DriveLock Customer Forum
Information
22 results found
-
Need a DriveLock REST API for use with PRTG Network Monitor.
We do need the DOC functionality as a REST API, as we want integrate some
views within our Network Monitor Tool "PRTG".
And once it is implemented, we do need a official REST API documentation.
For example, when we define a DOC View for Computers/Agents with heartbeat was more than4weeks ago, then we want to create a REST API call from it, to view them within our PRTG Monitor tool,
without the needs to login into DOC. Similar like it works with SentinelOne.1 voteCreating an API to access DriveLock information via DES is already part of our long-term issues roadmap.
-
Allow multi-factor authentication (2FA/MFA) for DOC login
Drivelock is a security tool connected to the Active Directory.
It should be possible to have consoles with dual authentication (MFA).
For me it is mandatory to avoid an hacker to do what he wants.3 votesWe have added this requirement to our product backlog.
-
DriveLock Linux Agent should be able to send all existing events to other external systems via email
As an administrator I want to let the Linux Agent send all drivelock agent events also to external systems.
It should work similar like DriveLock Agents for Windows OS.
If we can define a priority, we would like to see the following priority order (for implementing):
1) SMTP (email, supporting TLS/SSL)
2) SNMP1 voteIn the near future, we will change the way events and alerts will be sent to external systems via email (SMTP) or syslog (SNMP).
No longer will each agent forward something individually, this task will be handled centrally by our DriveLock Enterprise Service. It will make no difference on which operating system the DriveLock Agent is running: Windows, Linux or MacOS.
A corresponding feature request has already been added to the short-term product backlog.
-
DOC reports - export to spreadsheet format
I think it would be good to allow DOC reports (in list format) to be exportable to spreadsheet format, not just in pdf format.
3 votesgeneral ability to export all lists as csv
-
802.1x support for SSO in the PBA/Win-Login
Currently the Single-Sign-On method for the PBA or for Windows doesn't support port configuration of 802.1x.
That hinder us from using this feature.So I'd like to suggest implementing the support of a port configuration 802.1x to use the SSO in the PBA/Win-Login.
1 vote -
Defender Management - Identify outdated AV signatures correctly
The defender dashboard should not flag hosts as having an "outdated antivirus definition" when the "Last contact (DriveLock Agent)" is overdue as well.
This indicates an "offline" wokstation rather than a not working antivirus-update and is therefore confusing.
5 votes -
API implementation
In order to enhance integration with workflow tools in a company to automate certain processes (f.e. update whitelists in DL policies, etc), it would be interesting to have available an API in DES
3 votesWe have already started to implement first architectural changes in our backend which are mandatory for such a feature set. These changes will be continued and introcuded step by step in the next releases.
-
Software Packages Publishing should be multi tenant aware
actually the publishing of software package through the DES server (mainly the drivelock agent) works for all configured tenant. It should be possible to published different version of the agent in different tenant.
1 voteWe plan to add the possibility that a certain agent version can be published to a specific tenant only. This feature will add flexibility for our own managed services and our partners who manage the environments for their customers.
-
FDE: Option to remember last used username at PBA
It will be useful to have the possibility in PBA to allow saving/remembering the last used username so that user will only have to type the password. Make this an optional configuration.
3 votes -
Identifying a computer using IP address (or some other unique value) vs hostname
In a customer environment where many computers share the same hostname (eg. machines in a large distributed convenience store infrastructure), it would be very useful to be able to register the computer via its IP address or some other unique value, instead of just relying on hostnames/FQDN. Perhaps a feature to allow the customer to select the IP address (or a unique agent registration ID) to be used in our management and operations consoles - without the need for scripting or a convoluted workaround.
7 votes -
Restart option after agent update
Currently, a reboot before updating the agent can be configured via the option "Reboot to update agent". This causes the users to be logged out first, then DriveLock is updated and then a reboot occurs. If users logs on immediately afterwards, they can work for 2-3 minutes before a reboot occurs without further warning.
It would be better for the users if the update would happen in the background without reboot (similar to push install/push update via the DCC). The user should get after successful update a message that he should close all programs because the computer reboots. This reboot…
13 votes -
Multitenant overview in Management Console policy view (CSP)
With the new version 2020 we lost the ability in DriveLock Management console to have an overview on all defined CSP policies. This function was present in older version and is greatly missed by admins who controll multitenant environment.
Maybe a setting in the database can restore the view?
1 voteWe plan to improve policy management in a multi-tenant environment for our customers. Policy management and editing will be possible according to the access rights for each tenant, but independent from the selected DES-Tenant connection.
-
Status not compliant
Status NOT COMPLIANT overwrites Status OK in DCC this is not good because a NOT Compliant Drivelock Agent is stil OK. There should be a separate sub status displayed, many customers turn off the compliant feature so it doesn't happen
3 votes -
EDR new responses (email, snmp, ...)
actually responses definition include Powershell, Batch, Command line, Awareness and taken picture. It should be extend to E-Mail, SNMP Trap and Web-hook. At least E-Mail should be implement. That way one could decide to send E-Mail based on filtered event.
It is actually possible to send E-Mail for a complete event-type but not to define further condition under which the E-Mail should be sent ( user, folder, computer, etc, ...). Of course it is possible to write script but E-Mail is already there in the solution.
It sould be although possible to restrict the action repetition if one action (f.e…
2 votes -
USB tethering
Add an option to block connecting to the Internet by using usb tethering on your smartphone (android and apple).
Usb tethering creates a Remote NDIS based Internet Sharing Device.
11 votes -
Network Bridging: enable temporary deactivation
Hello,
We are looking for a solution how to disable network bridging in a simple way for a short time.
We are currently deploying only one policy and do not want to switch to a second policy just to disable bridging. Is it possible that something like this will be implemented in the future? As soon as I temporarily unlock the computer that I also have the option to disable bridging?
1 vote -
Comment field for serial numbers, whitelist rule
The comment field for serial numbers / whitelist rule should be exported and imported if possible.
In addition, this comment field should appear in the event report or be made visible.Without this possibility the field is unsuitable for documentation.
6 votes -
Office-365 Integration for DriveLock File Protection
As a user I want to use my encrypted folder (or files) in a seamless way in Office-365 (i.e. stored on OneDrive for Business or SharePoint).
3 votes -
More differentiation in the settings of the Self-Service unlock
We would like to enable our employees to selectively share specific drives without much effort on your part.
The "effort" should be in the configuration. So that we can configure the users a self service unlock, in which we can select e.g. specifically the sub-module "CD/DVD drive" and not as before the entire module "drives".Example of how the configuration could end up being:
Share computer
CD/DVD Drives
Max.20 minutes
Simplified modules; Hide modules & share all
Advanced Options - File Filter....-> Would increase acceptance by our users and also DL protection as the file filter and logging would…
3 votes -
Show when a rule was last used
It would be helpful to have a filter that shows me which whitelist rule has not been used for e.g. 1 year.
The filter should be used to "clean up" the rules.13 votesIn preparation for another important new feature, we are updating our internal database model in such way, that it also will help us to implement this idea more easily.
We will have a closer look at this idea, once the changes are implemented and tested thoroughly.
- Don't see your idea?