baramundi News

Enhanced security and flexibility: the new bMS 2024 R1

14. May 2024, Avatar of Armin LeinfelderArmin Leinfelder

The 2024 R1 release of the baramundi Management Suite (bMS) once again comes with a host of new features and enhancements that increase security, efficiency and flexibility.

In short

  • The baramundi Argus Experience module now has a feedback function that lets end users report problems that may not warrant opening a support ticket.
  • Per-App VPN ensures that only business apps have protected remote access to sensitive data on the company network.
  • The new password management in Defense Control prevents the exploitation of local administrator passwords for cyber-attacks.

Argus Experience – Capture end user feedback

Argus Experience reaches yet another milestone with the new release. For the first time, it is possible to capture users' perceptions and feedback in addition to detailed device data. This is particularly useful in a wide range of situations because it gives users the opportunity to report minor device and network faults, performance lags and other issues without opening a support ticket. IT admins can quickly identify possible sources of endpoint problems by matching subjective user perceptions with real-world device data. The combination gives admins uncomplicated, direct feedback and information to determine which settings or device configurations need to be optimized.

Another big plus is that background problems that users may not have noticed are also recorded. This allows admins to quickly implement targeted solutions. It also provides an important and meaningful tool for dealing objectively with user perceptions about the company’s IT infrastructure.

Per-App VPN provides secure access to company data

Mobile devices are so incredibly practical that it is impossible to imagine the modern working world – or everyday life -- without them. However, "practical" does not always mean "secure." A remote mobile device that accesses a company network is a security risk per se. This is where virtual private networks (VPNs) can be used to establish a secure and encrypted connection. However, VPN access also has its pitfalls. While authorized company apps can securely access company servers, so can user’s personal apps. That can lead to critical security risks such as when sensitive customer data ends up in a user’s messaging app.

The new Per-App VPN within baramundi's module Mobile Devices makes encrypted connections to the company network available only to selected applications with the corresponding certificates when needed. This allows IT admins to close potential security gaps without making the user's work more difficult or inconvenient.

Defense Control – Making local administrator accounts secure

Everyone knows that end-users should only have as many authorizations as absolutely necessary. Why? Because cyber criminals prefer to gain access to company networks via easily accessible end devices. But there's a problem: almost every network allows users to log on to a computer via a local administrator account with the appropriate authorizations to solve problems. With hundreds or even thousands of end devices, it’s very tempting to not to create an individual, secure local admin password for each machine. However, using the same password for multiple machines fundamentally weakens network security, especially if you are unable to change them quickly in an emergency.

baramundi Defense Control solves this dilemma by enabling centralized management of local admin accounts and passwords. The module takes care of the cyclical regeneration of secure local admin passwords on each device. If a technician needs to log on to a device as a local admin, they can use a freshly generated password, then a new one is generated immediately after completing the work. That makes it hard for hackers to exploit local admin access and strengthens overall endpoint and network security.

UDG and bConnect: Small but significant improvements

It pays to focus on the details. That’s why our twice-annual releases always include a lot of smaller optimizations aimed at improving flexibility and usability for IT admins. One great example is the powerful filter tool of the Universal Dynamic Groups (UDGs). IT admins can now also filter by installed endpoint software to easily identify computers with missing or outdated applications. The current status of an assigned job can also be quickly queried on the respective end devices.

Our bConnect interface has also been given a little makeover. Previously, assets in the baramundi environment were not accessible via a REST interface. With 2024 R1, assets can now be queried directly via bConnect.

Improved SSH inventory, UUID support and interruption-free presentations

Linux users will also be pleased. Our SSH inventory now supports user-defined templates for generating highly detailed inventories.

The new release now also uses Universal Unique Identifiers – UUID for short – to positively identify end devices. This is important because docking stations or dongles can disguise the MAC address of a device and make it hard to target correctly. It’s not a big deal but it can be annoying. UUIDs eliminate that issue and assure admins that every task runs securely on the correct device as intended.

Speaking of annoyances: anyone who has been distracted by the tray notification popping up during a presentation can breathe a sigh of relief. The bMS now automatically recognizes when a full-screen application is running and prevents the pop-up. End users can conduct their webinars, demos or presentations without disruption - or at least without disruption from the bMS.

Read more about bMS 2024 R1

Further information on the new release and its many detailed improvements can be found in the release notes.

Read the latest release notes

Read more

Entries 1 to 3 of 3