This special release follows our cross-platform product direction, including new features, enhancements and fixes for Linux Ubuntu, macOS and Windows. The updates are available in:
- Heimdal dashboard Release Candidate 4.2.2
- Heimdal dashboard Production 4.1.4
- Heimdal Agent for Ubuntu 1.5
- Heimdal Agent for macOS Release Candidate 3.2.9
- Heimdal Agent for macOS Production 3.3.0
1. Heimdal and HaloPSA Integration
2. Linux Ubuntu Patch & Asset Management
3. New macOS Assets view
Heimdal + HaloPSA Integration
Heimdal now integrates with HaloPSA, allowing customers and resellers to automate and customize ticket management.
Setup
Guide > Customer settings > Integrations > HaloPSA tab of the Heimdal dashboard
Before setting up the integration on the Heimdal dashboard side, ensure that your HaloPSA instance is prepared for a seamless experience.
Identifying your HaloPSA instance
Open your HaloPSA console in a web browser > Check the URL, which will be in the format <INSTANCE>.halopsa.com. The part before .halopsa.com is your instance name.
Creating an API account
- Log in to the HaloPSA console.
- Navigate to Configuration > Integrations > HaloPSA API.
- Click the View Applications button.
- Click the New button to add an application.
- Enter a distinctive name for your application.
- Select Client ID and Secret (Services) as the Authentication Method.
- Copy the Client ID and Client Secret values for later use.
- Select Agent from the Login Type drop-down list and choose the agent associated with the API client.
- Ensure Login type is set to Agent and an admin user is selected.
- On the Permissions tab, check read: customers, read: tickets, and edit: tickets.
- Save your application.
The integration process is divided into 3 main sections:
- Integration / Connection Settings
- Matching Settings
- Customer Settings
Corporate customer settings
Reseller settings
Integration/Connection settings
1. Fill out the Integration Settings
- Enter the Halo URL of your instance
- Enter the Client ID and Client Secret gathered in the previous step (HaloPSA Instance creation)
2. Test Connection settings
- Click the Test Connection button
- Ensure receipt of the message confirming a successful connection. In case the connection is unsuccessful, double-check the settings
3. Save Connection Settings:
- After testing, click the Save button
- Wait for the confirmation message that the connection was saved successfully
Note: if you change an existing setting, a confirmation popup will appear when saving, confirming whether you want to keep the Ticket and Customer Settings or not. This allows you to retain settings without reconfiguring everything, if the changes only relate to the client secret.
Matching settings
This section allows you to define the configuration of the Heimdal Operations and Heimdal Cyber boards. You can achieve this by pressing the corresponding button(s): Configure Heimdal Operations and/or Configure Heimdal Cyber Alerts.
- Click either Configure Heimdal Operations or Configure Heimdal Cyber Alerts
- A configuration popup will be displayed, while we retrieve all the ticket types set in the HaloPSA API
- Select a ticket type from the dropdown menu to match Heimdal Operations/Cyber Alerts
- All statuses of the selected ticket type will be listed in two new selectors for Heimdal Operations, to match status on ticket creation and ticket update. For Heimdal Cyber Alerts, we have one selector to match status on ticket creation. Heimdal Cyber Alerts tickets’ statuses are not updated automatically
- Ensure the fields for Ticket type, Status on ticket create, and Status on ticket update (only for Operations) are filled in.
Note: All mandatory fields required by the integration are mentioned in the lower section of the modal window.
When configuring Ticket Types in HaloPSA, ensure that the ‘Visible in lists for Agents’ and ‘Agents can log new Tickets with this Ticket Type’ options are both set to ‘Yes.’ Only Ticket Types with this specific configuration will be visible in the integration.
Customer Settings
Corporate Customer settings
This section includes:
- A drop down allowing you to select the HaloPSA customer associated with the Heimdal Corporate Customer (also mentioned in the Matching Settings section);
- The checkboxes that allow the granular definition of tickets to be created automatically in HaloPSA for:
- Heimdal Operations: corresponding to notifications coming from the Notifications modal window (Active Clients > Standard View of the Heimdal dashboard), which are related to: CPU, Memory, Disk, Microsoft updates, Next-Gen AV, DNS poisoning and Firewall notifications
- Heimdal Cyber Alerts: corresponding to the email alerts coming from the Accounts section of the Heimdal dashboard (REP for Endpoint, PEDM, Next-Gen AV, VectorN Detection Endpoint and Network and Zero-trust Execution Protection)
Reseller settings
In addition to the features available for Corporate Customers, resellers have additional options:
- Automatic customer sync: Resellers can use the Sync Customers button to automatically match the names of Heimdal Corporate customers with those in HaloPSA.
- Manual search, sort and add: If necessary, resellers can manually search, sort and addHeimdal corporate customers under their entity.
- Manual assignment: In cases where automatic matching doesn’t occur, resellers can manually assign the corresponding HaloPSA customer/client.
Below you can see some examples of tickets generated in HaloPSA through our Heimdal – HaloPSA integration.
Patch & Asset Management | macOS Assets View for 3rd party patch management and OS updates
The macOS Assets View is available for both macOS 3rd Party Patch Management and macOS OS Updates submodules. The two views display all the macOS 3rd-party patches, as well as the macOS updates (not only the ones monitored using Heimdal’s Patch & Assets Management module) that are installed on the customer’s machines, along with the count of machines where the patches and/or updates are installed.
How to access Assets View
Enable the checkbox called Assets view in the GP areas of 3rd Party Patch Management and OS Updates submodules
(Endpoint Settings > MacOS GP > Patch & Assets > 3rd Party Patch Management/ Operating System Updates).
In the Heimdal dashboard, the corresponding data can be found in the Assets view grids corresponding to the Products > Patch & Asset Management > Operating System Updates and 3rd Party Path Management views > Mac OS tabs.
- The Operating System Updates Assets view table/grid has the following structure:
- Title (of the OS update)
- Version
- Number of machines (Endpoints) on which that update is present
The Title information and the Endpoints numbers are clickable. When clicking on the Title the user will get redirected to a dedicated Update details page.
If the number of machines on which an update is present is clicked, the user will be redirected to the same Update Details pre-filtered page, containing info on all the machines on which that particular update is present. This includes the Hostname where the update is installed, the Username of the user who was last logged in when the update was detected, as well as the Title and Version of the update.
If the Hostname info is clicked from this view, the user will be redirected to the Client Specifics view > Patch & Asset Management > Operating System Updates > Assets view.
The macOS Operating System Updates > Assets view details grid/ table will show the Title of the update, the Size (MB), its Version and the Date (timestamp) when the update was detected, for all the macOS Operating System Updates that are currently installed on the machine.
The 3rd Party Patch Management Assets view table/ grid will show all the applications that are installed on the Heimdal customers’ macOS estates. The dashboard user will be able to switch between the Stacked and Non-stacked versions of the data (similarly to the Windows OS, 3rd Party Patch Management version of the Assets view) by using a dropdown placed above the grid.
The stacked grid is displaying the applications that are installed on all the macOS machines, grouped by application name (Software) and version. The grid displays the name of the application (Software), the Version that is installed, if the app. is part of the Heimdal 3rd Party Patch Management “standard list” (monitored and patched by Heimdal Patch & Assets) – Supported and the number of Installed Endpoints where the application is installed.
When clicking the Installed Endpoints number, you will be redirected to a 3rd Party apps details view; the corresponding grid/ table will show additional details corresponding to each application. The name and the version of the application are displayed above the grid, while the table showcases the Hostname where the application was detected, the Username which was logged in at the time and the Date when the application was detected.
The non-stacked grid displays a raw data view containing the Software name, Version, Hostname, Username, if the application is Supported by the Heimdal 3rd Patch Management solution (standard list of apps monitored and managed through Heimdal) and the Date when the application was detected.
Clicking the hostname will redirect users to the dedicated Client Specifics Assets view tab (Patch & Asset Management > 3rd Party Patching Management), providing a holistic view of all macOS 3rd party applications that are currently installed on that particular machine.
The Client Specifics, 3rd Party Patch Management Assets view grid/ table will show the software name, the installed version, and the date when the applications were detected.
ENHANCEMENTS AND FIXES
Patch & Asset Management | Reducing the time to check for updates in the Linux Ubuntu module
We have reduced the minimum interval for checking for new Linux Ubuntu OS updates to 6 hours from the previous minimum value of 12 hours.
Setup
Endpoint Settings > Linux GP > click on a Linux group policy > Patch & Assets > Operating System Updates tab > Use the dedicated slider
Note: 6 hours will be the default value for newly created group policies; for the existing ones, we retain the previously set value that can be manually adjusted.
Patch & Asset Management | OS Vulnerability Reporting Only checkbox in the Linux Ubuntu module
A new checkbox called OS Vulnerability Reporting Only is now available for Linux, allowing you to view new OS updates without actually installing them.
How to access it
Endpoint Settings > Linux GP > Patch & Assets > Operating System Updates > OS Vulnerability Reporting Only checkbox
If enabled, Heimdal Patch & Asset Management will only report the new OS updates in the Available view (located under Products > Patch & Asset Management > Linux OS tab), without installing them. This checkbox is enabled by default for new GPs.
Note: Available packages will be also displayed in the Client Specifics (click on the number of Endpoints/ Servers) > Available tab.
Patch & Asset Management | CVSS scores and CVE information
You can now benefit from CVSS and CVE information for the 3rd party patches related to the apps from the Heimdal 3rd party patch management standard list (software that is monitored and patched by Heimdal Patch & Assets).
How to access it
The new columns, CVE and CVSS, are displayed in the product grids from
Products > Patch & Asset Management > 3rd Party Patch Management module > Linux OS tab > Standard view, and in the corresponding tabs of the client-specific views when clicking a Linux Ubuntu machine
Note: If multiple CVEs, for the same application, are available, we will always report back the CVE with the highest CVSS score
Infinity Management | Multi-repository support
Starting with this release, we have streamlined the addition of custom 3rd party patch management apps and patches in Infinity Management. For each application defined for Linux 3rd party patching, we have removed the single repository option and replaced it with a grid. This grid allows users to add as many repositories as required, grouped by distribution version. This enhancement was primarily created for applications that have different repository URLs for each Ubuntu distribution. For each repository added, users will need to select the corresponding distribution and mark the default repository to be used.
Note: On the Heimdal agent side, we will add only the repositories configured for the installed version of Linux Ubuntu and the ones marked as being default. For example, if an application has 3 defined repositories, one for Ubuntu 16.04, one for Ubuntu 18.04 and one for Ubuntu 20.04 that also has “Is Default” checkbox ticked, and the Heimdal Linux Ubuntu agent is installed on an Ubuntu 18.04 version, we will add the repositories for 18.04 because it matches the OS version and for 20.04 because this version is marked as “Is Default”.
Unified Endpoint Management | New Logs tab for Linux Ubuntu machines
A new tab, called Logs, displays notifications related to CPU and Memory usage for Linux Ubuntu machines.
How to access it
Unified Endpoint Management > Device Info > Standard/ Hardware view > click on a Linux Ubuntu machine > UEM
These notifications are also displayed at the machine level in the Device Info > Standard/Hardware views, under the Status column. If the CPU or memory usage median values exceed the threshold configured in the Group Policy, you will receive a notification, as shown below.
To set up the Memory and CPU usage thresholds go to the General tab of the Endpoint Settings > Linux OS > GP area.
The earlier-mentioned thresholds (Memory and CPU usage) can be set-up in the General tab of the Endpoint Settings > Linux OS, GP area.
Issues with the macOS Heimdal agent not patching or installing third-party applications in isolated instances
This issue has been resolved, some fixes being carried out to the job updating our Apps catalog, ensuring that all third-party applications are properly patched and installed.
DNS Security Endpoint (Threat Prevention Endpoint) | Internet connection sporadic disruptions on module activation
This issue has been fixed, resulting in stable internet connections in conjunction with DNS Security Endpoint (DNS-E) being enabled.
Next-Gen Antivirus scans failing in rare instances without any apparent reason due to the Antivirus engine not initializing
After finding the root cause and addressing the issue, all scans triggered with our macOS Next-Gen AV product are working as expected, being successfully initiated and completed.
"Add DNS Proxy configuration" pop-up window displayed randomly for non-DNS Security customers
This issue has been corrected and all the inconsistencies have been addressed, resulting in a correct behavior of the macOS agent: the pop-up will no longer appear for the DNS Security (Threat Prevention) customers. To ensure the correct functioning of the new features, please clear the browser’s cookies and other site data, as well as the cached images and files, prior to accessing the Heimdal dashboard.