Manage Servers
Managing Server
Under Administration | Servers, you can install additional servers, assign IP ranges and specify server priority. If you use multiple servers, you can define a favorite server for each Agent. For details, see: Server connection - order and priorities
Requirements for multi-server environments. The installed EgoSecure version must be identical on all Servers used. It must be not lower than the version of the Agents that connect to the Server. The Servers must be in the same network so that they can communicate with each other.
Installing additional server
- Install the same Server version as the already installed server.
- For details about the Server installation, see the Installation Guide.
- During the installation, specify the same domain controller, SQL database, and database user as during the first installation.
- The new Server appears in Console under Administration | Servers | EgoSecure servers.
Server connection - order and priority
In a multi-server environment, an Agent attempts to connect to an available server in the following order:
- Favorite Server: An attempt to establish a connection with the favorite Server.
- IP range: If the favorite Server is not defined or not available, it searches for the Server with a defined IP range and verifies whether the Agent is in this range.
- Priority / Random: If the Agent can not connect to either the favorite server or the primary IP range server, it tries to connect to the Server with the highest priority. If Random selection is selected in the Server selection method drop-down, the Server is selected randomly instead of the priority principle.
Assigning favorite Server
- Go to Installation | EgoSecure agents | Install/Update.
- Select an Agent from the list. To multi-select, hold down Ctrl and click.
- Right-click an Agent and select Favorite Management Server | [Server name] from the context menu.
- The selected Server appears in the Favorite server column.
Assigning Server IP range
- Go to Administration | Servers | EgoSecure servers.
- Double-click a server entry in the Primary IP-range column.
- The column for this server is ready for editing.
- Specify an IP range, to which Agents must belong to connect to the Server. Only IP addresses of the Ipv4 format are supported.
- You can use the asterisk symbol as a wildcard. Example: 192.168.1.*, where * is any value from 0 to 255.
- It is also possible to set IP-range via en dash (e.g.: 192.168.10.10-192.168.10.200) or via CIDR Notation (e.g.: 192.168.20.0/24).
- To add more than one IP address or range for the Server, divide them with the semicolon (;) without spaces.
- Click Save.
- All Agents that have IP addresses in the specified range can connect to the Server if the favorite Server is unreachable or undefined.
Enabling/disabling server priority
- Go to Administration | Servers | EgoSecure servers.
- In the Server selection method drop-down, select an option. This setting applies only if no favorite server is defined for the Agent and the Agent is not in the Server IP range:
- By priority: Server selection occurs according to priority/order in the list
- Random selection: Server selection occurs automatically (randomly)
- Click Save.
Setting a priority for a server
- Go to Administration | Servers | EgoSecure servers.
- In the EgoSecure servers list work area, right-click a server.
- Select Up or Down from the context menu.
- The Server moves in the list and the value of the Priority column changes.
- Click Save.
- The setting applies.
Configuring Cloud-Connect Server
EgoSecure Cloud-Connect Server (ES CCS) is an architecture element, which allows to manage computers/devices when they are outside a corporate network. The main idea is to install and deploy the main EgoSecure Server (ES Server) in the corporate LAN and connect the Agents to this main server. As soon as a part of the Agents is outside the corporate network, they connect to ES Server via ES CCS. ES CCS can be installed in the local network (e.g.: in the DMZ) or in the Internet.
Requirements for Cloud-Connect Server environment
- Enabled SSL. For details, see: Configuring SSL
- Enabled Polling mode (auto or permanently)
- Disabled HTTPS protocol. Communication via CCS is performed only using a default XML protocol.
Installing ES CCS
There must be no EgoSecure Agent on the computer with ES CCS.
- Launch the ESCloudConnectSetup.exe file.
- Select the installation language and click OK.
- The welcome dialog appears.
- Click Next.
- Change the location for the Cloud-Connect Server, if necessary, and click Next.
- Specify the ports used on the Cloud-Connect Server:
- Port for connecting servers: a port for incoming connections from EgoSecure Servers (default: 8005).
- Port for connecting clients: a port for incoming connections from EgoSecure client applications (default: 8010).
- Click Next.
- Click Install.
Connecting EgoSecure Server and Agents to ES CCS
Enable SSL to use ES CCS and enable the specified ports on the computer with ES CCS.
- In the Console, go to Administration | Servers | Cloud-Connect servers.
- Click Add.
- The Cloud-Connect server dialog appears.
- In the Name filed, define the name or IP address of ES CCS.
- Specify the ports defined during the installation:
- Port for serves: a port for incoming connections from EgoSecure Servers (default: 8005).
- Port for clients: a port for incoming connections from EgoSecure client applications (default: 8010).
- Click OK to confirm the changes and close the dialog.
- Click Save.
- The Console checks whether the added ES CCS is available via the defined ports and then shows the port status.
- Define which Cloud-Connect server to use when connecting to the EgoSecure Server:
- Go to Administration | Servers | EgoSecure servers
- In the Cloud column, select a Cloud-Connect server from the list.
- Click Save.
- The communication between the EgoSecure Server and external Clients now occurs via ES CCS.
Connecting EgoSecure Console to ES CCS
- Get the path for connecting to ES CCS, which consists of an ES CCS host, a port for clients and a server computer GUID:
- Go to Administration | Servers | EgoSecure servers.
- Right-click the EgoSecure Server entry and select Copy Cloud-Connect path from the context menu.
- The path is copied to the clipboard.
- In the main navigation, click
- The Connect to EgoSecure Management Server dialog appears.
- In the Server field, paste the path copied in step 1. The path has the mask [host]:[port]/[server ID], where:
- [host] - host, where the ES CCS is deployed;
- [port] – port on the ES CCS for connecting the EgoSecure Console and Agents (by default: 8010);
- [server ID] – unique server identifier (GUID of the computer, where the EgoSecure Server is installed)
- Example: 111.111.1.1:8010/1111a22b-2cc3-440d-5f5d-6e767ed888a9
- The Port field is filled in automatically once the Server field is filled in. (Default: 8005).
- Enter your login data and confirm with OK.
- The Console opens. CCS is now fully set up.
Deleting server
One server may work with several network adapters, that is why the procedure of deleting a server from the database is about deleting the whole server or deleting a network adapter.
Deleting network adapter
If a network adapter is currently inactive (e.g. network adapter is disabled in Windows settings), this entry is colored in light grey and such a network adapter can be deleted from the list. The active network adapters (colored in dark grey) can not be deleted from the list. To show only active network adapters, enable the Hide inactive adapters option.
- Go to Administration | Servers | EgoSecure servers.
- Select a network adapter. To multiselect, hold-down Ctrl and click.
- Right-click one entry and select Delete network adapter from the context menu.
- Click Save.
Information about selected network adapters is deleted from the database. Once network adapters are reconnected, they appear in the list.
In most cases, administrators delete the network adapters from the list, because they have been disconnected and administrators want to forbid Agents such a connection. But note that that the same can be achieved via removing the check box from this server so that it becomes unavailable.
Deleting a server completely
The server and all of its adapters — no matter whether they are available or not (colored in dark gray or in light grey, respectively) — can be deleted from the database via one option.
- Go to Administration | Servers | EgoSecure servers.
- Right-click a server and select Delete server completely from the context menu.
- Click OK in the warning dialog to confirm.
- Click Save.
Information about the server and all its network adapters is deleted from the database. Once network adapters of an installed server are reconnected, they appear in the list; if the server has been uninstalled, the reconnected network adapters do not reappear.
Protecting Console and Server files from damaging (Integrity control)
Use Integrity control to assure that .exe and .dll files under C:\Program Files\EgoSecure\EgoSecure Server (excluding MSI and IoT folders) are not damaged. If someone renames the files, or makes changes, our system displays it in Reports | General | Revision.
With IntellAct Automation, you can create a rule to get notifications about integrity control actions via E-mail or SNMP. For details, see: IntellAct
Configuring Integrity control
- Go to Administration | Servers | Integrity control.
- Move the button to the right.
- The status changes to Integrity control is now enabled.
- Set frequency of control performing (once or weekly).
- Click Save.
- The Integrity control starts automatically at the specified time.