According to the source code, Edge DX uses traceroute or tracepath to perform trace routes, depending on which one exists. For IGEL devices, only tracepath seems to be available. The port used is random, but usually starts at 44444 and adds a varying modifier based on the version. It is possible that IGEL or the underlying OS uses a static offset. On 12/31, the security team noticed traffic on port 44484 from our IGEL thin clients, which may be caused by additional Network Latency targets set in Edge DX settings. To confirm, they will disable the targets and monitor the traffic.
Read the entire article here...
Security Related Training & Support Archives
Security training and support-related archives from inside the ControlUp Community on Slack.
Troubleshooting Device Location Updates in Edge DX
A user reported that their device location does not always update in Edge DX, giving an example of their device showing work location after working from home for 18 hours. A suggestion was made to check if device's public IP is changing when switching locations and checking the status of location services on the device's OS. A link to documentation on device geolocation was also shared.
Read the entire article here...
Read the entire article here...
Securing Laptops with ControlUp and other Options
A discussion took place about different security options for laptops, specifically a method to prevent bootup in the event of theft. It was mentioned that ControlUp does not have this feature, but there is a user voice open for it. It was also suggested to use MDM or Intune for this purpose, but it was noted that a script will not run if the agent cannot communicate with the device. Some laptops have Absolute software built-in for this purpose. Another possible solution is using BitLocker with TPM+PIN, but it is important to ensure proper policies are in place for it to be effective. URL mentioned: www.absolute.com
Read the entire article here...
Read the entire article here...
Understanding Remediation Availability in ControlUp
A user asked about the availability of remediation for certain devices and wondered if it was due to updates from ControlUp. It was clarified that remediation will only be available if there is either a pre-made remediation in the ControlUp catalog or if a custom issue has been added to an out of box scan without a catalog remediation. The blog posts https://www.controlup.com/resources/blog/enhance-endpoint-security-with-custom-issues-and-os-patching/ and https://www.controlup.com/resources/blog/expand-endpoint-security-use-cases-with-secure-dx-custom-issues/ provide more information on custom issues and their benefits for endpoint security.
Read the entire article here...
Read the entire article here...
Understanding DEX’s Authentication Process for ControlUp VDI DAAS
The discussion revolved around DEX's authentication process for the VDI DAAS and how information is passed to the monitors. Depending on a setting, either UPN or email address is used for authentication and may require configuration changes on the security policy side.
Read the entire article here...
Read the entire article here...
Troubleshooting AD connections on ControlUp Academy
A user was having trouble restoring AD connections and an endless list of credentials on ControlUp Academy. Others chimed in with suggestions, including ensuring the console was closed while replacing the CommonPrivateConfiguration.xml file. Eventually, the user found an old backup that worked.
Read the entire article here...
Read the entire article here...
Minimum Permissions to Connect to Solve in ControlUp RT Console
A user was trying to connect to Solve with insufficient permissions. It was determined that they needed to have the "Use Solve" permission allowed and be a member of the authorized users group. This setting can be adjusted during ControlUp installation.
Read the entire article here...
Read the entire article here...
Troubleshooting Monitor Deployment Issues in ControlUp with Trellix
A user encountered issues with the deployment of monitors while using the Real-Time console, resulting in errors and failed services. Another user suggested the issues may be caused by Trellix, a common problem for page timeouts. The solution offered was to either increase the timeout or add the monitor service executable to exclusions. The issue is commonly seen with Trellix but can also affect other antivirus or security tools.
Read the entire article here...
Read the entire article here...
Creating a Disk Usage Alert in ControlUp using Internal Indices
A user asked for assistance in creating an alert based on disk usage, referencing specific variables found in the data index "_devices". Another user provided guidance on how to access the necessary information through this hidden index and offered the column "osdisk_configuration_freespace_all" as a potential indicator.
Read the entire article here...
Read the entire article here...