Version 25.4 Released

Products Endpoint Policy Manager News
,
1

Netwrix is pleased to announce the general availability of Netwrix Endpoint Policy Manager build number 25.4.

Endpoint Policy Manager 25_4
Endpoint Policy Manager 25_41333×800 217 KB

Download Netwrix Endpoint Policy Manager 25.4 here!

Want to be notified of future product updates?

Are you subscribed to this category? If not, or if you're not sure, expand me to see how!

How to subscribe

What’s Changed in Netwrix Endpoint Policy Manager 25.4

Endpoint Policy Manager Overall

PolicyPak rename to Endpoint Policy Manager (coming soon)

You wont see any changes yet in this release; expect all dialogs and such to remain as PolicyPak this build. Next build the installation locations will remain the same, but most things will have transitioned in text from PolicyPak to Endpoint Policy Manager or sometimes shortened to EPM. In the MMC console we also plan to re-combine back into one structure, where Endpoint Privilege Manager tucks back in under Endpoint Policy Manager.

PPLOGS Version 2 Tool


Gathering logs for us to help troubleshoot required two steps (one as admin and one as the user.) And those without command-line sophistication often couldn’t use the tool. This is now addressed in PPLOGS v2 (though it still requires local admin rights.) Visit this KB article for more information.

IMPORTANT
See this updated KB article for current support policies and how to get fastest support for PPLOGS v2.

Device Manager

Notification Blocking

The image displays the settings page of PolicyPak's Device Manager, showing options for managing device notifications and permissions, with specific emphasis on the configuration for connected devices during login. (Captioned by AI)
The image displays the settings page of PolicyPak's Device Manager, showing options for managing device notifications and permissions, with specific emphasis on the configuration for connected devices during login. (Captioned by AI)2138×942 178 KB

Netwrix Endpoint Policy Manager now lets you manage notifications in two different ways. First, you can turn notifications on or off at login. You can also prevent notifications from appearing when you plug in iPhones and similar devices. You can set your notification preferences in the Global Settings for Device Manager.

“Read & Delete” and “Read & Execute & Delete” Permissions

Want to let your iPhone users connect to the computer, then allow then to Read & Delete pictures? The goal being they can read from the device and copy the pictures to Windows, then they can delete those iPhone pictures from Windows.

Here’s to get started

The image displays a screenshot of the PolicyPak Device Manager interface, illustrating the process of configuring device management policies for specific users or groups within a Windows environment. (Captioned by AI)
The image displays a screenshot of the PolicyPak Device Manager interface, illustrating the process of configuring device management policies for specific users or groups within a Windows environment. (Captioned by AI)1836×1112 168 KB

Similar functions are available for USB sticks as well. Here’s how to get started:

The image shows a user interface for a Device Manager, specifically the settings for applying a USB storage policy that allows access for certain users or groups and defines their permissions. (Captioned by AI)
The image shows a user interface for a Device Manager, specifically the settings for applying a USB storage policy that allows access for certain users or groups and defines their permissions. (Captioned by AI)1546×581 73.7 KB

Endpoint Privilege Manager (formerly Least Privilege Manager)

Self-Elevate Buffer to Skip Re-Justification & Re-Authentication

The image displays the Endpoint Privilege Manager interface, specifically the settings for configuring self-elevation permissions and justification requirements for a designated user in a group policy management context. (Captioned by AI)
The image displays the Endpoint Privilege Manager interface, specifically the settings for configuring self-elevation permissions and justification requirements for a designated user in a group policy management context. (Captioned by AI)1824×1116 162 KB

If you’re using Self-Elevate you can now specify how permissive or restrictive you want to be with regards to how often users must re-justify (and/or re-authenticate.) You can specify EITHER number of times per hour to remember or number of times executed to remember.

Here’s how to get started with the new self-elevate enhancement

Admin Approval now provides additional details in the response

The image displays the Endpoint Privilege Manager interface, where an admin configures approval settings, including a custom helpdesk contact message and email settings for process requests. (Captioned by AI)
The image displays the Endpoint Privilege Manager interface, where an admin configures approval settings, including a custom helpdesk contact message and email settings for process requests. (Captioned by AI)1709×1048 127 KB

Here’s a screenshot of the new capability in use:

Admin Approval in Use
Admin Approval in Use1830×1006 181 KB

Note:
The Examples show Endpoint Privilege Manager, but Device Manager’s Admin Approval also gets this same improvement.

Automatically Prevent 6210 & 6215 Events from known good identities


When EPM SecureRun is NOT enabled, it will automatically generate 6210 events for non-trusted items an 6215 events for non-signed items. New feature in EPM Global Settings policies enables you exempt out known good identities (like a user or group) from generating 6210 and/or 6215 events before SecureRun is turned on. Use this to pre-dial in your known good identities before turning on SecureRun to know what to expect when SecureRun is actually turned on.

Here’s a quick screenshot example:

The image displays a computer screen showing the "Global Settings" interface for application logging and audit configurations on the left, alongside the Event Viewer displaying a log of recent events related to application management on the right, highlighting a prevention message for an untrusted executable. (Captioned by AI)
The image displays a computer screen showing the "Global Settings" interface for application logging and audit configurations on the left, alongside the Event Viewer displaying a log of recent events related to application management on the right, highlighting a prevention message for an untrusted executable. (Captioned by AI)1825×715 154 KB

Browser Router

New Context Variable Available for Blocking Messages

You can now use the following variables in Browser Router blocking messages:

  • %URL% - A URL of the resource being routed or blocked (current URL);
  • %URL_ZONE% - Internet zone of the URL being blocked.
  • %RULE_TYPE% - Type of PPBR rule specified in the policy entry. This can be one of the following: URL, Wildcard, Regex, or Internet Zone;
  • %RULE_VALUE% - PPBR rule pattern specified in the policy entry (e.g., wildcard or regex text).

Misc Endpoint Policy Manager Fixes & Updates:

  • Endpoint Privilege Manager: Bugfix in getting 404 (Not Found) errors when passing credentials to Netwrix Privilege Secure Server

  • EPM Printers: Policy wasn’t applying to endpoints fixed.

  • Endpoint Privilege Manager: Reset “Run as administrator” menu state when product not licensed fixed.

  • Endpoint Policy Manager Cloud: Customers may now download daily saved immutable log on Company Details Page

  • Endpoint Policy Manager Cloud: Export button fixed on “Computer list”

  • Endpoint Policy Manager Cloud: Other misc fixes.

Things we say with every major announcement…

Always back up your GPOs and or Cloud XMLs:

Remember that Endpoint Policy Manager acts as part of the operating system and you should do SMALL SCALE to LARGE SCALE testing with RINGS before rolling it out broadly.

Updating both the CSE and MMC snap-in up to date is recommended for all customers.

Specific upgrade guidance based upon your circumstances:

How to use the Community for Netwrix Endpoint Policy Manager…

Please use the Netwrix Community for the following items:

The URL for Endpoint Policy Manager Community is here: Discussions & Questions - Netwrix Community

How to get support for Netwrix Endpoint Policy Manager…

For help on specific support issues you are welcome to open support cases. Use our Support Portal (www.netwrix.com/support.html) to submit a case. Please refer to our Support Reference Guide (www.netwrix.com/download/documents/customer_support_program_guide.pdf) for details on the support process, including available contact methods, SLAs, and case severity guidelines.

Thank you for being a Netwrix Endpoint Policy Manager customer !

Need help with this update?

There are many different ways to get help with our products!

Situation Action
If you feel the product is broken and not working as intended… Contact Support
If you have a question you’d like to ask other experts… Create a discussion in the community: Endpoint Policy Manager > Discussions & Questions
If you have a feature request… Let our product team know directly: Endpoint Policy Manager > Ideas
If you have something cool to show… Show everyone what you built: Endpoint Policy Manager > Show & Tell

What are your thoughts?

We are always happy to hear from our users on what you like, and what you hope to see in the future. Please, share your thoughts below!

4 Likes