Basic features
Architecture - communication and Security
| Features | Description |
| Agent | - .net framework 2.0 for old OS (XP); .net framwork 4.6 (win7 and above); .net Core (Linux and Mac OS) - RAM Load: 7 to 25MB - Pulse: a few kb - Pulse frequency: configurable but the broker MQTT allows immediate pulse so pulse can be set at 1 hour or more without any impact of the reactivity (30 seconds) - Remote Update - Native management of the Windows write filters (for embedded OS including IoT) |
| Server (Manager) | - Supported OS: Windows 2012 R2 and above - VM supported - .net framework 4.6 - MS IIS 7 and above (Internet Information service) - Data Base : Microsoft SQL server - Hosting: SaaS or On premise - Supported languages: French and english (possible other languages on demand) - Web based system |
| Communication | - single direction from agent to server (no listening mode) - Security (certificate required) - Communication port: https - See attached graph (on prem, all ports can be configured) |
| Security | - SSL certificate authentification (agent - server) - Self signed certificated managed but not recommanded - Remote control impossible with self signed certificate - TLS1.2 between agent and server (if no XP devices managed and exclusive use of .net 4.6 and .net Core agents) |
| Device lock-down | - Centralised critical features lock-down through proVlocker (restrict access to specific apps, to control pannels, to the system of the device etc...) - Restrict access to specified disks and partitions - Very simple lock down solution - no need for active directory and complex GPO scripting) - USB lockdown or restrict access to mass-storage devices (or only allows read-only) |
| Authentification | - Local accounts - Active Directory |
Inventory
| Features | Description |
| Inventory - Hardware (automatic collection, stored on the sql and always uptodate); refresh at each reboot or at the defined frequency | - HDD (total size, free size, manufacturer, model, smart status, serial number) - RAM (total size, free size, type, nb of slots) - Partition (letter name, volume name, total size, free size, file system) - Bios (serial number, manufacturer, model, version, date) - Motherboard (Manufacturer, Model, Serial number) - Network cards (Name, Mac address) - Processor (Type, speed, nb of cores) - Video card (Name, Chpset, Memory, Resolution) - Monitor (serial number, description, legend? type) - Sound devices (Manufacturer, name, description) - Port connector (type, interface) - Controlers (manufacturer, caption, Description, Name) - Peripherals (Opos: Name, port used , driver, status) |
| Inventory - Software (automatic collection, stored on the sql and always uptodate); refresh at each reboot ar at the defined frequency | - OS Name - Service Packs - OS Fixes (installed KB) - OS ID - Installed applications (Name, Publisher, instal date, version) |
| Inventory - System (automatic collection, stored on the sql and always uptodate); refresh at each reboot ar at the defined frequency | - Host name - IP address - Process - services - Last contact to the server |
| Inventory - Custom | - Get specific information through the dynamic tags (can be a battery level, a peripheral status, an accelerometer value, a powershell script value or any command result, the content of a file, a registry key presence or value etc…) |
Groupping
| Features | Description |
| Grouping / device organisation | - Static groups (drag and drop manually) - 7 levels of subgroups - OU inherit from the AD - Dynamic groups (based on the selected inventory value: manufacturer, processor type, processor core number, OS type, OS architecture, presence of an application, custom script or WMI command result etc…) |
Management
| Features | Description |
| Remote tasks | - Software distribution (install or remove applications) - Install complex packages built with package builder (pre and post install scripts etc…) - Task planning (specific date and time, recurence etc…) - Cron task planing - Execution of commands (custom or in the command list) - Complete OS management: change registry keys, start and stop services, create partitions, launch commands or scripts, launch or kill applications - complete device configuration: keyboard, mouse, display, network, proxy, NTP, time zone, Hostname, Domain, environment variables) - Device security configuration: Windows account, pasword changes, USB lock down, certificate deployment - Device interaction: send popup messages, request remote autorisation from POS user; auto launch application (full screen, replace shell etc..), launch commands, switch screen ON or OFF, reboot or restart device, turn OFF or turn ON (via WoL) - Install apps (slient mode or not via our package builder), remove apps, deploy files (any file or script anywhere in the remote device) retreive files (log files or standard files) - All commands executed silently and with admin rights |
| File transfer | - Direct with https - Distributed download (if activated): torrent technology - Transfer possible in both ways (push / pull) |
Monitoring
Automatic incident detection and resolution
| Features | Description |
Monitoring: Automatic incident detection | - Hardware alerts (temperature, HD smart status etc…) - Software alerts (process, services etc…) - System alerts (registry key change or existance etc..) - Security alerts (antivirus, firewall, etc…) - Health alerts (RAM overconsumption, CPU overload, low free space on disk) - Custom alerts (on a script result or WMI command for example) - Custom alters based on plugins (fan speed, voltage drops, humidity sensor, accelerometer etc...) |
| Alerts type | - Email - Visualized on the main console |
| Monitoring: Automatic incident resolution (preventive maintenance) | - Automatic corrective task execution (no need for human intervention) - remediation tasks customizable (restart or kill process or service, clean temp files, backup launched based on an event, reactivate firewall, etc...) - No trafic with the console. The agent automatically runs the maintenance task that has been pre-loaded with the monitoring rule - Drastic decrease of level 1 supports (thousands of calls avoided) - Very quick ROI - Stop unwanted processes - Delete unwanted files (AVI or mpeg files in a specific folder for example) |
| Peripheral status monitoring | Printers, cash drawer, line display etc.. (natively or by custom dev) |
Compliance
| Features | Description |
| Compliance checking principle | - Create and customize compliance profiles (hardware, sofware, system) - Check and follow compliance of the end points in realtime - Be alerted when a device is not compliant anymore - Get global compliance on the dashboard |
| Device compliance | - Computer (Manufacturer, Model, serial number) - Bios (date, manufacturer, model, serial number, version) - Mother board (Manufacturer, Model, serial number) - Processor (Architecture, cores quandtity, Frequency, Manufacturer, Model) |
| Hard Disk and cards compliance | - Network (adapter name, dhcp, dns, dns auto, Domain, Gateway, IP status, Mac Addrss, NetMAsk, Network address, Secondary DNS, Setting ID, speed) - Memory (RAM total size, Ram size Ram type) - Disk (description, manufacturer, Model, Name, Size, Status, Type, Total size) - Partition (File system, free space, letter, size, Type, volume name) - Video card (Chipset, memory, model, resolution Serial number) |
| Peripherals compliance | - Monitor (build date, description, type) - Pointing device (Description, interface, manufacturer, Model, Type) - Keyboard (caption, description, type) - Printer (driver, model, port, ready) - Sound device (Manufacturer, model) |
| Software and operating system compliance | - installed applications (date, description, name, publisher, version) - Installed QFEs (description, hotfix number, installed by, installed date) - Operating system (Architecture, Build number, Information, Name, Product identifier) - Device security (Antispyware, Antivirus, Auto-update, Firewall, Internet settings, UAC control) |
| Manager Configuration compliance | - Device group (static group) - Monitoring rule (Monitoring rules and incidents) - Static and automatic tags values (all tags values and contents) |
Automatic configuration (Staging)
| Features | Description |
| Automatic policies / automatic configuration principle | - Automatic configuration of the device based on defined criteria - Help for deployment of the devices, reduce configuration errors, increase deployment efficiency - drastically reduce Logistics costs - Automatic staging - Garanties compliance of the device (erases any customisation mistakes) |
| Automatic policies options | - If a device joins a group then: play a predefined task (refer to "remote tasks" section in this document) or apply a monitoring rule (refer to "monitoring" in this document) - if an inventory data of the device is equal or contains, does not contain, different from, starts with, does not start with, ends with or does not end with, then: move ito a group or play a predefined task (refer to "remote tasks" section in this document) or apply a monitoring rule (refer to "monitoring" in this document) - Automatic policies can also be applied as soon as a device is enroled (zero touch configuration) |
Health and Security
| Features | Description |
| Health & security principle | - All status are updated in real time - Information stored on the server so available even for offline devices |
| Device Health | - Used disk space - Average CPU consumption - Average RAM consumption |
| Device Security | - Antispyware status - Antivirus status - Auto-update status - Firewall status - Internet settings status - UAC control status |
Remote Control
| Features | Description |
| Remote session control | - Based on Ultra VNC - Reverse process (no need to have a listening port open) - Secure SSL stream from device to server - Secure websocket from admin consolte to the server - Complete control over the session routing (no external server used for the repeater like in products such as Teamviewer) |
Reporting
| Features | Description |
| Reporting and data exports | - Reporting on all inventory data and task results (deployment, task results etc..) - Any inventory data can be displayed on the main console - full customization - Reporting formats (CSV, Jason, XML, Webservices) |
Plugins extensions
| Features | Description |
| Plugin designs and developments | - Plugin development for custom feature - Based on API or SDK, possibility to develop additionnal monitoring features (accelerometer, special electronic card data, humidity sensor, paper presence in printer, voltage drops, raid controlers, etc…) - Our development team will develop plugins based on specifications |
Other
| Features | Description |
| Other | - Very network bandwidth efficient (pulse on demand) - MQTT broker allows the trigger of the pulse on demand and therefore to set the default pulse with long delays and therefore drastically low default network load. - Possibility to control the bandwidth used during a deployment (QoS and peer to peer) - Supports management of 20 000+ devices - Modular solution (through plugins) - Plug & play: very simple to use, very low training required - Very reactive software vendor (we can develop a specific plugin in a few weeks and we can assist the customer in creating scripts or collecting specific data for reporting) - Multi-user access to the console (with different level of administrator rights - on features and on groups of devices) - Application audited by ANSSI and in compliance with their recommandations - Very clear roadmap: patch management, remote imaging, security audit (open ports, TLS1.2, admin rights); - Complete control of the source codes - 100% made in France |