6/09/2023: PolicyPak Build number 23.6.3557.1230
Some customers report that this build blocks inbound RDP connections. We’re actively working on a workaround or update for this known issue.
Netwrix PolicyPak General
- CSE Update: CSE update contains security improvements which are recommended for all customers. See Advisory.
- CSE and MMC update: Miscellaneous bugs and improvements (some around crashes or hangs.)
- New License Type: “Enterprise Full” (aka Enterprise+) license type supported from this CSE onward. More details will come to customers toward the end of the month, but this CSE and later supports the Enterprise Full license type. See Updated KB Article.
- Standalone ILT Validation Tool: New tool helps troubleshoot ILT evaluations on endpoints from policy XML. See Video.
New Component: PolicyPak Network Security Manager
Overview: Specify which applications can communicate with what IP addresses and ports. For instance, the QuickBooks desktop application can only communicate with the QuickBooks Server at 192.168.2.61 and Firefox can only communicate with Patient Portal at 10.10.10.12. Learn more about the Network Security Manager basics in this KB Article.
- Applications and Ports Management: Lock down applications by using specific IPs and ports. See Video.
- Global Settings Management: Manage Global Settings including notification options and block messages. See Video.
- Auditing Events: Enable auditing events for Network Security processes and actions. See Video.
Tip: Enterprise Customers or PRO Customers who have already licensed the “Desktop Automation Pak” may request a license for PolicyPak Network Security Manager by emailing [email protected]. PolicyPak Cloud customers should automatically be licensed for this new component. Note PolicyPak Cloud will support upload of XML from MMC, but no in-cloud editors yet for PolicyPak Network Security Manager.
Netwrix PolicyPak Least Privilege Manager
- Fix in MMC: File / Folder name is now correctly added to the policy name if path variable is used
- Fix in CSE: CSE had used wrong processing order on occasion.
- MMC Update: The term “SbPam” was renamed to “Netwrix Privilege Secure” in the MMC.
- MMC update: You can now create policies from 6300 events (6320, 6301) from the event log to the MMC.
- MMC and CSE update: Now wildcards are allowed for CN=* matches. See Screenshot.
- MMC and CSE update: On-Demand and Explicit rules now permit you to force users to re-authenticate and allow for Justification text. See Screenshot.
- MMC and CSE update: On-Demand Rules also allow for Global Text for Right-click Menu item. See Screenshot. For an example of when On-Demand Rules are used with Justification Text, see screenshot. For implementation instructions, see KB article.
Netwrix PolicyPak Preferences Manager
- Fix in Shortcuts: CSE now creates URL policy correctly in Action:Create
Netwrix PolicyPak Browser Router
- Deprecated: Routing to Legacy Edge.
- Legacy PPBREdgePackage will not be present any longer in builds going forward.
Netwrix PolicyPak Admin Templates Manager
- Fix in MMC: Allowing switch from Computer / User side in switched policies (not just once.)
Netwrix PolicyPak Device Manager
- Fix: Error when adding System and Admin accounts
- Update: MMC can now import a list of serial numbers or Bitlocker Key IDs for USB devices from text files. See Screenshot.