HTTP Scout check failed with a status code of 200 OK and a pattern of "{“status”:“ok”}". The scout had been functioning correctly for several weeks and tests on other custom, public, and servers are working, but the scout does not. When testing in a browser, the user gets the result of "{“status”:“ok”}" which clears when removed and then recreated. A fix is in process and Ehud has offered to provide logs if needed.
Read the entire article here...
Security Related Training & Support Archives
Security training and support-related archives from inside the ControlUp Community on Slack.
How to Edit “Shared Credentials” in Folder Selection in ControlUp Real-Time DX
A user asked why they cannot edit the "Shared Credentials" security option on a folder selection. They are not the Roles manager, and another user could edit it. The other user mentioned Agents don't use shared credentials, and typically you don't allow the shared creds globally. There is worry for giving EUC team rights to the servers and VDI workstations in the same hypervisor cluster, and the suggestion was giving read-only permission in the console only without granting the "Run Host Actions".
Read the entire article here...
Read the entire article here...
How to specify the user security context when upgrading agents from the ControlUp Console?
A user asked if it was possible to specify the user security context when upgrading agents in ControlUpConsole, as they couldn't use Domain Admins in their environment. It was suggested to add admin accounts to AD Connections and specify one per domain, and the credentials were stored in the user profile and used only for agent deployment and "agent control". This solution worked for the user.
Read the entire article here...
Read the entire article here...
Does Edge DX Remote Control Leave a Trace afer Ending Remote Session?
A user asked about remote control functionality in Edge DX and whether it leaves traces that the security department can pick up. @Member gave an explanation that the client used in the agent is a VNC client, but is secured and connected to other parts of the system via a web-socket. This means that the VNC client cannot be externally connected, thus not leaving traces.
Read the entire article here...
Read the entire article here...
Troubleshooting an On-Premises 8.7 Issue with SOP Not Functioning
A customer upgraded their On-Premises environment from 8.5 to 8.7 and introduced SOP 8.7, however it was not functioning. Possible fixes such as restarting ControlUp Monitor and SOP, changing the SSL cert, toggling "Ignore SSL Cert Errors", checking port 443, checking UserManagement logs, checking docker logs, creating a monitor log (Log4Net) and generating the key file again were suggested. They would also benefit from visiting https://support.controlup.com/v1/docs/cop-87-security-enhancement-for-monitor-sop-communication for further instructions.
Read the entire article here...
Read the entire article here...
How to add new users to ControlUp Real Time DX?
A user asked a question about adding users to a ControlUp setup, with the question of whether it needs to be done via the Login Setup screen in version 8.7 or if it can be done through adding people to an AD group. In order to do this, users need to be added manually. However, ControlUp is working on enhancing its Solve/SAML integration, which will enable new users to be auto created as needed. This would be done with the new DEX platform/login when configured to use SAML. ControlUp will keep @member updated on its progress with the DEX platform.
Read the entire article here...
Read the entire article here...
Changing the Certificate on the IOP Server
The user asked how to change the certificate on the IOP server - he received a .PEM file without private key and was suggested to refer to the following documents: https://support.controlup.com/docs/solve-on-premises-configuration and https://support.controlup.com/docs/insights-on-premises-replace-certificate. Finally, the certificate was implemented and the user noted that the IOP server correctly presented it but not the Splunk side.
Read the entire article here...
Read the entire article here...
List of Processes for ControlUp Edge DX Monitoring
A user asked for a list of processes run with ControlUp EdgeDX and suggested whitelisting a path for updated executables. Security teams requested more information. Further guidance and resources can be found at edgedx-functions.azurewebsites.net and support.controlup.com.
Read the entire article here...
Read the entire article here...
Missing “Client Device Score” icon in ControlUp Solve?
Members discussed the issue of not seeing Client Device Score in ControlUp Solve, and why metrics like Client Wi-Fi Signal, Lan Latency, Total Session Latency, and Internet Latency indicate the score. They concluded that Remote DX must be installed on the endpoints and the registry values need to be deployed. Members also noted that 3rd party software can be tricky with virtual channels, and that the default MSTSC rdp client should be used. Support ticket can be created at support@controlup.com.
Read the entire article here...
Read the entire article here...
Driving Use Cases for Choosing ControlUp Edge DX
Two members discussed the driving use cases for choosing ControlUp Edge DX, including Corp laptop having VPN connectivity issues, seeing network latency/connectivity/ISP, and providing admin-level support to users' machines even when not connected to a VPN. Edge DX is designed for FatClients, providing detailed information without needing to be connected to VMs. RemoteDX can also be installed but is solely for showing information while connected to Win365, XenDesktop or Horizon.
Read the entire article here...
Read the entire article here...
