AirLock 2.4 Release Notes

PM-8591

Operators can now define which authentication methods can bypass AirLock. By default, AirLock lets users in if they authenticated using Axiad ID (Push/OTP), a certificate, Windows Hello for Business, or the Microsoft Authenticator.

PM-8592

Users are automatically redirected to AirLock if any of the certificates on any of their authentication devices are within the renewal period and must be updated. Devices that contain multiple certificates can now be recognized and prompted for update via AirLock.

This applies to ANY inserted device, even if the user is not employing it for authentication. If the certificate is within the renewal window or expired, then the user will be redirected to AirLock to update it.

PM-8940

Operators can now allow specific users (in addition to groups) to bypass AirLock enforcement.

PM-9942

All deployed executables are digitally signed

PM-7300

The correct AirLock version displays in Windows Program list.

PM-6779

AirLock checks the Windows edition to ensure that it has the required features to work and will cancel installation if unsupported to avoid user errors after a failed installation.

AirLock requires the Enterprise edition, and Axiad supports all versions of Windows currently supported by Microsoft.

PM-4090

An empty "Immune Security IDs" list is allowed and will enforce AirLock for all users, as expected.

PM-7949

AirLock successfully detects smartcard login over RDP

PM-10109

WHFB login may fail if an empty VSC is present on the system.

Remove the empty VSC.