DriveLock Customer Forum
Information
107 results found
-
Get Local Admin Password via DOC (Native Security)
It should be possible to retrieve the password of a user created via the OS management in the DOC and not only via the agent.
Maybe if the Trust to the AD gets lost, the user won´t be able to login to his computer anymore.
5 votes -
Allow multi-factor authentication (2FA/MFA) for DOC login
Drivelock is a security tool connected to the Active Directory.
It should be possible to have consoles with dual authentication (MFA).
For me it is mandatory to avoid an hacker to do what he wants.3 votes23.2
-
Ability to support two password protectors like Encryption2Go
please add for Bitlocker2Go the ability to support two password protectors like Encryption2Go.
Currently the product seems to offer the usage of an administrator password in combination with a user password.
Drivelock Support explained that currently only 1 Passwort Protektor is supported3 votesWith the release 2022.2 publicly available, the status of this idea is updated to "released".
-
operating system security should support conditional settings
Conditional settings cannot be used for firewall rules or local user/group configuration. It should be possible to differentiate definitions through conditional settings.
2 votesConfiguration filters are already available also for local users and groups settings as well as for firewall management settings.
-
Add a column for policy order in the computer config details view
Currently there is no option in the computer config details view of the DOC to have a look at the order of how the policies will be applied on a device.
I would suggest to add a column where you can see the order of the applied policies.2 votesWith the release 2022.2 publicly available, the status of this idea is updated to "released".
-
DriveLock Bitlocker with PBA - Autologon without a user
After the DriveLock Bitlocker installation with PBA, the PBA screen also appears if no user has previously logged on.
The DriveLock PBA should be skipped until the first Windows User has logged on.
2 votesWith the release 2022.2 publicly available, the status of this idea is updated to "released".
-
Preinstall DOC Companion for All Users on a computer
Currently the DOC Companion can only be installed, when the user is also local admin on his machine.
But it's a really good security recommendation to separate users internet activities from admin tasks.
So we'd suggest to have an install procedure, that can be started from an admin command line or via a software distribution system.Add a configuration option to prevent the download/start of DOC_Companion.exe.
2 votesWith the release 2022.2 publicly available, the status of this idea is updated to "released".
-
SSO to DOC for legacy AD accounts
Windows with pass-through authentication.
Either using NTLM / Kerberos or SAML / ADFS (SSO)2 votesWith the release 2022.2 publicly available, the status of this idea is updated to "released".
-
Permanently unlock devices directly from within the DOC
With 2021.2 permanently unlocking single drives has become easier than ever before. It would be great to have the same capability for other devices like cameras, smartphones.
Unlocking applications previously blocked by DriveLock application control has been added with 2022.1.1 voteThis feature request will be included in the 24.1 release.
-
Anonymization of personal data in DOC views
Data related to a single person (for example, user names or computer names) should only be visible in any DOC view, if the anonymization has been manually deactivated and if either the current user has a special permission which is allowing to view this data or a second user with appropriate permissions has logged in additionally (four-eyes principle).
0 votesWith the release 2022.2 publicly available, the status of this idea is updated to "released".
-
Support gMSA (Group Managed Service Accounts) as DES service account
As a customer I want to reduce the problem of service accounts with static passwords.
For this reason Microsoft offers a feature called gMSA (Group Managed Service Accounts).
Please implement a change, so the DES Service will support gMSA within a future release.4 votesis part of the 2024.2 release
-
API implementation
In order to enhance integration with workflow tools in a company to automate certain processes (f.e. update whitelists in DL policies, etc), it would be interesting to have available an API in DES
3 votesThe DriveLock backend already has a very comprehensive API and is extensively documented. We are constantly working on the extension.
-
set the default Event log to Drivelock instead of the Windows Application Log
set the default Event log always to Drivelock instead of the Windows Application Log
2 votesSince DriveLock 2022.1 all events will be collected within the DriveLock log instead of the Windows application log by default.
-
Powershell support for drivelock.Exe
Please fully support (and document) drivelock.exe command line from PowerShell "Start-Process" command along with "ArgumentList". Current the Arguments from ArgumentList Option are not always accepted, for any available Arg. This is very usefull for example for deployment framework like SCCM or PSAPPDeployToolkit.
2 votesDriveLock 2021.2 is available now.
-
Whitelist Regel von USB Geräten mit Bitlocker to go
Die Konfiguration einer Whitelistregel für USB Sticks mit gleichzeitiger Erzwingung der BitLocker to go Verschlüsselung funktioniert nicht im Zusammenhang mit "Allow".
1 voteReleased with DriveLock 2021.2.
We implemented a fix on how enforced encryption is configured. This will set access to “allow for all users” automatically. -
Standard configuration for auto update should be no update
under global config > config the settings for automatic update should be set to "no update" when this setting is set to "not configure". Otherwise their might be a configuration conflict with other policies when multiple policy are in use.
1 votepart of 2024.1
-
DOC: Run commands on groups and multiple computers
Currently running commands can be done only on individual computers under DOC > Computers page. Suggesting to add the ability to issue commands on multiple computers under the same page mentioned above, as well as issue commands on group(s) under DOC > Groups page.
4 votesIt is possible to perform remote actions on several computers at the same time. Go to the inventory, select a group, select several computers and perform actions.
-
Delete computers after x days of no activity/connection
Delete computers after x days of no activity/connection in the database (automatically/periodically).
Events should not be deleted.16 votesThis feature request will be part of the 24.2 release
-
App Control: Allow multiple hash algorithms simultaneously
Current settings allow specifying only one hash algorithm before creating any AC rules. There is an increase in the use of indicators of compromise (IOCs) which some customers use to protect against emerging or existing threats. Usually those IOCs will contain hash values of known-bad files (malware) to be imported and blocked. However, depending on the intelligence source, such hash values can be based off various hashing algorithms, which will be a problem for DriveLock customers who are using a different hash algorithm. The suggestion is to support the use of multiple hash algorithms at the same time both when…
1 vote -
automatic license removal after x days
the license should be removed (configurable) after x days if the agent has not reported to the DES server.
If the agent then reports back to the DES server, it automatically receives a license again.
In the case of encrypted hard drives, it should not be automatically decrypted
the events that already exist should be retained until the default DES settings delete them
5 votesAgents no longer use a license after 30 days of inactivity, so the license becomes available.
- Don't see your idea?