SES Evolution 2.6.5 fixes

SES Evolution Agent

Agent self-protection

Support reference: STORM-9479

If the Microsoft BFE service is stopped, the SES Evolution agent’s self-protection feature no longer blocks the agent’s services and logs. The Agent interface now displays the Workstation partially protected status.

---

Support reference: STORM-10025

The Agent’s self-protection feature no longer blocks certain requests necessary to resolve user credentials.

Performance when opening applications on the agent

Support reference: STORM-8928

SES Evolution now uses only the local certificate cache to check digital signatures of processes. This improves performance when certain applications are opened on workstations with limited network connectivity (e.g. hardware firewall blocking access to port 80, etc.).

Incompatibility with WMI

Support reference: STORM-12440

An incompatibility with WMI (Windows Management Instrumentation) has been fixed. This prevented the agent from being installed in a hardened environment.

Administration console

Windows event log monitoring

Monitoring of audit-type Windows event logs (e.g. the Security log) was no longer working due to a change in the format of a field. Log events were no longer reported back to the SES Evolution administration console. The problem has been fixed by taking this new field format into account.

Agent selection in the console

Support references: STORM-9170, STORM-13269

The agent selection procedure has been improved to prevent handling errors. Therefore, when opening an agent group, no line is selected by default and only a user action allows the selection of an agent.

Automatic assignment of agents to Active Directory groups

Support reference: STORM-11917

Automatic agent assignment according to the rules defined in the Agent Group configuration now works if agents belong to Active Directory groups inherited from other groups.

Agent handler

Reconnecting inactive agents to the agent handler

Support reference: SESNG-30481

The agent handler is now able to renew a large number of agent certificates simultaneously, which no longer blocks the connections of many agents that could reconnect simultaneously after a period of inactivity.