Agents - School of Computing and Information Sciencesusers.cis.fiu.edu/~sadjadi/Teaching/IT...

Agents

Table of Contents:

◊ MachineStatus◊ InstallAgents◊ LANDiscovery◊ ConfigureAgents◊ UpgradeVersion

Agents

2 Chapter 2 - Agents Sadjadi et al.

Kaseya Virtual SystemAdministrator (hereafter VSA) allows for remote and automatic management ofcomputersandnetworkdevicesbothindividuallyandingroupsthatmaybespannedacrossdomains,clients,locationsoranyotherstructure.Thisgreatlyfacilitatesincreasedautomationbasedontheabilitytocreateanduse“bestpractices”andgreatlydecreasestheamountoftimeittakestocompleteroutinemaintenancetasks.Toachieve this,VSAprovides for configurationand installationof aKaseyaagent oneachof themanagedmachines.AsdepictedinFig.2.1,aKaseya agent (hereafteragent)isasoftwarethatisinstalledonamanagedmachinewiththesolepurposeofcarryingoutthetasksassignedbyVSAuser.Agentsarefullyconfigurabletofurtherfacilitateautomationandremotecontrol.Agentsareinstalledassystemservicesusingpackagesthatdefineexpectedbehavior.Eachinstalledagentrepresentsonlyonecomputerandusesuponeoftheavailableagentlicenses.UnderstandingtheagentfoundationconceptswillgreatlystreamlinethesuccessfulmanagementofmachinesusingVSA.

Agent GroupingVSA organizes managed computers (and therefore the agents they host) within an organization into ahierarchy.Thishierarchyplaceseachcomputerat auniqueposition that clearly identifies thepositionofthecomputer(eitherlogicalorphysical)withintheorganization.Thisway,anorganizationisdividedintoanumberofrelevantgroups,eachgroupisoptionallydividedintosubgroups,whichcouldinturnhaveitsownsubgroups.Thelastsubgroupcontainstheactualcomputersthataremembersofthatgrouporsubgroup.While for any organization, one can arrive atmultiple valid organizational hierarchies, existence of onlyonehierarchyissufficientforuniqueidentificationofmanagedmachines.Withinthishierarchy,machines,groups,andorganizations,arerespectivelyassignedMachineIDs,GroupIDsandOrganizationIDs.Itisthiscombination of MachineID.GroupID.OrganizationID that uniquely identifies each machine because eachagentininstalledononlyonemanagedcomputer.Uniqueidentificationofmanagedcomputerswillthereforeyielduniqueidentificationoftheirinstalledagents.

NotethatallmachineIDsbelongtoamachinegroupIDandoptionallyasubgroupID.AllmachinegroupIDsbelongtoanorganizationID.Anorganizationtypicallyrepresentsasinglecustomeraccount.Ifanorganizationissmall,itmayhaveonlyonemachinegroupcontainingtheentiremachineIDsinthatorganization.Alargerorganizationmayhavemanymachinegroupsandsubgroups,usuallyorganizedbytheirlocationornetwork.

Fig.2.2showsanexampleofanorganizationstructure.Inthisstructure,asingleorganizationhasvariousgroupsandeachgrouphasitsownsetofmachines.AgentsareinstalledoneachofthesemachinesandeachagentisassignedauniquemachineIDtodistinguishthemfromeachother.

Introduction

Fig. 2.1: Kaseya

agents can be deployed to

computers to monitor and

manage your network

Age

nts

3Chapter 2 - Agents Sadjadi et al.

AnorganizationcanhavemultiplesuborganizationsandgroupscanhavesubgroupsasshowninFig.2.3andFig.2.4

Machinegroupsaremembersoforganizations.Machinesub-groupsaremembersofmachinegroups.

Agent FilteringVSAenablesthefilteringofagentstolimitthenumberofmachinesdisplayedonallfunctionpagestothosethatarescreenedatthemoment.Therearethreewaystofilteragents:MachineID,MachineGroupandView.BydefaultVSAdisplaysallmachineIDsinallgroupswithnoviewsasshowninFig.2.5

Note: Even if VSA user selects “<All Groups>”, only groups the user is granted access to will be displayed.

Fig. 2.2: An example of a generic

organization structure

Fig. 2.3: Parent organizations

and child organizations

Fig. 2.4: Groups and sub-Groups

Agents


Portionsofthispagearelabeledinthefigure.Abriefdescriptionforeachlabelisprovidedbelow.

1. Machine ID: IfaspecificmachineIDneedstobesearched,themachineIDoronlyitsbeginninglet-tersareenteredinthisfieldasshownintheFig.2.5aboveandtheApplybuttonisclicked.MakesurethattheappropriateMachinegroupisselected.IfyouarenotsureofthemachinegroupthemachineIDbelongsto,select“<AllGroups>”.

2. Machine Groups:Machinegroupscanbeselectedfromthedropdownbox.Forexample,if“ABC”isanorganizationwithmachinegroupssuchas“Sales”and“Marketing,”thegroupsarelistedas:

3. Views: ViewsprovidemoreflexibilityforfilteringoftheagentsbyallowinguserstodefinefiltersbasedonspecificcharacteristicsofthemachinesthatarehostingtheagentsasshowninFig.2.6andFig.2.7.Anynumberofviewscanbecreatedandsharedwithotheradministrators.AnewviewcanbecreatedbyclickingonEditbuttontotherightoftheViewsdrop-downlistasshowninFig.2.5andthenconfiguringattributesofthenewviewfromtheViewdefinitionwindowshowninFig.2.6-1andFig.2.6-2.

Group Name DescriptionABC ListsallmachineIDsundertheABCorganizationABC.Sales Lists allmachine IDs under theABCorganization/Sales

group.ABC.Marketing Lists all machine IDs under the ABC organization/

Marketinggroup.

Fig. 2.6-1 and Fig. 2.6-2: View

definitions

Fig. 2.5: Filtering by Machine ID,

Machine group and View

Age

nts


TheViewdefinitionswindowletsyoufurtherrefineamachineID/machinegroupfilterbasedonat-tributescontainedoneachmachineasshowninthefigureabove.TheavailableoptionsintheViewdefinitionswindowareexplainedbelow:

View by Machine ID• Set machine ID - CheckingthisboxoverridesanyvaluesetfortheMachineIDfieldontheMa-chineID/GroupIDfilterpanelwiththevalueenteredhere.TheMachineIDfieldontheMachineID/GroupIDfilterpanelisdisabledtopreventinadvertentchangeswhiledisplayingaviewwithSetmachineIDselected.• Set group ID - CheckingthisboxoverridestheGroupIDfilterontheMachineID/GroupIDfilterpanelwiththevalueenteredhere.TheGroupIDfieldontheMachineID/GroupIDfilterpanelisdisabledtopreventinadvertentchangeswhiledisplayingaviewwithSetgroupIDselected.• Only show selected machine IDs –AviewneedstobesavedfirstbeforeselectingmachinesIDsusingthisoption.Oncetheviewissaved,a<N>machinesselectedlinkdisplaystotherightofthisoption.Clickthislinktodisplayadefinecollectionwindow,whichallowsyoutocreateaviewusinganarbitrarycollectionofmachineIDs.

View by Network Status and Address• Show machines that have / have not / never been online in the last N periods -ChecktolistthosemachineswhoseagentshavecheckedintotheKServer,ornot,withinthespecifiedperiodoftime.UsetheNeveroptiontofiltermachineIDtemplateaccounts,becausetheseaccountsnevercheckin.• Show machines that are suspended / not suspended -Checktolistmachinesthataresuspend-edorarenotsuspended.• Show machines that have/have not rebooted in the last N periods-Checktolistmachinesthathavenotrebootedinthespecifiednumberofperiods.• Machines with Credential status -Checktolistmachineswiththeselectedcredentialstatus.• Connection gateway filter -Checktoonlylistmachinesthathaveaconnectiongatewaymatchingthespecifiedfilter.Includeanasterisk“*”wildcardwiththetextyouentertomatchmultiplerecords.

Example:66.221.11.*matchesallconnectiongatewayaddressesfrom66.221.11.1through66.221.11.254.

• IP address filter-ChecktoonlylistmachinesthathaveanIPaddressmatchingthespecifiedfilter.Includeanasterisk“*”wildcardwiththetextyouentertomatchmultiplerecords.

Example:66.221.11.*matchesallIPaddressesfrom66.221.11.1through66.221.11.254.

View by Operating System• OS Type -ChecktoonlylistmachinesthatmatchtheselectedoperatingsystemasreportedusingtheAudit>Name/OSInfo.• OS Version -ChecktoonlylistmachinesthatmatchtheOSversionstringasreportedusingAudit>Name/OSInfo.Usethisfiltertoidentifymachinesbyservicepack.

View Machines Based on Procedure History/Status• With agent procedure scheduled/not scheduled -Checktoonlylistmachinesthathavethespecifiedagentprocedureeitherscheduledtorunornot.• Last execution status success/failed -Checktoonlylistmachinesthathavealreadyexecutedtheselectedagentprocedure.Selecttheappropriateradiobuttontolistmachinesthatsuccessfullyexecutedtheagentprocedureorfailedtoexecutetheagentprocedure.• Agent procedure has / has not executed in the last N days -Checktoonlylistmachinesthathaveorhavenotexecutedtheagentprocedureinthespecifiedperiodoftime.

View Machines by Application• Contains/Missing application -Checktoonlylistmachinesthathave,ordon’thave,anapplica-tioninstalledusingthespecifiedfilter.Includeanasterisk“*”wildcardwiththetextyouentertomatchmultiplerecords.• Version string is > < = N -Checktofurtherrefinetheapplicationfilterwithaversionnumbergreaterthan,lessthanorequaltoaspecifiedvalue.

Agents


View Machines by Patch Update• Show/Hide members of patch policy-CheckingthisboxworkstogetherwiththemachineIDandgroupIDfilterstoonlylistspecificmachinesbelonging(Show)ornotbelonging(Hide)toaspecificpatchpolicy.• Machines that have no patch scan results (unscanned) -Checktoonlylistmachinesthathavenotbeenscannedformissingpatches.• Machines missing greater than or equal to N patches -ChecktoonlylistmachinesmissingaspecifiednumberofMicrosoftpatches.• Use Patch Policy -ChecktoonlylistmachinesmissingaspecifiednumberofapprovedmissingMicrosoftpatches.• Patch scan schedule / not schedule-Checktoonlylistmachineswitheitherapatchscheduledornotscheduled.• Last execution status for patch scan success / failed -Checktoonlylistmachineswhosepatchscansucceededorfailed.• Patch scan has / has not executed in the last <N> <periods>-Checktoonlylistmachineswhosepatchscanhasorhasnotexecutedwithinaspecifiedtimeperiod.• Machines with Reboot Pending for patch installations -Checktoonlylistmachineswithare-bootpendingforpatchinstallations.• Machines with Patch Test Result -Checktoonlylistmachineswiththeselectedpatchtestresult.• MachineswithPatchAutomaticUpdateconfiguration-Checktoonlylistmachineswiththeselectedautomaticupdateconfiguration.• Machines with Patch Reboot Action configuration -Checktoonlylistmachineswiththeselect-edRebootActionconfiguration.• Machines with Patch File Source configuration -Checktoonlylistmachineswiththeselectedpatchfilesourceconfiguration.• Machines missing a specific patch (identified by the patch’s 6 digit KB Article ID) -Checktoonlylistmachinesmissingaspecificpatch.

View Machines by Agent Data• Advanced Agent Data Filter-CheckandclicktheDefineFilterbuttontofurtherrefinetheviewusingtheFilterAggregateTable.

AdvancedagentdatafilteroptionsareshowninFig.2.7.Advancedfilteringletsyoudesigncomplexsearchestoisolatedatatojustthosevaluesthatistobesearched.Thefieldsareselfexplanatoryanddependingontherequirementthevaluescanbeenteredintheappropriatefieldstofilterthedata.

Fig. 2.7: Advanced

agent data filter

Age

nts


Agent Functions OverviewFig.2.8showstheavailablefunctionsintheagentmodule.Thelistofagentfunctionsandabriefde-scriptionoftheiruseislistedinthetablebelow.Inthefollowingsections,eachfunctionisexplainedindetail.

Fig. 2.8Agent

Functions

Section Function Description2.1 MachineStatus2.1.1 AgentStatus Displaysactiveuseraccounts,IPad-

dressesandlastcheck-intimes.2.1.2 AgentLogs Displayslogsof:

• Agentsystemanderrormessages• Executionofagentprocedures,whethersuccessfulorfailed.• Configurationchangesmadebyauser.• Send/receivedataforapplicationsthataccessthenetwork.• Application,System,andSecurityeventlogdatacollectedfrommanagedmachine.• Alarmlog• Remotecontrollog• Logmonitoring

2.1.3 LogHistory Specifieshowlongtostorelogdata.2.1.4 EventLogSettings Specifieseventlogtypesandcategories

includedineventlogs.2.2 InstallAgents2.2.1 Create CreatesmachineIDaccountsand/or

installpackagesforinstallingagentsonsinglemachines.

2.2.2 Delete DeletesmachineIDaccounts.2.2.3 Rename RenamesexistingmachineIDaccounts.

Agents


2.2.4 ChangeGroup Reassignsmachinestoadifferentma-chinegrouporsubgroup.

2.2.5 DeployAgents Createsagentinstallpackagesforinstall-ingagentsonmultiplemachines.

2.3 LANDiscovery2.3.1 LANWatch Usesanexistingagentonamanaged

machinetoperiodicallyscanthelocalareanetworkforanyandallnewdevicesconnectedtothatLANsincethelasttimeLANWatchran.

2.3.2 InstallAgents InstallstheagentonaremotesystemandcreatesanewmachineID/groupIDaccountforanynewPCdetectedbyLANWatch.

2.3.3 ViewLAN DisplaystheresultsofthelatestLANWatchscan.

2.3.4 ViewADComputers ListsallcomputerslistedinanActiveDirectorywhenLANWatchrunsonasystemhostingActiveDirectory.InstallsagentsonADmachines.

2.3.5 ViewADUsers ListsallActiveDirectoryusersdiscoveredbyLANWatchwhenLANWatchrunsonasystemhostingActiveDirectory.CreatesVSAusersfromADusers.

2.3.6 ViewvPro DisplayshardwareinformationaboutvPro-enabledmachinesdiscoveredwhilerunningLANWatch.

2.4 ConfigureAgents2.4.1 CopySettings Masscopiessettingsfromonemachine

accounttoothermachineaccounts.2.4.2 Import/Export Importsandexportsagentsettings,

includingscheduledagentprocedures,assignedmonitorsets,andeventsets,asXMLfiles.

2.4.3 Suspend Suspendsallagentoperations,suchasagentprocedures,monitoring,andpatch-ing,withoutchangingtheagent’ssettings.

2.4.4 AgentMenu Customizestheagentmenuonmanagedmachines.

2.4.5 Check-InControl Controlsagentcheck-infrequencyonagentmachines.

2.4.6 WorkingDirectory Setsthepathtoadirectoryusedbytheagenttostoreworkingfiles.

2.4.7 EditProfile Editsmachineaccountinformation.2.4.8 PortalAccess Setsupaccountstoallowmachineus-

ersremotecontrolaccesstotheirownmachines.

2.4.9 SetCredential SetsalogoncredentialfortheagenttouseinPatchManagement,theUseCredentialprocedurecommand,KaseyaEndpointSecurity,andDesktopPolicyandMigration.

Age

nts


2.1.1 Agent StatusTheAgentStatuspageprovidesasummaryviewofawidevarietyofagentdata.Anydatapertainingtotheagentcanbeobtainedbyselectingtheappropriatedatacolumn.Thedatacolumnsarefullycustomizableandcanbeselectedaccordingtotherequirements.Fig.2.9showsageneralviewoftheagentstatuspage.Portionsofthispagearelabeledinthefigure.Abriefdescriptionforeachlabelisprovidedbelow.

1. Select Columns:Selectcolumnscanbeusedtospecifywhichcolumnsaretobedisplayedintheagentstatuswindow.Fig.2.10showstheColumnSelectwindow.Theorderingofthecolumndatacanberearrangedusingtheupanddownarrowbuttons.

Example:DisplaytheMachineID,Currentuser,LastRebootTime,LastCheckinTime,GroupID&TimeZone.

1. SelectMachine IDintheNotDisplayedwindow.ClickAdd>>2. SelectCurrent User intheNotDisplayedwindow.ClickAdd>>3. SelectLast ReboottimeintheNotDisplayedwindow.ClickAdd>>4. SelectLast CheckintimeintheNotDisplayedwindow.ClickAdd>>5. SelectGroup ID intheNotDisplayedwindow.ClickAdd>>6. Select Time ZoneintheNotDisplayedwindow.ClickAdd>>

OncealltheoptionsareselectedandaddedtotheDisplayedwindow,theApplybuttonmustbeclickedtoapplythedesiredsettings.

Fig. 2.10: Select columns

2.5 UpgradeVersion2.5.1 UpdateAgent Updatestheagentsoftwareonmanaged

machines.

2.1 Machine Status

Fig. 2.9: Agent status page

Agents


VSAprovidesawidevarietyofagentdatathatcanbedisplayedintheAgentstatuspageaccordingtotherequirements.Thelistofcolumndataalongwithabriefdescriptionthatcanbeselectedislistedbelow.

Column DescriptionMachineID MachineIDlabelusedthroughoutthesystem.GroupID ThegroupIDportionofthemachineID.LastCheckinTime MostrecenttimewhenamachinecheckedintotheKServer.FirstCheckinTime TimewhenamachinefirstcheckedintotheKServer.LastRebootTime Timeofthelastknownrebootofthemachine.TimeZone Thetimezoneusedbythemachine.ComputerName Computernameassignedtothemachine.Domain/Workstation Theworkgroupordomainthecomputerbelongsto.AgentGUID AgloballyuniqueidentifierforamtachineID.groupIDaccountandits

correspondingagent.DNSComputerName ThefullyqualifiedDNScomputernameforthemachine,whichcomprises

thecomputernameplusthedomainname.Forexample:jsmithxp.acme.com.Displaysonlythecomputernameifthemachineisamemberofaworkgroup.

OperatingSystem Operationsystemtypethemachineisrunning.OSVersion Operationsystemversionstring.IPAddress IPaddressassignedtothemachine.SubnetMask Networkingsubnetassignedtothemachine.DefaultGateway Defaultgatewayassignedtothemachine.ConnectionGateway IPaddressseenby theKServerwhen thismachinechecks in. If the

machine isbehindaDHCPserver, this is thepublic IPaddressof thesubnet.

Country ThecountryassociatedwiththeConnectionGateway.MACAddress MACaddressoftheLANcardusedtocommunicatewiththeKServer.DNSServer1,2 IPaddressoftheDNSserversassignedtothemachine.DHCPServer TheIPaddressoftheDHCPserverusedbythismachine.Primary/SecondaryWINS

WINSsettings.

CPUType Processormakeandmodel.CPUSpeed Clockspeedoftheprocessor.CPUCount ThenumberofCPUs.RAMSize MBytesofRAMonthemachine.AgentVersion VersionnumberoftheKaseyaagentloadedonthemachine.CurrentUser Logonnameofthemachineusercurrentlyloggedintothemachine(if

any).LastLoggedInUser Logonnameofthelastpersontologintothemachine.PortalAccessLogon LogonnamegiventoamachineuserforloggingintotheKServer.PortalAccessRemoteControl

Enabledifthismachineusercanloginandgetremotecontrolaccesstotheirownmachinefromanothermachine.Disabledifaccessisdenied.

Age

nts


PortalAccessTicketing Enabledifthismachineusercanloginandentertroubletickets.Disabledifaccessisdenied.

PortalAccessChat EnabledifthismachineusercaninitiatechatsessionswithaVSAuser.Disabledifaccessisdenied.

Primary/SecondaryKServer

IPaddress/namethemachineusestocommunicatewiththeKServer.

QuickCheckinPeriod Quickcheckintimesettinginseconds.ContactName MachineusernameenteredinEditProfile.ContactEmail EmailaddressenteredinEditProfile.ContactPhone PhonenumberenteredinEditProfile.ContactNotes NotesenteredinEditProfile.Manufacturer Systemmanufacturer.ProductName Systemproductname.SystemVersion Productversionnumber.SystemSerialNumber Systemserialnumber.ChassisSerialNumber Serialnumberontheenclosure.ChassisAssetTag Assettagnumberontheenclosure.ExternalBusSpeed Motherboardbusspeed.MaxMemorySize Maxmemorysizethemotherboardcanhold.MaxMemorySlots Totalnumberofmemorymoduleslotsavailable.ChassisManufacturer Manufactureroftheenclosure.ChassisType Enclosuretype.ChassisVersion Enclosureversionnumber.MotherboardManufacturer

Motherboardmanufacturer.

MotherboardProduct MotherboardproductID.MotherboardVersion Motherboardversionnumber.MotherboardSerialNum

Motherboardserialnumber.

ProcessorFamily Processortypeinstalled.ProcessorManufacturer Processormanufacturer.ProcessorVersion ProcessorversionID.CPUMaxSpeed Maxprocessorspeedsupported.CPUCurrentSpeed Speedprocessoriscurrentlyrunningat.vProHostName ThenameofthevProenabledmachinesetbyvProconfiguration.vPro-ComputerName ThenameofthevPro-enabledmachinesetbytheoperatingsystem.vPro-Model ThemodelofthevPro-enabledmachine.vPro-Manufacturer ThemanufacturerofthevPro-enabledmachine.vPro-Version TheversionofthevPro-enabledmachine.vPro-SerialNumber TheserialnumberofthevPro-enabledmachine.vPro-AssetNumber AnassetmanagementidentifierassignedtothevPro-enabledmachine.vPro-MotherboardManufacturer

ThemanufacturerofthemotherboardofthevPro-enabledmachine.

vPro-MotherboardVersion

TheversionnumberofthemotherboardofthevPro-enabledmachine.

Agents


2. Filter: Filterisusedfordisplayingselectiveinformationofrowsinthepagingarea.Forexample,tosearchforthemachineID“pc1.cec.fiu-johndoe”,enter“pc1*”inthetextboxinthewindowasshownintheFig.2.11nexttoMachineID.

Note: “*” asterisk wildcard can be used with the text you enter to match multiple records.

3. Reset filter:TheResetfilterisusedtoclearallthefiltersettings.Thisoptionisnotdisplayedbyde-fault.Itisonlydisplayediftheadvancedfilterisselected.TheadvancedfiltercanbeusedbyselectingFilter.

Check-In StatusOnceamachineIDiscreatedforanagent,check-inicondisplaysnexttoeachmachineIDaccountinVSA.Theseiconsindicatetheagentcheck-instatusofeachmanagedmachine.TheseiconsappearinmostofthemodulesinVSAanditisimportanttoremembertheiconstoquicklydeterminethestatusoftheagentonaparticularmachine.Belowisalistofalliconsandabriefexplanationofthestatustheyindicate.

AgentisOnlinebutwaitingforfirstaudittocomplete. Agentisonline. Agentisonlineandusercurrentlyloggedon.Icondisplaysatooltipshowingthelogonname. Agentisonlineandusercurrentlyloggedon,butusernotactivefor10minutes. Agentiscurrentlyoffline. Agenthasnevercheckedin. Agentisonlinebutremotecontrolhasbeendisabled Agenthasbeensuspended

2.1.2 Agent LogsTheAgent Logs pagedisplays the logdata foreachof themanagedmachines.Foreach typeof logacorresponding logreport isprovided.Thishelps to identify theevents thatoccurredwithacorrespondingmanagedmachine.TheeventsalongwiththetimearedisplayedinthiswindowasshowninFig.2.12.

vPro-MotherboardSerialNumber

TheserialnumberofthemotherboardofthevPro-enabledmachine.

vPro-MotherboardAssetTag

An asset management identifier assigned to the motherboard of thevPro-enabledmachine.

vPro-BiosVendor ThevendoroftheBIOSofthevPro-enabledmachine.vPro-BiosVersion TheversionoftheBIOSofthevPro-enabledmachine.

Fig. 2.11: Advanced

filter

Age

nts


Note: The system automatically limits the number of log entries per log type per machine to 1000. Once the limit has been reached, if archiving is enabled, and deleted from the system, log entries exceeding the limit are archived,. The archive option is set in Agent > Log History.


1. Selecting Machine ID:SelectthemachineIDforwhichyouwanttoseetheloginformation.

2. Select Log: SelectLogallowsyoutochoosetheappropriateloginformationtobedisplayedfortheselectedmachineID.Thetypesoflogthatareavailableare:

• Alarm Log -Listsallalarmstriggeredfortheselectedmachine.• Monitor Action Log -Thelogofalarm conditions*thathaveoccurredandthecorrespondingac-tions,ifanyhasbeentakeninresponsetothem.• Agent Log -Displaysalogofagent,system,anderrormessages.• Configuration Changes -DisplaysVSAsettingschangesfortheselectedmachine.• Network Statistics -Displaysalogofsend/receivedatafornetworkapplications.• Event Logs -DisplayseventlogdatacollectedbyWindows.ItisnotavailableforWin9x.Onlyeventlogsthatapplytotheselectedmachinedisplayintheeventlogdrop-downlist.AmonitorwizardicondisplaysnexttoeventlogentriesintheVSAandinLiveConnect.Hover-ingthecursoroverthemonitorwizardiconofalogentrydisplaysawizard.Thewizardenablesyoutocreateaneweventsetcriteriabasedonthatlogentry.Theneweventsetcriteriacanbeaddedtoanyneworexistingeventset.Theneworchangedeventsetisimmediatelyappliedtothemachinethatservedasthesourceofthelogentry.Changinganexistingeventsetaffectsallmachinesassignedtousethateventset.ThemonitorwizardicondisplaysinLive Connect > Event Viewer,Live Connect > Agent Data > Event Log andAgent > Agent Logs.

• Agent Procedure Log -Displaysalogofsuccessful/failedagentprocedures.• Remote Control Log -Displaysalogofsuccessful/failedremotecontrolsessions.• Log Monitoring -DisplaysLogmonitoringentries.

Fig. 2.12:Agent Logs

Fig. 2.13: Events per

page

Alarm Condition :Analarmconditionexistswhenamachine’sperformancesucceedsorfailstomeetpre-definedcriteria.

Agents


3. Events per page:Eventsperpageallowyoutospecifythenumberofrowsthatcanbedisplayedintheagentlogspage.

Example:Selecting“10”fromthedropdownmenuasshowninFig.2.13belowwoulddisplay10rowsofevents.

4. Filter:Filteroptionisusedtorestricttheamountofdatadisplayed.TheEventlogfilterhasdifferenteventcategories.Youcanspecifyadifferentadvancedfilterforeacheventcategoryandcolumnofdatadisplayed.Afterpopulatingtheoptions,clickApply.BydefaultApplyEventLogfilterisselected.Iftheoptionisnotselected,thefiltersarenotapplied.

5. Start Date / End Date / Refresh:Thisoptionallowsyoutofilterthelogdatabyspecifyingthedaterange.ClickRefreshtoseethenewfiltereddata.

2.1.3 Log HistoryTheLog Historypage(Fig.2.14)determinesthenumberofdaystostorethelogonaperlogbasisforeachmachineID.Thesesettingsaresetasdefault fromtheagent installpackage(seesection2.2fordetails).Thispagealsodetermineswhetheragentlogdataissubsequentlyarchivedtotextfileslocatedonanetworkdirectory.

• LogdataisdisplayedusingAgentlogsorprintedtoareportusingInfo Center > Reporting > Logs. • System > Check-in-Policy canrestrictthenumberofdaysuserscankeeplogentries,toavoidplacingunduestressonserversrunningtheKServerservice.

Log File LocationsMonitoring data log archives are stored in the <KaseyaRoot>\UserProfiles\dbBackup directory.This is toimproveperformanceonsystemswherethelogdatabaseisonadifferentserver.AllotheragentlogarchivesarestoredinthedirectoryspecifiedbytheSystem > Configure > Log file archivepathfield.


1. Set days to keep log entries, check to archive to file:Setthenumberofdaystokeeplogdataforeachtypeoflog.Checkthecheckboxforeachlogtoarchivelogfilespasttheircutoffdate.

• Agent Log -Thelogofagent,system,anderrormessages.• Configuration Changes-Thelogofconfigurationchangesmadebyeachuser.• Network Statistics-Thelogofincomingandoutgoingpacketcountinformationandtheapplica-tionorprocesstransmittingand/orreceivingsuchpackets.Thisinformationcanbeviewedindetail

Fig. 2.14: Log History

Age

nts


usingAgent>AgentLogs>NetworkStatistics.• Agent Procedure Log-Displaysalogofsuccessful/failedagentprocedures.• Remote Control Log -Displaysalogofremotecontrolevents.• Alarm Log -Thelogofallalarmsissued.• Monitor Action-Thelogofalarmconditionsthathaveoccurredandthecorrespondingactions,ifanythathavebeentakeninresponsetothem.• SYS log-Thelogofallsystemcheckexternalsystems.

2. Set days to keep monitoring logs for all machines:Thefollowingmonitoringlogsettingsareap-pliedsystem-wide.• Event Log -Thelogofallevents.TheeventscollectedarespecifiedinmoredetailusingAgent>Eventlogsettings• Monitor Log -Thelogofdatacollectedbymonitoringsets.• SNMP Log-ThelogofalldatacollectedbySNMPsets.

3. Select All Archive / Unselect All Archive:ClickSelect All Archivelinktocheckallarchivecheck-boxesonthepage.ClickUnselect AllArchivelinktouncheckallarchivecheckboxesonthepage.

4. Update:ClickUpdatetoupdateselectedmachineIDswithagentlogsettings.

2.1.4 Event Log SettingsAnEventLogservicerunsonWindowsoperatingsystems(NotavailablewithWin9x)anditenableseventlogmessagestobeissuedbyWindowbasedprogramsandcomponents.Theseeventsarestoredineventlogslocatedoneachmachine.TheeventlogsofmanagedmachinesstoredintheKServerdatabase,serveasthebasisofalertsandreports,andbearchived.TheEvent LogSettings page as shownbelow inFig. 2.15 specifies the event log types and categoriesincludedinAgent > Log History.ThelistofeventlogtypesavailableonthispagecanbeupdatedusingMonitor > Updatelistsbyscan.


1. Event log types:Dependingontheoperatingsystem,theeventlogtypesavailableincludebutarenotlimitedto:• Applicationlog• DirectoryService• DNSServer• InternetExplorer• Security• System

Fig. 2.15: Event Log Settings

Agents


2. Event categories:TheeventcategoriesstoredbyVSAforthismachineIDandeventlog:• Error• Warning• Information• SuccessAudit• FailureAudit• Critical-AppliesonlytoVista.• Verbose-AppliesonlytoVista.

3. Update:AddseventlogtypeslistedintheAssigned Event LogslistboxtothesetofeventlogtypesalreadyassignedtoselectedmachineIDs.

4. Replace:ReplacesalleventlogtypesassignedtoselectedmachineIDswiththeeventlogtypeslistedintheAssigned Event Logslist.

5. ClearAll:ClearsalleventlogtypesassignedtoselectmachineIDs.

To specify Event Log Settings:

1. ClickaneventlogtypeintheEvent Log Types listbox.Holddownthe[Ctrl]keytoclickmultipleeventlogtypes.2. ClickAdd>> orAdd all>>toaddeventlogtypestotheAssigned Event Typeslistbox.Click<<Removeor<<Removealltoremoveeventlogtypesfromthe Assigned Event Typeslistbox.3. Checkoneormoreeventcategories:Error, Warning, Information, Success Audit, Failure Audit, Critical, Verbose.4. SelectoneormoremachineIDs.5. ClickUpdateorReplacetoapplythesesettingstoselectedmachineIDs.

Flood DetectionIf1000events,notcountingblacklisteventsareuploadedtotheKServerbyanagentwithinonehour,furthercollectionofeventsofthatlogtypearestoppedfortheremainderofthathour.Aneweventisinsertedintotheeventlogtorecordthatcollectionwassuspended.Attheendofthehour,collectionautomaticallyresumes.ThispreventsshorttermheavyloadsfromswampingyourKServer.Alarmdetectionandprocessingoperatesregardlessofwhethercollectionissuspended.

2.2.1 CreateTheCreatepagecreatesamachineIDaccountandanagentinstallpackageforasinglemachine.YoucreatethemachineIDaccountfirst,andthencreateaninstallpackageforonesinglemachine.TypicallytheCreatepageappliesto:

• Machine ID templates-Inthiscase,noinstallpackageneedstobecreated,sinceagenttem-platesarenotintendedforinstallationtoamachine.• Secured environments-Securedenvironmentsmayrequireeachmachinebesetupmanually.Forexample,youmightberequiredtonameanewmachineIDaccountmanuallyand/orcreateanagentinstallpackagewithauniquecredentialforasinglemachine.Ausermustbeloggedintoatargetmachinelocallytoinstallthepackage.

Agent license counts

Thefollowingeventsaffectagentlicensecounts:

2.2 Install Agents

Age

nts


• An“unused”agentlicenseischangedto“used”ifamachineIDaccountiscreatedandtheagentinstalled.• Iftheagentisdeletedbutnottheaccount,theagentlicenseisstillconsidered“used”.• Iftheaccountisdeleted,regardlessofwhathappenstotheagent,theagentlicensegoesbackto“unused”.• Ifanaccountiscreated,buttheagentisnotyetinstalledthefirsttime,theaccountiscalledanagenttemplate.Agenttemplateaccountsarenotcountedas“used”untilyouinstalltheagent.

Including credentials in agent install packagesIfnecessary,anagentinstallpackagecanbecreatedthatincludesanadministrator credential*toaccessacustomernetwork.Credentialsareonlynecessaryifusersareinstallingpackagesonmachinesanddonothaveadministratoraccesstotheirnetwork.Theadministratorcredentialisencrypted,neveravailableincleartextform,andboundtotheinstallpackage.

Operating System SelectionAgentpackagescanbecreatedtoinstallagentsonmachinesrunningeitherWindowsorMacintoshoperatingsystems,ortoautomaticallychoosethetypeofoperatingsystemofthedownloadingcomputer.

Machine ID templatesMachineIDtemplateisamachineIDrecordwithoutanagent.SinceanagentneverchecksintoamachineID templateaccount, it isnotcountedagainstyour total licensecount.YoucancreateasmanymachineIDtemplatesasyouwantwithoutadditionalcost.Whenanagentinstallpackageiscreated,thepackage’ssettingsaretypicallycopiedfromaselectedmachineIDtemplate.MachineIDtemplatesareusuallycreatedandconfiguredforcertaintypesofmachine.Machinetypeexamplesincludedesktops,Autocad,Quickbooks,smallbusinessservers,Exchangeservers,SQLServers,etc.AcorrespondinginstallpackagecanbecreatedbasedoneachmachineIDtemplateyoudefine.

Thefollowingoperationscanbeperformedwiththehelpofagenttemplates.

• CreatemachineIDtemplatesusingAgent > Create.• ImportamachineIDtemplateusingAgent > Import/Export.• DeployanagentinstallpackageonanagenttemplateusingAgent > Deploy Agents.• CopyselectedsettingsfromagenttemplatestoexistingmachineIDaccountsusingAgent > Copy Settings.• IdentifythetotalnumberofagenttemplateaccountsinyourVSAusingSystem > Statistics.• ConfiguresettingsfortheagenttemplateusingthestandardVSAfunctions• SeparateagenttemplatesarerecommendedforWindowsandMacintoshmachines.• AlternativelyapackagecanbecreatedthatselectstheappropriateOSautomaticallyandcopyset-tingsfromatemplatethatincludesanagentprocedurethatusesOSspecificsteps.

1. SelectamachineIDfromthepagingareaasshowninFig.2.16abovebyclickingontheradiobuttonnexttoit.2. ClickonSet.YoucannoticethatthemachineIDthatwasselectedappearsunderCopy new ac-

Fig. 2.16: Copy Settings while creating machine ID

Credential:Acredentialisthelogonnameandpasswordusedtoauthenticateauserorprocess’saccesstoamachineornetworkorsomeotherresource.

Agents


count settingsfromasshowninthefigureabove.3. EnterthenameofthemachineIDintheNew machine IDfieldandclickCreate.

Note: If you do not include a machine ID to copy from and click Create, a new, usable machine ID account is created using KServer defaults. You can copy settings between existing machine ID accounts at any time using Agent > Copy Settings.

Fig.2.17belowshowsthegeneralviewandalltheavailablefunctionsthataresupportedontheCreatepage.

1. New Machine ID:EnterauniquenameforthenewmachineIDyouarecreating.

2. Group ID:SelectanexistinggroupIDforthenewmachineIDyouarecreating.Thedefaultisroot.unnamedGroupIDsarecreatedbyaVSAuserusingSystem>Orgs/Groups/Depts>Manage.

3. Create:ClickCreatetocreatethenewmachineIDfortheselectedgroupID.

4. Set/Clear new accounts created in group ID <GroupID> copy settings from <Machine ID>:ForeachgroupIDyoucanspecifyadifferentdefaultmachineIDtocopysettingsfrom.

• SelectamachineIDtocopysettingsfrombyclickingtheradiobuttonnexttoanymachineIDlistedinthepagingarea.• SelectagroupIDfromthegroup ID drop-downlist.• ClicktheSettoensurethatnewmachineIDsyoucreatefortheselectedgroupIDwillcopysettingsfromtheselecteddefaultmachineID.• Clickthelinktoremovethisassignment.

5. Set/Clear accounts created in unassigned group IDs copy settings from <Machine ID>:ThisoptionspecifiesthedefaultmachineIDtocopysettingsfromifnodefaultmachineIDissetforagroupID.Thisoptiononlydisplaysformasterroleusers.

• SelectamachineIDtocopysettingsfrombyclickingtheradiobuttonnexttoanymachineIDlistedinthepagingarea.Initiallythisvalueissettounassigned.• ClickSettoensurethatnewmachineIDscreatedwithoutagroupdefaultmachineIDcopysettingsfromthemasterroleuser’sdefaultmachineID.Initiallythisvalueissettounas-signed.• ClicktheClearlinktoremovethisassignment.

2.2.2 DeleteTheDeletepage(Fig.2.18)deletesthreedifferentcombinationsofmachineIDaccountsandagents.

• Uninstall agent first at next check-in:Uninstalltheagentfromthemachineandremovethema-chineIDaccountfromtheKServer.Theaccountisnotdeleteduntilthenexttimetheagentsuccess-

Fig. 2.17: Create Page

Age

nts


fullychecksin.• Delete account now without uninstalling the agent:LeavetheagentinstalledandremovethemachineIDaccountfromtheKServer.• Uninstall the agent and keep the account:Uninstalltheagentfromthemachinewithoutremov-ingthemachineIDaccountfromtheKServer.


1. Machine.Group ID:ThelistofMachine.GroupIDsisdisplayedbasedontheMachineID/GroupIDfilterandthemachinegroupstheuserisauthorizedtoview.

2. Select Uninstall/Delete option:Makeachoiceofuninstall/deletedependingontherequirement.

3. Delete Accounts:Deleteaccountsoptiondeletes/uninstallthemachineIDthatwasselecteddependingontheoptionselected.

4. Clean Database:RemovingamachineaccountusingthisDeletepagemarksthemachineac-countfordeletion.Actualdeletionusuallyoccursduringoffhourstopreserveresourcesduringworkinghours.Therearesomecaseswhereitisusefultopurgemachineaccountsimmediately.Forexample,yourKServermayexceedtheagentlicensecount.ClickClean Databasetoimmediatelypurgema-chineaccountsthatarealreadymarkedfordeletion.

5. Select old accounts that have not checked in since <date>:ClicktheSelect oldhyperlinktocheckallmachineIDsinthepagingareathathavenotcheckedinsincethespecifieddate.ThisisaneasywaytoidentifyandremoveobsoletemachineIDs.

6. Last Check-In:Displaysthetimethemachine’sagentlastcheckedintotheKServer.Agentsthathavenotchecked-inrecentlydisplaythisinformationinredtext.

2.2.3 RenameThe Rename pagerenamesanyexistingmachineIDaccounttoanewone.YoucanchangethemachineIDand/orre-assign it toadifferentgroupID.TheRenamepageisshowninFig.2.19andall theoptionssupportedbythismodulearelistedbelow.

Fig. 2.18: Delete Page

Agents


1. Rename Account:ThisoptionrenamesaselectedmachineIDaccounttoanewone.

2. Merge offline account <Offline Machine ID> into <Select Machine ID> Delete <Offline Ma-chine ID> after merge:Mergeoptionisusedtocombinelogdatafromtwodifferentaccountsintothesamemachine.Thiscouldbenecessaryifanagentwasuninstalledandthenre-installedwithadiffer-entaccountname.Mergecombinestheaccountsasfollows:• Logdatafrombothaccountsarecombined.• Baseline Audit*datafromtheoldofflineaccountreplacesanybaselinedataintheselectedac-count.• Alertsettingsfromtheselectedaccountarekept.• Pendingagentproceduresfromtheselectedaccountarekept.Pendingagentproceduresfromtheoldofflineaccountarediscarded.• Theoldaccountisdeletedafterthemerge.

Theaboveoperationcanbeperformedasfollows:• Select Merge offline accountoptionandselectthemachineIDfromthedropdownmenu.• SelectamachineIDfromthelistofmachineID’sdisplayedinthepagingarea.• ClickMerge.

Note: Since the machine can only be active on a single account, only offline accounts are provided in the drop-down list to merge with.

3. New Name:EntertheNewNamefortheselectedmachineID.

4. Group ID:SelecttheGroupIDtoassigntotheselectedmachineIDaccount.ThedefaultleavesthegroupIDunchanged.

5. Machine.Group ID:ThelistofMachine.GroupIDsdisplayedisbasedontheMachineID/GroupIDfilterandthemachinegroupstheuserisauthorizedtoview.Clicktheradiobuttontotheleftofthemachineaccountyouwishtorename.

6. New name at next Check in:Liststhenewnameoftheaccountthenexttimethatagentchecksin.Onlypendingrenamesaredisplayedhere.

2.2.4 Change groupTheChangeGrouppage(Fig2.20)assignsasingleormultiplemachineIDsbelongingtoonegroupIDtoadifferentgroupID.MachinesthatarecurrentlyofflineareassignedtothenewgroupIDthenexttimetheycheckin.

Baseline audit:Theconfigurationofthesysteminitsoriginalstate.Typicallyabaselineauditisperformedwhenasystemisfirstsetup.

Fig. 2.19: Rename Page

Age

nts


1. Machine.Group ID:Thelistofmachine.groupIDsdisplayedisbasedonthemachineID/groupIDfilterandthemachinegroupstheuserisauthorizedtoview.

2. Select new group ID:SpecifythenewgroupIDtoassigntoeachselectedmachineIDfromthedropdownlist.

3. Move:TheMoveoptionassignsselectedmachineIDstotheselectedgroupID.

MovingaMachineIDtoaDifferentGroup

• SelectoneormoremachineIDsinthepagingarea.• SelectagroupIDfromtheSelect new group IDdrop-downmenu.• ClicktheMovebutton.

2.2.5 Deploy AgentsThe Deploy Agentpagecreatesanddistributesanagentinstallpackagetomultiplemachines.Agent > Create canbeusedtocreateamachineIDaccountandagentinstallpackageintwoseparatestepsandapplythemtoasinglemachine.Agent > Createcanalsobeusedtocreateagenttemplatesorre-installanagentforanexistingmachineID.

Note: To install agents on remote machines, use Agent > Install Agents

Deploy Agents Wizard

TheDeploy Agents installpackageiscreatedusingthe Configure Automatic Account Creationwizard.ThewizardcopiesagentsettingsfromanexistingmachineIDoragenttemplateandgeneratesaninstallpackagecalled“KcsSetup”.AllsettingsandpendingagentproceduresfromthemachineIDtheagentsettingsarecopiedfrom–exceptthemachineID,groupID,andorganizationID–areappliedtoeverynewmachineIDcreatedwiththepackage.

Including Credentials in Agent Install Packages

Ifnecessary,anagentinstallpackagecanbecreatedthatincludesanadministratorcredentialtoaccessacustomernetwork.Credentialsareonlynecessaryifusersareinstallingpackagesonmachinesanddonothaveadministratoraccesstotheirnetwork.Theadministratorcredentialisencrypted,neveravailableincleartextform,andisboundtotheinstallpackage.

Editing Existing Install Packages

TypicallyanexistingDeployAgentsinstallpackageiseditedjustbeforere-distribution.Themostcommonchangesmadetoaninstallpackageare:

Fig. 2.20: Change group

page

Agents


• Pre-selectinganorganizationID,groupIDorsub-groupID.• Assigningacredential,ifnecessary.

Onceedited,theinstallpackagecanbere-createdanddistributedtoitstargetcustomerandlocation.

Distribution Methods

Oncetheagentinstallpackageiscreated,youcanusethefollowingmethodstothepackage:

1. Logon

• Windows-SetupanNTlogonproceduretoruntheinstallpackageeverytimeauserlogsintothenetwork.

Note: Windows 98 is not supported.

• Macintosh-SetupaMacOSXLoginHookProceduretoruntheinstallpackageeverytimeauserlogsintothenetwork.

2. Email

Email “KcsSetup” toalluserson thenetwork.Download theappropriate installpackage from theDeployAgentspage,andthenattachittoanemailonyourlocalmachine.Youcanalsocopyandpastethelinkofthedefaultinstallpackageintoanemailmessage.

3. LAN Watch

UserscandiscovernewlyaddedmachinesduringaLANWatchandsubsequently installagentsremotelyusingthe Agent > Install Agents page.

4. Active Directory

RunLANWatchonanActiveDirectorymachine.Fromthenon,WindowsagentscanbeinstalledautomaticallyonWindowsmachinesassoonasusersloginusingtheActiveDirectory.

5. Manual

Youcaninstructuserstodownloadaninstallpackageagentfromthe“http://<VSA_Address>/dl.asp”websitetotheirtargetmachines.Ifmorethanoneinstallpackageisdisplayedonthewebsite,instructuserswhichpackageshouldbeselected.Userscanexecutethe“KcsSetup”installerusinganyofthefollowingmethods:

Windows• Doubleclick“KcsSetup”tolaunchit.• Openacommand line window(CMD)andtype“KcsSetup”followedbyanydesiredcommandlineswitches.• SelectRunfromtheWindows Start menu andtype“KcsSetup”followedbyanydesiredcommandlineswitches.

Macintosh• Doubleclick“KcsSetup”tolaunchit.• Openaterminalprocess,navigatetowhere“KcsSetup”islocatedandlaunch“KcsSetup”followedbyanydesiredcommandlineswitches.

Default User Install PackagesEachusercanspecifytheirowndefaultinstallpackagebyselectingtheSetDefaultradiobuttontotheleftof thepackagename.Userscandownload theirowndefaultagent immediatelybyselecting theClick to

Age

nts


downloaddefaultAgentlinkontheDeployAgentspage.

Unique ID Number

Youcantelluserswhichinstallpackagetodownloadbyreferencingtheinstallpackage’suniqueIDnumber.(Example:http://<VSA_Address>/dl.asp?id=123).ThedefaultinstallpackageisdisplayedwithitsuniqueIDnumberintheheaderoftheDeployAgentspage.

Assigning New Machine IDs to Machine Group by IP Address

MaintainingmultipleagentinstallpackagesinAgent > Deploy Agents,oneforeachorganization,canbetimeconsuming.Insteadsomeserverprovidersuseasingleagentpackagefortheunnamedorganizationandperformallinstallsusingthispackage.System > Naming Policycanreassignnewagentstothecorrectorganization.groupIDautomatically–thefirsttimetheagentscheckin–basedoneachmanagedmachine’sIPorconnectiongateway.Agent > CopySettingsmaybescheduledafterwards,tocopyspecifickindsofagentsettingsbymachineIDtemplatetothetypeofmachinerevealedbythebaselineaudit.Thiscanbeautomatedusingagentprocedures.

Automatic Account CreationYoumusthaveautomaticaccountcreationenabledusingSystem > Check-in Policy toautomaticallycreateamachineIDaccountwhenaDeployAgentspackageisinstalled.

Operating System SelectionAgentpackagescanbecreatedtoinstallagentsonmachinesrunningeitherWindowsorMacintoshoperatingsystems,ortoautomaticallychoosethetypeofoperatingsystemofthedownloadingcomputer.

Create PackageTocreateapackage,clickCreate PackagetostartaConfigure Automatic Account Creation wizardwhereyoucanspecifyallconfigurationparametersfortheinstallpackage.Thewizardisa7stepprocess:

1. SpecifyhowthemachineIDisassigned.• PrompttheusertoenteramachineID.• UsethecomputernameasthemachineID.• SettheusernameofthecurrentlyloggedonuserasthemachineID.• SpecifyafixedmachineIDforthisinstallpackage.

2. DefinerulesfornamingthegroupID.• ExistingGroup-SelectanexistinggroupIDfromadrop-downlist.• DomainName-Usestheuser’sdomainname.• NewGroup-SpecifyanewgroupID.Thisoptiononlydisplaysformasterroleusers.• PromptUser-AsksusertoenteragroupID.Thisoptiononlydisplaysformasterroleusers.

Fig. 2.21: Specifying the

machine ID assignment

Agents


3. Specifyagentinstallpackagecommandlineswitchesincludingtheabilitytoinstallsilentlywithoutanytaskbarsordialogboxes.

Note: Silent installs, also called silent deploys, do not prompt the user for input. Silent installs may not require user input or else provide a typical configuration that serves the purposes of most users, or else provide command line parameters that enable users to configure the installation at execution.

4. SpecifythemachineIDtocopysettingsandpendingagentproceduresfrom.Allcopiedsettingsandpendingagentprocedures—excepttheorganizationID,machineID,andgroupID—areappliedtoeverynewmachineIDcreatedwiththepackage.

Fig. 2.22: Specifying

the group ID assignment

Fig. 2.23: Specifying the installer

options

Fig. 2.24: Selecting an account to

copy settings from

Age

nts


5. Selecttheoperatingsystemyouarecreatingtheinstallpackagefor:Automatically choose OS of downloading computer,WindowsorMacintosh.

6. Optionallybindauserlogoncredentialtotheinstallpackage.FillintheAdministrator Credentialformtosecurelybinduserrightstotheinstallpackage.

• Userswithoutadministratorrightscaninstallthepackagesuccessfullywithouthavingtoenteranadministratorcredential.• Iftheadministratorcredentialisleftblankandtheuserdoesnothaveadministratorrightstoinstallsoftware,theinstallpackagepromptstheusertoenteranadministratorcredentialdur-ingtheinstall.Ifthepackageisalsosilent“KcsSetup”willfailwithoutanydialoguemessagesexplainingthis.

Note: Credentials are only necessary if users are installing packages on machines and do not have administrator access to their network.

7. Nametheinstallpackageforeasyreferencelater.ThisnamedisplaysontheDeployAgentspageandthedl.aspdownloadpage.

Fig. 2.25: Selecting an agent type

Fig. 2.26: Binding

administrator credentials to the install

package

Agents


Editing the Default Install Package

TheDefaultInstallpackagesetsthedefaultvaluesdisplayedwhenyoucreateanewpackage.NormallytheDefaultInstallpackageshouldnotbemodified.TheSavebuttonisdisabledbydefault.ToenabletheSavebuttonfortheDefaultInstallpackage,dothefollowingasamasterroleuser:

1. ClicktheSharebuttonnexttotheDefault Install package.2. ClickTake Ownership.3. CheckAllow other users to modify.4. ClickSave.5. ClicktheediticonnexttotheDefault Installpackage.

Note: If you delete the Default Install package, it is re-created immediately.

Fig.2.28belowshowstheDeployAgentspageandalltheavailablefunctionsthatthismoduleprovides.Theyare:


1. Click to download default Agent:ClickthelinktodownloadthecurrentVSAuser’sdefaultpack-agedirectlyfromthepage.

2. Users can download agents from:Thewebaddressfortheagenttodownloadfromcanbepro-videdtousertodownloadtheagent.TheuniqueIDnumberensuresthatwhenthelinkisclicked,thedefaultinstallpackageisselectedanddownloaded.

3. Manage packages from all administrators:ThisoptioncanbecheckedtodisplayallpackagescreatedbyallVSAusers.Onceahiddenpackageisdisplayed,youcanusethepackage,makethe

Fig. 2.27: Naming the

install package

Fig. 2.28: Deploy Agents

Age

nts


packagepublicortakeownership.Thisoptionisonlyavailabletomasterroleusers.

4. Set Default:AnagentinstallpackagecanbesetasdefaultinstallpackagebyselectingtheradiobuttontotheleftofthepackagenameintheSet Default column.

5. Delete Icon:Clickthedeleteicontoremoveapackagefromthepagingarea.Ifyoucreatedthepackage,thenthisalsodeletesthepackagefromthesystemandremovesitforallVSAusers.

6. Edit Icon:ClicktheediticonnexttoapackagetochangetheparametersforthatpackageusingtheConfigureAutomaticAccountCreationwizard.

7. Package Name:Thisfielddisplaysthenameofthepackage.

8. Public Package:Publicpackagerowsdisplaywithabrownbackground.Privatepackagerowsdisplaywithagraybackground.

9. Share:ClickSharetoshareaprivatepackagewithotherusers,userrolesortomakethepackagepublic.

10. List on dl.asp:Clickthe dl.asplinkinthecolumnheadertodisplaythewebpagemachineusersseewhentheyinstallanagentontheirmachine.Checkaboxinthiscolumntoincludeitspackageinthelistofavailabledownloadpackagesonthedl.asppage.

11. Description:Displaysthedescriptionofthepackage.

2.3.1 LAN WatchLAN WatchusesanexistingagentonamanagedmachinetoperiodicallyscanthelocalareanetworkforanyandallnewdevicesconnectedtothatLANsincethelasttimeLANWatchran.ThesenewdevicescanbeworkstationsandserverswithoutagentsorSNMPdevices.Optionally,VSAcansendanalertwhenaLANWatchdiscoversanynewdevice.LANWatcheffectivelyusestheagentasaproxytoscanaLANbehindafirewallthatmightnotbeaccessiblefromaremoteserver.

Using Multiple Machines on the Same LANTypically,youdonothavetorunaLANWatchonmorethanonemachineinascanrange.SomereasonstodoaLANWatchonmultiplemachineswithinthesamescanrangeinclude:

• TherearemultipleSNMPCommunitieswithinthesamescanrangeandthereforetherearemultiplemachineswithdifferentSNMPCommunityReadvalues.• TherearemultiplevPro-enabledcredentialsrequired.• Therearedifferentalertconfigurationsrequired.• TheuserwishestohaveredundantSNMPmonitoring

LAN Watch and Install Agents using Windows or MacintoshBothWindowsandMacintoshagentscandiscoverWindowsandMacintoshmachineson thesameLANusingLANWatch.

Agent > Install Agents canonlyinstallagentson:

• WindowsmachinesiftheLANWatchdiscoverymachinewasaWindowsmachine.

2.3 LAN Discovery

Agents


• MacintoshmachinesiftheLANWatchdiscoverymachinewasaMacintoshmachine.

ThegenericviewoftheLANWatchpageisshowninFig.2.29below.Theoptionsthatareavailableforthismoduleare:

1. Schedule:ClickScheduletodisplaytheSchedulerwindow,whichisusedthroughoutVSAtoscheduleatask.Scheduleataskonceorperiodically.Eachtypeofrecurrence-Once,Hourly,Daily,Weekly,Monthly,Yearly-displaysadditionaloptionsappropriateforthattypeofrecurrence.Periodicschedulingincludessettingstartandenddatesfortherecurrence.Notalloptionsareavailableforeachscheduledtask.Optionsinclude:

• DistributionWindow-Reschedulesthetasktoarandomlyselectedtimenolaterthanthenumberofperiodsspecified,tospreadnetworktrafficandserverloading.• Skipifoffline-Ifcheckedandthemachineisoffline,skipandrunduringthenextscheduledperiodandtime.Ifblankandthemachineisoffline,runthetaskassoonasthemachineisonlineagain.• Powerupifoffline–ItisavailableforWindowsonly.Ifchecked,powersupthemachineifoffline.RequiresWake-On-LANorvProandanothermanagedsystemonthesameLAN.• Excludethefollowingtimerange-Ifchecked,specifiesadate/timerangetonotperformthetask.

2. Cancel:ClickCanceltostopthescheduledscan.CancelalsodeletesallrecordsofthedevicesidentifiedonaLANfromVSA.Ifyoure-scheduleLANWatchafterclickingCancel,eachdeviceontheLANisre-identifiedasthoughforthefirsttime.

3. Scan IP Range:SettheminimumandmaximumIPaddressestoscanhere.SelectingamachineIDtoscan,bycheckingtheboxnexttothatmachine’sname,automaticallyfillsintheminimumandmaximumIPrangebasedonthatmachine’sIPaddressandsubnetmask.

Note: LAN Watch does not scan more than 2048 IP addresses. If the subnet mask of the machine running LAN Watch specifies a larger IP range, LAN Watch limits it to 2048 addresses. LAN Watch only detects addresses on the local subnet to the machine you run LAN Watch from. For example, with a subnet mask of 255.255.255.0, there can be no more than 253 other devices on the local subnet.

4. Enable SNMP:Ifchecked,scanforSNMP devices*withinthespecifiedScanIPRange.SNMPDevicesarenetworkdevicessuchasprinters,routers,firewalls,serversandUPSdevicesthatcan’tsupporttheinstallationofanagent.ButaVSAagentinstalledonamanagedmachineonthesamenetworkasthedevicecanreadorwritetothatdeviceusingsimplenetworkmanagementprotocol(SNMP).Read/writeinstructionsarecommunicatedusingasetofobjectvariables.Collectively,thesetofobjectvariablesmadeavailablebyadeviceiscalleditsManagementInformationBaseorMIB.TheobjectswithinaMIBarethereforereferredtoasMIBobjects.

5. Read Community Name / Confirm:LANWatchcanonlyidentifySNMPdevicesthatsharethesameSNMPcommunityreadvalueasthemanagedmachineperformingtheLANWatch.Enterthe

Fig. 2.29: LAN Watch

SNMP Devices: Networkdevicessuchasprinters,routers,firewalls,serversandUPSdevicesthatcan’tsupporttheinstallationofanagent.

Age

nts


valueintheReadCommunityNameandConfirmtextboxes.

Note: Community names are case sensitive. Typically the default read community name value is public, but may be reset by an administrator to Public, PUBLIC, etc.`

6. Enable vPro:ThisoptionisavailableinWindowsonly.Ifchecked,identifiesvPro-enabledma-chineswithinthespecifiedScanIPRange.ThemachinedoesnotneedtobeavPromachinetodiscovervPromachinesusingLANWatch.IfavPromachineisusedastheLANWatchdiscoverymachine,itcannotdiscoveritself.

7. Enable Alerts:IfEnable AlertsischeckedandanewdeviceisdiscoveredbyLANWatch,analertissenttoallemailaddresseslistedinEmailRecipients.LANWatchalertsandemailrecipientscanalsobespecifiedusingtheMonitor>Alertspage.

Note:Machines that have not been connected to the LAN for more than 7 days and then connect are flagged as new devices and will generate an alert.

8. Email Recipients:Ifalertsareenabled,entertheemailaddresseswherealertnotificationsaresent.Youcanspecifyadifferentemailaddressforeachmanagedmachine,evenifitisforthesameevent.The FromemailaddressisspecifiedusingSystem>OutboundEmail.

9. Ignore devices seen in the last <N> days:Enterthenumberofdaystosuppressalertsfornewdevices.Thispreventscreatingalertsfordevicesthatareconnectedtothenetworktemporarily.

10. Run Script:Iftheoptionischeckedandanalarmconditionisencountered,anagentprocedureisrun.YoumustclicktheSelectagent procedurelinktochooseanagentproceduretorun.Youcanop-tionallydirecttheagentproceduretorunonaspecifiedrangeofmachineIDsbyclickingthismachineIDlink.ThesespecifiedmachineIDsdonothavetomatchthemachineIDthatencounteredthealarmcondition.

11. Skip alert if MAC address matches existing agent:CheckingthisboxsuppressesalertsifthescanidentifiesthattheMACaddressofanetworkdevicebelongstoanexistingmanagedmachinewithanagentonit.OtherwiseamanagedmachinethatwasofflineforseveraldaysandcomesbackonlinetriggersanunnecessaryalertduringaLANWatch.

12. Machine.Group ID:ThelistofMachine.GroupIDsdisplayedisbasedontheMachineID/GroupIDfilterandthemachinegroupstheuserisauthorizedtoview

13. IP Range Scanned:TheIPaddressesthatarescannedbytheselectedmachineIDwhenLANWatchruns.

14. Last Scan:Thistimestampshowswhenthelastscanoccurred.Whenthisdatechanges,newscandataisavailabletoview.

15. Primary DC:ThisisavailableforWindowsonly.Ifaprimarydomaincontrollericonisdisplayed,thismachineIDisaprimarydomaincontroller.Ifchecked,performingascanonaprimarydomaincontrollerrunningActiveDirectoryenablesyouto“harvest”theusersandcomputersthroughoutadomain.YoucansubsequentlyinstallVSAagentsautomaticallyoncomputerslistedinActiveDirectoryandcreateVSAusersandVSAusersbasedonActiveDirectoryadministratorcredentials.

16. SNMP Active:IftheSNMPiconisdisplayed,SNMPdevicesareincludedinthescheduledscan.

17. vPro Active:Thisoptionisavailableforwindowsonly.IfthevProiconisdisplayed,vPromachinesareincludedintheschedulescan.

18. Alert Active:IfcheckedLANWatchalertsareenabledforthisscan.

Agents


2.3.2 Install AgentsTheInstallAgentspage installs theagentonaremotesystemandcreatesanewmachine ID /group IDaccountforanynewmachinedetectedbyLANWatch.InstallAgentsremotelyinstallsthepackagescreatedusingAgents > DeployAgents.A list ofmachines with scan results is displayed when this page is firstdisplayed.ClickinganymachineIDdisplaysatablelistingallmachineswithahostname.Machineswithoutanagentdisplayinredtext.

Therearetwomethodsofselectingmachinestoinstallagentson:

1. AlistofmachinesisdisplayedonthispagethathaverunLANWatch.ClickinganyLANWatchmachinedisplaysalistingofalldiscoveredmachines.Machineswithoutanagentdisplayinredtext.2. YoucanalsoinstallanagentbyenteringanIPaddressorhostnamethatyouknowthediscoverymachinehasaccessto,evenifit’snotlistedonthepage.

Using the Same Operating System for Discovery and Agent InstallsWindows,Macintosh,andLinuxagentscandiscoverWindows,Macintosh,andLinuxmachinesonthesameLANusingLANWatch.Agent>InstallAgentscanonlyinstallagentson:

• WindowsmachinesiftheLANWatchdiscoverymachinewasawindowsmachine.• MacintoshmachineiftheLANWatchdiscoverymachinewasaMacintoshmachine.• LinuxmachinesiftheLANWatchdiscoverymachinewasaLinuxmachine.

Note:Macintosh agent install packages require a credential when usingAgent > InstallAgent, or wheninstallingagentsusingthe/s“silentinstall”switch.

Note:ForLinuxmachines,therootusernamealonewithoutahostnameordomainmustbeused.

Installing Agents on Selected Machines1. Enteraadministratorcredentialforthemachinesyou’veselected.

• Ifthetargetmachineisonadomain,theadministratorcredentialmustincludethedomain.Theusernamefieldmustbeintheformdomain\administratororadministrator@domain.Ifthetargetmachineisnotonadomain,thentheadministratorcredentialmustincludethehostnameintheformhostname\administrator.ForLinuxmachines,therootusernamealonewithoutahostnameordomainmustbeused.

2. Selectanagentinstallpackage.Theselectedagentinstallpackagemustbeappropriatefor:• WindowsmachinesiftheLANwatchdiscoverymachinewasaWindowsmachine.• MacintoshmachinesiftheLANWatchdiscoverymachinewasaMacintoshmachine.• LinuxmachinesiftheLANWatchdiscoverymachinewasaLinuxmachine.

3. ClickInstall.

Kconnect and SSHThefollowingtechnologiesareusedbyAgent>InstallAgentstoinstallagentsonremotesystemsafteraLANWatchscanisrunonthediscoverymachine.

• KconnectenablestheinstallationofagentpackagesonremotetargetsystemsrunningaWindowsoperatingsystem• SSH(akaSecureShell)isanetworkprotocolthatallowsdatatobeexchangedusingasecurechannelbetweentwonetworkeddevices.ThisprotocolisprimarilyusedonUnix-basedsystems,includingMacOSXandLinux.

• MacOSX10.3.9andabovemachinesmusthaveSSHRemoteLogininSystemPrefer-ences>Sharing>RemoteLoginenabledtosupporttheremoteinstallofMacintoshagentsusingInstallAgents.• OnLinuxsshdmustbeinstalledandenabled.ThisisnotenabledbydefaultinsomeLinuxdistributions.

• Avalidcredentialsetwithadministratorrightsisrequiredtosuccessfullyinstallanagentremotely.

Age

nts


Note:TheKcsSetupinstallerskipsinstallationifitdetectsanagentisalreadyonamachineifthe/eswitchispresentintheinstallerpackage.Theinstalleroverwritesinstallationifitdetectsanagentisalreadyinstalledonamachineifthe/rswitchispresentintheinstallerpackage.The/rswitchoverridesthe/eswitchifbothswitchesareincludedintheagentpackage.

Running KconnectWhenInstallAgentisrun,Kconnect.exeisdownloadedfromtheKServerintothec:\kworkingdirectoryandrunusingthefollowingcommandline.Youdon’thavetocreatethiscommandline.InstallAgentdoesitforyou.c:\kworking\kconnect \\hostname -u “adminname” -p “password” -c -f -d “c:\kworking\kcssetup.exe” > c:\kworking\LANInsAipAddr.txt

ThetermshostnameandipAddrrefertotheremotemachine.IftheagentisonadriveotherthanC:thentheworkingfilesarereferencedtothesamedrivetheagentisinstalledon.

Kconnect Error MessagesIfaremoteWindowsagentinstallationfailsforanyreason,theKServerpassesbacktheresultsreportedbyKconnect.exe.Typically,Kconnect.exeissimplyreportingOSerrorsthatitreceivedtryingtoexecuteacall.

Typical Reasons for Install FailureForageneralagent install issuesandfailuresreferAgents>DeployAgents> Install issuesandfailures.AdditionalissuesandfailurerelatedtoremoteinstallationofagentsusingInstallAgentsinclude:

• FileandPrinterSharingNotEnabled-VerifyFileandPrinterSharingisenabledonthetargetma-chine’sfirewallifthetargetmachine’sfirewallison.• BlockedbyNetworkSecurityPolicy

• Windows-Kconnect.execonnectstotheremotePCthroughtheRPCserviceandrunsasalocalaccount.RemoteaccesstothisserviceiscontrolledbyaLocalorDomainSecuritySetting.OpenLocalSecurityPolicy(partofAdministrativeTools).OpenLocalPolicies\Secu-rityOptions\Networkaccess:Sharingandsecuritymodelforlocalaccounts.ThepolicymustbesettoClassicforKconnect.exetooperateacrossthenetwork.• Macintosh-SSHcanbeblockedbyclientmanagementnetworkpolicies,whichareconfig-uredusingServerAdmininMacOSX10.4andlater.

• FailuretoConnect-TheRPCserviceisnotavailableonthetargetmachine.Forexample,XPHomedoesnotsupportRPC.Thispreventsanythingfromremotelyexecutingonthatbox.OnWin-dowsXPyoucanturnthisserviceonbyopeningWindowsExplorerandselectingTools-FolderOp-tion...-Viewtab.ScrolltothebottomofthelistanduncheckUsesimplefilesharing.TheXPdefaultconfigurationsareasfollows:

• XPProonadomain-RPCenabledbydefault.Usesimplefilesharingisunchecked.• XPProinaworkgroup-RPCdisabledbydefault.Usesimplefilesharingischecked.• XPHome-RPCdisabledalways.Usesimplefilesharingisnotavailable.

• NetworkPathNotFound-Ifyougetamessagesayingthatthenetworkpathcouldnotbefound,itmeansthattheadmin$shareisnotavailableonthatmachine.Theadmin$shareisadefaultsharethatwindowscreateswhenitboots,itispossibletoturnthisoffviathelocalsecuritypolicy,ordomainpolicy.IfyouwanttocheckthesharesonthatremotemachineyoucanuseKconnect.exetoretrievealistforyou.Typekconnect\\“netshare”.Checkthattheadmin$shareexistsandpointstoc:\win-dowsorc:\winntonolderoperatingsystems.• BlockedbyAnti-VirusProgram-Someanti-virusprogramsmayclassifyKconnect.exeandSSHassecuritythreatsandblockitsexecution.• InvalidCredential-Thecredentialmusthaveadministratorrightsonthelocalmachine.Theagentrequiresadministratorrightstoinstallsuccessfully.

• Ifthetargetmachineisonadomain,theadministratorcredentialmustincludethedomain.Theusernamefieldmustbeintheformdomain\administratororadministrator@domain.Ifthetargetmachineisnotonadomain,thentheadministratorcredentialmustincludethehostnameintheformhostname\administrator.ForLinuxmachines,therootusernamealonewithoutahostnameordomainmustbeused.• OnVista,7,and2008machines,ensureUserAccountControl(UAC)isdisabledforthe

Agents


administratorrightscredentialbeingused.• MacOS-MacintoshagentinstallpackagesrequireacredentialwhenusingAgent>InstallAgent,orwheninstallingagentsusingthe/s“silentinstall”switch.• Linux-LinuxmachinescredentialsmustusetherootuserontheInstallAgentspage.Em-beddingarootcredentialintheagentinstallpackageisunnecessaryforLinuxagentinstallpackagesusedontheInstallAgentspage.

SSH Not Installed or Enabled -MacOSX10.3.9andabovemachinesmusthaveSSHRemoteLogininSystemPreferences>Sharing>RemoteLoginenabledtosupporttheremoteinstallofMacintoshagentsusingInstallAgents.OnLinuxsshdmustbeinstalledandenabled.ThisisnotenabledbydefaultinsomeLinuxdistributions.

Installing Linux Agents Manually1. FromaLinuxmachineopenaFirefoxorChromebrowserinaGnomesessionandlogintothe

VSA.

2. DisplaytheAgent > Install Agents >Deploy Agentspage.

3. ClicktheClicktodownloaddefaultAgenthyperlinktobegindownloadingthethedefaultagentinstallpackage.ALinuxagentinstallpackagewilldownload.

Note:Alternately,youcancreateyourownLinuxpackagebypressingCreate Packageandsteppingthroughthewizard.

4. Oncethedownloadiscomplete,locatetheKcsSetup.shfileinthedownloaddirectoryoftheLinuxmachine.

Note:IfyouhavedownloadedKcsSetup.exeorKcsSetup.zip,youhavedownloadedthewronginstallfilebecausetheselectedinstallpackageisdedicatedtoWindowsorMacintoshinstalls.

5. Issuethefollowingcommandsasroot:#chmod+xKcsSetup.sh#./KcsSetup.sh

Theagentinstallsandstarts.LogintoyourVSAandviewthestatusoftheagent.

Forfurtherinformationseetheinstalllogfile,locatedat:/tmp/KASetup_<pid>.logwhere<pid>istheprocessidofthe./KcsSetup.shexecution.

Note:RunKcsSetup.sh-V-Dforverboseterminaloutput

Note:RunKcsSetup.sh-Xtosavethetempfilescreatedinthe/tmpfile.Savingthesefilesisusefulwhentroubleshootingafailedinstall.

6. AftertheLinuxagentisinstalled,loginandlogouttoseetheKaseyaagenticoninaGnomepanel.

Installing Linux Agents Using LAN Watch and Install Agents

1. ScheduleaLANWatchscanusinganexistingLinuxagentasthediscoverymachine.

2. InstallaLinuxagentonadiscoveredLinuxmachine,usingtheInstallAgentspage.

• EnterrootintheAdmin Logonfield.

• EnterthepasswordfortherootuserofthetargetedLinuxmachinesinthePassword field.

• SelectanagentinstallpackageintheSelect an Agent Package to installfield.

Age

nts


• CheckthecheckboxesnexttooneormoretargetedLinuxmachines,orentertheIPaddressornameofatargetedLinuxmachineintheundiscovered machine field.

• ClicktheSubmit button.

Uninstalling a Linux Agent Manually

A<install-dir>/bin/KcsUninstalleralwaysgetsinstalledwiththeagentandwillremovetheagent.Agentsaretypicallyinstalledtothe/optdirectory.

Issuethefollowingcommandsasroot:#./KcsUninstaller

Note:Runthecommand./KcsUninstaller-D-Vtouninstalltheagentwithverboseterminaloutput

Fig2.30belowshowsthegenericviewoftheInstallagentspage.theoptionsavailableonthispagearelistedandexplainedbelow.

1. Admin Logon Name:Theadministratornameusedtoremotelyaccesstheselectedmachine.TheAdminLogonNamemusthaveadministratorrightsontheremoteselectedmachine.Multipleaccountsmayhaveadministratorrightsonthesamemachine.Yourdomainadministratoraccountmaybediffer-entthanthelocaladministratoraccount.Toensureyouareusingthedomainaccount,enterthelogonnameusingthedomain\administratorformat.Ifthedomainisleftoff,thelocalaccountwillbeused.

2. Password:ThepasswordassociatedwiththeAdminLogonName.

3. Install:ClickInstalltoscheduleaninstallationoftheselectedinstallpackageonallselectedma-chines.

4. Cancel:ClickCanceltocancelexecutionofthistaskonselectedmanagedmachines.

5. Select a Windows Agent Package to Install:Selecttheagentpackagetoremotelyinstallonselectedmachines.ThesepackagesarecreatedusingAgents>DeployAgents.

6. IP address to install an undiscovered machine:EnteranIPaddresstoinstallagentonthatmachine.

Note: This feature allows you to install agent on a machine using the IP address within the network only.

Fig. 2.30: Install Agents page

Agents


7. Hide devices that match the MAC address of existing machine IDs:CheckthisboxtohideallmachinesonaLANwithaMACaddress*matchingtheMACaddressofanexistingmachineID/groupIDaccount.

8. Hide devices that match the computer names of existing machine in <machine ID>:CheckthisboxtohidemachinesthathaveacommoncomputernameinthissamegroupID.ALANWatchmaydiscoveramanagedmachinewithaseconddeviceusingadifferentMACIDthentheoneusedtoreporttotheKServer.Forexample,thesamemanagedmachinemayconnecttotheinternetusingdirectconnectionandhaveasecondwirelessconnectionwithadifferentMACID.Checkingthisboxhidestheseconddevicefromthislistsothatyoudon’tassumeyou’vefoundanewunmanagedma-chine.

9. Host Name:ThehostnameofeachdeviceontheLANdiscoveredbythelatestLANWatchscan.

10. IP Address:TheprivateIPaddressofeachdevicediscoveredbythelatestLANWatchscan.

11. MAC Address:TheMACaddressofeachdevicediscoveredbythelatestLANWatchscan.

12. Vendor:Thesystemmanufacturer.

13. Last Seen:ThetimeeachdevicewaslastdetectedbythelatestLANWatchscan.

2.3.3 View LANTheView LAN(Fig2.31)pagedisplaystheresultsofthelatestLANWatchscanrunonamachineID.Onlymachine IDswith returnedscandatacanbeselected.Clickanymachine ID todisplaya table listingallmachinesanddevicesfoundbyLANWatchrunonthatmachineID.Dataonlydisplays inthehostnamecolumnformachines,notdevices.Pagingrowscanbesortedbyclickingcolumnheadinglinks.

1. Host Name:ThehostnameofeachdeviceontheLANdiscoveredbythelatestLANWatchscan.Ahostnameonlydisplaysforcomputers.Hubs,switches,routers,orothernetworkappliancesdonotreturnahostname.

2. IP Address:TheprivateIPaddressofeachdevicediscoveredbythelatestLANWatchscan.

3. MAC Address:TheMACaddressofeachdevicediscoveredbythelatestLANWatchscan.

4. Vendor:Thesystemmanufacturer.

5. Last Seen:ThetimeeachdevicewaslastdetectedbythelatestLANWatchscan.

6. SNMP Info:SNMPidentifyinginformation

Fig. 2.31: View LAN page

MAC address: MACaddressistheuniquemediaaccesscontroller(MAC)identifierassignedtonetworkinterfacecards(NIC).

Age

nts


2.3.4 View AD ComputersTheViewADComputerspageshowsallcomputerslistedinanActive Directory*whenLANWatchrunsonasystemhostingActiveDirectory.ActiveDirectoryisadirectoryserviceusedtostoreinformationaboutthenetworkresourcesacrossadomain.ItsmainpurposeistoprovidecentralauthenticationandauthorizationservicesforWindowsbasedcomputers.AnActiveDirectorystructureisahierarchicalframeworkofobjects.Theobjectsfallintothreebroadcategories:resources(e.g.printers),services(e.g.e-mail)andusers(useraccountsandgroups).TheADprovidesinformationontheobjects,organizestheobjects,controlsaccessandsetssecurity.VSAcanreferenceinformationstoredinActiveDirectoryduringaLANWatch.ViewADComputerscanbeusedtoinstallagentsautomaticallyoncomputerslistedintheActiveDirectorybypolicyatcomputerstartup.

Usingthismethodhasthefollowingbenefits:

• Thispolicyensuresanagentisalwayspresentonamachineateveryreboot,eveniftheagentissubsequentlyremovedbyauser.• AgentscanbedeployedtoanentireADnetworkevenifVSAuserdoesnotknowthelocalcreden-tialsforeachcomputer.• ALANWatchscanperformedbyanADmachinediscoversallcomputersthataremembersofadomain,whetherthemachinesareonlineornot.

Summary ViewThesummaryviewofViewADComputerslistsalldomaincontrollersthathaverunLANWatchforallmachinegroups.

• Discovered By:ListsthemachineID.groupIDnamesofdomaincontrollersthathaveperformedaLANWatchscan.• Computers Found:Liststhenumberofcomputers,withorwithoutagents,listedinthedomaincontrollerdirectory.• Agents Installed:Liststhenumberofcomputerswithagentsthatarealsolistedinthedomaincontroller’sdirectly.

Details ViewThedetails viewofViewADComputersdisplays computers listed in activedirectory serviceshostedoncomputersthathaverunLANWatchwithinaspecifiedmachinegroup.

Installing Agents on Active Directory ComputersYoucanassociatean installpackagewithanADcomputer.This installsanagentpackagewhen theADcomputerreboots,unlesstheagentisalreadyinstalled.YoucanspecifytheagentpackageinstalledforeachADcomputer.

AsshowninFig.2.32,toassociateaninstallpackagewithanADcomputer:

1. CheckShow DetailsasshowninFig.2.32belowtodisplaytheCanonical Name*ofdiscoveredcomputersinthepagingarea.2. SelectanagentpackagefromtheSelect an Agent Package to install drop-downlist.3. ClickInstall Agent Policy.4. OptionallyclickUpdate Agent Policies tocopyachangedagentinstallpackagetotheADcom-puter.TheupdatedinstallpackagereplacesthecopyontheADcomputer.5. OptionallyselectanADcomputerandclickCanceltoun-associateaninstallpackagewithanADcomputer.

Active Directory:ActiveDirectoryisadirectoryserviceusedtostoreinformationaboutthenetworkresourcesacrossadomain

Canonical Name:TheprimarynameforanobjectinDNS.Eachobjectcanalsohaveanunlimitednumberofaliases.

Agents


2.3.5 View AD UsersTheView AD Users pagelistsallADusersdiscoveredbyLANWatchwhenLANWatchrunsonasystemhostingActiveDirectory.

UsingViewADUsers:• AgentscanbeautomaticallyinstalledoneachmachineanADuserlogsonto.• VSAuserslogonscanbecreatedbasedonADuserlogons.• PortalAccesslogonscanbecreatedbasedonADuserlogons.• Contact information can be extracted fromAD users and applied to the contact information formachineIDs.

Summary ViewThesummaryviewofViewADComputerslistsalldomaincontrollersthathaverunLANWatchforallmachinegroups.

• Discovered By:ListsthemachineID.groupIDnamesofdomaincontrollersthathaveperformedaLANWatchscan.• Computers Found:Liststhenumberofcomputers,with or without agents,listedinthedomaincontrollerdirectory.• Agent Installed:Liststhenumberofcomputerswith agentsthatarealsolistedinthedomaincon-troller’sdirectory.

Details viewThedetailsviewofViewADUsersdisplaysalistofActiveDirectoryusersondomaincontrollersthatranLANWatchwithinaspecifiedmachinegroup.Installing agents on any machine an AD User logs ontoYoucanassociateaninstallpackagewithanADUser.ThisinstallsanagentpackageonanymachineanADuserlogsonto,unlesstheagentisalreadyinstalled.Eveniftheagentissubsequentlyremovedfromamachine,theagentwillbere-installedthenexttimetheADuserlogson.YoucanspecifytheagentpackageinstalledforeachADuser.

AsshowninFig.2.33,toassociateaninstallpackagewithanADUser:1. SelectADuserslistedintheLogon NamecolumnofthepagingareaasshowninFig.2.33.2. SelectanagentpackagefromtheSelect an Agent Package to Installdrop-downlist.3. ClickInstall Agent Policy.4. OptionallyclickUpdate Agent PoliciestocopyachangedagentinstallpackagetotheADuser’scomputer.TheupdatedinstallpackagereplacesthecopyontheADuser’scomputer.5. SelectanADuserandclickCanceltoun-associateaninstallpackagewithanADuser.

Fig. 2.32: Installing agents

on active directory of a

computer.

Age

nts


Creating VSA Users Based on AD Users

VSAuserscreatedusingthismethodlogontoVSAusingtheirADdomain,username,andpassword.Thismeansusersonlyhavetomaintaincredentialsinasinglelocation,theActiveDirectory.

Note: If a VSA staff record is created based on an AD user, VSA staff record can only be changed in AD and not within VSA but can be done only in Active Directory.An AD user can only be associated with either a VSA user logon or a machine user logon but not both.

AsshowninFig.2.34,tocreateanewVSAuserbasedonanADuser:1. SelectanADuserslistedintheLogon NamecolumnofthepagingareaasshowninFig.2.34.2. SelectauserrolefromtheSelect Roledrop-downlist.3. SelectascopefromtheSelect Scopedrop-downlist.4. ClickCreate User.

YoucanconfirmthecreationofthenewVSAuserusingSystem>Users.VSAusernamesbasedonADusersareformattedasfollows:<domainname>|<username>.

Creating Portal Access Logons Based on AD Users

Portal AccesslogonscanbecreatedbasedonADusers.VSAuserscreatedusingthismethodcanlogontoVSAPortalAccessmenuusing theirADdomain,username,andpassword.Thismeanscredentialsonlyhavetobemaintainedinasinglelocation,theActiveDirectory.

Fig. 2.33: Associate n

install package with an AD

User

Fig. 2.34: Creating VSA

users based on AD Users

Agents


Note: If a Portal Access logon is created based on an AD user logon, the Portal Access username and password can only be changed in AD and not within VSA.An AD user can only be associated with either a VSA user logon or a Portal Access machine but not both.

As shown in Fig. 2.35, to create a new Portal Access logon based on an AD user:1. ClicktheunassignedlinkforanADuserlistedintheAssigned TocolumnofthepagingareaasshowninFig.2.35.2. SelectamachineID.groupIDaccountinthepopupwindow.Thepopupwindowcloses.3. SelectthecheckboxforthissameADuserintheleftmostcolumn.4. ClickCreate Machine Logon.

YoucanconfirmthecreationofthenewVSAuserusingAgent > Portal Access.

Creating Staff Members Based on AD Users

CreatestaffmemberrecordsbasedonADusers.IfADuserinformationischanged,thenVSAupdatesthecorrespondingstaffmemberrecordwiththeADuserinformation.Thismeansuserinformationonlyhastobemaintainedinoneplace,theActiveDirectory.

Note: If a VSA staff record is created based on an AD user, VSA staff record can only be changed in not be AD and not within VSA.

As shown in Fig. 2.36, to create new VSA Portal Access logon based on an AD user:1. SelectadepartmentfromtheSelect Departmentdrop-downlistasshowninFig2.36.2. SelectthecheckboxforanADuserintheleftmostcolumn.3. ClickCreate Staff Member.

Fig. 2.35: Creating portal access logons

basd on AD Users.

Age

nts


YoucanconfirmthecreationofthenewVSAuserusingSystem > Manage.

Converting Your VSA Logon to use your Domain Logon

YoucanconvertyourownVSAlogontouseyourdomainlogonasfollows:

1. OpentheSystem > Change LogonpageinVSA.2. EnteryourcurrentVSApasswordintheOld Passwordfield.3. Enteryoudomainanddomainlogonname,formattedallinlowercaseusingtheformatdomain/username,intheUsernamefield.4. EnteryourdomainpasswordintheNew Password / Confirm Passwordfields.

ThisenablesyoutologontoVSAusingyourdomainlogonandhaveyourVSAlogonnameandpasswordmanagedusingActiveDirectory.At thesame time,youcancontinue touseallyourpreviousVSAsharerights,proceduresandotherusersettings.

2.3.6 View vProTheView vPropagedisplayshardwareinformationaboutvPro-enabledmachinesdiscoveredwhilerunningLANWatch.Thisinformationisonlyavailableifamachine’svProcredentialisspecifiedbytheLANWatch.

TypesofhardwareinformationreturnedbythevPromachineinclude:• Agentcheck-instatus,ifthevPromachinehasanagentinstalled• ComputerInformation• MotherboardAssetInformation• BIOSInformation• ProcessorInformation• RAMInformation• HardDriveInformation

Note: vPro-enabled machines with a vPro credential can be powered up, powered-down or rebooted using Remote Control > Power Management. A vPro-enabled machine can be booted up using an ISO file using Remote Control > Remote ISO Boot.

Fig. 2.36: Create staff members

based on AD users.

Agents


2.4.1 Copy SettingsTheCopy SettingspagecopiesselectedsettingsfromasinglemachineIDtomultiplemachineIDs.YoucancopysettingsfromonlyonesourcemachineIDortemplateatatime.ButyoucancopydifferenttypesofsettingsfromdifferentsourcemachineIDsortemplatesinsuccession.

Copy Settings and Templates

MachineIDtemplatesareinitiallyusedtocreateanagentinstallpackageusingthetemplateasthesourcetocopysettingsfrom.Butevenafteragentsareinstalledonmanagedmachines,youmightneedtoupdatesettingsonexistingmachineIDaccountsasyourcustomerrequirementschangeandyourknowledgeofVSAgrows.Inthiscase,useAgent > Copy SettingstocopythesechangestoanynumberofmachinesIDsyouareauthorizedtoaccess.

Itisrecommendedtomakechangestoaselectedtemplatefirst,thenusingthattemplateasthesourcemachineIDtocopychangesfrom.ThisensuresthatyourmachineIDtemplatesremainthe“masterrepositories”ofallyouragentsettingsandarereadytoserveasthesourceofagentinstallpackagesandexistingmachineIDaccounts.

Procedure to copy settings

1. ClickSelectmachineIDtoselectthesourcemachinethatyouwanttocopythesettingsfrom.

2. SelectthesourcemachinefromthepopupwindowbyselectingtheappropriategroupID.

2.3ConfigureAgents

Fig. 2.37: Select Machine

ID.

Age

nts


3. OncethemachineIDisselected,asecondpopupwindowscreendisplaysthetypeofsettingsthatcanbecopied.SelecttheappropriatesettingsaccordingtotherequirementandclickDonetoaddsettingstotargetmachineswithoutreplacingexistingsettings.

4. SelectthemachineID’syouwanttoapplythesettingstoandclickCopy.

Fig. 2.38:Select source

machine

Fig. 2.39:Select settings and click done

Agents


2.4.2 Import/Export

TheImport / ExportpageimportsandexportsmachineIDaccountsettingsasXMLfiles,includingscheduledagentprocedures,assignedmonitorsetsandeventsets.Logdataisnotincludedintheimportorexport.YoucanuseImport/ExporttomigratemachineIDaccountsettings,includingmachineIDtemplates,fromoneKServertothenext.

To Export Machine ID Settings

1. ClicktheselectmachineIDlink.Amachineselectionpopupwindowdisplays.2. OptionallyfilterthedisplayofthemachineIDslistedusingthemachineID/groupIDfilter.ClickamachineIDlinktoexport.ThemachineIDyouselectednowdisplaysontheImport/Exportpage.3. ClickExport.ThepagedisplaysanXMLstatementoftheagentsettingsbeingexported.

ExporttheXMLstatementby:

• CopyingtheXMLtexttotheclipboard.• Right-clickingtheDownloadlinkandselectingtheSave Target As optiontosavetheXMLtextasanXMLfileonyourlocalcomputer.

To Import Machine ID Settings

• ClickChoose FileandbrowsetoselectanXMLfilerepresentingthesettingsofamachineIDac-count.TypicallytheseXMLfilesarecreatedbyexportingthemfromanotherKServer.• ClickImport.Asetofadditionaloptionsdisplays.• AcceptorspecifythenameofthemachineID.Anewoneiscreatedifthisnamedoesn’talreadyexistintheKServer.• AcceptorselectadifferentgroupID.• OptionallychecktheboxnexttoReplace existing data if this machine ID already exists.• OptionallychangetheemailnotificationaddressforallalertsdefinedforthismachineIDaccount.• ClickFinishtocompletetheimport.

2.4.3 SuspendTheSuspendpage(Fig.2.41)suspendsallagentoperations,suchasagentprocedures,monitoring,andpatching,withoutchangingtheagent’ssettings.Whensuspended,amachineIDdisplaysasuspendediconnexttoit.

Fig 2.40: Click copy

Age

nts


WhileamachineIDaccountissuspendedthemanagedmachinedisplaysagrayagenticoninthesystemtray.

1. Suspend:ClickSuspendtosuspendagentoperationsonselectedmachineIDs.

2. Resume:ClickResumetoresumeagentoperationsonselectedmachineIDs.

3. Machine.Group ID:ThelistofMachine.GroupIDsdisplayedisbasedontheMachineID/GroupIDfilterandthemachinegroupstheuserisauthorizedtoview.

4. Suspended:DisplaysSuspendedifthemachineIDissuspended.

2.4.4 Agent MenuTheAgent Menupagespecifiestheoptionsthatdisplayintheagentmenuofauser’smachine.Theuserdisplaystheagentmenubyright-clickingtheagenticoninthesystemtrayofthemanagedmachine.Thispagecanalsopreventtheagenticonfromdisplayingontheuser’smachine.Changesmadeusingthispagetakeeffectatthenextagentcheck-inanddisplayinredtextuntilthen.

Hiding the Agent Icon on the User’s Machine

Tohidetheagenticonontheuser’smachine,dothefollowing:

1. SelectoneormoremachineIDs.2. UnchecktheEnable Agent Icon checkbox.3. ClickUpdate.

Alltheothercheckboxsettingswillbedimmedtoindicatethatallagentmenuoptionshavebeendisabled.

Preventing the User from Terminating the Agent Service on the User’s Machine

If theExitoption isenabledonauser’smanagedmachine, theusercan terminate theagentserviceonthemanagedmachinebyselectingthisoption.Whentheagentserviceisstopped,themanagedmachinebecomesinvisibletoVSAusersandcannolongerreceivecommandsfromtheKServer.

ToremovetheExitoptionfromagentmenusonmanagedmachines:

1. SelectoneormoremachineIDs.2. UnchecktheExitcheckbox.3. ClickUpdate.

Fig 2.41: Suspend page

Agents


TheAgentMenupageisshowninFig.2.42andtheoptionsavailableforthismoduleare:

1. Checkboxes

• Enable Agent Icon -Checktodisplaytheagenticoninthesystemtrayofthemanagedmachine.Unchecktohidetheagenticonandpreventtheuseofagentmenuoptions.

• About <Agent>-ItisthetextappendedtothelabelfortheAboutoptionontheagentmenu.ChecktoenablethemachineusertoclickthisoptiontodisplaytheAboutboxfortheinstalledagent.Forexample,iftheAbouttitleisAgentthenthelabeloftheAboutoptiondisplaysasAgent.

• <Contact Administrator> -Checktoenablethemachineusertoclickthisoptiontodisplayeithertheuser’sPortal Access*pageoradifferentcontactURL.PortalAccessisaLiveConnectsessioninitiatedbythemachineuser.ThemachineuserdisplaysthePortalAccesspagebyclickingtheagenticononthesystemtrayofamanagedmachine.PortalAccesscontainsmachineuseroptionssuchaschangingtheuser’scontactinformation,creatingortrackingtroubletickets,chattingwithVSAus-ersorremotecontrollingtheirownmachinefromanothermachine.PortalAccesslogonsaredefinedusingAgent>PortalAccess.ThefunctionlisttheuserseesduringaPortalAccesssessionisdeter-minedbytheSystem>MachineRolespage.YoucancustomizePortalAccesssessionsusingtheSystem>Customize:LiveConnectpage.ThedefaultoptionlabelContactAdministratorcanbecustomized.ThetextdisplayedontheagentmenuforcontactingaVSAuser.

Example:ContactJohnDoe

• Custom Title-ThetextdisplayedontheagentmenuforcontactingacustomURL.Example:FloridaInternationalUniversity

• <Your Company URL> -ChecktoenablethemachineusertoclickthisoptiontodisplaytheURLspecifiedinthecorrespondingURLfield.

• Disable Remote Control -Checktoenablethemachineuserclickthisoptiontodisableremotecontrolontheuser’smanagedmachine.

• Set Account-ChecktoenablethemachineusertoclickthisoptiontodisplaytheirmachineID.groupID.organizationIDandchangetheKServeraddresstheagentchecksinto.

• Refresh-Checktoenablethemachineusertoinitiateanimmediatefullcheck-in.

• Exit-Checktoenablethemachineusertoterminatetheagentserviceonthemanagedmachine.

Fig. 2.42: Agent Menu

Age

nts


2. Update:Click UpdatetoapplyagentmenusettingstoselectedmachineIDs.


4. ACObSRx:ThiscolumnsummarizestheagentmenuoptionsenabledforamachineID.ACOb-SRxappliestothekeyboardshortcutsthatareusedtoaccesseachoptionintheagentmenu.Aletterindicatesthatoptiondisplaysintheagentmenu.A“-”indicatesthatmenuoptiondoesnotdisplayintheagentmenu.

A=AboutAgentC=ContactUserO=LaunchestheURLspecifiedintheURLfield.TheagentdisplaysthetextlistedinthefieldtotheleftoftheURLfield.b=DisableRemoteControlS=SetAccountR=Refreshx=Exit

5. Contact URL:TheURLtodisplaywhentheContactAdministratoroptionisselectedbythema-chineuser.ThedefaultURListhePortalAccesspage.AdifferentURLcanbeentered.

6. Custom URL:TheURLtodisplaywhenthisagentmenuoptionisselectedbytheuser.

2.4.5 Check-In ControlTheCheck-In ControlpagespecifieswhenandwhereeachagentshouldcheckinwithaKServer.Changesmadeusingthispagetakeeffectatthenextagentcheck-inanddisplayinredtextuntilthen.YoucanspecifytheprimaryandsecondaryKServernames/IPaddressesusedbytheagenttocheckin,thebandwidthconsumedbyanagenttoperformtasksandthecheck-inperiod.

Note: The primary and secondary KServer values and the minimum and maximum check-in periods are subject to the policies set using System > Check-in Policy. This prevents users from selecting settings that place undue stress on servers running the KServer service.Check-in Control information can also be maintained using the Agent Settings tab of the Live Connect and Machine Summary pages.

Migrating Agents from one KServer to Another

YoumaydecideforperformanceorlogisticalreasonstomigratemanagedmachinestoanewKServer.Thiscanbedoneatanytime,whetherornottheagentsarecurrentlycheckingin.

1. AttheoriginalKServer,setthePrimary KServer settingtopointtothenewKServeraddress.2. AttheoriginalKServer,pointtheSecondary KServer settingtotheoriginalKServer.3. AtthenewKServer,setboththePrimaryandSecondaryKServertopointtothenewKServer.4. WaitforalltheagentstosuccessfullycheckintothenewKServer.Atthattime,theoriginalKServercanbetakenoff-line.

Changing the Port used by Agents to Check into the KServer

1. SetthePrimary Port tothenewport.2. SettheSecondary Port totheoldport.3. Waitforthenewsettingstotakeeffectonalltheagents.4. DisplaytheSystem > Configure page.Enterthenewportnumberinthe Specify port Agents check into serverwitheditboxandclicktheChange Portbutton.

Agents


TheCheck-Incontrolpage isshown inFig.2.43 .The listofall theavailable functionssupportedby thismoduleare:


1. Primary KServer:EntertheIPaddressorfullyqualifiedhostnameofthemachineID’sprimaryKServer.ThissettingisdisplayedinthePrimaryKServercolumn.Kaseyaagentsinitiateallcommuni-cationwiththeKServer.ForthisreasontheagentsmustalwaysbeabletoreachthedomainnameorIP(InternetProtocol)addressassignedtotheKServer.ChooseanIPaddressordomainnamewhichcanberesolvedfromalldesirednetwork(s),bothonthelocalLANandacrosstheinternet.

Note: Although a public IP address may be used, Kaseya recommends using a domain name server (DNS) name for the KServer. This practice is recommended as a precaution should the IP address need to change. It is easier to modify the DNS entry than redirecting orphaned agents.

2. Primary Port:EntertheportnumberofeithertheprimaryKServeroravirtualsystemserver.ThissettingisdisplayedinthePrimaryKServercolumn.

Warning: Do NOT use a computer name for your server. The agent uses standard WinSock calls to resolve a fully qualified host name into an IP address, which is used for all agent connections. Resolving a computer name into an IP address is done by NETBIOS, which may or may not be enabled on each computer. NETBIOS is an optional last choice that the Windows will attempt to use to resolve a name. Therefore, only fully qualified names or IP addresses are supported.

3. Secondary KServer:EntertheIPaddressorfullyqualifiedhostnameofthemachineID’ssec-ondaryKServer.ThissettingisdisplayedintheSecondary KServercolumn.

4. Secondary Port:EntertheportnumberofeitherthesecondaryKServeroravirtualsystemserver.ThissettingisdisplayedintheSecondary KServercolumn.

5. Check-In Period:Enterthetimeintervalforanagenttowaitbeforeperformingaquickcheck-inwiththeKServer.Acheck-inconsistsofacheckforarecentupdatetothemachineIDaccount.IfarecentupdatehasbeensetbyaVSAuser,theagentstartsworkingonthetaskatthenextcheck-in.ThissettingisdisplayedintheCheck-In Periodcolumn.Theminimumandmaximumcheck-inperiodsallowedaresetusingSystem > Check-in Policy.

Note: The agent maintains a persistent connection to the KServer. As a result, quick check-in times do not effect response times from the agent. The quick check-in time sets the maximum time to wait before re-establishing a dropped connection. Setting all your machine’s quick check-in time to 30 seconds guarantees each agent recovers from a dropped connection within 30 seconds, assuming connectivity is successful.

Fig. 2.43: Checkin control

Age

nts


6. Bandwidth Throttle:BandwidthThrottlelimitstheagenttoconsumingamaximumamountofbandwidthonthesystemwiththiscontrol.Bydefaulttheagentsharesbandwidthwithallotherrunningapplicationssoyoutypicallydonotneedbandwidththrottleenabled.Disablebandwidththrottlebyenteringa0.

7. Warn if multiple agents use same account:TheKServercandetectifmorethanoneagentisconnectingtotheKServerandusingthesamemachineID.groupID.OrganizationID.Thisproblemcouldbecausedbyinstallinganagentinstallpackagepre-configuredwiththemachineIDonmorethanonemachine.Checkthisboxtoreceivenotificationsofmorethanoneagentusingthesameac-counteachtimeyoulogintotheKServerasauser.

8. Warn if agent on same LAN as KServer connects through gateway:IfyouaremanagingmachinesthatsharethesameLANasyourKServerthenyoumaygetthisalert.BydefaultallagentsconnectbacktotheKServerusingtheexternalname/IPaddress.TCP/IPmessagesfromtheseagentstravelthroughyourinternalLANtoyourrouter,andthenbacktotheKServer.Someroutersdoapoorjobofroutinginternaltrafficbackthroughthemselves.CheckthisboxtoreceiveanotificationwhentheKServerdetectsanagentmaybeonthesameLANbutconnectingthroughtherouter.

Note: Agents on the same LAN as the KServer should specify the internal IP address shared by both the agent and the KServer on the Check-In Control page.

9. Update:ClickUpdatetoupdateallselectedmachineIDswiththeoptionspreviouslyselected.

10. Bind to Kserver:Ifchecked,theagentisboundtoauniqueKserverID.Boundagentscannotcheck-insuccessfullyunlesstheuniqueKserverIDtheyareboundtousingtheAgent>Check-inControlpagematchestheuniqueIDassignedtotheKServerusingtheSystem>Configurepage.Alockiconinthepagingareasshowstheagentisbound.Tounbindagents,selectmachinesIDs,ensureBindtoKserverisuncheckedandclickUpdate.Thelockiconnolongerdisplaysforselectedmachines.


2.4.6 Working DirectoryTheWorking Directorypagesetsthepathtoadirectoryusedbytheagenttostoreworkingfiles.Dependingon the taskathand, theagentusesseveraladditional files.Theserver transfers these files toaworkingdirectoryusedbytheagentonthemanagedmachine.ForselectedmachineIDsyoucanchangethedefaultworkingdirectoryfromC:\kworkingtoanyotherlocation.

Warning:Do not delete files and folders in theworking directory.Theagent uses the data stored in theworkingdirectorytoperformvarioustasks.

Youcanprovide thisdirectory insecurityprograms,suchasviruscheckers, toallowoperationssuchasRemoteControlfrombeingblocked.ThegeneralviewoftheWorkingdirectorypageisshowninFig.2.44onthenextpageandtheoptionssupportedbythismoduleare:

Agents



1. Set:ClickSettosetselectedmachineIDsusetheworkingdirectorypreviouslyentered.

2. Set a path to a directory used by the agent to store working files:Enterthepathofthework-ingdirectoryusedbytheagentonthemanagedmachine.

3. Set as System Default:ClickSet as System Default tosetasystem-widedefaultfortheagentworkingdirectory.Thisoptiononlydisplaysformasterroleusers.

4. Machine.Group ID:ThelistofMachine.GroupIDsdisplayedisbasedontheMachineID/GroupIDfilterandthemachinegroupstheuserisauthorizedtoseeusingSystem>UserSecurity>Scopes.

5. Working Path:ThepathoftheworkingdirectoryassignedtothismachineID.OnaMacOSXsystem,ifthepathnamecontainsaspace,thenitmustbeprecededwithabackslash.Forexample:/tmp/name\with\three\spaces

2.4.7EditProfileTheEditProfilepagemaintainscontact information, the languagepreference for theagentmenuon theuser’smachineandnotesabouteachmachineID/groupIDaccount.Profileinformationcanbemaintainedinthreeotherplaces:

• ThecontactinformationintheEditProfilepagecanbeautomaticallypopulatedwhenanewac-countiscreatedusingtheAgent > Createpage.• VSAusersandmachineuserscanbothmaintaincontactinformationusingtheChange Profile tabintheLiveConnectorPortalAccesswindow.• VSAusersonlycanmaintainnotesandcontactinformationusingtheAgent Settings taboftheLiveConnectandMachineSummarypages.

Tochangeuseraccountssettings:

1. SelectamachineIDinthepagingarea.2. EnterNotes,AdminEmail,ContactName,ContactEmailandContactPhoneinformation.3. PressUpdate.

Fig.2.45belowshowsthegeneralviewoftheEditProfilepageandtheoptionsavailableforthismoduleare:

Fig. 2.44: Working Directory

Age

nts


1. Notes:NotesaboutamachineIDaccountcanbeenteredinthisfield.Helpfulinformationcanincludethemachine’slocation,thetypeofmachine,thecompany,oranyotheridentifyinginformationaboutthemanagedmachine.

2. Show notes as tooltip:Ifchecked,Edit Profilenotesareincludedaspartofthetooltipthatdis-playswheneverthecursorhoversoveramachineID’scheck-instatusicon.

3. Auto assign tickets: AutoassignatickettothismachineIDiftheTicketing > Email reader receivesanemailfromthesameemailaddressasthecontactemail.Applieswhennewemailscomeintotheticketingemailreaderthatdonotmapintoanyoftheemailmappings.

Note: If multiple machine IDs have the same contact email, then only one machine ID can have this checkbox checked.

4. Contact Name:Enterthenameoftheindividualusingthemanagedmachine.Thissettingisdis-playedintheContact Namecolumn.

5. Contact Email:Entertheemailaddressoftheindividualusingthemanagedmachine.ThissettingisdisplayedintheContact Emailcolumn.

6. Contact Phone:Enterthephonenumberoftheindividualusingthemanagedmachine.Thisset-tingisdisplayedintheContact Phonecolumn.

7. Admin Email:Entertheemailaddressoftheindividualresponsibleforadministeringsupporttothemanagedmachine.Thiscanbethemachineuser,butisoftensomeonewhoispartoftheITstaffofthecompanythatownsthemanagedmachine.ThissettingisdisplayedintheAdmin Emailcol-umn.

8. Language Preference:ThelanguageselectedintheLanguage Preferencedrop-downlistdeter-minesthelanguagedisplayedbyanagentmenuonamanagedmachine.ThelanguagesavailablearedeterminedbythelanguagepackagesinstalledusingSystem > Preferences.

9. Machine Role:ThemachineroletoapplytoselectedmachineIDs.MachinerolesdeterminethePortalAccessfunctionsavailabletothemachineuser.

10. Update:ClickUpdatetoupdateselectedmachineIDswiththeprofileinformationpreviouslyentered.

11. Machine.Group ID:ThelistofMachine.GroupIDsdisplayedisbasedontheMachineID/Group

Fig. 2.45: Edit Profile

Agents


IDfilterandthemachinegroupstheuserisauthorizedtoseeusingSystem > User Security > Scopes.

2.4.8 Portal AccessALiveConnectsessionrunbyamachineuseriscalledPortal Access.ThePortalAccesspagedefinesthelogonnameandpassword,bymachineID,requiredtouseLiveConnectasamachineuserremotely.

Accessing Portal Access Locally

MachineusersdonothavetologontoPortalAccesslocally.ClickingtheagenticoninthesystemtrayoftheirmachineinitiatesthePortalAccesssessionwithouthavingtologon.

Accessing the Portal Access Logon Page Remotely

AmachineusercandisplaythePortalAccesslogonpagefortheirownmachinefromanothermachineasfollows:

1. Browse to the http://your_KServer_address/access/ page, substituting the appropriate target KServernameforyour_KServer_addressintheURLtext.

2.LogonbyenteringtheusernameandpasswordassignedtothemachineID.TheusernameandpasswordisspecifiedusingtheAgent > Portal Accesspage.

ThePortalAccesspagedisplays.Themachineusercanclickanymenuoptionasthoughheorshewereloggedinfromtheirownmanagedmachine.Themachineusercanclickthedesktoporfiletransfermenuoptionstoinitiatearemoteconnectiontotheirownmachine,createorviewticket,orinitiateachat,iftheseoptionsareenabledbymachinerole.

Re-Enabling User Logons

Machineuser logonsfollowthesameSystem > Logon Policy asVSAuser logons.Ifauserattemptstologontoomanytimeswiththewrongpasswordtheiraccountwillautomaticallybedisabled.Youcanre-enablethelogonbysettinganewpasswordorwaitingforthedisableaccounttimetolapse.

TheoptionsavailableinPortalAccesspageareshowninFig.2.46andlistedbelow:

1. Logon Name:EntertheLogon Name theusermustusetologintoVSAtoinitiatechatsessions,enterorviewticketsand/orgetremoteaccesstotheirmachine.Logonnamesandpasswordsare

Fig. 2.46: Portal Access

Age

nts


casesensitive.Passwordsmustbeatleastsixcharacterslong.The Logon Namedefaultstothema-chineID.groupIDname.

2. Create Password, Confirm Password:Defineapasswordforthemachineuserlogon.Pass-wordsmustbeatleast6characterslong.ThemachineusercanchangethepasswordafterVSAuserassignsone.

3. Apply:ClickApplytoapplythePortalAccesslogonnameandpasswordtotheselectedmachineID.

4. Clear:PermanentlyremovethePortalAccesslogoncredentialfromtheselectedmachineID.


6. Logon Name:ThePortalAccesslogonnameassignedtothismachineID.

7. User Web Logon:DisplaysEnabledifaPortalAccesslogonnameandpasswordhasbeenas-signedtothismachineID.IndicatesthatamachineusercanlogintothePortalAccesspagefortheirownmachineremotelyusingawebbrowseronanyothermachine.

2.4.9 Set CredentialTheSet Credential page registers the credential required by an agent to perform user level tasks on amanagedmachine.Acredentialisthelogonnameandpasswordusedtoauthenticateauserorprocess’saccess to amachine or network or some other resource.Most agent tasks do not require a credential.Credentialsarespecificallyrequiredorreferencedbythefollowing:

• Patch Management-IfacredentialisdefinedforamachineID,thenPatchManagementinstallsallnewpatchesusingthiscredential.Therefore,SetCredentialshouldalwaysbeauserwithadminis-tratorrights.• Patch Status-PatchStatusresetstestresultseverytimeamachineID’sSetCredentialchanges.• FileSource-FileSourcemayrequireasetcredentialbedefinedforthemachineIDactingasthefileshare.• Patch Alert-SetupanalerttonotifyyouifamachineID’scredentialismissingorinvalid.• Office Source-TheagentmusthaveacredentialtoaccessthealternateOfficesourcelocation,incaseapatchisbeinginstalledwhennouserisloggedintothemachine.• If-Then-Else-TheUseCredentialcommandintheagentprocedureeditorrequiresacredentialbedefinedinSetCredentialtorunsuccessfully.• Image Location-IfaUNCpathisspecifiedinImageLocation,acredentialmustbedefinedusingSetCredentialthatprovidesaccesstothisUNCpath.Withoutthecredential,themachinewillnothaveaccesstotheimagelocationandthebackupwillfail.• View Definitions-IncludesaMachineswithCredentialstatusoptionthatallowsyoutofilterthedisplayofmachineIDsonanyagentpagebytheircredentialstatus.• Desktop Policy and Migration -Installingtheclientforthismodulerequiresacredentialbede-fined.

2.5 Upgrade version

Agents


Blank Passwords

Blankpasswordscanbeusedifthemanagedmachine’sLocalSecurityPolicyallowsblankpasswords.Onthemanagedmachine,opentheLocalSecurityPolicytoolinAdministrativeTools.NavigatetoLocalPolicies

-SecurityOptions.LookforapolicynamedAccounts: Limit local account use of blank passwords to console logon only.Thedefaultsettingisenabled.Changeittodisabledandacredentialwithablankpasswordwillwork.Fig.2.47belowshows thegenericviewof theSetCredentialpage.Theoptionssupportedby thismodulearelistedonthenextpage:

1. Username:Entertheusernameforthecredential.Typicallythisisauseraccount.

2. Password:Enterthepasswordassociatedwiththeusernameabove.

3. Domain• Local user account -Selectthisoptiontouseacredentialthatlogsintothismachinelocally,with-outreferencetoadomain.• Use machine’s current domain -Createacredentialusingthedomainnamethismachineisamemberof,asdeterminedbythelatestaudit.ThismakesiteasiertoSelect All andrapidlysetacommonusername/passwordonmultiplemachines,evenifselectedmachinesaremembersofdiffer-entdomains.• Specify domain -Manuallyspecifythedomainnametouseforthiscredential.

4. Apply:AssignthecredentialtoallcheckedmachineIDs.MachineIDswithassignedcredentialsdisplaytheusernameanddomainintheassociatedtablecolumns.

5. Clear:RemovethecredentialfromallcheckedmachineIDs.

6. Test:ClickTesttoverifywhetherausername/password/domaincredentialwillworkbeforeassign-ingittoamachineID.

7. Cancel:ClickCanceltocancelthetestingofausername/password/domaincredential.

Fig 2.47: Set credential

page

Age

nts


2.5.1 Update AgentTheUpdateAgentpage(Fig.2.48)schedulesmanagedmachinestobeupdatedwiththelatestversionoftheagentsoftwareattheagent’snextcheck-in.Updatingtheagentsoftwaremakesnochangestotheagentsettingsyouhavedefinedforeachagent.

.

1. Update Agent:ClickUpdate Agenttoscheduleselectedmachinestobeupdated.

2. Remind me at logon when agents need an update:Ifchecked,apopupwindowdisplayswhenVSAuserslogonifmanagedmachinesundertheircontrolneedtobeupdatedwiththelatestversionoftheagentsoftware.ThereminderonlydisplaysifatleastoneagentwithinVSAuser’sscoperequiresupdating.Userscandisablethisfeatureatlogontimeandcanre-activateitbyselectingthischeckbox.

3. Force update even if agent is at version x.x.x.x: Ifchecked,machinesselectedforupdateareupdatedwithnewfilestoreplacetheagentfilesonthemanagedmachine,eveniftheagentversioniscurrentlyuptodate.Thisperformsacleaninstallationoftheagentfiles.

4. After update run agent procedure <select agent procedure>:Selectanagentproceduretorunimmediatelyafteranagentupdatecompletes.Thiscapabilityletsyoure-applycustomizationstoanagentthatmaybelostafteranagentupdate.Typicallythesecustomizationsinvolvehidingorrenam-ingagentidentifiersonmanagedmachinessoastopreventusersfromrecognizingtheagentiseveninstalled.

5. Cancel Update:ClickCancel Updatetocancelapendingupdateonselectedmanagedmachines.

6. Machine.Group ID:Thelistofmachine.groupIDsdisplayedisbasedonthemachineID/groupIDfilterandthemachinegroupstheuserisauthorizedtoview.

7. Agent Version:Theversionoftheagentsoftwarerunningonthemanagedmachine.Versionnumbersinredindicatethattheversionontheagentmachineisnotthesameasthelatestversionavailable.

Fig 2.48: Update agent

page

2.5 Upgrade version

Agents


8. Update Agent Procedure:Theagentprocedureassignedtorunwhentheagentisupdated.

9. Last Update:Thedatetheagentwaslastupdatedonthemanagedmachine.Sincetheservermustwaitforthemanagedmachinetocheck-in,accordingtothecheck-inscheduleasspecifiedinAgent > Check-In Control,PendingdisplaysintheLast Updatecolumnuntilthenextcheck-inoc-curs.

2.6.1 File AccessTheFileAccess page (Fig 2.49) prevents unauthorized access to files onmanagedmachines by rogueapplicationsorusers.Anyapplicationcanbeapprovedordeniedaccesstothefile.

Note: You may also block operating system access to the protected file by blocking access to explorer.exe and/or cmd.exe. This prevents the file from being renamed, moved, or deleted therefore completely locking down the file from tampering.

1. Block:Toprotectafilefromaccessbyrogueapplications,enterthefilenameandclicktheBlockbutton.ThisdisplaystheFileAccesspopupwindow.

Thedialogpresentstheuserwithoneofthefollowingoptions:

• Filenametoaccesscontrol-Enterthefilenameand/oraportionofthefullpath.Forexample,add-ingafilenamedprotectme.doctothelistprotectsoccurrencesofprotectme.docinanydirectoryonanydrive.• New-Addinanewapplicationtotheaccesslist.YoucanmanuallyentertheapplicationorusetheSearchbuttontoselectanapplicationname.• Remove-Removesanapplicationfromtheapprovedaccesslist.• Search-SelectamachineIDtosearchthelistofapplicationsinstalledonthatmachineIDandse-lectanapplicationname.ThislistisbasedonthelatestauditperformedonthatmachineID.Youarenotactuallybrowsingthemanagedmachine.• Askusertoapproveunlisted-Letsusersapprove/denyaccesstothefileonaperapplicationbasiseachtimeanewapplicationtriestoaccessthatfile.Usethisfeaturetobuildupanaccesscontrollist

2.6 Protection

Fig 2.49: File Access

Age

nts


basedonnormalusage.• Denyallunlisted-Blocksanapplicationfromaccessingthefile.Selectthisoptionifyouarealreadysureofwhichfilesneedaccessandwhichdonot.

2. Unblock: RemoveanapplicationfromtheprotectionlistbyclickingtheUnblockbutton.ThisopensanewdialogboxlistingallprotectedfilesfortheselectedmachineIDs.Youcanremovefilesfromjusttheselectedmachineorfromallmachinescontainingthatfilepath.

3. Machine.Group ID: ThelistofMachine.GroupIDsdisplayedisbasedontheMachineID/GroupIDfilterandthemachinegroupstheuserisauthorizedtoview.

4. Filename:Filenameofthefiletobeblocked.Clicktheediticonnexttoanyfilenametochangefileaccesspermissionsforthatfilename.

5. Approved Apps:ListsapplicationsapprovedtoaccessthefilesonthemachineID.

6. Ask User Approval:Ifchecked,theuserofamachineIDisaskedtoapprovefileaccessifanunapprovedapplicationattemptstoaccessthefile.

2.6.2 Network AccessThe Network Access page lets you approve or deny TCP/IP-protocol-based network access on a perapplicationbasis.Userscanalsobenotifiedwhenanunlistedapplicationaccessesthenetwork,permittingordenyingthatapplicationnetworkaccess.Typicallythisfunctionisusedtocontrolaccesstointernalandexternalinternetsites,butcanincludeinternalLANtrafficthatalsousestheTCP/IPprotocol.

Warning:ApplicationsthatdonotusetheWindowsTCP/IPstackinthestandardwaymayconflictwiththedriverusedtocollectinformationandblockaccess,especiallyolderlegacyapplications.

ThefunctionsoftheNetworkAccesspageislistedinFig2.50

1. Notify user when app blocked: ClickEnabletonotifytheuserwhenablockedapplicationat-temptstoaccessthenetwork.Usethisfunctiontobuilduptheaccesslistbasedonnormalusage.Thisletsyouseewhichapplicationsonyoursystemareaccessingthenetworkandwhen.

Oncethisoptionisenabled,oneofthefollowingoptionsmustbechosen:

• Always-Allowstheapplicationaccesstothenetworkindefinitely.Userswillnotbepromptedagain.• Yes-Allowstheapplicationaccesstothenetworkforthedurationofthesession.Userswillbe

Fig 2.50: Network Access

Agents


promptedagain.• No-Deniestheapplicationaccesstothenetworkforthedurationofthesession.Userswillbepromptedagain.• Never-Deniestheapplicationaccesstothenetworkindefinitely.Userswillnotbepromptedagain.

2. Enable/Disable driver at next reboot: Enable/Disablethenetworkaccessprotectiondriverforanagent.ApplicationsthatdonotusetheWindowsTCP/IPstackinthestandardwaymayconflictwiththisdriver,especiallyolderlegacyapplications.Theagentcannotmonitornetworkstatisticsorblocknetworkaccessifthisdriverisdisabled.

Driver

Thisdriverfunctionneedstobeenabledtoblocknetworkaccessandmonitornetworkbandwidthstatistics.Thedriverisdisabledbydefault.ThisdriverinsertsitselfintotheTCP/IPstacktomeasureTCP/IP-protocol-basednetworktrafficbyapplication.

Todeterminewhichapplicationsshouldbeapprovedordeniednetworkaccess,usetheNetworkStatistics*reporttoviewnetworkbandwidthutilizationversustime.Ithelpsyouanalyzeandidentifypeakbandwidthconsumersbyclickingthegraph’sdatapoints.

Note: Network Statistics will be covered in the Info center chapter later on. Info Center > Reports > Logs > Network Statistics Log

3. Apply Unlisted Action:Anunlistedapplicationisonethathasnotbeenexplicitlyapprovedorde-niedaccesstothenetwork.Selecttheactiontotakewhenanunlistedapplicationattemptstoaccessthenetwork.• Askusertoapproveunlisted-Aconfirmationdialogboxdisplaysifanunlistedapplicationattemptstoaccessthenetwork.• Approveallunlisted-Theunlistedapplicationisgrantedaccesstothenetwork.• Denyallunlisted-Theunlistedapplicationisdeniedaccesstothenetworkandtheapplicationisclosedonthemanagedmachine.

4. Machine.Group ID: ThelistofMachine.GroupIDsdisplayedisbasedontheMachineID/GroupIDfilterandthemachinegroupstheuserisauthorizedtoview.

5. Notify User: AgreencheckmarkintheNotifyUsercolumnindicatesthatthemanagedmachineuserisnotifiedwhenanapplicationattemptstoaccessthenetworkthathasbeendeniednetworkac-cess.

Tonotifytheuserwhenaapplicationhasbeendenied:• SelectmachineIDs.• ClicktheEnablebuttonforNotifyuserwhenappisblocked.

Toremovethisnotification:• SelectmachineIDsthatdisplayagreencheckmarkintheNotifycolumn.• ClicktheDisablebuttonforNotifyuserwhenappisblocked.

6. Enable Driver: IdentifiesonapermachineIDbasis,whichmachineshavethenetworkprotectiondriverenabledornot.

7. Unlisted Action: DisplaystheUnlistedActiontotakewhenanunlistedapplicationattemptstoac-cessthenetwork.SeeApplyUnlistedActionabove.

8. Approved Apps / Denies Apps• Approvedapplicationsarelistedinthefirstrow.• Deniedapplicationsarelistedinthesecondrow.• IftheApproveallunlistedradiooptionisselectedandappliedtoamachineID,thentheapproved

Age

nts


applicationlistisreplacedbythephraseApproveAllUnlisted.• IfDenyallunlistedradiooptionisselectedandappliedtoamachineID,thenthedeniedapplicationlistisreplacedbythephraseDenyAllUnlisted.

Toapproveordenynetworkaccesstooneormoreapplications:

1. CheckthecheckboxnexttooneormoremachineIDsintheMachine.GroupIDcolumnasshowninFig2.51

ClickthelinkofanymachineIDintheMachine.GroupIDcolumn.ItdoesnothavetobethemachineIDyouchecked.ThisdisplaystheApplicationListpopupwindow,listingallapplicationsinstalledonthatmachineID.ThelistisbasedonthelatestauditthatwasperformedforthatmachineID.

2. SincethelistintheApplicationList(Fig2.52)windowmaybelarge,youcancontroltheapplica-tionsdisplayedbyclickingFiltertofilterthelist.3. Checkthecheckboxesnexttotheapplicationnameyouwishtoapproveordenynetworkaccessto.4. YoucanalsoenterapplicationnamesintheAddapplicationsnotfoundbyaudithereeditfield,toidentifyapplicationsnotlisted.5. ClicktheSelectbuttontoconfirmyourselectionsandclosetheApplicationListwindow.These-lectedapplicationsnowdisplayatthetopofthepage.

6. ClickApproveAppsorDenyApps(Fig2.53).TheapplicationsselectedintheApplicationListwin-dowareaddedfromtheApprovedApps/DeniedAppscolumn.

Fig 2.51

Fig 2.52

Agents


ToremoveapproveanddenysettingsforoneormoremachineIDs• CheckthecheckboxnexttooneormoremachineIDsintheMachine.GroupIDcolumn.• ClicktheRemoveAppsbutton.

2.6.3 Application BlockerTheApplicationBlocker (Fig2.54)pagepreventsanyapplication fromrunningonamachine ID.Blockedapplicationscannotberenamed,moved,ordeletedfromthesystem.

1. Block:Toblockanapplicationfromrunningonamachine:

1. SelectoneormoremachineIDs.OnlymachineIDscurrentlymatchingtheMachineID/GroupIDfilteraredisplayed.2. Entertheapplication’sfilenameintheeditbox.

Theapplicationcanbe referencedby filenameand/oraportionof the fullpath.Forexample,addinganapplication named blockme.exe to the list, prevents all occurrences of blockme.exe, on any directory oron anydrive, from running.Addingmyfolder\blockme.exeprevents occurrencesof the application in anydirectorynamedmyfolderfromrunning.

Fig 2.53

Fig 2.54: Application

Blocker

Age

nts


3. ClicktheBlockbutton.4. TheblockedapplicationdisplaysintheApplicationcolumnbesidetheselectedmachineIDs.

2. Unblock: Tounblockanapplicationfromtheblockedlist:

1. SelectoneormoremachineIDsthatshowblockedapplicationsintheApplicationcolumn.2. ClicktheUnblockbutton.ThisopensaFileAccesspopupwindowlistingallblockedapplicationsfortheselectedmachineIDs.3. Clickoneormoreblockedapplications.4. ClicktheUnblockbutton.Thewindowcloses.5. TheblockedapplicationnolongerdisplaysintheApplicationcolumnbesidetheselectedmachineIDs.


4. Application:Filenameoftheapplicationbeingblocked.

Note: If multiple agents are installed on a machine, only one agent at a time controls the drivers required to use File Access, Network Access, Application Blocker. These functions can only be performed by the agent controlling these drivers.

Agents


Date post:	06-Sep-2018
Category:	Documents
Upload:	vukhanh
View:	213 times
Download:	0 times

Agents - School of Computing and Information Sciencesusers.cis.fiu.edu/~sadjadi/Teaching/IT...

Documents