Skip to main content
Matrix42 Self-Service Help Center

Secure Unified Endpoint Management 2007

SYSTEM REQUIREMENTS

Required dependencies that needs to be installed and licensed

 

  • Matrix42 Service and Software Asset Management 10.0.1 or later.
  • All Empirum versions in support. Empirum 20.0.1 or later for Service Bus Integration with Hotfix from 30.July.2020 or newer.
  • All Silverback versions in support. Silverback 20.0.1 or later for Service Bus Integration
  • EgoSecure Version 15.2 for Insights Integration and Endpoint Device Protection Integration

NAMING

Portfolio Relation

 

The installation will install the  UUX for SUEM App and an EgoSecure Data Protection App in the Matrix42 Digital Workspace Platform UUX (Unified User Experience). Both belong to the Secure Unified Endpoint Management Product. 

The Installer is renamed UUX_for_UEM_Installer.exe.

License Certificates

License Needed

 

The SUEM end EgoSecure Data Protection App require a license certificate. The certificate can be obtained by contacting Matrix42 Sales.

EgoSecure Data Protection

Security Backed-In

 

The standalone app accesses an EgoSecure server. This server has to be configured in the app settings of EgoSecure Data Protection Application in UUX.

New Navigation Items

Fits to other UUX based Applications

 

The new navigation items with its functionality will enhance collaboration and integration use cases with other Matrix42 products based on the UUX Solution Builder platform.

  • Collaboration
    • Provides a direct view of the relevant tasks. As an example, when a rollout plan is stopped because of reaching the error threshold a task is automatically created.
  •  Announcements
    • On the new Insights landing page the user sees all announcements which are targeted to him. They can be managed directly in the SUEM App.
  • Environments
    • Allows the grouping of objects.
  • Workspaces
    • Allows management of user workspaces which can contain all assets and services. 

User Interface Changes

Better UI Experience 

 

 

Based on user feedback some user interface improvements were implemented:

  • The initial landing page “Home” is renamed to “Insights”
  • The Assignable Objects navigation item is renamed to Depot
  • The previously available experimental feature to import Silverback Windows 10 and macOS device is removed. This is now standard functionality based on the Service Bus integration.

Service Bus Integration

More Data, Less Waiting

 

The updated Service Bus interface allows the immediate updating of Empirum and Silverback* information. After installing version 3.x of the UEM backend service on the Empirum server, all computers, software packages and the installation status are initially transferred.

Currently, the following information is transferred:

  • Empirum Computer (Enhanced Basic Information)
  • Empirum Software Packages
  • Empirum Agent Configurations
  • Empirum Patch Management  Patch- and Servicepack Groups
  • UEM Agent Status Information
  • Software Installation Status Updates
  • Silverback devices (basic information)
  • Silverback Tags (basic information)
  • Date/time information is transmitted with the respective time zone. Computer log information is transmitted with the correct computer time zone when using UEM Agent 1912.0 or later. For older Agent versions the time zone CET is assumed.
  • The installation of the Empirum Service will be done with Empirum 20.0 Update 1 via DBUtil.
  • The Service Bus Empirum Component can use Proxy Server from Empirum 20.0 Update 1 on (configuration in DBUtil).
  • The State for new and removed devices can be configured in the “Settings”. It is also possible to remove devices from the platform when they were removed from the source systems.

Depot (Assignable UEM Objects)

New Location of all Assignable  Objects

  • New UEM Assignment Objects replace the previously used Service Management Software Services (Empirum Software Packages and Silverback Tags which were created using the Empirum Connector or Silverback Data Provider).
  • Existing software services, which were created with the Empirum Connector, will be migrated after installation and hourly by a background process. Services with the status Blocked are excluded. 
  • Empirum software packages are created and updated via the service bus. In addition to the basic information, further details are available. A link to the software services created via the Empirum Connector is created hourly.
  • Info: Agent Configurations (Agent Templates in Empirum), OS Sorces and Patch Management Groups will be transferred via Service Bus from Empirum but cannot be used in Assignments.

Software Installation Status

Better Overview

Software installation information is transferred via the service bus immediately to show the status of deployments and allow the automated rollout termination in case of reaching a given error threshold.

The new navigation item “Deployments” displays relevant information in a chart which shows the amount of successful and failed installations over time.  Also charts for the current distribution of the various agent versions and a chert which shows the overall ratio of deployment status information.

Under the Deployments navigation item, a list shows all installation status information. This allows an easy lookup of rollout information for particular software, Tags or devices.

  • The status of Empirum software package installations is initially transmitted over the service bus during the installation of the UEM backend service on the Empirum server and during software installations.
  • Only the latest status information about the combination of a computer and software package is kept available.
  • The installation
  • n status is only transmitted for packages assigned in Empirum and is determined based on the software log information. The following statuses are possible:
    • Installed
    • Not Installed
    • Installation in Progress
    • Error
    • Undefined
  • Reboot Pending, Requirement and similar messages of the UEM agent as well as the info text of the log information are transmitted additionally.
  • The installation status can be viewed as a list in the Endpoint Devices navigation area. This makes it easier to monitor rollouts and provides an overview of installations and any errors that may occur.
  • For Empirum packages, the installation status can be viewed in the Assignable Objects/Software Package/Devices area.

 

Rollout progress

Track Your Rollouts

  • The rollout progress is determined exclusively by the installation status. The previous determination based on the Inventoried Software and the name of the Software Service is no longer necessary. Therefore, the use of the Service Bus is mandatory to obtain status information.
  • The progress is determined when an assignment is changed for this assignment and cyclically every 30 minutes for all installations.

Rollout plan and automated rollout termination

Using Thresholds to reduce risk

Rollout plans allow the automated, time-controlled rollout of applications. Progress and thresholds for a complete activation or termination are calculated via the installation status.

If the threshold value for rollout abort is exceeded, the rollout is

Windows 10 Security Dashboard

Observe Security of your Windows 10 Endpoints

Below the Home navigation area, various charts showing the current status of Windows 10 security information are displayed. The information is based on the Windows 10 Security Center and is determined and transmitted via Silverback.

Below the dashboard there is a list view with details for simplified search and further processing.

A tab with detailed information is displayed in the computer properties for computers with the appropriate information.

The following information is displayed:

  • Antivirus software and signature
  • Antispyware software and signature 
  • Protected system start (Secure Boot)
  • Firewall
  • Encryption

Co-Management Status Dashboard (Device Management Type)

Get an overview of your different device management types

The UEM Management Type is determined as a new property for computers based on the ID of the management systems.

  • Only Empirum ID set = Classic
  • Only Silverback/MDM ID set = Modern
  • Both types set = Co-Managed
  • No ID set = Unknown

Below the Home navigation area, the current distribution of the management type is displayed in three charts. Total, macOS and Windows. Only Windows 10 computers are considered. Using the displayed quick links you can navigate directly to a list of the corresponding computers.

.

Improved usability

Get an overview of your different device management types

List of terminal equipment

  • The list contains a column with the number of errors noted in the status. If the value >= 0, it is highlighted in red.
  • The rollout progress is highlighted in green if it is 100%. 
  • The new management type is available as a column.

Assignable objects

  • The list display contains the number of installations.
  • For Empirum packages, the detail view contains details of the Empirum package.

Features

Insights Dashboards

There are a number of new views that offer exciting possibilities for interaction, for example, it is possible to use the announcements to point out specific innovations or to jump quickly to the desired topic via the Quick Start menu. The Devices Last Seen view helps you identify irregularities more quickly and UEM Agent Versions shows you the degree of penetration of the current versions. 


In addition, there are reports with a focus on security

  • Notebooks with Full Disk Encryption
  • Encrypted data transfer
  • Status of connected external USB devices
  • Patch level of the device landscape
  • Management Status of the devices

What are the benefits of this features?

When you use this features, you gain 

  • Software Rollout with Rollout Plan and automated “Stop on Error”
  • Windows 10 Feature Upgrade
  • Apply a new policy to an iOS Device
  • Suspicious Data Flow
  • Was this article helpful?