Product Ideas Portal

Got an idea for a new feature? Maybe a tweak to make something work even better? Wish there was an integration with another product to make you even more productive? You've come to the right place.

The Product Ideas Portal lets you submit whatever product feedback you have, good, bad, ugly, and anywhere between.

Want to stay anonymous? Don't worry, no email address or name fields are shared on the public portal. You can create an account which lets you vote on other people's ideas and receive updates when your idea's status changes.

To learn more about how an idea becomes a feature, check out this infographic.


14 Vote

Define client install and execution paths

Security best practices often recommend blocking temporary file system locations.  Bomgar clients use these for install/execution paths.  It is also difficult to whitelist Bomgar executables due to the unique file names.

  • Guest
  • Aug 19 2016
  • Planned
  • Attach files
  • Guest commented
    14 Dec, 2019 12:37am

    If you are using an application whitelisting solution to help block files from running from the temp folder, we too encountered this problem with AppLocker.

     

    One benefit with AppLocker is that we can allow files signed by a specific publisher.  In our case, we have whitelisted the Bomgar publishing certificate, but we have discovered that a System.dll file runs from the user's temp folder that is not signed and hence causes a problem.

     

    This suggestion is a slightly different ask, but here is a reference to the signing issue preventing us from allowing Bomgar to run:

    https://ideas.beyondtrust.com/ideas/T2SRM-I-221

  • Guest commented
    15 Nov, 2018 05:59pm

    To add to this, it appears that if a customer launches the session using Internet Explorer, and it uses the .application deployment method, it creates a file, "bomgar-scc-*.exe" file under %temp%.

    When blocking .exe execution from %temp% using GPO path rules, a matched "disallow" overrides a matched "allow". By this method, since bomgar tries to execute directly from %temp%, and the file name is randomized, it's not possible to whitelist.

    Please consider unpacking the .exe into a subfolder (who's name does not change), and that subfolder name can be whitelisted. IE, "temp%\bomgar-client\bomgar-scc-*.exe" can be whitelisted.