This update focuses on Agent installer improvements. Highlights include:
A small subset of anti-virus vendors, including SentinelOne, inadvertently flagged our Agent installers as false positives whenever new deployments were created. This was because of an optional checksum value in the application header not conforming to their expectations.
This has now been remedied and our binaries are now less sensitive to static binary analysis.
In recent months we've noticed a rare occurrence of unknown Agents showing up in the Fleet tab. This happened whenever anti-virus vendors uploaded Agent installers for runtime analysis in their cloud environment.
These Agents can be identified by their randomized system properties and short-lived online status. The following is an example of such an Agent in the Fleet tab:
Depending on the vendor, Agents often have a deterministic hostname such as ABBY-PC (Windows Defender). These can be removed in the Fleet tab by right-clicking on the Agent row.
We've updated the FAQ to reflect this: https://fleetdeck.io/faq/#unknown-agent
Big thanks to the community for helping us to discover and resolve issues.
This update focuses on improved connectivity for Agents. Highlights include:
We have now unified all HTTPS requests from Agents under the following FQDN:
This will ease with allow-listing in networking environments that perform DNS filtering.
We've also relaxed firewall outbounding reliance on UDP and our relay network now consists of UDP proxies as well as TLS tunnels that run over TCP. Our relay network is used when a peer-to-peer connection cannot be established between the Commander and an Agent. The addition of TLS tunnels improve connectivity when firewalls restrict UDP usage to protocol inspected DNS queries.
Our TLS tunnels do not require allow-listing of any certificates and all traffic passed through them remain end-to-end encrypted between the Commander and an Agent. TLS tunnels are reached via port 443 (TCP) and will pass standard firewall TLS handshake inspection, sometimes referred to as SSL Certificate Inspection.
If your environment performs man-in-the-middle protocol inspection, sometimes called Full SSL inspection, Deep SSL Inspection or HTTPS interception, exempt the following FQDN from interception:
As UDP results in less latency when using Remote Desktop, it is the preferred method of communication when possible. We prioritize connections in the following manner:
We've updated the FAQ to reflect this relaxed change in networking requirements: https://fleetdeck.io/faq/#firewall
We are currently prioritizing new operating systems as well as video streaming quality. Huge thanks to the community for helping us prioritize our roadmap!
This update focuses on improved interaction with active users of workstations when connecting to an endpoint with Remote Desktop. Highlights include:
You can can now create a deployment that requires consent from an active user of a machine when using Remote Desktop:
Agents deployed using this option will trigger the following prompt to an active user of a workstation prior to starting a Remote Desktop session:
Once the ACCEPT button is pressed, the Remote Desktop session is initiated. The prompt is only displayed when an active user is signed in and will be skipped if the machine is locked.
If a user is signed into a machine but does not respond to the prompt, you have the option of remotely locking the machine prior to initiating a Remote Desktop session:
We've added a Consent column to the Fleet tab to indicate whether or not the machine requires consent.
We're looking forward to seeing how you use the new consent feature!
This update focuses on improved deployment options. Highlights include:
You can create an MSI + MST from a Deployment installer by running the following:
The MSI and the MST can be used in Active Directory software installations and we've updated the FAQ with instructions on how to do this.
We've added a User column that keeps track of the currently logged in user.
When holding the Ctrl key, Remote Desktop and Virtual Terminal sessions are now opened in the background, without changing tab focus. This also works when opening up new sessions using the context menu.
We are currently prioritizing support for new operating systems. Feel free to let us know what features you would like us to prioritize on our road map.
This update focuses on expanding core functionality. Highlights include:
Commander can now create PowerShell sessions on Agents running in new Virtual Terminal tabs. This is a new core feature that enables you to perform tasks in the background without interrupting the user of the desktop. You can have multiple Virtual Terminals connected to the same Agent, allowing for parallel tasks to be run.
From the Fleet tab you can quickly open up a Virtual Terminal to an Agent by using the Shift+Enter keyboard shortcut. We support standard terminal copy and paste functionality using right-click to paste and right-click to copy selected text.
This feature is currently limited to Agents running on variants of Windows 10 but we plan to extend support to older versions of Windows and other operating systems in the future.
We've added the following keyboard shortcut when switching between tabs:
The above Enter shortcut enables quick focus switching into Remote Desktop and Virtual Terminal sessions when combined with the tab switching shortcuts Ctrl+Tab and Ctrl+Shift+Tab.
We've also improved mouse navigation:
We're excited to see how Virtual Terminal can be used in your current workflow and what we should prioritize for future updates.
This update focuses on UX improvements. Highlights include:
We've added the following keyboard shortcuts when navigating with the keyboard:
We've added OS architecture, Mac Address and WiFi SSID to the Fleet tab.
Huge shoutout to the community for helping us find bugs and new suggestions for improvements.
This update focuses on productivity improvements to the Fleet tab. Highlights include:
You can now zoom in/out by pressing ctrl+=/ctrl+- or by using ctrl+scroll wheel. Zooming can be used to fit more columns on screen when zoomed out and allows for better readability when zoomed in.
Most columns in the Fleet tab can now be used to sort rows in either ascending or descending order. Sorting order is toggled by clicking the up/down arrow on a column title.
Kudos to the community for helping us prioritize new features.
This update features lots of productivity, UX and OS improvements. Highlights include:
You can now add notes to Agents via the three dots menuor by right clicking on an Agent row. Notes are split into regular notes and secret notes and can be copied and viewed by hovering over the notes cell of the Agent Row. Viewing of secret notes requires an explicit action (Show Secret) but regular notes can be viewed directly in the Fleet tab.
We've updated the design of the online status indicators for Agents. These are now decorated as either being of type Wifi or Ethernet depending on how they are connected to the internet. You can also see when an Agent came online or went offline by hovering over its online status:
We have redesigned the installers for both the Commander and Agents. These are now executables rather than msi files and can be run silently by adding the ‑silent as a command line argument.
We have also received extended validation certification for our code signing. This means that the likelihood of Windows Defender warnings or incorrect quarantining by anti-virus programs has been significantly reduced. The UAC prompt looks a lot better now.
We would like to thank the community for providing us with a ton of great feedback. Shoutout to the FleetDeck Discord channel!
We're excited to have release notes bundled as part of every Commander update. These notes can be reopened by clicking on Release Notes in the application menu . Highlights include:
You can now reboot or shut down a computer via the three dots menuon an Agent row. This menu is also accessible by right clicking on an Agent row. Since entering safe mode may disable certain networking drivers and prevent automatic reconnection to wifi, the Agent will perform the following precautionary actions:
Links can now be copied to the clipboard for sharing via the three dots menuon an Agent row. These links open a new Fleet tab in the Commander when opened, and allow quick sharing of links to Agents.
You can now export Agent row data by clicking on the icon in the bottom right corner of the Fleet tab. This action is recursive, meaning that all agents in the current path as well as in subfolders are exported.
You can now save the configured column order as the default when opening new Fleet tabs by clicking on the icon in the Fleet tab. By clicking on the adjacent icon, the Fleet tab is reset to the saved order. You can also revert back to the system default order by selecting Default order when right clicking on the icon.
Going forward, we will prioritize short-term productivity features in each update along with more long-term features. Let us know in our Discord channel what you would like us to focus on.
It’s been a really cool launch so far and we’ve received excellent feedback!
The new naming option can be found in the Deployments dialog and uses the machine's hostname or computer name as the name in Commander. Thanks to @Frink#7877 for suggesting this feature.
We would like to know what the community would like us to prioritize on our roadmap.
Extending platform support is on our roadmap (MacOS, Windows 7, Linux) but we are also interested to hear about other features such as “right click->reboot to safe mode” that you think would make your life easier.