Changes to Default Behavior

The following sections describe changes to default behavior in Traps Endpoint Security Manager and Traps agent 4.1:

Changes to Default Behavior in Traps 4.1.5-h1

There are no changes to default behavior in Traps 4.1.5-h1.

Changes to Default Behavior in Traps 4.1.5

There are no changes to default behavior in Traps 4.1.5.

Changes to Default Behavior in Traps 4.1.4

There are no changes to default behavior in Traps 4.1.4.

Changes to Default Behavior in Traps 4.1.3

FeatureChange to Default Behavior
Forensics folderFor enhanced security, files in the web-based forensics (BITS upload) folder are no longer accessible to any device except the Endpoint Security Manager (ESM) Server and Console. Now, when you install or upgrade to ESM 4.1.3, the installer creates a user account (TrapsDownloader) and uses that account for accessing files in the BITS folder.
Traps upgrades on VDI machinesIn a virtual desktop infrastructure (VDI) environment, upgrade packages apply only to persistent VDI machines, and therefore the ESM Server no longer sends the packages to non-persistent VDI machines or to the golden image when you configure one-time action rules for Agent Installation (SettingsAgentActions).

Changes to Default Behavior in Traps 4.1.2

FeatureChange to Default Behavior
Content UpdateTo better reflect the purpose of the field, the Release Date label associated with each content update is now Creation Date. The Creation Date identifies the date on which Palo Alto Networks® created the content update build.
CytoolTo get started quickly using the Cytool command-line tool on Mac endpoints, you no longer need to enable remote process calls (RPCs) before you run Cytool commands. Now, Cytool automatically enables RPCs when you install Traps on a Mac endpoint. As a result, the cytool rpc command has been deprecated.
ESM Server in DMZIn Active Directory environments, to enable Traps agents to connect with an Endpoint Security Manager (ESM) Server located in a DMZ, you must now enter an LDAP address for the Domain Name of the ESM Server (SettingsESMMulti ESM <ESM_Server>).
Automated Monitoring of Traps ServicesThe watchdog service that monitors the status of critical Traps services such as local analysis now runs only when the endpoint boots. Previously, the watchdog service ran only when the user logged in to the endpoint. The change enables Traps services to restart earlier, thereby ensuring Traps protection is enabled before the user logs in.

Changes to Default Behavior in Traps 4.1.1

FeatureChange to Default Behavior
Forensics folderFor enhanced security, files in the web-based forensics (BITS upload) folder are no longer accessible to any device except the Endpoint Security Manager (ESM) Server and Console. Now, when you install or upgrade to ESM 4.1.3, the installer creates a user account (TrapsDownloader) and uses that account for accessing files in the BITS folder.
Traps upgrades on VDI machinesIn a virtual desktop infrastructure (VDI) environment, upgrade packages apply only to persistent VDI machines, and therefore the ESM Server no longer sends the packages to non-persistent VDI machines or to the golden image when you configure one-time action rules for Agent Installation (SettingsAgentActions).

Changes to Default Behavior in Traps 4.1.0

FeatureChange to Default Behavior
Forensics folderFor enhanced security, files in the web-based forensics (BITS upload) folder are no longer accessible to any device except the Endpoint Security Manager (ESM) Server and Console. Now, when you install or upgrade to ESM 4.1.3, the installer creates a user account (TrapsDownloader) and uses that account for accessing files in the BITS folder.
Traps upgrades on VDI machinesIn a virtual desktop infrastructure (VDI) environment, upgrade packages apply only to persistent VDI machines, and therefore the ESM Server no longer sends the packages to non-persistent VDI machines or to the golden image when you configure one-time action rules for Agent Installation (SettingsAgentActions).

Related Documentation