Acronis Cyber Cloud 21.02 – Febbraio 2021 (ENG)

Avangate ItaliaAcronis Cyber Cloud 21.02 – Febbraio 2021 (ENG)
4
Mar
2021
4.03.2021 REDAS

Nuove caratteristiche

Acronis Cyber Protect

Device Control for Data Loss Prevention (DLP)

Device Control is a feature of the “Cyber Protect (per workload)” edition that neutralizes the primary data loss vector – uncontrolled use of peripheral devices and local ports on corporate endpoint computers. Device Control is an optional module of a protection plan and it is enforced on all workloads where this plan is activated.

Access Settings

The basic DLP component that neutralizes the primary data loss vector – peripheral devices and local interfaces.

  • Contextual controls over local data access and transfer operations on workloads
  • Workload types – physical, virtual
    • Windows PC / workstation / server
  • Peripheral devices and ports
    • Removable storage, optical drives, MTP-connected mobile devices, floppy drives, Bluetooth adapters, local/network printers
    • USB and FireWire ports
  • Clipboard copy/paste operations
    • Inter/intra-application selectively
    • Between guest and host Windows clipboards
    • Screenshot captures (PrintScreen, any app)
  • Redirected peripherals – from remote terminals (BYODs) to virtual application, desktop, and VDI sessions
    • Mapped drives, clipboard, USB ports
  • Access control options depend on the device/port type
    • Deny, allow, read-only
      • Removable, optical, floppy, mobile devices
      • Redirected mapped drives
      • USB and FireWire ports
    • Deny, allow
      • Bluetooth, printers, clipboard
      • Redirected USB ports
      • Redirected clipboard – incoming and outgoing data selectively

Allowlists

  • Device types allowlist
    • Grant full access regardless of access settings
    • Subclasses
      • USB HID, Bluetooth HID, USB and FireWire network cards, USB scanners and still image devices, USB audio devices, and USB cameras
      • Intra-application clipboard operations
  • USB devices allowlist
    • Grant read-only or full access regardless of access settings
    • Device model
      • Vendor ID and product ID
    • Unique device
      • VID, PID, and serial number

Alerts and notifications

  • Real-time alerts and notifications on blocked operations and denied device access
    • Use device on a USB or FireWire port
    • Copy data from device
    • Copy data to device
  • OS notification and service alerts
    • Workload end users
    • On/off for all peripherals and ports together
  • Device control alerts in the service console
    • Tenant and partner administrators
    • On/off selectively for each device/port type
    • Alert type – warning
    • Status, message, date/time, plan name, device type and operation, user, and process

Antimalware Protection for Linux

Supported Features

  • Real-Time Protection provides automatic protection that checks a Linux OS for suspicious activity in real time.
    • Action on detection — Block and Notify, Quarantine
    • Scan Modes
      • Smart on-access – monitor all system activities and scans files when they are accessed for reading or writing.
      • On-execution – scans only executable files when they are launched.
  • Scheduled Scan check for viruses according to the specified schedule
    • Action on detection – Block and Notify, Quarantine
    • Scan Type – Quick scan , Full scan ( scan archive files )
  • Exclusions – Trusted files and folders

Supported distributives

  • CentOS, CloudLinux, Ubuntu.

Unsupported Features

  • Behavior engine
  • Exploit prevention

Updates via peer-to-peer and from cloud

A spare connectivity channel is available for the agents from the networks where peer-to-peer update distribution in used.
If the updater agent is not available, the regular agent will connect and download updates from Acronis Cloud directly.

Media Builder

  • Create Windows-based and Linux-based media
  • Burn to USB, ISO, or WIM
  • Inject drivers for Windows-based media
  • Windows-based media can be created without installing any other software (without ADK)
  • Customize media:
    • Network configuration
    • Automatic registration on the management server
    • Automatic recovery from a specified location

Registration under personal Google application

To avoid throttling from Google, a new registration method for Google Workspace workloads is introduced

  • To add a Google Workspace organization, a user needs to create a new project in the Google Workspace account, and then enter or import the following:
    • The email of a Super Administrator of the Google Workspace account
    • A private key of the service account that the project uses
  • The old method of registration is still available

Register Microsoft 365 organization in unit

In big organizations there is a need to use multiple Microsoft 365 or Google Workspace accounts in different organizational units

  • Full functionality will be fully available for unit administrators or customer administrators at the unit level

Customer administrator users have several feature limitations at the customer level for working with workloads registered in units.

Customer administrators cannot:

  • Perform discovery of workloads
  • Delete workloads
  • Send as email
  • View, create, apply, edit, run, or delete protection plans

Enhanced security mode for a customer

This mode allows only encrypted backups. If an encryption password is not set on the protected device, backups will fail.
All operations that require providing the encryption password to a cloud service are not available.
Enhanced security mode cannot be disabled after the tenant is created.

Disaster Recovery

IPsec Multisite VPN Support

  • IPsec Site-to-Site VPN connectivity support.
  • Multisite support by using the IPsec connectivity option.
  • Easy customer onboarding:
    • Simple configuration: a recommended default configuration is available, along with a video guide.
    • Switching from the L2 Open VPN connectivity with IP reassignment does not require redeployment.
  • Focus on solution security: only secure protocols and algorithms are used. Authentication keys are stored encrypted.
  • Transparent connections status and troubleshooting.

Custom DNS configuration

  • Now it is possible to set up custom DNS settings for disaster recovery cloud servers.
  • The DNS settings on the cloud servers are renewed with the next request to the Cloud DHCP server.

File Sync & Share

File Sync & Share for Android app updated

  • Added the option to take photos from within the app.
  • Improved user experience while working with .pdf files:
    • Improved page loading and rendering speed, performance for documents with many links, and password-protected documents.
    • Added support for embedded digital signatures.
    • Introduced the option for free-text annotations to scale automatically based on the content that is entered.
    • Improved search performance within the document pages.
  • Added support for Android 11.
  • Added support for the Spanish language.