Agent v4.X

Zorus Agent Release Notes for versions 4.0.0.0 through 4.x

Introducing Filtering Support for DC/DNS Servers
- Added support for DC/DNS servers by prioritizing outbound traffic while excluding endpoint traffic. This improvement addresses DNS resolution challenges and timeouts during setup and connection, ensuring smoother operations and enhanced reliability
- Compatible with Windows Server 2012 or higher

Fixed an issue preventing MSP360 backups from running due to lack of IPv6 support in the network request resolver
Fixed an issue causing certificate errors and failed unblock requests due to incomplete SNI parsing when TLS data was split into multiple packets

Zero Trust Device Isolation Manual Override Passphrase: Set a passphrase when isolating a device that enables you to release isolation locally if the device loses connectivity to allowed inbound and outbound addresses. It's a convenient way to release devices that can't access needed resources without on-site intervention
- Set Passphrase: The passphrase can either be automatically generated by the system or manually set at time of isolating the device
- Retrieve Passphrase: Users can retrieve the passphrase either from the Endpoint grid or the newly introduced Isolation Activity page
- Submit Passphrase in the Browser: The end user submits the passphrase on the Web Access Restricted page within their browser to override device isolation locally

Enhanced synchronization of agent information with computer names longer than 15 characters to the Portal
Updated Unblock Request notification to allow for active participation instead of automatic disappearance after 15 seconds
Optimized Unblock Request confirmations to avoid holding browser tabs, enabling seamless tab and window switching

Fixed an issue where leaving a Block page open in another background window would cause random CyberSight events related to the blocked website
Fixed an issue where the message about deleting an endpoint from the Portal wasn't logged unless the log level was set to Debug
Fixed an issue where the tray modal title did not adhere to White Labeling settings

Introduced the backend support for the Zero Trust Device Isolation feature. Stay tuned for the upcoming launch on the Zorus Portal!
- Zero Trust Device Isolation establishes rigorous controls over inbound and outbound traffic at the OS level for endpoints, limiting communication exclusively to your pre-configured allowed addresses for remote device management. Should any suspicious activity arise, prompt the system to swiftly initiate a lockdown and quarantine on the device. This proactive measure ensures containment and thorough scrutiny of potential threats before reintegrating, effectively strengthening networks against the lateral movement of malicious activities by threat actors.

Extended the CyberSight Activity timeout to align with the industry standard, increasing it from 30 seconds to 120 seconds.

Fixed an issue where CyberSight would not report the Application context during rapid switches between multiple application windows
Fixed a memory leak issue that occurred when the agent switched its connection to policy servers
Fixed a typo on the blocked page for Allow List Only policies
Fixed an issue where traffic logs always reported as https://

Note: v4.1.2.0 was skipped for Quality Assurance testing of the upgrade process due to changes made to the Updater in 4.1.2.0

Interface Improvements

Fixed an issue where modern standby would stop .NET timers, causing sleep time to report as inflated Active Time on the last seen activity
Fixed an issue where events/processes occurring while the machine was locked would report as Active time in CyberSight
Fixed an issue where machine sleep event to report as Idle time instead of Machine Lock time for CyberSight reporting
Fixed an issue where CyberSight BrowserExtension.logs rolled over at 10KB instead of MB
Fixed an issue where the Agent would continuously generate an authentication token with the Portal when the previous one was still valid causing Portal registration conflicts
Fixed an issue where the EULA was hard coded in the installer and displaying dark on dark text

Fixed an issue where Safe Search caused DNS resolution and search engine failures in IPv6 environments

Enabled the Safe Search option to bolster online safety, providing support for popular search engines like Google, Bing, DuckDuckGo, and YouTube
Improved the handling of cache files related to policies, their expiration, and overall Filtering policy lookup.
Streamlined the reporting process by removing Report Miscategorizations from the Blocked page
Enhanced connectivity to Policy Servers by extending connection and authentication timeouts to 10 seconds,
Introduced an experimental feature allowing users to extend the URL Lookup timeout to 3 seconds, mitigating potential DNS resolution issues that may arise due to a weak or unstable internet connection

Fixed an issue where conflicts between the Agent and Cloudflare WARP and Loopbacks for a smoother experience.
Fixed an issue causing an update loop that could disrupt Agent tray icons and other related functions.
Fixed an issue where the registry did not display current software version accurately in Installed Apps

Fixed an issue where the 4.0.0.0 Agent became unsigned on update
Fixed an issue where Engagement would not run when Windows is not updated to Windows 10 1709 or greater

Enhanced the Agent Updater to a streamlined patching process that enables stronger whitelisting compatibility with other Cybersecurity solution tools such as ThreatLocker
Improved logging of response times from the Agent to the Policy server to monitor and optimize performance and uptime

Fixed an issue where the Endpoint grid and selectors would incorrectly display SYSTEM as the logged on user
Fixed an issue where tray icon hover text would persist and overlap with other applications until the user clicked on the tray icon again