Versions Compared
Key
- This line was added.
- This line was removed.
- Formatting was changed.
PROVCONNECT DETAILED FEATURE LIST
Table of Contents |
---|
Basic features
Warning |
---|
Features not supported on Linux or Raspbian OS are clearly indicated with this logo: |
Features
Description
Supported Devices - Native
- PC, Thin clients, Tablets, laptops, POS, kiosks, digital signage, intelligent systems (IoT)
- Embeded devices (black boxes, embedded PCs etc…)
- Attached peripherals (depending on the peripheral - integration work may be needed)
Supported Devices - with custom integration
- Peripherals or specific features (IoT): humidity sensor, accelerometer etc…
Interface with the IT systems
- interface with the Ticketing systems (through email inbounds format) or through a custom API (This can be done with specific custom development)
Supported client OS
- Windows: XP, 7, 8, 10 (embedded or not so including POS ready)
- Linux (Ubuntu version 18.04 and above, Mac OS) , Other Linux OS support can be added with on demand (centos, redhat, Fedora, etc…)
- Raspbian
- Android (expected 20222023)
- iOS (expected 20222024)
Architecture - communication and Security
Features
Description
Agent
- Windows: .Net framework 2.0 for old OS (XP); .Net framwork 4.6 (win7 and above);
- Linux: .Net Core 3.1 (Linux and Mac OS)
- RAM Load: 7 to 25MB
- Pulse: a few kb
- Pulse frequency: configurable but the broker MQTT WanPulse Instant Synchronization Module (WISM) allows immediate pulse so by default the pulse can be is set at 1 hour or more 4 hours without any impact of the reactivity (30 seconds)
- Remote Update
- Native management of the Windows write filters (for embedded OS including IoT)
Server (Manager)
- Supported OS: Windows 2012 R2 and above
- VM supported
- .Net framework 4.6
- MS IIS 7 and above (Internet Information service)
- Data Base : Microsoft SQL server
- Hosting: SaaS or On premise
- Supported languages: French and English (possible other languages on demand)
- Web based system
Communication
- single direction from agent to server (no port in listening mode on the end point)
- Communication protocol: https
- MQTT WISM for the pulse on demand
- See attached graph /wiki/spaces/CRWP/pages/589869 (on prem, all ports can be configured)
Security
- SSL certificate authentification (agent server)
- Self signed certificated supported but not recommanded. Note that the Remote control is impossible when using a self signed certificate
- TLS1.2 between agent and server when using the .Net 4.6 and .Net Core agents. Not superted with .Net 2.0 agents for XP.
Device lock-down
- Centralised critical features lock-down through proVlocker (restrict access to specific apps, to control pannels, etc...)
- Restrict access to specified disks and partitions
- Very simple lock-down solution, without the need for active directory and complex GPO scripting)
- Lock USB ports or restrict access to mass-storage devices (or only allows read-only)
Authentification
- Local accounts
- Active Directory
Inventory
Note |
---|
|
Features
Description
Hardware Inventory
- HDD (total size, free size, manufacturer, model, SMART status, serial number)
- RAM (total size, free size, type, no. of slots)
- Partition (letter name, volume name, total size, free size, file system)
- Bios (serial number, manufacturer, model, version, date)
- Motherboard (manufacturer, model, serial number)
- Network cards (name, Mac address)
- Processor (type, speed, no. of cores)
- Video card (name, chipset, memory, resolution)
- Monitor (serial number, description, legend, type)
- Sound devices (manufacturer, name, description)
- Port connector (type, interface)
- Controlers (manufacturer, caption, description, Name)
- Peripherals (opos: name, port used , driver, status)
Software Inventory
- OS Name
- Service Packs
- OS Fixes (installed KB) - Patch assessment
- OS ID
- Installed applications (Name, Publisher, install date, version)
System Inventory
- Host name
- IP address
- Process
- Services
- Last contact to the server
Custom Inventory
- Get specific information through the dynamic tags (e.g. battery level, a peripheral status, an accelerometer value, a powershell script value or any command result, the content of a file, a registry key presence or value etc…)
Grouping
Features
Description
Grouping / device organisation
- Static groups (drag and drop manually)
- 7 levels of subgroups
- Organisational Units collected from the AD
- Dynamic groups (based on the selected inventory value: manufacturer, processor type, processor core number, OS type, OS architecture, presence of an application, custom script or WMI command result etc…)
Management
Features
Description
Remote tasks
- Software distribution (install or remove applications)
- Install complex packages built with package builder (pre and post install scripts etc.…)
- Task planning (specific date and time, recurrence etc.…)
- CRON task planning
- Execution of commands (custom or in the command list)
- Complete OS management: change registry keys, start and stop services, create partitions, launch commands or scripts, launch or kill applications (through execution of a command for Linux OS)
- complete device configuration: keyboard, mouse, display, network, proxy, NTP, time zone, hostname, domain, environment variables (through execution of a command for Linux OS)
- Device security configuration: Windows account, password changes, USB lock down, certificate deployment (through execution of a command for Linux OS)
- Device interaction: send popup messages, request remote authorization from POS user; auto launch application (full screen, replace shell etc..), launch commands, switch screen ON or OFF, reboot or restart device, turn OFF or turn ON (via WoL) (through execution of a command for Linux OS)
- Install apps (silent mode or not, via our package builder), remove apps, deploy files (any file or script anywhere in the remote device) retrieve files (log files or standard files)
- All commands executed silently and with admin rights
File transfer
- Direct with https
- Transfer possible in both ways (push / pull)
Monitoring
Automatic incident detection and resolution
Features
Description
Monitoring: Automatic incident detection
- Hardware alerts (temperature, HD SMART status etc…)
- Software alerts (process, services etc…)
- System alerts (registry key change or existance etc..)
- Security alerts (antivirus, firewall, etc…)
- Health alerts (RAM overconsumption, CPU overload, low free space on disk)
- Custom alerts (on a script result or WMI command for example)
- Custom alters based on plugins (fan speed, voltage drops, humidity sensor, accelerometer etc...)
Alerts type
- Dashboard visualization
Monitoring: Automatic incident resolution (preventive maintenance)
- Automatic corrective task execution (no need for human intervention)
- Remediation tasks customizable (restart or kill process or service, clean temp files, backup launched based on an event, reactivate firewall, etc...)
- No trafic with the console. The agent automatically runs the maintenance task that has been pre-loaded with the monitoring rule
- Drastic decrease of level 1 supports (thousands of calls avoided)
- Very quick ROI
- Stop unwanted processes
- Delete unwanted files (AVI or mpeg files in a specific folder for example)
Peripheral status monitoring
- Printers, cash drawer, line display etc.. (natively or by custom development)
Online / offline Monitoring
Features
Description
Online - offline end point alerting
- Automatic alerts when an end point is offline
- Alert generated for defined time within a specific time frame
- Time frame specification customizable for each day of the week
Alerts type
Compliance
Note |
---|
|
Features
Description
Compliance checking principle
- Create and customize compliance profiles (hardware, sofware, system)
- Check and follow compliance of the end points in realtime
- Get global compliance on the dashboard
Hardware compliance
- Computer (manufacturer, model, serial number)
- Bios (date, manufacturer, model, serial number, version)
- Mother board (manufacturer, model, serial number)
- Processor (architecture, cores quandtity, frequency, manufacturer, model)
Hard Disk and cards compliance
- Network (adapter name, dhcp, dns, dns auto, domain, gateway, IP status, Mac address, NetMask, network address, secondary DNS, setting ID, speed)
- Memory (RAM total size, ram size, ram type)
- Disk (description, manufacturer, model, name, size, status, type, total size)
- Partition (file system, free space, letter, size, type, volume name)
- Video card (chipset, memory, model, resolution Serial number)
Peripherals compliance
- Monitor (build date, description, type)
- Pointing device (description, interface, manufacturer, model, type)
- Keyboard (caption, description, type)
- Printer (driver, model, port, ready)
- Sound device (manufacturer, model)
Software and operating system compliance
- installed applications (date, description, name, publisher, version)
- Installed QFEs (description, hotfix number, installed by, installed date) - patch assessment
- Operating system (architecture, build number, information, name, product identifier)
- Device security (antispyware, antivirus, auto-update, firewall, internet settings, UAC control)
Manager Configuration compliance
- Device group (static group)
- Monitoring rule (monitoring rules and incidents)
- Static and automatic tags values (all tags values and contents)
Automatic configuration (Staging)
Features
Description
Automatic policies / automatic configuration principle
- Automatic configuration of the device based on defined criteria
- Help for deployment of the devices, reduce configuration errors, increase deployment efficiency
- Drastically reduce logistics costs
- Automatic staging
- Guarantees compliance of the device (erases any customisation mistakes)
Automatic policies options
- If a device joins a group then: play a predefined task (refer to "remote tasks" section in this document) or apply a monitoring rule (refer to "monitoring" in this document)
- If an inventory data of the device is equal or contains, does not contain, different from, starts with, does not start with, ends with or does not end with, then: move into a group or play a predefined task (refer to "remote tasks" section in this document) or apply a monitoring rule (refer to "monitoring" in this document)
- Automatic policies can also be applied as soon as a device is enrolled (zero touch configuration)
Health and Security
Features
Description
Health & security principle
- All status are updated in real time
- All information gets stored on the server so it is available even for offline devices
Device Health
- Used disk space
- Average CPU consumption
- Average RAM consumption
Device Security
- Antispyware status
- Antivirus status
- Auto-update status
- Firewall status
- Internet settings status
- UAC control status
Secure Remote Control
Features
Description
Remote session control
- Based on Ultra VNC
- Reverse process (no need to have a listening port open)
- Secure SSL stream from device to server
- Secure websocket from admin console to the server
- Complete control over the session routing - routing of the session is done through the proVconnect server (no external server used for routing the session like in products such as Teamviewer)
- direct RDP connection
- direct Teamviewer connection
- Remote secure shell - SSH
Remote Windows Explorer
Features
Description
- File exploration
- Browsing the folders of the remote end point
- Allows you to select files to download
- Allows you to drop files into folders
- No interference with the current user session
Remote Wake-on-Lan (WoL)
Features
Description
- Direct wake-up of the endpoints if the proVconnect server is on the same LAN
- Wake up of endpoints located on a remote LAN by using an endpoint online on the remote LAN to wake up all other devices on the same LAN
- Need to activate the WoL in the BIOS of the endpoints to be woken up
Patch Management
Features
Description
Operating Systems Patch Management
- Full patch availability listing
- Patch severity classification
- Patch history
- Identification of the missing patches
- Identification of the critical updates
- Easy to understand dashboard
Windows Firewall Management
Features
Description
Full Windows Firewall Configuration
- Create new firewall rules
- Duplicate rules from one device to another
- Delete firewall rules
- Activate or disable rules
- Full ports control (open and close)
- Prevent or authorize specific apps from opening ports
- Manage protocols
Reporting
Features
Description
Reporting and data exports
- Reporting on all inventory data and task results (deployment, task results etc..)
- Any inventory data can be displayed on the main console full customization
- Reporting formats (CSV, Jason, XML, Webservices)
Plugins extensions
Features
Description
Plugin design and developments
- Plugin development for custom feature
- Based on API or SDK, possibility to develop additionnal monitoring features (accelerometer, special electronic card data, humidity sensor, paper presence in printer, voltage drops, raid controlers, etc…)
- Our development team will develop plugins based on specifications
Other
Features
Description
Other
- Very network bandwidth efficient (pulse on demand) MQTT broker ) WISM (WanPulse Instant Synchronization Module) allows the trigger of the pulse on demand and therefore to set the default pulse with long delays and therefore drastically low default network load.
- Possibility to control the bandwidth used during a deployment (QoS)
- Supports management of 20 000+ devices
- Modular solution (through plugins)
- Plug & play: very simple to use, very low training required
- Very reactive software vendor (we can develop a specific plugin in a few weeks and we can assist the customer in creating scripts or collecting specific data for reporting)
- Multi-user access to the console (with different level of administrator rights on features and on groups of devices)
- Application Agent - server communication evaluated by ANSSI (French National agency for security of the information systems) in the context of the development of a cybersecurity product based on proVconnect with Thales
- Very clear roadmap: patch management, remote imaging, security audit (open ports, TLS1.2, admin rights);
- Complete ownership of the source codes by WanPulse