Release Notes for Endpoint Security for Mac 18.104.22.168536
- Fast ring: 2018.07.25
- Slow ring: -
- Added support for Device Control, a protection module that provides the ability to control and monitor the access to various devices that may connect to the endpoints. This module can be enabled for existing Mac installations using a Reconfigure Client task from the GravityZone console with the Device Control module selected.
- Bluetooth devices
- CDROM devices
- Imaging devices (webcams, phones using PTP connection, Apple iPhone / iPad)
- Windows Portable (Windows phones, phones using MTP connection)
- Printers (locally connected only)
- Network adapters (including modems and Wi-Fi dongles)
- Wireless network adapters
- External storage
Device Control is available for OS X El Capitan (10.11) and higher. This functionality relies on a macOS kernel extension. The installation of kernel extensions requires user approval on macOS High Sierra (10.13.x). The system notifies the user that a system extension from Bitdefender was blocked and to allow it from Security & Privacy preferences. Until the user approves the Bitdefender system extension, the module will not work, and the Endpoint Security for Mac user interface will show a critical issue prompting the user for approval.
- In particular situations, Endpoint Security for Mac was incorrectly displaying an issue to prompt the user to allow the Bitdefender kernel extension to load. This is now fixed.
- Fixed Content Control incompatibility issues with RStudio and Blackmagic Fusion software.
- Device Control does not detect/block:
- Built-in SD Card Reader on iMac and Mac Mini
- Another Mac connected in Target Disk mode
- Device Control does not report Device and Product IDs for:
- SD cards on MacBook
- Bluetooth dongles
- Hard-drives connected via Thunderbolt and FireWire
- Content Control blocks file uploading in passive mode via FTP. To overcome this issue, create a Traffic Scan exclusion with the IP of the server.
- The Scan SSL option of Content Control blocks home.nest.com. To overcome this issue, create a Traffic Scan exclusion with *.nest.com.