Release Notes Silverback 18.0 Update 2
About this release
Matrix42 Silverback 18.0 Update 2 provides new and improved features that have been implemented. During the development of this version, we have been focusing on valued feedback from our customers and partners in order to provide an ideal feature selection.
Please find the installation files of this version on Matrix42 Marketplace.
System requirements, instructions for installation and update as well as for basic configuration are available in the Matrix42 online manual.
Overview
New Features
- Unique Device Identifiers
- Multiple Selections & Actions
- Multiple App Configurations for iOS
- Set default values for VPP application import
- Enterprise Certificate Expiration Date
- Windows 10 Passcode Support
- Windows 10 Hello Support
- Windows 10 BitLocker Support
- Windows 10 Reboot Support
- Disable Classic Login Form
Improvements
- Copy Device Options for Tag Cloning
- Assigning App Search by Name and Description
- Store Editing Process for Apps, Devices and Users
- Warning about License Threshold
- Information about mandatory Terms and Condition Checkbox
- Extend Not seen in last days values
- Updated Device Types for Samsung, Google and Apple
Fixes
- PRB31612: Thank you for enrolling with Matrix42 Silverback page missing
- PRB31585: WebClip Icon cannot be changed in an existing Tag
- PRB30766: Device can't get enrolled if AD password has special characters
- PRB31311: Performance Issues on SQL server
Announcements
Secure Container
Trials will be available in October.
Windows Phone 8
As of July 11, 2017, Windows Phone 8.1 users are no longer eligible to receive new security updates, non-security hotfixes, free assisted support options, or online technical content updates from Microsoft for public. This means for us that it is time to remove all Windows Phone 8 related settings with our Silverback 18.0 Update 3 by the end of the year. So, if you are still using Windows Phone 8 or Windows Phone 8.1 devices we recommend you to be prepare when the End of Life of this operating systems will come for Silverback. If you need further information please visit the official Windows Phone 8.1 End of Support: FAQ
Nitro Desk Touchdown
The personal information manager NitroDesk Touchdown or TouchDownTM by Symantec has come to its end of life, so we removed all NitroDesk Touchdown settings in Silverback with this release.
Controlled Rollout
If you want to join the Controlled Rollout program for Silverback, please send us a message to silverback@matrix.com and we will contact you soon with further details.
New Features
Unique Device Identifier
In case you are using generic accounts for enrolling devices, you may have noticed that it is sometimes hard to identify the device in support cases. To make your life easier, we now display a unique device ID in the second column, coming from the Silverback Database. On end user side the Device ID is shown in Companion applications on iOS & Android in the About section.
Android | iOS |
---|---|
*Minimum Version: 2.14 (will be released soon) | *Minimum Version: 2.2.0 (will be released soon) |
Multi Selections & Actions
Besides the Unique Device Identifier we implemented the possibility to select multiple devices and perform actions based on the selected devices. So from now on you are able to select and block multiple devices with just a few clicks:
The available operations are:
- Lock Devices
- Block Device
- Factory Wipe
- Delete Business Data
Multiple Actions button will be activated when you select minimum two devices
Multiple App Configurations for iOS
Let's assume that you have one application and you need to configure this app via iOS 7 App Config in multiple ways. With this release we are happy to give all Administrators the ability to edit the general iOS 7 App Config for each application in the Tag settings. This means that you are able to publish a general config in App Portal and edit this configuration tag based. To configure it perform the following steps:
- Edit an existing Tag or create a new one
- Navigate to Apps
- Click on Assign More Apps
- Select the app(s) you want to distribute with this Tags
- Proceed with Add Selected Apps
- On the Overview click on the edit button under "Managed Config"
- Edit the XML aligned to your requirements and click save
If you have already a global config configured on the App Portal, we will display it here to make it easier to edit.
Set default values for VPP application import
We added a new tab name "import" at the VPP App Licencing. Here you can define the default values for all applications purchased and distributed via the Volume Purchase Program. If you change or edit the settings for the first time and click Save Settings, from now on all newly imported applications will receive this values. Applications which were previously imported and were already in the App Portal will not be affected until you click on Update all current.
Be patient with the Update all current button
Enterprise Certificate Expiration Date
In case you have Enterprise applications for iOS in place you know that you need to renew every year the certificate for your applications. To support this task we added a new column into the App Portal which displays the Certificate Expiration Date. The Date will be shown in three different colors:
- Black: The certificate expiration date is higher than 21 days
- Orange: The certificate expiration date is equal or less than 21 days
- Red: The certificate has been expired
Windows 10 Passcode Support
With Windows 10 Microsoft changed a couple of settings for Mobile Device Management regarding the Passcode or Device Lock in the Configuration Service Provider. In this release we are happy to provide you the updated passcode settings.
It is by default mandatory to have 3 complexities in the Passcode . It is a Microsoft requirement and we will display it as an information for you
Auto-Lock has been deprecated in Windows 10. We kept it for the purpose of older configurations
Feature | Description | Values |
---|---|---|
Passcode Settings | Force if the end-user needs to create Passcode | Enabled or Disabled |
Allow Convenience Login | Allows the usage of Picture password as Login method | Enabled or Disabled |
Number of complex element types | Defines the number of complex element types for the Passcode. It is hard coded to 3 due to Microsoft requirements | 3 |
Minimum Length | Defines the minimum length of the required Passcode | 6-23 |
Auto-lock | Defines the time until the device will get locked when idling | 1-1200 Minutes |
Maximum Failed Attempts | Defines the value of maximum failed attempts before the device gets wiped. | 4-16 |
Windows 10 Hello Support
Windows Hello is a biometric framework built into Windows 10 that uses facial recognition, fingerprint identification, or iris scans as login methods. Windows Hello is closely related to Microsoft Passport, which is responsible for the underlying encryption and authentication mechanism and helps to secure the communications and identities. With this release we provide the ability to configure Windows Hello and it's corresponding PIN settings for Windows 10.
Feature | Description | Values |
---|---|---|
Windows Hello Settings | Activates Windows Hello Settings | Enabled or Disabled |
Require Security Device | Defines if a Trusted Platform Module (TPM) is required. If it is set to Disabled it will use the preferred mode. Devices attempt to use a TPM, but if not available will provision using software | Enabled or Disabled |
Minimum PIN Length | Defines the Minimum PIN length | 4-127 |
Maximum PIN Length | Defines the Maximum PIN length | 8-127 |
Upper Case Letters | Define if Upper Case Letters are allowed, mandatory or prohibited | Allow, Require or Not allow |
Lower Case Letters | Define if Lower Case Letters are allowed, mandatory or prohibited | Allow, Require or Not allow |
Special Characters | Define if Special Characters are allowed, mandatory or prohibited | Allow, Require or Not allow |
Digits | Define if Digits are allowed, mandatory or prohibited | Allow, Require or Not allow |
History | Defines, how many previous PINs can't be used. Default Value is 0, which means History is not activated | 0-50 PINs |
Expiration | Defines the timeframe, when users will be forced to change the PIN. If set to 0, the PIN will never expire | 0-730 days |
Use Remote Passport | Windows Hello provides the ability for portable, registered device to be usable as a companion device for desktop authentication | Enabled or Disabled |
Use Biometrics | Enable or disable the use of biometric gestures, such as facial recognition, fingerprint identification, or iris scan | Enabled or Disabled |
Windows 10 BitLocker Support
BitLocker Drive Encryption is an built-in solution on Windows 10 for data protection that addresses the threats of data thefts. BitLocker provides it's best protection when using it in combination with a Trusted Platform Module (TPM) version 1.2. or later.
The Trusted Platform Mobile is a hardware component included in many of newer computers. In combination with BitLocker it helps to protect user data and ensures that a customer has not been manipulated while the system was offline.
In a nutshell BitLocker will encrypt the Windows operating system drive.
To enable BitLocker perform the following:
- Navigate to Tags and Edit System Tag or Create a new Tag
- Enter a Name and a Description
- Enable Windows 10 and activate Profile
- Click Save
- Nagivate to Profile > BitLocker and enable Require Device Encryption checkbox.
This feature is only available for Windows Enterprise and Education
Windows 10 Reboot Support
In this release we added the ability to Reboot Windows 10 devices. Navigate to your Devices overview and click on any of the Windows 10 device you will have in the list. At the top of the device overview page you will face the the new "Reboot" Button. By clicking this button the device will force a restart after confirming this operation. The selected device will perform the reboot within the next 5 Minutes.
The user will receive first a notification pop-up that the device will reboot
After the grace period the user will receive a second notification pop-up
Disable Classic Login Form
We added the ability to disable the classic login form for the usage of any SAML2 Provider for authentication.
- Navigate to Admin and Authentication Provider
- Enable the checkbox Disable classic sign-in
After enabling the checkbox all users on Self Service Portal will only see the configured SAML2 Button. For security reasons this functioanlity is only abailable for the Self Service Portal. On Administrator page both variants will be still shown.
Before | After |
---|---|
Improvements
Beside the already explained New Features in this release we are happy to provide a couple of improvements which will be described in the following sections:
Copy Device Options for Tag Cloning
In previous version we added the ability to clone tags. By doing this all attached devices on the cloned tags were taken over to the cloned tag. We improved this functionality in the matter that you will now be asked if you want to take over attached devices or not.
By default the Copy devices checkbox is unchecked.
Assigning App Search by Name and Description
With this release we make it easier to assign applications into tags. This improvement will help to find applications easier at the assigning process, especially in larger environments with a huge amount of applications.
- Navigate to your Tag and Apps
- Click on Assign More Applications
- Click on the Magnifier/Search Icon
- Select Name or Description and enter your search
- Proceed with Enter
- Select the App that appear in your search
Store Editing Process for Apps, Devices and Users
You may have noticed that when you edit applications, devices or users you are always routed back to the first page of the corresponding overviews. From now on you will stay at the page where you have edited and saved your items.
Warning about License Threshold
If your Silverback License count will reach a 5% and less value, you will see a warning that you are probably running out of licenses soon.
Information about mandatory Terms and Condition Checkbox
In previous versions end-users were able to click the Start button without having accepted the terms and conditions, but with no success. In this case the page just loaded again and it seems like that nothing happens. To improve the end-user experience in these cases you will recognize that the Start button will only have functionality if the end-user has accepted the terms and conditions. Without accepting the Start button will be bleached out.
Without Accepting | With Accepting |
Extend Not seen in last days
Based on our valued customer feedback we are happy to introduce that you have a couple of new values in the Not Seen in Last X days. We added the following values:
In combination with our Multiple Selections and Actions Features, you can now easily select Devices that were not seen e.g. in the last 180 Days, select all of them and block them with just a few clicks.
Updated Device Types for Samsung, Google and Apple
We updated the following devices Types:
- iPhone 7, 8, X Series
- Samsung A, J, S Series
- Google Pixel Series