Arctic Wolf Agent Containment Driver Release Notes
Updated Aug 22, 2023Arctic Wolf Agent Containment Driver Release Notes
If the Arctic Wolf Agent Containment Driver was installed during early access, updates do not occur automatically. From the Arctic Wolf® Unified Portal, you can control how the Agent Containment Driver is installed on endpoints. Contact your Arctic Wolf Concierge Security® Team for self-managed deployment options, questions, or feedback.
Version 1.2.5
Release Date: March 20, 2023
Features or Enhancements
- Windows Kernel Containment Driver — Arctic Wolf can now perform host containment at the kernel level. This improves our existing host containment ability, to result in quick, reliable, host isolation. This feature includes the following changes:
- Added a new directory for the kernel containment files:
- Directory:
C:\Program Files (x86)\Arctic Wolf Networks\Agent\modules\containment
- Files:
AwnAgentService.exe
AwnWfpCallouts.cat
AwnWfpCallouts.inf
AwnWfpCallouts.sys
- Directory:
- Added the kernel driver:
- Service Name:
AwnWfpCallouts
- Driver path:
C:\Windows\System32\drivers\AwnWfpCallouts.sys
- Service Name:
- Added an automatic startup service to Windows services:
- Display name: Arctic Wolf Agent Containment
- Service Name:
AwWfpService
- Executable Path:
C:\Program Files (x86)\Arctic Wolf Networks\Agent\modules\containment\AwnAgentService.exe
- Added support for additional 32-bit and 64-bit Windows versions:
- Windows 10 and 11
- Windows Server 2012 R2+ - 2022
- Added a new directory for the kernel containment files:
Bug Fixes
- Fixed a driver issue that resulted in Windows Server 2012 R2 boot failures.