Changes to Default Behavior

Changes to Default Behavior in Traps™ agent 5.0 releases.
The following topics describe changes to default behavior in Traps™ agent 5.0 releases:

Changes to Default Behavior in Traps Agent 5.0.12

Starting with Traps agent 5.0.12, you can install the agent only on Windows XP, Windows Server 2003, or Windows Embedded POSReady 2009. If you are using a newer Windows version, upgrade to Cortex XDR agent 7.2 release or later.

Changes to Default Behavior in Traps Agent 5.0.11

There are no changes to default behavior in Traps agent 5.0.11.

Changes to Default Behavior in Traps Agent 5.0.10

Traps agent 5.0.10 includes the following changes to default behavior.
Feature
Change to Default Behavior
Manual Upload of Trusted Root Certificates due to Microsoft End-of-support for Windows Embedded 2009
In light of Microsoft’s end of support for Windows Embedded 2009, you must now update the list of Trusted Root Certificates manually on the endpoint in order to enable the Traps agent to communicate with the Cortex XDR server. This applies to any Traps 5.0.X installation or upgrade from an agent that previously communicated with TMS/ESM on endpoints running Windows Vista or a previous release.
  1. On an endpoint that is connected to the internet and running Windows 7 or a later release, go to
    Control panel
    Administrative Tools
    Manage Computer Certificates
    .
  2. Select
    Trusted Root Certificates
    . Go to
    Trusted Root Certification Authorities
    Certificates
    .
  3. Select all items on the list, right-click and select
    All Tasks
    Export
    . Save the
    PFX
    file.
  4. On the endpoint running Windows Vista or a previous release where you want to install / upgrade the Traps 5.0.X agent, copy the
    PFX
    file, right-click, and install.
  5. Now you can install / upgrade the Traps agent on the endpoint.

Changes to Default Behavior in Traps Agent 5.0.9

Traps agent 5.0.9 is a Windows release supported only by the Cortex XDR app, and cannot be installed or supported using the Traps management service.

Changes to Default Behavior in Traps Agent 5.0.8

There are no changes to default behavior in Traps agent 5.0.8.

Changes to Default Behavior in Traps Agent 5.0.7

There are no changes to default behavior in Traps agent 5.0.7.

Changes to Default Behavior in Traps Agent 5.0.6

Traps agent 5.0.6 includes the following changes to default behavior.
Feature
Change to Default Behavior
Traps Tampering Protection
The enabled behavior of Traps Tampering Protection (in an Agent Settings profile) has changed to allow read access instead of no access to Traps services, processes, files, and registry keys.

Changes to Default Behavior in Traps Agent 5.0.5

There are no changes to default behavior in Traps agent 5.0.5.

Changes to Default Behavior in Traps Agent 5.0.4

Traps 5.0.4 agent includes the following changes to default behavior.
Feature
Change to Default Behavior
Enhanced DLL Whitelist
The whitelist capabilities of the JIT and DLL security exploit protection modules (EPMs) has been enhanced in the default security policy.

Changes to Default Behavior in Traps Agent 5.0.3

There are no changes to default behavior in Traps agent 5.0.3.

Changes to Default Behavior in Traps Agent 5.0.2

There are no changes to default behavior in Traps agent 5.0.2.

Changes to Default Behavior in Traps Agent 5.0.1

Traps 5.0.1 agent includes the following changes to default behavior.
Feature
Change to Default Behavior
Proxy Communication
With Traps 5.0.1, you can configure Windows endpoints to use a non-secure or secure proxy server or you can specify both. With Traps 5.0.0, you had to specify both a non-secure and secure proxy server. You can define the same proxy server for non-secure and secure proxy communication, or you can define different proxy servers. For details, refer to Configure proxy communication.

Recommended For You