How-to: Administrator’s guide to remote management of Emsisoft Anti-Malware
Whether you are an administrator for your organization’s IT infrastructure, a value-added reseller (VAR) or simply an enthusiast who is forced to maintain your parents’ computer, you will enjoy the new convenience features that our development team implemented during the past year. Efficiency is key, and so we aim to optimize your malware protection workflows to save you precious time, while keeping security at highest level at all times.
Remote maintenance with Emsisoft Enterprise Console
The free of charge Emsisoft Enterprise Console is your tool of choice to avoid unnecessary walks to your client machines. It allows you to remote install and configure Emsisoft Anti-Malware and Emsisoft Anti-Malware for Server with a few clicks. I don’t want to go too much into detail on the basics of the console, as this was covered in an earlier post, but rather focus on typical workflow tasks administrators and resellers are confronted with on a daily basis.
A) Protecting clients in the same network
Adding new computers that are connected to the same network as the Emsisoft Enterprise Console server is pretty straight forward. Click the “Add Computers” button at the bottom right of the main “Clients” screen and type the computer name, or select it from the list of automatically discovered new machines in your network.
Computers in the same network can be directly accessed from the Enterprise Console server. Therefore you only need to enter admin credentials to copy the setup files into the computer remotely, plus credentials of a local administrator on the target computer to run the installer. The last step before installation can start is to select or specify a license key for Emsisoft Anti-Malware. Enterprise Console will remember your inserted license key for later use on other machines.
A click on “Add and deploy” immediately starts remote installation and the computer will show up in the Clients list as ‘Protected‘.
If you have multiple networks in your organization, it is advised to set up one instance of Emsisoft Enterprise Console server in each network, for best performance and traffic saving effects. You can still maintain all of them from one administrator workstation though. The Emsisoft Enterprise Console GUI and Commandline administration tools can be installed anywhere you want and connect to any Emsisoft Enterprise Console server.
B) Protecting clients in foreign networks
As a reseller you probably don’t want to install the Emsisoft Enterprise Console server in each of your clients’ locations, but just maintain individual computers in foreign networks remotely. As the Enterprise Console server can’t directly reach your client machines outside your local network, you need to let the clients connect back to your server instead. It’s the same scenario as with clients that need to connect to an Enterprise instance that hides in a NAT environment.
To make sure no unauthorized computers can connect to your Enterprise server, it’s required to create an authentication package for each client on the server first. Authentication packages are secured by 4096 bit AES encryption and are valid for a maximum of 7 days for security reasons.
Click “Add computers” in the bottom right corner of the main screen and switch to the “Computers in other networks” tab at the top. Type the full computer name (with workgroup or domain name) and click “Add” to add it to the list of computers to be added. You can change the default settings group in the second column, i.e. “Marketing”, if you already know where that new computer belongs to and what policies you like to apply.
Next, you need to specify the server address under which the Enterprise server can be reached from the new computer. That can be either an IP address or a publicly accessible domain name. Make sure your firewall doesn’t block the server’s port (default 8082).
Carefully select a folder to store the newly created installation packages. You will need to copy the files within that folder over to your target machine later. If Emsisoft Anti-Malware is already installed on your client machine but not connected with any Emsisoft Enterprise Console yet, tick the checkbox “Package for installed Emsisoft Anti-Malware”. It will then leave out the large setup.exe file from the package and create the rather small secure authentication files only.
Select or specify a license key and click “Create” to finish. Next you’ll see an information screen how to use the installation packages on your target machine:
When you click “OK”, an Explorer window showing the new package files will open up. All you need to do is copy these files to your target machines and run the “Install.bat” file. Once installed, Emsisoft Anti-Malware will connect to the Enterprise server and the computer will show up in the “Clients” list.
To void and delete authentication packages, please go to the “Settings” area, “Deployment” panel. The table at the bottom lists all recently issued authentication packages. Once you delete a package from that list, the Enterprise Console server does not confirm authentication requests from the affected machine anymore.
If you need to install large numbers of computers, simply create all installation packages at once and then just copy the entire packages folder with all authentication files to all computers. The install script will automatically determine the correct authentication file based on the computer’s name where it is run. Authentication packages only work on computers with matching names. That way you can well automate the process. Note that authentication packages can also be created via command line, e.g. when you want to integrate the anti-malware installation step in your general deployment script for new computers next to other installations.
Centralized license key management
Keeping an overview of your clients’ Emsisoft Anti-Malware licenses is essential for your business. You certainly don’t want to leave any of your clients unprotected just because you missed to renew a key in time. The “Licenses” panel in Emsisoft Enterprise Console helps you to stay in control. Always keep an eye on licenses that are about to expire soon. They will show up in bold red print 45 days before expiration date.
The Licenses panel also shows how many seats on each license key are currently unused. The list automatically gets refreshed in regular intervals.
To see which computers use a specific license key, switch to the “Clients” panel, click “Add new view” in the top toolbar, select the filter parameters “License”, “Is equal to”, and insert your license key.
Working with settings- and permission-groups
The “Policies” panel allows you to configure all managed computers according to your maintenance requirements. In certain circumstances it also may be useful to restrict permissions for local users, so they can’t ‘mis-configure’ Emsisoft Anti-Malware. Both computer settings and user permissions can be arranged in groups, with full inheritance support. Any changes compared to the next higher level are displayed in bold print so you can quickly spot them.
When maintaining computers in foreign networks, always make sure you disable the computer setting “Use Emsisoft Enterprise Console Update Proxy” in the settings group “UPDATE” to avoid that all update traffic gets re-routed via your Enterprise server instance in a different location than the client’s network. The Enterprise Console Update Proxy only helps to save internet traffic when it’s located in the same network, as it caches the update files.
Reports and malware alerts
You will find a number of useful preset reports in the “Reports” panel. You may want to make the “Issues” report your main initial panel, to always stay ahead of potential clients calling in. To do so, click the arrow down button at the top right and tick the checkbox “Set as default report”. You can also flexibly create new reports for data sets of your choice.
To receive email reports in defined intervals, please go to the “Settings” area and switch to the “Notifications” panel. Admin and Management reports can be scheduled to be sent on a daily, weekly, monthly, quarterly or annual basis.
While Management reports only include basic information relevant to view organization-wide tendencies, Admin reports include extended tables with details on infections and other events of all computers.
In order to receive real-time notifications please create Infection- or Action-Alerts, which can either be sent by email (in plain text format so you can easily parse them automatically) or via Webhooks to integrate Emsisoft Anti-Malware alerts into your own productivity tool chain.
Reseller goodie: Advanced customer care features
A good number of resellers asked us whether it would be possible to disable certain ‘marketing features’ in Emsisoft Anti-Malware. Specifically the referral rewards program and direct purchase buttons, which may cost them a few deals. So we came up with a solution that we believe will satisfy everyone, while not having any negative effects for software users.
Navigate to the “Policies” area in Emsisoft Enterprise Console and then select a specific computer group (or click “Organization” for global settings) and switch to “Computer Settings” on the right. Scroll down to the settings group “CUSTOMER CARE”. There you can change the following options of Emsisoft Anti-Malware:
- Disable license expiration notifications: Disables all notification popups that are displayed 30, 14 and 7 days before the license period ends. Note: This potentially puts users at risk to lose protection if a license doesn’t get renewed in time. Notifications will still be displayed 3 days before license ends.
- Hide customer referral rewards program: Hides all suggestions to renew a license for free by referring new software users.
- Hide license key: Prevents users from reading and changing the license key to avoid that it gets misused somewhere else.
- Disable purchase and renewal buttons: Stops user from buying a license online at Emsisoft directly.
- Alternative message for purchase and renewal buttons: Insert administrator contact details or alternative notes for user, i.e. “To obtain a license, please contact Company Ltd, +1 234 567 89”.
- Alternative URL for purchase and renewal buttons: Specify a website address where user can find purchase information, i.e. “https://www.company.com/order/”.
- Hide news area on overview screen: Hides the entire news section on the bottom of the main Overview screen. Note: No advertising is displayed there, only security education and product news. Additionally you can also disable the news popups by disabling the relevant option in “NOTIFICATIONS” group.
- Alternative static text: Insert administrator contact details or alternative notes for user, i.e. “Managed by Company Ltd, +1 234 567 89”.
- Alternative URL: Specify a website address where user can find purchase information, i.e. “https://www.company.com/order/”.
Note that these settings are only available through Emsisoft Enterprise Console and can not be changed by your clients locally for safety reasons. If you don’t want to use Emsisoft Enterprise Console but still use these options, you can do so by adding specific parameters to the setup.exe call at installation time.
Setting at installation time
Use one or more of the following available parameters, e.g. via Command Prompt:
- /purchase-alt-message=”To obtain a license, please contact Company Ltd, +1 234 567 89″
- /news-alt-message=”Managed by Company Ltd, +1 234 567 89″
EmsisoftAntiMalwareSetup.exe /disable-expiration-notifications=1 /hide-referral-program=1
Setting manually on existing installations
To set these options manually, you have to edit the skin.ini file in a plaintext editor. To do so, please shut down real-time protection, shut down the Emsisoft Protection Service in Service Manager, open c:\program files\Emsisoft Anti-Malware\skin.ini (or create one as unicode file if it doesn’t exist), and insert a new section called [CustomerCare]. Underneath that section, you can then insert any of the above mentioned parameters. Once completed, save the file and start Emsisoft Anti-Malware via the Windows start menu to turn protection back on.
Third party RMM integration
As an alternative to Emsisoft Enterprise Console you may also use common remote monitoring and management (RMM) tools. At the time of writing, the following RMMs are supported by Emsisoft Anti-Malware:
- RepairTech Kabuto: Remote installation, scanning and maintenance.
- Opswat: All Emsisoft products are gold certified and integrate well with Opswat based solutions.
More to come soon.
Emsisoft provides a series of free productivity tools with smart features to improve efficiency in daily workflows of system administrators, resellers and tech support professionals. No matter if you have only 3 or even 500 installations of Emsisoft Anti-Malware to maintain, Emsisoft is here to help. Download Emsisoft Enterprise Console here.
If there are any specific requirements on your wishlist that are currently not covered by our products, please let us know: [email protected]New in 2017.3: Improved protection, scan of removable drives, and more