Emsisoft
Managing Protected Devices | Emsisoft Management Console | Emsisoft Tutorial
Hello, today, we’re going to be taking a look at the Emsisoft Management Console. This is a web-based console that allows you to remotely manage all of your Emsisoft-protected endpoints.
Let’s start with the Workspaces dashboard. Here, you can view all of the connected devices in your workspace. At the top, we’ve got some key performance indicators, and at the bottom we can see any security threats that have been detected recently.
In the Managed Devices section, you can get a quick overview of what’s going on in your Workspace. Most of these columns are fairly self-explanatory, but I do want to draw your attention to the ‘Status’ column. This column shows the protection status of your devices. A green ‘Protected’ label means the device is properly protected. Other statuses like ‘Offline’, ‘Partial Protection’ and ‘No Protection’ indicate potential issues that could affect the security of the device. Another column that you might find particularly useful is the ‘Notes’ column, over here on the right. You can use this to save custom notes for your own reference.
These columns were already here by default, but they can be easily customized to suit your workflow. To do so, just click the ‘Select columns’ button and select the information you’d like to display. For example, if you click the box next to ‘OS version’, you’ll be able to see which operating system version is running on your devices.
The columns also support custom filtering, which you can use to quickly find certain devices. For example, let’s say we wanted to see which devices have never been scanned. We would go to the ‘Last Scan’ column, click the funnel icon, and then select ‘Never’. This will bring up all the devices that have never performed a disk scan.
If you don’t want to do this manually every time, you can save your filtered views and sorting settings. Just click the ‘Filtering using presets’ button up the top and click ‘Save current view’. Then we just enter a name for the view, something like “No scan history”, and click Save. Our saved view will now be stored in the dropdown menu, where we can easily access it in the future. You can also use this menu to switch to one of our predefined views.
Okay, now let’s move onto other parts of the dashboard. You can use the search box up the top here to filter your devices. The filter kicks into action as you start typing. For instance, if we type ‘m-a-n’, the view will show all of the devices that are part of the ‘Management’ policy group.
You can also use the Workspaces dashboard to perform various actions on your devices. See the hamburger menu at the end of each row? Go ahead and click on it, and you’ll see shortcuts for starting a malware scan, checking protection settings and moving the device to a different policy group.
Now, as your workspace grows, you might need to deploy Emsisoft protection software to more devices. You can do this by clicking the ‘Add device’ button. Use the ‘Download’ option if you want to download and install the software yourself, or the ‘Send email’ option to send download instructions to a user. These installers contain an authorization token in their filename, which means you don’t need to provide a license key or user login information to install the software. Just run the installer on your new device and the device will show up here a few seconds later without any further user input.
If you’re on the Emsisoft Enterprise Security plan, you can automatically install Emsisoft protection software on new devices via Group Policies in your Active Directory. If you’re interested in learning more about that, I’ll leave a link to a guide in the description below.
Coming back to the Workspaces dashboard – we’ve saved the best feature for last. Let’s say you want to take a closer look at a particular device. Click on a device name and you’ll jump to the Device Panel.
As you can see, the Device Panel looks exactly the same as the client-side interface. We’ve got four large tiles here for quick access. The background color of the ‘Protection’ tile is usually green. But if any of the settings on the device pose a security risk, the tile will turn orange or red depending on the severity of the situation. Next, we’ve got the The ‘Scan & Clean’ tile. From here, we can initiate various scans and access quarantined objects. From the ‘Logs’ tile, we can access device-level logs. And if we click on the ‘Settings’ tile, we can view and change the protection settings on the device. This will overwrite any group policy-level settings.
Finally, let’s move down to ‘Device health’. In this section, you’ll find a bunch of quick-access settings. But for now, let’s just take a look at some of the most important features.
So, here we’ve got the ‘Network lockdown’ button. If you’re under attack, you can toggle this on and the device will be taken completely offline. While in lockdown, the device maintains a connection to the Emsisoft Management Console, so you can continue to investigate and resolve the problem.
This section also displays the status of the remote desktop protocol service on the device. RDP is an extremely common entry point for attackers, so it’s best to keep it turned off unless you need it.
Oh, and one last thing – if you want to make a device more easily accessible, you can just click the pin icon here and it’ll pin the device to the side menu.
That’s it for now. Thanks for joining us.
