Dell Security Management Server Technical Advisories v11.1.1 July 2021 Rev.
Notes, cautions, and warnings NOTE: A NOTE indicates important information that helps you make better use of your product. CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid the problem. WARNING: A WARNING indicates a potential for property damage, personal injury, or death.
Contents Chapter 1: Dell Security Management Server Technical Advisories................................................ 6 Contact Dell ProSupport....................................................................................................................................................6 Resolved Technical Advisories v11.1.1............................................................................................................................. 6 New Features and Functionality v11.1.0.............
New Features and Functionality v10.2.2...................................................................................................................... 19 Resolved Technical Advisories v10.2.2.........................................................................................................................20 Technical Advisories v10.2.2...........................................................................................................................................
Technical Advisories v9.0................................................................................................................................................38 Resolved Technical Advisories v8.5.1........................................................................................................................... 39 Technical Advisories v8.5.1.............................................................................................................................................
1 Dell Security Management Server Technical Advisories Contact Dell ProSupport Call 877-459-7304, extension 4310039 for 24x7 phone support for your Dell product. Additionally, online support for Dell products is available at dell.com/support. Online support includes drivers, manuals, technical advisories, FAQs, and emerging issues. Be sure to help us quickly connect you to the right technical expert by having your Service Tag or Express Service Code available when you call.
New Features and Functionality v11.0.1 ● For Passwordless Authentication and information about configuring Dell Encryption Enterprise to authenticate with Windows Hello, see KB article 188216. Management Console ● In Populations > User Groups, after clicking a group name and selecting the Members tab, the administrator can now click an Export File button to export the list of members within a User Group.
○ In Services Management > Events Management tab, an Enable Threat Events checkbox ensures that the Threat Events tab displays in Populations > Enterprise or Populations > Endpoints > Details & Actions tab > Endpoint Detail. Under the Threat Events tab, Web Protection and Client Firewall are listed under the Threat Prevention group. [DDPS-10095] ○ An issue is resolved so that when attempting to load an existing domain within the Dell Security Management Server running 11.0.
New Features and Functionality v10.2.13 ● A web-based portal, the Dell Data Security - Self-Service Recovery Portal tool that is hosted by the Dell Security Management Server, allows administrators with specific roles to recover devices that are managed by BitLocker. Roles include Self-Service Recovery, System, Security, and Help Desk administrators. Resolved Technical Advisories v10.2.13 ● In the Security Server, SSOS activation is no longer failing for v 10.2.11 and later.
○ The legacy management console has been deprecated. The legacy login and corresponding URLs are no longer available. ○ Microsoft Edge (Chromium) is supported. ○ For newly deployed Security Management Servers, the Sync Users at PBA Activation policy in the Pre-Boot Authentication policy group is now enabled by default to sync all active user accounts to the PBA during activation.
New Features and Functionality v10.2.11 ● SQL Server 2019 is now supported. ● Microsoft Edge is now supported. ● The Security Management Server may have issues with UI elements for Internet Explorer 11. Due to the lack of support for modern web engines, Internet Explorer 11 will no longer be supported. ● The Security Management Server is compatible with the Microsoft requirement for LDAP channel binding and LDAP signing when Active Directory is in use.
● In the Management Console > Management > Services Management > Events Management, an issue has been resolved where the Security Server logs displayed recent events but would not export events when an unexpectedly older event was discovered. [DDPS-9662] ● Administrators with the Help Desk role can no longer remove endpoints that are presented within an endpoint's Details and Actions tab. [DDPS-9698] ● Advanced Threat Events once again can search by hostname or SHA256 hash.
The auditdb.size.NotificationPercentage property is now included inApplication.properties of the Security Server to manage the size of the Advanced Threat Prevention Audit database. The auditdb.size.percentage property is the cleanup threshold. When this percentage of the database is exceeded, after the auditdb.clear.cron is activated, the percentage of total space is calculated. The auditdb.clear.cron default value is every two hours. If the auditdb.size.
● The Security Management Server can now be configured to allow non-domain activations. If your environment requires this activation workflow, see KB article SLN306341. [DDPS-9531, DDPSUS-2578] ● Added 12/2020 - Microsoft Edge is supported. [DDPS-9814] Resolved Security Advisories v10.2.10 ● An issue allowing remote deserialization of data through an RMI interface is resolved. For more information, see KB article SLN320536.
● New installs of the Security Management Server now listen on TLS 1.2 by default for all Java-based services, including Dell Security Server, Dell Device Server, and Dell Compliance Reporter Server. Note that the Dell Core Server is not configured by default to use TLS 1.2 on new installs to avoid introducing compatibility issues with other applications that may exist on the same server.
1. Navigate to Management > Notification Management. 2. Select Send Test Email. 3. Specify the email to test and select Send Email. If the email passes through the Dell Server successfully, the following results screen displays. The following is an example of successful test email.
● The Data Guardian web portal can now be activated through a Security Management Server front end server. See Data Guardian Windows, Mac, Mobile, and Web Administrator Guide for requirements of activating the Data Guardian web portal against a Security Management Server. Resolved Technical Advisories v10.2.7 ● ● ● ● ● ● ● ● ● ● ● ● An issue resulting in the inability to log into the Data Guardian web portal is resolved.
● If an existing email notification is modified then saved, the next new email notification inherits the previous notification's modifications. [DDPS-8881] ● Scheduled reporting emails send 30 minutes later than their scheduled time. [DDPS-8888] ● If an administrator's password contains double quotations, password validation fails and the following message displays: Credentials are invalid. Please verify the logon and password.
● Resolved an issue where the Security Management Server's Core Server, ACL Service, and Key Server would not start after a reboot. For more information, see https://www.dell.com/support/article/us/en/04/sln316840. [DDPS-8522] Technical Advisories v10.2.4 ● No technical advisories exist. New Features and Functionality v10.2.3 ● Administrators can now manage keys in the Management Console. To find/change the owner for a key: 1. 2. 3. 4. In the left pane, navigate to Management > Data Guardian Management.
Resolved Technical Advisories v10.2.2 ● The Security Management Server now validates the version of Microsoft Visual C++ 2013 version 12.0.40660. If this version is not found, the installer exits. Please validate this version is installed before installing the Security Management Server. [DDPS-8010, DDPSUS-2437] ● Translation consistency is improved.
○ Time, will schedule the time based upon your current location. ○ Schedule Details page shows the date sent, schedule, next send, etc. Resolved Technical Advisories v10.1 ● A forensic key bundle download using the Administrative Download Utility (CMGAd) now succeed for endpoints with large key sets based on a high number of activations.
Technical Advisories v10.0 ● Audit Events with pins per object counts close to 500 cause the management console to become unresponsive for some time. To work around this issue, modify the search scope to reduce the count below 500 consolidated events. [DDPS-7430] New Features and Functionality v9.11 ● Below are the requirements for SQL permissions. The current user performing the installation and the services must have local administrator rights.
To enable, the administrator must modify the InventoryObjects.config file which is located in < C:\Program Files\Dell\Enterprise Edition\Core Server\> by default. the section to change is :
