This article is all about the new features and enhancements included in OSCE XG.
Ransomware Protection Enhancements
Your protection against ransomware attacks has been further enhanced to allow OfficeScan agents to recover files encrypted by ransomware threats, block processes associated with ransomware, and prevent compromised executable files from infecting your network.
Newly Encountered Program Protection Enhancement
To more easily maximize your ransomware protection security policy on individual agents, the newly encountered program detection feature has been moved to the Behavior Monitoring settings screen.
You can also customize the message that displays on agent endpoints after a user downloads and executes a newly encountered program.
Predictive Machine Learning
The Predictive Machine Learning engine can protect your network from new, previously unidentified, or unknown threats through advanced file feature analysis and heuristic process monitoring. Predictive Machine Learning can ascertain the probability that a threat exists in a file or process and the probable threat type, protecting you from zero-day attacks.
OfficeScan Edge Relay Server
The OfficeScan Edge Relay server provides you greater visibility and increased protection for endpoints that leave the local intranet by providing the following features:
- Suspicious Object list synchronization
- Sample submission
- Log submission
- Agent status information submission, such as current pattern and component versions
Suspicious File Sample Submission
To further enhance your integration with a Deep Discovery Virtual Analyzer, OfficeScan agents can now detect and send suspicious files that may contain previously unknown threats directly to the Virtual Analyzer for further analysis. After verifying that a threat exists, the Suspicious Object lists are immediately updated and synchronized to all agents, preventing the threat from spreading across your network.
Dashboard UI Enhancements
The Dashboard has been redesigned to provide better visibility of your network's protection status.
Control Manager Integration Enhancements
To prevent unauthorized communication between the Control Manager and OfficeScan servers, registration to the Control Manager server requires certificate authentication and policy management through the Control Manager server is managed using public-key encryption.
Real-time Scan allows you to detect and block threats using Common Vulnerabilities and Exposures (CVE) exploits.
Behavior Monitoring can also detect abnormal program behavior that is common to exploit attacks.
Suspicious Connections Enhancement
You can now configure the Suspicious Connections feature to log or block network connections detected by the Global C&C IP list and malware network fingerprinting.
The application filter of the OfficeScan Firewall now supports Windows 8 and later platforms. You can grant OfficeScan agent users the privilege of configuring the firewall security level and exceptions list.
The previously named "Roaming" mode has been renamed as "Independent" mode.
Platform and Browser Support
This version of OfficeScan provides support for Microsoft™ Windows™ Server 2016.