Release Notes 6.9.0
The major release acmp 6.9 is now available. Better server load balance, clearly defined maintenance windows and targeted endpoint management are our goals for this release.
acmp maintenance time window
Client management without a maintenance window? No more with acmp 6.9!
Maintenance profiles can now be created in Client Management and maintenance time windows can be set up on a one-off or recurring basis in a dedicated calendar view. Protect clients and servers from unintentional changes and distribute the load to times when you want.
If a maintenance profile is assigned to a client, jobs that potentially entail changes to the system are only executed if the client is within the maintenance window. You have full flexibility here: you can ignore the maintenance windows for selected jobs or allow scanners that entail one or more system changes to take the maintenance windows into account.
The authorization to ignore maintenance time windows can be controlled as usual via the user administration.
With the new start condition "Within maintenance time windows", you can also directly ensure that jobs are always executed in a maintenance time window.
Attention: In contrast to the start condition "Time window", there is no option to start execution at a random time. If many clients are therefore assigned the same maintenance profile, load peaks can occur.
This feature is currently supported by the Windows agent; the Unix agent will follow shortly with the next release.
All further information can be found in the manual.
acmp Boot Images & Boot Templates (OS Deployment)
Always just rolling out new Windows images? There's certainly more to it.
acmp now offers the function of booting custom boot images (e.g. Linux live distributions or rescue CDs) via the network. And with the new wipe boot templates, diskpart scripts can be rolled out centrally to format disks and partitions.
acmp now compares the UUID of the clients for corresponding boot jobs in the Network Boot Service Broadcast. If no UUID is sent by a client, the MAC address is still used to check whether corresponding boot jobs or Windows rollout jobs are available. Each selected endpoint can thus be clearly identified for upcoming jobs.
Existing boot images can now be updated directly in the console using a rebuild function to make possible parameter adjustments quickly and easily available. Intuitive, automatic updates for images already stored in acmp.
acmp Client Management
Query management has been expanded and the filter can now be switched to Filter Control. This means that filters can be set more easily, more precisely and as usual with other modules.
acmp CAWUM
The automatic refusal of updates has been revised. There is now a new page in the settings where you can use the familiar filters to set the criteria according to which updates should be denied in a more granular way. All fields that an update has are available to you within the filter. This allows you to filter by parts of the name, for example.
Within the Windows Update Collections, you now also have an extended filter at your disposal with which you can define more granularly which updates should be included in the collection and which should be excluded - as with automatic denial.
In the course of the adjustments, third-party software catalogs were checked and (in the case of Lenovo) the catalogs stored incorrectly by the manufacturer were corrected.
acmp vulnerability management
Vulnerability management has been adapted in several areas. The depth scan has been extended so that several elements belonging to a vulnerability can now be found.
A vulnerability history is now created for each client. A record is kept of when a vulnerability first occurred, when it was last found and when it was closed. Any reoccurrence of the vulnerability is also documented. An overview of all vulnerabilities, including a history, can be called up to retrospectively check whether previous vulnerabilities have been detected and rectified. Simple integration into a report is also possible.
It is still possible to exclude a vulnerability; each exclusion now requires a reason as input, which is documented accordingly with user and date/time.
The vulnerability reports can now be edited and grouped like a pivot table in the familiar acmp style. Multiple vulnerabilities can be selected in the corresponding views in order to add them to a container. The Container Wizard dialog now opens as the transaction progresses.
acmp Azure Marketplace
acmp is now available via the Azure Marketplace. The deposited version is recommended for test environments.
acmp Web Interface
The acmp Helpdesk web interface has been redesigned to scale better with different screen resolutions. A new installation of the Helpdesk is required. Further information can be found in the Manual.
acmp Defender Management
Microsoft has made changes to the ASR (Attack Surface Reduction) in the Security Baseline Update for Windows 11 25H2. acmp offers the possibility to monitor or block the execution of such commands according to this group policy.
Announcements
In the course of product maintenance, the acmp Command Launcher will be discontinued and removed with the next major release. If you are still using the acmp Command Launcher, please perform the migration to the acmp Kiosk before the update.
The Online Package Manager (OPM) has been replaced by the Managed Software (MSW) module in 6.0.0 and will be removed from the Console with this release.
Note and further information
Our EULA had to be updated due to a change in the commercial register. We ask you to confirm this when installing the release.
The vulnerabilities in the previous OpenSSL version had no impact on acmp. In order to continue to offer our customers the best possible protection, the OpenSSL version was updated preventively.
Client commands with the status "removed from production" remain in the database. The acmp server now has a cleanup job to clean up the database and delete these client command versions. In existing environments, this cleanup job must be activated manually.
Updated components
acmp Server requires at least SQL Server 2016 for smooth operation. The compatibility level is now checked during installation to ensure that all components function properly.
Note: At the following point in the manual you will find a list of all additional components that may need to be updated separately. From there, you can navigate to the relevant components and find instructions on how to update them if you are not familiar with the process. Manual link
Changelog
Further details on the corrected and improved points can be found in our changelog.