Samsung Knox 2.9, is the latest version of Samsung’s propriety security platform. With this update, Samsung added new features to make Knox more convenient, more manageable and more secure than ever. This reaffirms the place of Knox as a leading edge security solution for both personal and professional users.

Convenience and protection for end users

Users can now back up their “secure folders” remotely thereby allowing them to access or delete data inside the folder if the device gets missing. This update supports real time monitoring such that a user will be alerted when an app is active in the background attempts to access defined permissions. Users can receive notification when background apps attempt to access the camera, microphone, SMS features, video recording, and background screen capture activities. This monitoring feature is flexible as users can choose to disable the feature and view information regarding the access attempt by the app.

Advanced controls for IT administrators

Knox 2.9 brings the “customization” SDK update that enhances the existing features and optimizes the “home screen” to help app developers further customize vertically-specific applications for Samsung devices. The USB class control allows companies to enable or disable USB mode on employee devices thus reducing security risks when connecting to external sources.

Analysis of Network Platform

This update comes with a framework that permits the monitoring of network patterns by authorized apps without inspecting the contents of data packets. This product coupled with a compatible Cisco product gives a full end-to-end network analytics solution. For advanced network analytics and thread detection, the following network context is provided

  • It gives details of the user who is logged into the device at the time of the access
  • It provides details of bytes transferred in and out during a network session
  • DNS and IP names of the accessed internet service
  • Details (Name and hash) of the app or process which is generating traffic

Improved security

Memory layout isolation and randomization add an additional layer of protection from memory exploitation by separating system and personal applications.  With this, the chance of bypassing address space layout randomization (ASLR) for critical system apps is minimized. Contiguous blocks will no longer receive memory allocation for apps. All the available memory space in random blocks will be responsible for the memory associated with a given app. This ensures that the boundary for apps assigned space cannot be located by malware apps which will try to overwrite legitimate data with malicious code.

Availability

Samsung Knox 2.9 is available on Samsung’s next flagship mobile device (Samsung Galaxy Note 8) and will be updated on older smartphones running Knox 2.4 and above.