019

New Features and Enhancements:

  • DXL 4.0 is now required as 1.0 is EOL.
  • Process Events (Legacy) have been removed from ePO Queries and Reports.
  • ePO Policy editor defaults to not use wildcards, so that users are discouraged from adding potentially problematic rules by default.
  • New User Experience report.
  • Support for new macOS script application type.
  • Support for new macOS Hidden Application Groups.
  • Updates to the Quick Start Policy.

Issues Resolved:

  • Resolved an issue where sorting by event time gives wrong sort order.
  • Resolved an issue where OSX Event Time Stamp has invalid format and is always in UTC.
  • Resolved an issue where there was a performance issue with large numbers of CommandLines.
  • Resolved an issue when a Host jumps between domains causing a primary key error during an update statement.
  • Resolved an issue where Avecto Response Generator now includes 0 as part of the response code where applicable.
  • Resolved an issue where the Save button is correctly enabled when deleting OSX Account Filters and OSX Messages.
  • Resolved an issue where spaces are trimmed from before and after File/Folder name and command line matching criteria. macOS only.
  • Resolved an issue where it is possible to have a policy with no version tag.
  • Resolved an issue where Parent Process Name is displayed in the PMR DB and reports.
  • Resolved an issue where Challenge/Response shared key dialog box gives out-of-date information.
  • Resolved an issue where there is no Save option in ePO console after editing TAP rules.

Compatibility:

  • Endpoint Privilege Management Windows Client 5.5 (recommended), 3.8+

Endpoint Privilege Management for Windows client 5.3.230.0 SR3 is certified with ePO Server 5.9 and 5.10.

  • Endpoint Privilege Management Mac Client 5.5 (recommended), 5.2.29409.0 SR1, 5.2.27899.0 GA

Endpoint Privilege Management for Mac client 5.2.27899.0 GA is certified with ePO Server 5.9; 5.2.29409.0 SR1 is certified with ePO Server 5.10.

  • Endpoint Privilege Management Reporting 5.5 (recommended), 4.1+
If you are using an older version of the Endpoint Privilege Management Reporting database, some reports may not return data, and some levels of performance may be reduced.

Using ePO to query fields or import events that contain fields that are not present in the Endpoint Privilege Management Reporting database causes errors to be displayed. Fields will not be present in the Endpoint Privilege Management Reporting database if the functionality was implemented in a subsequent release.

  • The following browsers are compatible with the ePO extension:
    • Safari v10 and higher
    • Internet Explorer version 11.6 and higher
    • Chrome (latest version)
    • Firefox (latest version)

Please also see the McAfee ePO compatibility list: kc.mcafee.com/corporate/index?page=content&id=KB51569.

  • McAfee Agent 5.6 (recommended), 5.0+
  • McAfee ePO Server 5.10 (recommended), 5.9
  • McAfee Endpoint Security (ENS)
    • ENS Adaptive Threat Protection (ATP) 10.x with Generic Privilege Escalation Prevention (GPEP) enabled and disabled
    • ENS Firewall 10.x
    • ENS Threat Prevention 10.x
    • ENS Web Control 10.x
  • McAfee MOVE Multi-Platform Client

    If the version of McAfee MOVE is compatible with the McAfee Agent you are using, then Endpoint Privilege Management is also compatible. The following McAfee supported versions of the MOVE Multi-Platform Client are compatible with this version of the Endpoint Privilege Management client. The agentless version of McAfee MOVE is not supported.

    • MOVE AV[Multi-Platform] SVA Manager 3.6.1.141
    • MOVE AV[Multi-Platform] Client 3.6.1.141
    • MOVE AV[Multi-Platform] License Extension 3.6.1.141
    • MOVE AV[Multi-Platform] Offload Scan Server 3.6.1.141