DriveLock Product Feedback & Ideas
Share your ideas for DriveLock.
Teilen Sie Ihre Ideen mit DriveLock.
76 results found
-
Freitexteingabe bei Awarenesskampagnen
Es gibt ja schon die Möglichkeit, bei Security Awareness Kampagnen den User zu "nötigen", einen Haken zu setzen bzw. eine gewisse Zeit ein Bild zu betrachten.
Was ist von der Idee zu halten, dem User nach gesehenem Video / gelesenem Text / betrachtetem Bild ein Freitext-Feld mit der Antwort auf eine Frage befüllen zu lassen?
Frage und Antwort werden dokumentiert und können ggf. im Nachgang besprochen werden.3 votes -
Ability to disable Logging for specific uses of the Usage Policy
When using a Usage Policy with different rules we would sometimes not want the rule to be logged with our enterprise Service (or at least be able to filter it out of our log).
Example:
We have one Rule that creates Usage Policies that we want to see to validate the device daily and add it to the permanent whitelist.
We have a different rule where we would like to show a Usage Policy to that user group for certain devices they connect. We have no need to see this Log in our DOC.Right now we either get all…
1 vote -
Want to remote write volume.id files (from DOC).
We do need a feature to write volume.id files remotely.
This should be implemented via DOC.
We can not install the DMC everywhere on clients, just to write
a volume.id. Also the device (production machines) are to heavy
to carry them into the IT department for whitelisting.
Signing the volume.id with password would be fine for us,
we don't need it full implemented, like signing with certificates.2 votesWe cannot reproduce it and have not received any more feedback
-
Security Awareness Statistik in DOC aufräumen oder in Arcive verschieben
Statistics in DOC
Arcify or clean up to get a better overview3 votesA lot has happened in the area of awareness evaluations since 23.2 and this area will be expanded with 24.1.
-
Autostart/delay/non-autoplay of awareness campaigns
We have set the trigger for "start campaign" to "at logon".
Logon can take up to one minute for us. But the video sometimes starts already in the background, before the desktop is visible.
If the campaign consists of a 3 minute video, the user misses 1/3.
We need a way to to set a delay (1-X Minutes) for the "immediate start".
An alternative way would be that the window apperas and the user has to click the "play" button himself.
2 votesDriveLock is introducing a new Security Awareness solution.
For more information, please contact your DriveLock sales representative.
-
Controlling Defender Core Isolation with Drivelock Policy Setting
It should be possible to control the memory integrity setting of the Core Isolation Feature within the Windows Defender Antivirus via Drivelock policy.
In addition, you should be able to hide the feature for your clients.
3 votesThank you for your valuable feedback! While this specific feature isn't on our current roadmap, we continuously evaluate requests, and we'll keep your input in mind for future improvements.
-
Use fingerprint and/or face recognition at DriveLock PBA (Windows Hello support)
When using the Drivelock PBA with Yubikeys to implement a 2FA, the use of fingerprint scanners and facial recognition is not possible. Login works with PIN or username/password.
We have notebooks with fingerprint and face recognition in use. If you activate the functionality in Windows, the Drivelock PBA does not work anymore. The PBA cannot be installed or uninstalled. The PBA users are not synchronized. This means that the additional logon methods cannot be used. With the PBA fingerprint and face recognition should be possible.1 voteThe current PBA does not support face recognition or fingerprint. UEFI does not support that. The request is closed. There is a possibility that we will revisit the issue at some point with further development. Thank you for your understanding.
-
Using VMWare workstation , USB Device can be accessed in VM Client even though it is blocked in host machine..
Using VMWare workstation , USB Device can be accessed in VM Client even though it is blocked in host machine..
1 votePlease contact your support partner or our support team in case of problems. There you will get assistance in analyzing any error and fixing the issue.
-
Deactivate MQTT on the server
It should be possible to disable MQTT on the server side as well. The existing option to disable MQTT on the client side via policy is not sufficient in my opinion. It should best be configurable via a feature in the DMC UI.
1 voteDisabling MQTT by policy provides a way to respond to restrictions on the use of MQTT communications in certain situations and environments.
We do not foresee disabling MQTT server-side at this time, as it is a central part of the DriveLock components' technical communication, the use of which will continue to expand in the future.
-
Netzwerkconnection anhand des primären DNS-Suffix bei jedem Verbindungsaufbau
Wir würden gerne die Netzwerkrichtlinien von Drivelock nutzen, damit die verwalteten Clients sich ausschließlich mit unserem Domänennetzwerk verbinden und im laufenden Betrieb auch die Netzwerkschnittstellen wechseln können. Dies würden wir gerne anhand des primären DNS-Suffix abfragen.
Momentan gibt es diese Möglichkeit bereits, doch wird diese Abfrage lediglich einmalig abgefragt und nicht bei jedem erneuten Verbindungsaufbau.
Wir wollen unseren Clients ermöglichen, dass sie sich sowohl über Wlan, als auch über Kabel verbinden und auch während einer Sitzung wechseln können.
Um dies zu erreichen, müsste unter dem Kartenreiter "Action" im Eigenschaftenfenster der Netzwerkrichtlinien eine Auswahl ähnlich wie "Disable network connection until new…3 votesThe functionality you require should already be possible today. However, if the card is deactivated, it is not possible to recognize whether the correct DNS suffix is present in order to reactivate the card. However, if the card is activated manually, this is already possible today.
DriveLock checks the network connection again with every policy update and network change.
Firewall rules can also be set up to control the network connection; it may be possible to do this via the firewall by setting up a rule that blocks all connections as long as the device is not in the correct network. If an attempt is made to access the wrong network, a corresponding firewall rule must be created that blocks everything (with the exception of the rules required for a network change). In the event of a change to the correct network, the corresponding rule must be removed again.
If…
-
Support Imprivata credential provider
For synchronization of users/credentials and for a Windows SSO after successful authentication of the user at the DriveLock PBA, a connection of the DriveLock Credential Provider to the Credential Provider of the Imprivata Agent is required (Credential Provider Wrapper).
1 voteAktuell planen wir keine Integration in diese Richtung. Sollte sich dies in Zukunft ändern oder zusätzliche technische Grundlagen vorliegen, prüfen wir das Thema gerne erneut.
Vielen Dank für Ihr Verständnis.
Mit freundlichen Grüßen,
Produktmanagement | DriveLock SE
-
Manual input of the stored uninstall password
Enable manual entry of the stored uninstall password. Either during uninstallation via "Programs and Features" or another entry "Uninstall Agent" via the systray icon of the DL Agent.
1 voteThank you for posting this request on our feedback forum.
This uninstall password is an additional layer of security to prevent local admins in environments without a zero trust approach from uninstalling the DriveLock agent part.
If for any reasons a single agent needs to be removed we already provide the possibility to use the following administration command-line:
msiexec /x DriveLockAgent.msi UNINSTPWD=<your_password>
The password is checked before the inner MSI part is executed. We would have to change this in order to fulfill requests like this one and decided not to lower security measures here, a while ago.
Please feel free to get in touch with us directly to discuss this in more detail.
-
Nach dem Test die Fehler anschauen
Leider ist es in der Aktuellen Version nach Abschluss der Fragen nicht möglich zusehen was man falsch beantwortet hat man sieht nur unten die runden Punkte mit X wenn man darauf kickt passiert nichts, hier wäre es gut die Frage nochmals zu sehen mit was wurde geantwortet und was wäre richtig gewesen
1 vote -
Fehler Auswertung der Kampagne im DOC
Ist es möglich das im DOC nicht nur die Anzahl der Fehler ausgewertet werden können, sondern auch Welche Fehler gemacht wurden?
Von welchen Benutzern1 vote -
DriveLock Linux Agent should be able to send all existing events to other external systems via email
As an administrator I want to let the Linux Agent send all drivelock agent events also to external systems.
It should work similar like DriveLock Agents for Windows OS.
If we can define a priority, we would like to see the following priority order (for implementing):
1) SMTP (email, supporting TLS/SSL)
2) SNMP1 voteplease see comment
-
Format BitLocker2Go USB removables like in Encryption2Go
In Encryption2Go it is possible to format the USB removables before encryption and keep the data if necessary - these options are completely missing in BitLocker2Go.
4 votesThe options exist because in the old days everything was formatted with FAT, where you could not create containers larger than 4 GB. This made things easier for the customer. This is not necessary with BitLocker To Go.
-
DriveLock License Management (expire dates) over DOC, within an Enterprise Environment
DES Servers, running into an an protected Enterprise Environment configured according Microsoft's Recommendation
for an Enterprise-Access-Modell, should be able to renew their License Date (Maintenance Date) over the DOC,
without having direct Internet access, and without getting each year a new license to activate by phone.
An Implementation idea is maybe a Windows 10 Client System running DOC Companion, while the Client have
Internet Access over a Company Proxy Server, to renew the License at the DES Server backend.4 votesif you issue a new license annually (or whenever the maintenance is extended), then you don't even need one without activation, because the mmc does the activation and you can run it on a computer with internet access or use the telephone activation. You can either activate by telephone or issue the customer with a license without activation. Subscription licenses have to be reissued anyway, at least until now
-
DLSupportAgent.exe
Der "DLSupportAgent.exe" sollte via Kommandozeile bedienbar sein, so dass die Aktivierung nicht zwingend grafisch erfolgen muss. Es sollten die Kommandozeile und die Windows-Powershell unterstützt werden:
z.B. DLSupportAgent.exe -Step [1/2/3/4/5/6/7]
The "DLSupportAgent.exe" should support a interaction via command line (cmd / Windows-Powershell) so that there is no need for a graphical access to the traget system.
3 votesMittlerweile kann man alles über DOC ansteuern.
-
Configure automatic temporary unlock in the future (from time x to time y)
We have repeated requests for USB releases for specific time periods in the future. Would it be possible in the helpdesk temporary unlock window to select a period in the future with time and date specification?
1 voteAfter much deliberation, we have decided to respectfully decline this feature request.
-
DOC deployment installation option should support DriveLock groups
In the new DOC 21.2, it is possible to deploy new agent on computer. It would be very nice to be able to use drivelock groups here instead of a static list of PCs.
2 votesThe deployment options are ok for individual computers. Otherwise, we ask customers to use a software distribution solution. I am therefore closing the request.
- Don't see your idea?