A user was experiencing issues with their security policy graying out the ControlUp Monitors role, preventing access to agents. KB article on security best practises was suggested, along with adding the service account to an appropriate role. It was noted that 8.8 On-Prem was released, containing the bugfix, and that the user would be sent a download link. Release notes were also provided.
Read the entire article here...
Security Related Training & Support Archives
Security training and support-related archives from inside the ControlUp Community on Slack.
Locked Out of ControlUp Solve Portal Despite Permissions
A user was locked out of their Solve and DEX portals due to a permissions issue. After being granted all necessary permissions, they still couldn't access Solve from the console. It was established that the user needed the "Use Solve" right in their security policy. The user then tried a few solutions, including the add-cuuser cmdlet (https://support.controlup.com/docs/add-cuuser-create-new-solve-users#), but still could not access the portal. A restart of the monitor did not help however, so the issue is still unresolved.
Read the entire article here...
Read the entire article here...
How to Check if a User Accessed an Application such as a VPN in ControlUp
The user asked if it was possible to see if a user had used an application such as a VPN. @member recommended checking stopped processes and authentication logs, then provided a script to check the VPN default gateway. It was suggested that an alert could be set, but the user noted they were looking for a report. An update was provided, detailing how the user found the information they needed by looking at the user's login and logout times and logs. @member was thanked, and Blair was asked to set up a customer testimonial about it.
Read the entire article here...
Read the entire article here...
Implementing Multi-Tenancy for Managed Service Providers in ControlUp
A user asked who had successfully implemented multi-tenancy as a managed service provider in order to replace LogicMonitor. It was suggested to open bidirectional port 40706 between each tenant and the user's data center, and to set up certificate-based authentication. The user was advised to use 'MSP mode' and use the cert to see the parent organisation. Links to documentation were provided.
Read the entire article here...
Read the entire article here...
Sivan’s “Did You Know”: The ControlUp Audit Log
This week is about the Audit Log, which can be enabled to go to a SysLog Server or Centralized Auditing. For more information, take a look at the ControlUp support articles at https://support.controlup.com/docs/audit-log and https://support.controlup.com/docs/centralized-audit-log.
Read the entire article here...
Read the entire article here...
Restricting Access to Organization Creation in ControlUp DEX Instance
A user asked about preventing unauthorized creation of organizations in their DEX instance. They suggested a configuration option to only let full admins create new orgs. It was noted that creating a new organization requires a license and currently there is no way to block it. The user's request was added to the backlog to block organization creation to admins only.
Read the entire article here...
Read the entire article here...
Documentation on Encryption of Data Sent to AWS from Monitors
The user asked for documentation regarding the encryption of data sent to AWS from monitors. It was suggested to check out https://support.controlup.com/docs/controlup-architecture-security-concepts. All data is encrypted with the Rijndael algorithm (AES) with a 128-bit encryption key. Depending on the mode either ControlUp Cloud servers or local storage will be used to store the key.
Read the entire article here...
Read the entire article here...
Why You Should Care About DEX (Digital Employee Experience)
In the post-COVID digital era, prioritizing the Digital Employee Experience (DEX) is essential. A robust DEX boosts remote collaboration, engagement, and innovation. As technology evolves, a seamless digital experience is key to business success.
Read the entire article here...
Read the entire article here...
Where are ControlUp User Console Credentials Stored?
In a Slack discussion, the user asked if the username/password for a ControlUp Enterprise User Console on a custom hive is stored in the cloud. @member mentioned that the credentials are stored locally, saved encrypted in the custom hive local db file. For the Cloud hive, these credentials are stored encrypted in the AWS Key Management Service.
Read the entire article here...
Read the entire article here...
Sivan’s “Did You Know”: Security Policy Planning Template Featured in ‘Did You Know’
This week's "Did You Know" featured the Security Policy - an article with a Security Policy Planning Template. The template can be used to create a policy that works best for users. The article can be found in the Security Policy for Users and Permissions - Best Practices.
Read the entire article here...
Read the entire article here...

