The 'ERR_BLOCKED_BY_RESPONSE' error occurs when response is delivered along with requirements from Chromium such as 'X-Frame-Options' and 'Content-Security-Policy' aren't met. It is speculated that Salesforce is setting HTTP headers that are blocking an action that Scoutbees is trying to do, likely due to Javascript running on the page not sourced from a Salesforce-approved location.
Read the entire article here...
Security Related Training & Support Archives
Security training and support-related archives from inside the ControlUp Community on Slack.
How Much Additional Employee Workload Can We Expect from a ControlUp Edge DX Deployment of 1500 Devices?
A user asked about the workload accompanying an ControlUp Edge DX deployment, which would involve approximately 1500 devices. Installation of the agent via MSI is easy, as Edge DX is a SaaS application with no additional infrastructure or firewall rules needed. ControlUp Academy has free Edge DX administrator courses. The deployment should take less than 2 hours, but it is recommended that 1/2 a day be assigned for safety. The ControlUp Academy course can be found at https://cuacademy.controlup.com/edgedx-info/.
Read the entire article here...
Read the entire article here...
Troubleshooting Issues Using Trigger with ALD Script in ControlUp
A user was having issues with Trigger and ALD script. It was suggested to check the security event log size, if the regional settings match, as well as other troubleshooting steps. The user thanked the team for their quick response. There was some brief off-topic banter about billing and working hours.
Read the entire article here...
Read the entire article here...
HTTP Scout Fails With Status Code 200 OK
HTTP Scout check failed with a status code of 200 OK and a pattern of "{“status”:“ok”}". The scout had been functioning correctly for several weeks and tests on other custom, public, and servers are working, but the scout does not. When testing in a browser, the user gets the result of "{“status”:“ok”}" which clears when removed and then recreated. A fix is in process and Ehud has offered to provide logs if needed.
Read the entire article here...
Read the entire article here...
How to Edit “Shared Credentials” in Folder Selection in ControlUp Real-Time DX
A user asked why they cannot edit the "Shared Credentials" security option on a folder selection. They are not the Roles manager, and another user could edit it. The other user mentioned Agents don't use shared credentials, and typically you don't allow the shared creds globally. There is worry for giving EUC team rights to the servers and VDI workstations in the same hypervisor cluster, and the suggestion was giving read-only permission in the console only without granting the "Run Host Actions".
Read the entire article here...
Read the entire article here...
How to specify the user security context when upgrading agents from the ControlUp Console?
A user asked if it was possible to specify the user security context when upgrading agents in ControlUpConsole, as they couldn't use Domain Admins in their environment. It was suggested to add admin accounts to AD Connections and specify one per domain, and the credentials were stored in the user profile and used only for agent deployment and "agent control". This solution worked for the user.
Read the entire article here...
Read the entire article here...
Does Edge DX Remote Control Leave a Trace afer Ending Remote Session?
A user asked about remote control functionality in Edge DX and whether it leaves traces that the security department can pick up. @Member gave an explanation that the client used in the agent is a VNC client, but is secured and connected to other parts of the system via a web-socket. This means that the VNC client cannot be externally connected, thus not leaving traces.
Read the entire article here...
Read the entire article here...
Troubleshooting an On-Premises 8.7 Issue with SOP Not Functioning
A customer upgraded their On-Premises environment from 8.5 to 8.7 and introduced SOP 8.7, however it was not functioning. Possible fixes such as restarting ControlUp Monitor and SOP, changing the SSL cert, toggling "Ignore SSL Cert Errors", checking port 443, checking UserManagement logs, checking docker logs, creating a monitor log (Log4Net) and generating the key file again were suggested. They would also benefit from visiting https://support.controlup.com/v1/docs/cop-87-security-enhancement-for-monitor-sop-communication for further instructions.
Read the entire article here...
Read the entire article here...
How to add new users to ControlUp Real Time DX?
A user asked a question about adding users to a ControlUp setup, with the question of whether it needs to be done via the Login Setup screen in version 8.7 or if it can be done through adding people to an AD group. In order to do this, users need to be added manually. However, ControlUp is working on enhancing its Solve/SAML integration, which will enable new users to be auto created as needed. This would be done with the new DEX platform/login when configured to use SAML. ControlUp will keep @member updated on its progress with the DEX platform.
Read the entire article here...
Read the entire article here...
Changing the Certificate on the IOP Server
The user asked how to change the certificate on the IOP server - he received a .PEM file without private key and was suggested to refer to the following documents: https://support.controlup.com/docs/solve-on-premises-configuration and https://support.controlup.com/docs/insights-on-premises-replace-certificate. Finally, the certificate was implemented and the user noted that the IOP server correctly presented it but not the Splunk side.
Read the entire article here...
Read the entire article here...