McAfee Endpoint Assistant App (MEA), a free business application for Android & iOS is also being enhanced for this release. MEA is available on the respective App stores.
Major new features in this release
Enhanced Authentication security profile (access to encryption keys)
What?: Ability for Administrators to specify a FRP proprietary authentication mechanism (Step-up authentication) that is independent of OS login.
FRP 5.0 provides two authentication options for encryption keys assigned to users:
OS authentication (equivalent to the available option on EEFF/FRP 4.x
Password authentication (NEW! Option)
Access to encryption keys can be managed separately and independently of operation system authentication
Access to sensitive content (for example on file shares) can be made available only on user explicitly authenticating against a password
Securing Desktop sync folders for Cloud Storage services
What?: The following protection level options are provided for Cloud Storage services – Report, Audit, Allow/Enforce Encryption
Supported providers: Box, Dropbox, Google Drive, Microsoft OneDrive*
Note* – This release does not offer support for ‘OneDrive for Business’. Support for OneDrive for Business will be added in a future release
Benefit: Track usage and protect data being sync’ed to cloud storage services; end to end security, and the customer owns the encryption keys
OS X FRP client: Support for USB Media protection
What?: Enables users to initialize (create encrypted containers) on Mac machines; the following protection level options are supported with this release – Allow Unprotected Access (Report), Allow Encryption (with offsite access), Block Write Operations. If Enforce Encryption (with offsite access) is selected, the fall back on OS X systems will be to the ‘Allow’ protection level
Benefit: OS X users can protect USB devices in the same manner as Windows users; the solution is truly cross-platform enabling secure x-platform movement of data via USB devices across Windows & OS X endpoints. Policy Management/Auditing & Reporting are integrated with offsite applications available for Windows & OS X
McAfee Endpoint Assistant 2.0: Mobile device access
What?: FRP 5.0 and MEA 2.0 allows for secure access to FRP encrypted files on mobile devices for users selected by the Administrator. The infrastructure needed for mobile devices to communicate with McAfee ePO to allow access to FRP encrypted files is provided by the McAfee Conduit Platform.
MEA 2.0 has additionally been localized to French, German, Spanish, Japanese and Simplified Chinese.
Note – The Android version of the App is available from the Google Play Store. An iOS version is planned to be available from the Apple App Store by approximately mid-December 2015.
Additional enhancements in this release
Driver enhancements for improved stability & security
What?: Changes have been made to the driver to improve stability and security, including the implementation of transport encryption
Auto-unlock functionality for USB devices
What?: This feature allows for selection of an auto-unlock mechanism – key or a certificate for access to encrypted USB devices on managed endpoints. This feature is available for the container based ‘offsite access’ protection level options
Benefit: Transparent authentication experience for end users; users are prompted to enter the standalone password credentials only on unmanaged endpoints
Administrator assisted helpdesk recovery for USB devices
What?: In case of forgotten password scenarios, end users can use a helpdesk assisted ‘Challenge Response’ mechanism to recover encrypted USB devices. Users will be able to reset the authentication credentials following the recovery process. The recovery process can be used in both onsite and offsite scenarios (on endpoints without the software installed)
Note – This option is the only recovery option available with the first version of the OS X client
Support for Windows 10
What?: FRP 4.3.1 HF1062118 already offers support for Windows 10. FRP 5.0 also extends ePO managed File & Removable Media Protection capabilities to endpoints running Windows 10
File and Removable Media Protection – Supported Environments: KB81149
Conduit Platform 1.0 Manual server install:KB85679
The product is available for customers from the Product Downloads page with a valid grant number and from the Software Manager.
Note: Conduit Platform 1.0 is available as an optional line item on the FRP 5.0 Download page, but is only required by customers who intend to allow users to view FRP encrypted files on mobile devices using MEA 2.0.