Enterprise Recon 2.5.0

Agent Upgrade

To upgrade, re-install the Agent. See Install Node Agents for instructions for your Agent platform.

Agents do not require an upgrade unless a feature available in an updated version of the Agent is needed. Older versions of the Agent are compatible with newer versions of the Master Server.

Upgrade your Agent to the corresponding Agent version to use the following features:

Feature Agent Platform Agent Version
Feature: PRO Data Classification with MIP is now supported for match locations on Windows Share Targets. See Data Classification with MIP - Requirements for more information. Windows 2.5.0
Feature: NEW Users can now scan Windows 11 Targets. Requires Windows Agents. Windows 2.5.0
Feature: NEW Users can now scan macOS Big Sur 11.5 and macOS Monterey 12.0 Targets. Requires macOS Agents. macOS 2.5.0
Fix: The Agent service would generate a failure and the scan schedule would be stuck at the "Loading" state if Windows Agents were used to perform agentless scans on Linux or Unix-type Targets. Windows 2.5.0
Improvement: NEW You can now perform local scans for macOS Catalina 10.15 Targets. Requires macOS Agents. macOS 2.5.0
Feature: NEW Users can now scan Salesforce objects and files. Requires Windows or Linux Agents, with or without database runtime components. Windows, Linux 2.5.0
Improvement: The secure location specified when performing a Quarantine remediation action will be automatically created if the path does not exist. All 2.4
Improvement: PRO The Data Classification with MIP feature has been enhanced to display clearer messaging when applying classification labels with encryption that require file protection. This enhancement also requires the MIP Runtime Package to be updated. Windows 2.4
Improvement: ER2 has been enhanced to support bulk operations to improve the performance for Remediation, Classification and Access Control actions. All 2.4
Feature: PRO Create Risk Profiles configured with custom Rules, Labels, and Risk Scores (or Risk Levels) to classify the sensitive data discovered across your organization. See Risk Scoring and Labeling for more information. All 2.3
Feature: PRO Integrate with Microsoft Information Protection (MIP) to leverage the sensitive data discovery capabilities in ER2 to better classify, label, and protect sensitive data across your organization. See Data Classification with MIP for more information. Windows 2.3
Feature: PRO Easily view, analyze and manage access permissions for sensitive data locations with the Data Access Management feature. Windows, Linux 2.2
Feature: Users can now scan SAP HANA databases. Requires Windows Agent with database runtime components. Windows 2.2
Improvement: Added the capability to disable pagination when scanning Microsoft SQL database Targets. Windows 2.2
Fix: In certain scenarios, masking remediation could not be performed successfully for Passport data type matches that were detected on the passport MRZ line. All 2.2
Fix: The custom port option specified in the "Path" field did not take effect when scanning MongoDB Targets. Windows, Linux 2.2
Fix: Scanning PostgreSQL database Targets with table or column names that contained SQL keywords (e.g. "ORDER") would be reported as syntax errors. Windows, Linux 2.2
Feature: Users can now scan InterSystems Caché databases. Requires Windows Agent with database runtime components. Windows 2.1
Feature: Users can now scan Dropbox Business. All 2.1
Feature: Users can now scan MongoDB databases. Requires Windows or Linux Agent with database runtime components. Windows, Linux 2.1
Feature: Easily scan Microsoft 365 mailboxes by Group with the new and improved Exchange Online Target. All 2.1
Fix: Adding or probing a SharePoint Online Target that contained special characters such as the hash "#" or percentage "%" would result in a "400 Bad Request" error. All 2.1
Fix: The Target details page would only display one match location if sensitive data matches were found in multiple files with the same name within the same Google Drive location or folder. All 2.1
Fix: In certain scenarios, scanning XLSX files would result in slower scans and larger scanned bytes value than expected. All 2.1
Fix: Scanning SharePoint Online Targets with a large number of files would result in a "Pool memory limit reached" error. All 2.1
Fix: Sensitive data matches may not be properly detected when scanning certain rare PDF format variants, such as PDF files with multiple layers of compressed indices. All 2.1
Fix: The Target report did not contain complete primary key information for Oracle Databases that have a large amount of data, but only a low number of matches. All 2.1
Fix: The Target report would contain corrupted data for Targets with an immense number of match locations and/or very long file paths. All 2.1
Improvement: The OneDrive Business module has been updated to use the User Principal Name instead of Display Name as the unique identifier for OneDrive Business user accounts. All 2.1
Improvement: The updated OneDrive Business module now requires the domain instead of the full service account email when adding a OneDrive Business Target. See Set OneDrive Business as a Target Location for more information. All 2.1
Fix: Scanning or probing Box Enterprise Targets would result in “URL redirected” errors. The Box Enterprise module now has an updated Box API for handling invalid or expired refresh tokens during authentication operations with Box Enterprise. All 2.1
Fix: In certain scenarios, SharePoint Server and SharePoint Online Target locations that could be probed successfully would return a "404 Not Found" error and be logged as Inaccessible Locations with the first letter missing from the name of the site. Windows, Linux, FreeBSD 2.1
Fix: Scanning certain cloud Targets (e.g. SharePoint Online, Exchange Online etc.) would sometimes result in "bad_weak_ptr" errors. All 2.1
Fix: The Target report would contain corrupted data for Targets with an immense number of match locations and/or very long file paths. All 2.1
Fix: Scanning a Box Enterprise Target would result in an "Authentication credentials required" or "401 Unauthorized" error. This fix improves support for handling invalid or expired refresh tokens during authentication operations with Box Enterprise. All 2.1
Fix: In certain scenarios, scanning a OneDrive location with would result in a "Caught platform exception 0xc0000005" error. This fix improves the handling of retrying failed query attempts with UI enhancements to properly reflect the scanning progress. All 2.1
Fix: Scanning Rackspace Cloud locations within folders nested more than 3 levels that were selected from the probing Target workflow would result in a "404 Not Found" error. All 2.1
Improvement: Distributed Scanning has been enhanced to dynamically reallocate scheduled sub-scans to idle or newly connected Proxy Agents to improve overall scan time. All 2.1
Improvement: LDAP over SSL (LDAPS) authentication is now supported for Exchange Domain Targets. Windows 2.1
Improvement: Kerberos Authentication is now supported for Hadoop Targets. Linux 3 2.1
Improvement: The Web UI has been enhanced to trigger a warning when the overall system memory is below a certain threshold, which may cause a degradation in the Master Server system performance. All 2.1
Feature: Distributed Scanning is now officially supported in this release of ER2. This revolutionary method steps away from the one-Target-one-Agent approach, allowing you to dispatch multiple Proxy Agents to scan a single Target or Target location. All 2.0.31
Improvement: You can now configure Amazon S3 Targets based on AWS user accounts. This updated approach greatly simplifies the scanning of Amazon S3, allowing you to automatically include all accessible Buckets within a given AWS user account or alternatively select specific S3 Buckets. Windows, Linux, macOS 2.0.29
Improvement: The Windows Node Agent application update to indicate the architecture version of the installed Node Agent. The 64-bit and 32-bit Windows Node Agent will be displayed as "Enterprise Recon 2 Agent (x64)" and "Enterprise Recon 2 Agent (x32)" respectively. Windows 2.0.29
Fix: Installing the AIX Node Agent RPM package in a custom location using the '--prefix' command would cause a "Path is not relocatable for package er2-2.0.xx-aix61-power.rpm" error. AIX 2.0.29
Fix: Scanning Oracle database Targets containing an excessive number of matches could cause a scanning engine failure. All 2.0.29
Improvement: Easily scan all site collections within a SharePoint on-premise deployment with the updated SharePoint module. Furthermore, the new credential management scheme enables you to conveniently scan all resources in a SharePoint Server even when multiple access credentials are required. All 2.0.28
Improvement: Easily scan all site collections, sites, lists, folders and files for a given SharePoint Online web application. All 2.0.28
Fix: Changing the Group that a Target belongs to while a scan is in progress would cause the scan to stop. All 2.0.28
Fix: Repeated connection attempts by Node Agents from IP addresses that are denied via Access Control List rules would cause the datastore size to increase very quickly. With this fix, additional timeout is introduced before each reconnection attempt, resulting in lesser logs and subsequently a reduced datastore size. All 2.0.28
Fix: Non-unique keys were generated in certain scenarios during Node Agent installation. All 2.0.28
Fix: Scans appeared to be stalling when scanning cloud Targets with a huge number of files. This fix will improve the time required for initialising cloud Target scans. All 2.0.28
Fix: Issue where Agent failure occurs if too many concurrent scans are assigned to it. All 2.0.27
Fix: Issue where an incorrect scan time is displayed in email notifications. All 2.0.27
Improvement: Clearer error message is displayed when Agent host has insufficient disk space for scan to start. All 2.0.27
Fix: Issue where when upgrading an RPM-based Linux Agent, the terminal would warn that that the symbolic link for "/etc/init.d/er2-agent" exists. Linux 2.0.27
Fix: Issue where scanning a PostgreSQL database containing blobs would cause high memory usage by the Agent. Windows, Linux 2.0.27
Feature: Users can now scan IBM Informix databases. Windows 2.0.26
Feature: Users can now scan SharePoint Online. All 2.0.26
Fix: Issue where pausing a scan and then restarting the Master Server would cause the Master Server to lose track of the scan. All 2.0.26
Feature: Users can now scan Tibero databases. All 2.0.24
Feature: Users can now scan SharePoint Server. All 2.0.24
Feature: Users can now scan Hadoop Clusters. Requires Linux 3 Agent with database runtime components. Linux 2.0.24
Feature: Users can now set the time zone when scheduling a new scan. All 2.0.23
Improvement: Global Filters now apply to all existing and future scheduled scans. All 2.0.22
Improvement: Changing the Proxy Agent assigned to a Cloud Target will no longer require user to update credentials with a new access key. All 2.0.22
Feature: Users can now probe Targets to browse available scan locations. All 2.0.21
Feature: Users can now install Agents in a custom location on AIX, Linux and Solaris. AIX, Linux, Solaris, Windows 2.0.21
Fix: Issue where temporary binaries are not cleared when remote scans complete. AIX, Linux, Solaris, Windows 2.0.21
Improvement: Files are checked for changes since the last scan when remediation is attempted. All 2.0.20
Improvement: Windows Agent service is now a non-interactive process. Windows 2.0.20
Feature: Agent can be configured to use its host’s fully qualified domain name (FQDN) instead of host name when connecting to the Master Server. All 2.0.18