Users Guide
● The Device Lease Period can now be reduced to a minimum of 14 days. [DDPS-5281]
● An issue that resulted in an access violation error in module 'GKConsole.exe' is now resolved. [DDPS-5300]
● A page selector and drop-down list now allows the administrator to navigate between pages of Endpoint Groups and select
the number of groups to display per page. [DDPS-5349]
● Policy commit comments that begin with special characters are now logged in Commit History. [DDPS-5353]
● Certificates with passwords that include special characters can now be successfully imported. [DDPS-5396]
● The installer now accepts a period (".") in the SQL service account username with SQL Server 2008 R2 and SQL Server
2016. [DDPS-5418]
● Duplicate entries no longer display in the BitLocker Manager Detail report in Compliance Reporter after upgrade.
[DDPS-5432]
● An issue is resolved with Threat Protection (TP) licenses for Web Protection and Firewall, and they now match consumed
licenses for Advanced Threat Prevention (ATP) with Web Protection and Firewall. [DDPS-5491]
Technical Advisories v9.8
● Added 01/2018-Advanced Threat Event results are automatically limited to the first 10000 results. This will resolve issues
where Advanced Threat Events were not properly displaying when selecting the tab within the Dell Security Management
Server
● To block all PowerShell scripts with Advanced Threat Prevention, both the PowerShell and PowerShell Console policies must
be set to Block. When both policies are set to Block, no scripts can be run, either through the PowerShell console or the
Cmd console. PowerShell one-liners are blocked. To allow approved scripts to run through the Cmd console, select the
Enable Approve Scripts in Folders (and Subfolders) policy, and add the approved scripts to the Approve Scripts in Folders
(and Subfolders) policy. The PowerShell Console policy applies to PowerShell v3 and later. Windows 7 includes PowerShell
v2, by default. To upgrade to PowerShell v3 on Windows 7, see www.microsoft.com/en-us/download/details.aspx?
id=34595. [CYL-619]
● As of v9.8, the ESXi vSphere thick client can no longer be used for deployment. Also, previous installs on ESXi 5.1 have not
been prevented although they are not supported. Installs on ESXi 5.1 are now prevented. [ DDPS-5086, DDPS-5269]
● The Office Protected Files Cover Page Corporate Logo policy cannot be committed when running the Remote Management
Console in Firefox. To work around this issue, use Internet Explorer or Google Chrome. [DDPS-5538]
● Added 08/2018-The Dell Policy Proxy service may incorrectly send two requests to the back end server for SKID3 requests.
This can safely be ignored. [DDPS-5585]
New Features and Functionality v9.7
● Enterprise Server now supports Advanced Threat Prevention with optional Client Firewall and Web Protection features.
Client Firewall and Web Protection policies are reorganized to simplify management of these features. Prior to client upgrade
to the new features, refer to Default Policy Changes.
● Enterprise Server now supports Disconnected Mode, for air-gapped environments.
● Added 7/2017 - Enterprise Server is now supported with VMware ESXi 6.5.
● Active Directory groups and domains can now be specified when adding or modifying Endpoint Groups. Enterprise Server
collects Active Directory information from endpoints and makes this data available for Endpoint Group specification.
● Endpoint Group Precedence can now be modified using drag-and-drop functionality. This functionality applies to Admin-
Defined, Rule-Defined, and Active Directory but not System-Defined Endpoint Groups. Precedence of System-Defined
Endpoint Groups for new installations and upgrades is as follows: Highest precedence is given to Non-Persistent VDI
followed by Persistent VDI Endpoint Group. Lowest precedence is given to Default followed by Opt-in Endpoint Group.
● Added 7/2017 - Administrators can now bulk upload and import a CSV list of Endpoints to add to Admin-Defined Endpoint
Groups.
● Advanced Threat Prevention and Dell Data Guardian events can now be exported to a syslog server or to a local file through
a streamlined Events Management screen.
● New Advanced Threat Prevention policies allow Application Control folder exclusions and automatic deletion of quarantined
files after a configurable length of time.
● Log Analyzer results can now be exported to Excel or CSV file.
● New Enterprise Edition for Mac policies replace the need to manage some settings through .plist entries.
● Secure Lifecycle is rebranded to Dell Data Guardian.
Dell Security Management Server Technical Advisories
25