A user asked for a list of processes run with ControlUp EdgeDX and suggested whitelisting a path for updated executables. Security teams requested more information. Further guidance and resources can be found at edgedx-functions.azurewebsites.net and support.controlup.com.
Read the entire article here...
Security Related Training & Support Archives
Security training and support-related archives from inside the ControlUp Community on Slack.
Missing “Client Device Score” icon in ControlUp Solve?
Members discussed the issue of not seeing Client Device Score in ControlUp Solve, and why metrics like Client Wi-Fi Signal, Lan Latency, Total Session Latency, and Internet Latency indicate the score. They concluded that Remote DX must be installed on the endpoints and the registry values need to be deployed. Members also noted that 3rd party software can be tricky with virtual channels, and that the default MSTSC rdp client should be used. Support ticket can be created at support@controlup.com.
Read the entire article here...
Read the entire article here...
Driving Use Cases for Choosing ControlUp Edge DX
Two members discussed the driving use cases for choosing ControlUp Edge DX, including Corp laptop having VPN connectivity issues, seeing network latency/connectivity/ISP, and providing admin-level support to users' machines even when not connected to a VPN. Edge DX is designed for FatClients, providing detailed information without needing to be connected to VMs. RemoteDX can also be installed but is solely for showing information while connected to Win365, XenDesktop or Horizon.
Read the entire article here...
Read the entire article here...
ControlUp Architecture Diagram for Security Team
A user wanted an architecture diagram for their security team, and requested feedback on the provided one. Comments focused on missing ports to the CU agents and Citrix servers, and that data collectors were also not included. It was suggested that a more basic, old diagram should be used to show the relationship between monitors, cloud and agents, and console to agents and cloud. Additionally, a link to ControlUp documentation was shared (https://support.controlup.com/docs/controlup-architecture-security-concepts).
Read the entire article here...
Read the entire article here...
Implementation Questions for ControlUp in Corporate and Isolated Environments
A user asked questions about implementing ControlUp in a corporate and isolated environment. The answers explained that Monitors and Data Collectors don't need to be in the same domain, credentials can be used even without trust relationship, and port 40705 needs to be added. Professional Services from ControlUp can be sought for resolving automation issues in an environment with extensive security policies.
Read the entire article here...
Read the entire article here...
How to give access to ControlUp insights without giving access to the Controlup Console
The discussion considered what options are available for providing access to Insights data for third-party users without access to the ControlUp console. While registering in the console is necessary, uploading a CSV file with UPNs can be done with the Login Setup feature in 8.7. Insights will be deprecated soon and, as some customer's security policies can remove accounts if they are not used after a certain amount of time, there is the option of creating a bogus user with an email distribution. There are no limitations on the number of users in ControlUp itself, though some Microsoft licenses may be consumed based on a single AD account.
Read the entire article here...
Read the entire article here...
How to configure ControlUp to allow fist level support only the permissions to logoff User sessions
A user asked how to set permissions for first-level support to logoff user sessions - the recommendation is to keep everything as "Not Set" and set specific permissions to "Allow". For more information, there is an article on creating a read-only permission set at https://support.controlup.com/v1/docs/security-policy-view-only-role.
Read the entire article here...
Read the entire article here...
Replacing a Weak SSL Certificate in ControlUp
A customer reported a weak SSL certificate from ControlUp (SHA1, wrong hostname, self-signed) and asked if any issues may surface when switching to a trusted, SHA256 certificate with the correct hostname. It was suggested that the certificate switch should work without any issues, but the current COP version, certificate name, and file were requested for confirmation. It was later established that the certificate deployed with Console, Monitor, and Agent was the culprit, and that the old certificate just needs to be replaced.
Read the entire article here...
Read the entire article here...
Using the EUC Universal Sync Script in ControlUp
When using the EUC Universal Sync Script, make sure the "preview" Parameter is set to false in the cfg file to run the Sync script, and restart the monitor service for scheduling. The version on Github is the latest. The warning "Commit Changes?" is misleading but to assign False to the Preview parameter commit needs to be set to Yes. A bug in 8.8 related to Templates being empty was mentioned.
Read the entire article here...
Read the entire article here...
Investigating Network Latency Issues in ControlUp
A user noticed that some of their devices experience a network latency with white spaces at different intervals and asked for clarification. It was determined that the ping was failing consistently every 40 minutes and that there could be a network issue (not VPN) related to communicating with a target Citrix public IP address. The user was instructed to open a support ticket and view raw data to determine if the numbers match. The graphs looked normal when checked.
Read the entire article here...
Read the entire article here...