Management of Server by gtg52731

VIEWS: 34 PAGES: 18

More Info
									BitDefender Management Server




WHITE PAPER
BitDefender Management Server – White Paper




Summary
   1. Introduction
   2. Why use BitDefender Management Server? Key Talking Points
   3. Product and Features
   4. Architecture
   5. Install/Uninstall
   6. Licence Key
   7. File list, Services and Registry Key
   8. Known issues
   9. FAQ



1. Introduction
      The purpose of this document is to provide system administrators with complete information about
      BitDefender Management Server and to explain in an intuitive manner how it works inside company
      networks. Once familiarized with the product features and architecture presented in the first sections,
      a step by step guide will take users through the process of installing BitDefender Management Server.



2. Why use BitDefender Management Server ? Key
talking points.
Key Talking Points
1. Dashboard = BitDefender Management Server comes with a first page summary containing the most
   important security-related information and the possibility to automatically fix issues by using the quick fix
   button on the dashboard interface.
2. Policy assignment by user (domain user)\computer\groups\servers This allows tracking the user within
   the network based on a series of configurable security policies that enable the network administrators to
   better manage the clients throughout the network.
3. Network Builder is a strong, but simple and powerful tool, which enables the integration of "Active
   Directory" and which provides the "New Client Discovery" option so that clients are identified irrespective
   of whether they are within the same domain with Active Directory. Moreover, this tool allows
   automatically deploying the agent.


General related advantages:
1. Proactive malware detection with B-HAVE
2. Short response times to virus outbreaks
3. Frequent virus definitions updates




                                                                                                                       2
               The content of this document is confidential and classified as BitDefender's Proprietary Information.
BitDefender Management Server – White Paper




3. Product and features
    BitDefender Management Server is a complete, stable and affordable endpoint security and
    management solution for SMBs, which delivers superior proactive protection from viruses, spyware,
    spam, phishing and other malware. It enhances business productivity and reduces management and
    malware-related costs by enabling the centralized administration, protection and control of clients and
    servers inside SMBs’ networks.
    The product comes with a set of important features, namely:


Security Policies
    BitDefender Management Server now provides a series of configurable security policies which can be
    set based on pre-defined templates and which allow the administrator to manage the BitDefender
    business products in a highly flexible manner.


Offline Policies
    Once a security policy is set, it will apply irrespective of whether the concerned station communicates
    or not with the Management Server any longer, which represents a significant advantage in point of
    policy compliance within business environments.


New Station Automatic Detection
    To eliminate the security compliance issues related to network admission, any newly connected
    computer is detected automatically and the policies set by the administrator for this event will be
    applied to it immediately.


Deep Integration with Active Directory
    Groups created in AD can be replicated in the BitDefender Management Server so that the
    administrator will not be forced to re-create the already existing network architecture.


Increased Scalability and Ease of Management
    Station administration is a much easier process due to the product’s two-level server architecture,
    which includes a master type server and several slave servers with their corresponding clients.
    Another benefit of this architecture is the possibility of managing an increased number of clients.


Group Management
    The group management option brings more flexibility and control into the client management process
    through the customized policies that can be created for each such group.




                                                                                                                    3
            The content of this document is confidential and classified as BitDefender's Proprietary Information.
BitDefender Management Server – White Paper




Detailed Reports
    BitDefender Management Server is fitted with an enhanced reporting tool which enables the
    administrator to regularly generate statistics on the issues that appeared in the network, updates,
    installations etc.


MMC Interface
    The product comes with an MMC graphic interface to be used for administration and control purposes.


First Page Summary (dashboard)
    To offer a more detailed image of the network security status and an easy way to fix any related
    issues, BitDefender Management Server comes with a first page summary containing the most
    important security-related information.


Improved and Reduced Server-Client Communication
    With BitDefender Management Server, client–server communication is a one way, HTTP-based
    process, no longer hindered by network architecture obstacles such as the existence of a client
    firewall.


Server based on an ODBC database
    Due to its ODBC database, BitDefender Management Server eliminates the drawbacks of a normal file
    system, providing access to database specific operations such as back up, interrogation, storage, etc.


WMI Scripting Center
    Due to the enhanced administration capabilities of the Management Server, it is possible for the
    administrator to use WMI administration scripts to gather hardware and system information about the
    network workstations (hardware properties, startup programs, installed software, hot fixes, service
    packs, and much more)


Autodeployment
    To reduce network management workload and admission security issues, Management Server allows:
    •   automatically detecting newly connected computers (usually in a domain) and then deploying
        Business Client on them
    •   insuring the immediate protection of the new additions to the network because Business Client is
        active on the default settings
    •   new workstations’ compliance with the security policies of the group they are included in by default




                                                                                                                     4
             The content of this document is confidential and classified as BitDefender's Proprietary Information.
BitDefender Management Server – White Paper




4. Architecture




     BitDefender Management Server integrates four main component parts:
1. BitDefender Management Server
2. BitDefender Management Console
3. BitDefender Agent
4. BitDefender Clients
5. Other components
     •   Security Policies
     •   Events
     •   Alerts
     •   Reports
     •   Update Server
     •   Network Builder




BitDefender Management Server
     BitDefender Management Server represents the main product component, the role of which is to
     administrate the security solutions within a network based on a set of configurable policies.. The
     central/ main element of BitDefender Management Server is a data base containing all the necessary
     information.The product architecture includes two types of servers: one master and several secondary



                                                                                                                      5
              The content of this document is confidential and classified as BitDefender's Proprietary Information.
BitDefender Management Server – White Paper




     servers. Secondary servers will take over the settings from the master server without the need for
     them to be configured separately. In addition to that, it will be possible for a server to be
     simultaneously connected to more consoles and to have user groups with different rights.




BitDefender Management Console
     BitDefender Management Console is the component through the MMC interface of which BitDefender
     Management Server is administered. BitDefender Management Console only runs on Windows
     platforms and it can connect to several servers simultaneously.


BitDefender Agent
     This is the component which allows applying BitDefender Management Server to BitDefender Clients.
     What BitDefender Agent does is to interrogate BitDefender Management Server in order to find out/
     establish what security policies are associated to a particular client and how they should be applied
     and to send the result back to BitDefender Management Server.BitDefender Agent is developed as a
     portable product, capable of running on different platforms (Win and Linux).
     BitDefender Agent includes several authentication elements, among which its unique ID, which is
     used as an alias to recognize the client.
     BitDefender Agent can also integrate the client workstation into a certain group. As policies can be
     associated to entire groups, once BitDefender Agent is deployed on a workstation, it will automatically
     take over the policy set for the group that workstation is part of, without the administrator’s
     intervention.
     Due to the Client Discovery option, BitDefender Management Server can be installed and configured
     completely automatically so that whenever new stations appear in the network the server will install
     BitDefender Agent on them without the administrator’s intervention.


BitDefender Clients
     The term BitDefender Clients refers to the BitDefender products administered by Enterprise Manager,
     irrespective of whether they are workstation or server products.


Other components
Security Policies
     Security policies are the main elements BitDefender Management Server operates with. The activity of
     BitDefender Management Server consists of setting client policies, spreading them throughout the
     administered network and receiving feedback on their application.
      Each policy is strictly linked to and it contains descriptive elements about a certain product
     administered by BitDefender Management Server (name, type, version ).The moment a newer version
     of the product on the client station appears, BitDefender Management Server forces BitDefender
     Agent to transfer it and to upgrade. In addition to that, each policy contains the description of the
     settings associated to the product, as well as their default values.


                                                                                                                     6
             The content of this document is confidential and classified as BitDefender's Proprietary Information.
BitDefender Management Server – White Paper




     BitDefender Agent operates according to the following mechanism:
     BitDefender Agent regularly connects to BitDefender Management Server and it checks whether new
     policies have been set for the administered station.
     BitDefender Agent regularly checks whether the current policies of the administered station are
     applied and, if not, it forces such application. The order for policies to be applied, BitDefender Agent
     must already be installed on the respective station. If not, it will be installed and only then and the
     associated policies will be applied.
     When a new element is added to the products administered by BitDefender Management Server, the
     server data base is configured by supplying new tables containing:
     •   the results of policy application
     •   the description of policies
     •   the default values of policies


     Each product comes with a set of policy templates by default, but the administrator can subsequently
     define other policies as well, all of which will be associated to the network clients at will.
     Clients may be organized on the server under the form of groups, either simple (containing only
     clients) or cascaded (containing both clients and subgroups). Applying a policy at group level means
     that the respective policy will be valid for all the subgroups and the clients included in the group in
     question. However, the product provides a special feature concerning the policy “inheritance” method,
     which can be used in case the main group’s policies need not apply to specific clients or subgroups it
     contains .
     To avoid server overload, BitDefender Agent never connects to the server precisely at the specified
     time interval, but subject to +/- 5-10 minutes margin. In this way, the server may be able to administer
     as many as tens of thousandths of clients.

Events

     BitDefender Management Server events practically reflect most of the things that happen on the
     server/agent/client. They may consist of answers to the policies run, virus alerts issued by the
     antivirus shield, warnings and notifications (e.g. information on the status of each product, update
     confirmations from, etc.). Each event includes specific data, which make it unique and easy to
     process. All events are stored in the database.
     Other events characteristics:
     •   each product generates its own events exclusively based on its own information;
     •   events may cause the agent to connect to the server faster so that the server is informed about it
         immediately;
     •   events are deleted from the agent only after having been successfully sent to the server ;
     •   the server saves the data sent by the agent, following which it sends back a message allowing the
         agent to delete the files related to that event.

Alerts

     Alerts are both the message templates that come with every product and the messages of this type
     that can be added by users. Users can associate alerts to various Response Scenarios. Moreover,
     they can set the alert sending method (by mail, administrative alerts., etc) and their intended recipient.




                                                                                                                      7
              The content of this document is confidential and classified as BitDefender's Proprietary Information.
BitDefender Management Server – White Paper




    A series of templates are defined under the form of xml/xls files. From the user’s point of view, the
    interface is exactly the same as for policies, up to the point where the “assign” command must be
    given. It is only from the server that policies can be assigned. The server will look through the
    BitDefender events corresponding to the user defined situations and if a match is found, it will send
    the administrator a message to include the instance in BitDefender. When a situation is defined, a
    false alert with the current timestamp is inserted in BitDefender in order to prevent the sending of
    alerts concerning older events. No mail will be sent to notify the creation of this false alert.
    The XML of the defined situation, as well as that of the template contains a filed in which a set of
    conditions can be defined in order for the alert to be sent.



Reports

    Reports are centralized presentations of the results received from the clients. Results are centralized
    for each server separately, but collective reports, including the results of several servers, can also be
    created .
    BitDefender Management Server creates reports based on a series of queries in the data base, the
    results of which are displayed in the form of graphic reports that can be exported in various sizes.
    Each product has its own set of report templates, but it can be supplemented by user- created
    templates.
    Template Types:
    Templates can be grouped into one category for which it will be possible to generate reports on
    BitDefender Management Server (e.g. Rep Acoperire Clienti); they can also be grouped into one or
    more categories for which reports will be generated on the products installed in the network.



GUI elements

    The product contains a “Reports” node, which includes a “Create new report” sub-node. When
    selecting the reporting node, general information on that node will be displayed. When selecting the
    “Create new report” sub-node, a list of template categories will be displayed, together with links to the
    existing templates for each such category. The HTML file containing this list is built based on the list of
    templates returned by the server.
    When selecting a template, a configuration window will open and the parameters of the requested
    report will have to be input therein. Once the parameters have been sent to the server and the data
    has been received, the report will be displayed in an ActiveX control. This will instantiate the managed
    CrystalReportViewer control, the necessary parameters being set from the javascript.
    When a template is elected the following types of files are brought onto the server:
    •   The xml file specifying which parameters are necessary for the report to be generated
    •   The xsl file by means of which the xml configuration file will be transformed into a web page
    •   The rpt file representing the report
    Once the configuration parameters are set, the xml configuration file will be sent to the server in order
    to obtain the necessary data from the database.
    A directory will be created for each template separately. This directory will contain the following types
    of files:
    •   rpt, the report created in crystal reports




                                                                                                                     8
             The content of this document is confidential and classified as BitDefender's Proprietary Information.
BitDefender Management Server – White Paper




    •   xml, which defines the configuration parameters necessary for the report
    •   xls, which defines the means of transforming the .xml configuration file into a web page

BitDefender Update Server
    BitDefender Update Server allows you to set up a BitDefender update location within the local network.
    Having a local update location, you can configure update policies and assign them to clients so that
    the BitDefender products update from this local mirror instead of updating from the Internet.

    By using a local BitDefender update location, you can reduce Internet traffic (only one computer
    connects to the Internet to download updates) and achieve faster updates. Moreover, you do not have
    to worry about updating the BitDefender products installed on computers that are not connected to the
    Internet.



BitDefender Network Builder
    The purpose of the Network Builder is to provide an easy and simple way to construct groups and
    clients’ structure as the administrator may think fit. It builds the Managed / Excluded Computers
    structures by using the list of computers detected by the network activity detection driver or Active
    Directory.
    The Drag&Drop mechanism is easy to use and it allows assigning multiple computers from the
    Network list to the corresponding groups created by using the right-click menu. However, dragging
    from the Active Directory computers list does not allow multiple selections.
    After dragging the selected computers into the corresponding groups, a list of groups – computers is
    created and sent to Management Server, which decides on which computers it must begin to deploy
    BitDefender Agent. Once the deployment process is completed, each successfully installed Agent is
    grouped according to the previously defined relations.
    If a deployment process fails, the computer appears in the Network Builder with a red icon, so that the
    Administrator can see it. Deployment process failures are mainly due to the fact that the credentials
    used have not been updated. To perform this update, the administrator must access the Credentials
    Manager.
    Network Builder can be used whenever the administrator wants to assign clients to groups, but it’s
    especially useful after the installation of Management Server, when it allows the Administrator to
    easily replicate the Active Directory structure so that there is no need to manually create computer
    groups.
    Please note that Active Directory is interrogated on the Management Server, not on the Management
    Console computer, so the resulting list is based on the Server domain. Also note that the firewall on
    the servers which host or replicate Active Directory must allow remote simple queries from the
    Management Server computer.




                                                                                                                     9
             The content of this document is confidential and classified as BitDefender's Proprietary Information.
BitDefender Management Server – White Paper




5. Install/Uninstall
      There are three ways to install the agent on the target machines.
1. Right- click a computer in the unmanaged computers list and select the option “Deploy agent on this
   computer”. However, this method requires a user with administrator rights, who will be asked for his
   password, and a set of settings that allow installing the agent kit.
      How it works:
      The deployment engine logs to the respective machine based on the username and password
      supplied by the administrator. A deployment service will be created on the target machine and it will
      transport (copy) the installation kit from the server. Once copied, the kit will be run subject to the
      options defined in the management console. When the kit has been successfully installed, the
      deployment service will be deleted and an “Install successful” message will be sent to the console. If
      there is an error in the installation process, the management console will receive an error message.
      After agent installation, the computer will no longer appear in the unmanaged client list, but in the
      managed client one, under “Not Grouped”.
      Note: the agent will communicate with the server on the port defined when the server kit was installed.
      If the agent does not appear on the managed client list, please check whether any firewall has been
      enabled both on the client and on the server. If so, please configure the firewall so that it allows
      server- agent communication on the defined port.
2. The second method consists of installing the agent from Network Builder. Once the deployment
   configuration has been performed in Network Builder, the installation process presupposes going
   through the same steps as the ones indicated in connection to the “Deploy on this computer” option. The
   only exception would be that after the successful completion of the deployment process the computer
   will appear in the selected Network Builder group.
3. The third method consists of using Deployment Tool to install the agent. The process is practically the
   same as in the case of the “Deploy on this computer” option.


Installing BitDefender Business Client
      Once the communication agent has been installed, the client computer will enter the managed
      computer list. In order to be able to install BitDefender Business Client, a policy must be applied on a
      managed client. When the policy is applied, the agent will check whether BitDefender Business Client
      is installed; if not, the agent will copy the relevant installation kit from the server and it will execute it.
      After client installation, the initial policy will appear in the “current policies” section of the management
      console.
      In case of errors in the installation of BitDefender Business Client, a warning will be generated in the
      Dashboard of the management console.


Uninstalling BitDefender Business Client
      To uninstall BitDefender Business Client, select the client/s in the managed computer list on which the
      product is installed and select the “Uninstall Business Client” option from the “right-click” menu. This is
      how the reverse of the installation operation takes place.


                                                                                                                      10
              The content of this document is confidential and classified as BitDefender's Proprietary Information.
BitDefender Management Server – White Paper




Uninstall Agent
     Uninstalling the Agent supposes going through the same steps as when uninstalling BitDefender
     Business Client.



6. Licence key
     By default Management Server is deployed with a trial license that expires in 30 days. During this trial
     period the system has no limitations as to the number of clients that it can manage. Throughout the
     trial period, Management Server notifies the administrator with a dashboard item asking them to
     register product. At the end of the trial period, unregistered products will not be allowed to receive
     policies assigned by the administrator and Management Server will stop managing them. The policies
     assigned after license expiry will run after product registration.
     Products are registered by using the Management Console to connect to the authentication server. In
     order to activate the product serial key, the console must have access to an internet connection.
     During the registration process, Management Console sends the serial key to the BitDefender
     authentication servers and it receives registration information such as the key status, the expiry date
     time and the maximum managed product count.
     The Console packs this data and sends it to Management Server, which will store it on its local
     machine without having to use an internet connection. After receiving data from Management
     Console, Management Server applies a registration policy to each managed product that can be
     registered. Based on this policy, the server sends the respective products information such as the
     expiry date and the serial key.
     Once a product is registered, it will be able to receive the policies assigned both before and after
     registration. Products in excess of the maximum allowed limit of the managed products count will not
     be managed by Management Server and no policies will be assigned to them.
     Administrators receive a warning message in the Dashboard for 10 days before license expiry.



7. File list, Services and Registry key
File list
     bdemagent.exe = the former bdlm file; it applies the policies (the agent).
     bdemagentPS.dll = works with bdemagent.exe, namely it contains bdemagent.exe components and it
     helps bdemagent.exe integrate as com objects
     agent.xml = the former bdlm.ini file; it contains the following information:
     •   Station ID
     •   Operating system
     •   Station name
     •   Server name/IP
     bdemgui.dll = library which uploads into the mmc console. This library is made up of an MMC snap-
     in. It uploads with mmc.exe and it connects to the server. It allows EM users to launch policies, create



                                                                                                                     11
             The content of this document is confidential and classified as BitDefender's Proprietary Information.
BitDefender Management Server – White Paper




    reports, handle clients (computers within the network).. It also warns the user about issues affecting
    the network.
    bdemsrv.exe = the BitDefender Management Server
    dptengine.dll= The library necessary to perform a deployment . It is only uploaded by the server.
    gtrcl = console component - displays the windows console within the mmc
    server.xml = server configuration file (former bdemsrv.ini)
    serverui.dll = Library necessary for the server and the console to communicate at intermediate level.
    It contains information entities at application level.
    tcpmsgsys.dll = Library necessary for the server and the console and for thje server and the agent to
    communicate (former xcomm.dll). It contains information entities at the most abstract possible level of
    the communication between computers


Product services
    •   X:\PATH\bdemsrv.exe
    Server service of the BDEM 3.0 application It accepts connections from the console and from the
    agent. It coordinates the running of policies, jobs, deployment, replication and it detects the computers
    within the network. All of the information (clients, policies, etc) is stored in an SQL server database
    exclusively handled by the server.
    •   bdemagent.exe
    The agent application connecting the server to the client. It is installed by deployment on all of the
    detected computers. It connects to bdemsrv.exe and to vsserv.exe. It communicates to the client what
    was scheduled to be performed on the respective computer and it receives alerts and various
    notifications from the client. Everything that is sent from the server is passed on to the clients, and
    everything that comes from the clients is passed on to the server.
    •   BitDefender Update Server (only if Update Server was selected)
    •   Bitdefender HTTP Server (only if HTTP Server was selected)


Registry Key
    Three files for the three applications: the console, the server, the agent.
    •   bdemgui.reg contains the keys used by the console, namely:
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5E47CBBC-87D1-4783-83DC-
    766411ED5863} - the classid of the console application (the unique id of the application)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MMC\SnapIns – console registration as a snap-in
    mmc (so that the application can be added to an mmc console).
    •   bdemsrv.reg contains the keys used by the server:
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{E5046A47-F441-4E63-983F-23040D57D8A0
    – application id
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{19DFFFF3-BB66-462D-B5FD-
    ABCDE3C7955E} - application typelib
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BitDefender                                  Enterprise        Manager    3
    Server – server registration as a service
    •   bdemagent.reg contains the keys used by the agent, namely:



                                                                                                                              12
            The content of this document is confidential and classified as BitDefender's Proprietary Information.
BitDefender Management Server – White Paper




    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11295F3A-321C-4813-A349-
    FE4659E603A0} – the classid of the agent application ( the unique id of the application)
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0B0F2DE8-9BC8-474D-A4F0-
    C0DFE3628B5E} - EnterpriseManager interface exported by the agent
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BitDefender Enterprise Manager 3 Agent
    - server registration as a service
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{6C57E055-EC25-42B5-A525-
    737F1AAE1629} –application id
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{8A874091-4A2C-4E0E-A8BA-
    B9F26F0FEA9C} – application typelib
    •   AppID and TypeLib are used in the server and the agent to export interfaces. The agent exports
        the BitDefender Management interface, but the server cannot export any interface for now.
    •   The keys used for the storage of the data in the server login page:
    [HKEY_CURRENT_USER] Software\BitDefender\BitDefender Enterprise Manager\Recent Server List\
    - servertext
    [HKEY_CURRENT_USER] Software\BitDefender\BitDefender Enterprise Manager\Recent Server List\
    - porttext
    HKEY_LOCAL_MACHINE\Software\BitDefender\BitDefender Enterprise ManagerConsoleInstalled=1
    HKEY_LOCAL_MACHINE\Software\BitDefender\BitDefender Enterprise Manager
    Path=[BDEM_DIR.37508AD6_4814_468C_AE48_9DF700685654]
    HKEY_LOCAL_MACHINE\Software\BitDefender\BitDefender Enterprise Manager ServerInstalled=1
    HKEY_LOCAL_MACHINE\Software\BitDefender\BitDefender Enterprise Manager
    Version=[ProductVersion]
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5E47CBBC-87D1-4783-83DC-766411ED5
    863}         .
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5E47CBBC-87D1-4783-83DC-766411ED5
    863}\InprocServer32
    [BDEM_DIR.37508AD6_4814_468C_AE48_9DF700685654]bdemgui.dll
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5E47CBBC-87D1-4783-83DC-766411ED5
    863}\InprocServer32         ThreadingModel=Apartment
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MMC\SnapIns\{5E47CBBC-87D1-4783-83DC-7
    66411ED5863}        NameString=BitDefender Enterprise Manager 3
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MMC\SnapIns\{5E47CBBC-87D1-4783-83DC-7
    66411ED5863}        About={8B397266-DC20-4DAD-B4BB-D5859C01F92E}
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MMC\SnapIns\{5E47CBBC-87D1-4783-83DC-7
    66411ED5863}\StandAlone
    HKEY_CLASSES_ROOT\CLSID\{8B397266-DC20-4DAD-B4BB-D5859C01F92E}
    ThreadingModel=Apartment
    HKEY_CLASSES_ROOT\CLSID\{8B397266-DC20-4DAD-B4BB-D5859C01F92E}\InprocServer3
    2 [BDEM_DIR.37508AD6_4814_468C_AE48_9DF700685654]bdemgui.dll




                                                                                                                     13
             The content of this document is confidential and classified as BitDefender's Proprietary Information.
BitDefender Management Server – White Paper




      HKEY_CLASSES_ROOT\CLSID\{8B397266-DC20-4DAD-B4BB-D5859C01F92E}\InprocServer3
      2 [BDEM_DIR.37508AD6_4814_468C_AE48_9DF700685654]bdemgui.dll
      HKEY_CURRENT_USER\Software\BitDefender\BitDefender Enterprise
      Manager\Maintenance            ProductCode=[ProductCode]
      HKEY_LOCAL_MACHINE\Software\BitDefender\BitDefender Enterprise
      Manager\Maintenance            ProductName=[ProductName]
      HKEY_CURRENT_USER\Software\BitDefender\BitDefender Enterprise Manager\UI
      HKEY_LOCAL_MACHINE\Software\BitDefender\BitDefender Enterprise Manager\UI
      HKEY_LOCAL_MACHINE\Software\BitDefender\BitDefender EnterpriseManager\SqlSettings



8. Know issues
      •   Bitdefender Management Server:


4. Dr Watson dump generated by the bdemsrv component on win 2k3 - x64
5. The file replication service API was called incorrectly
6. Credentials manager item synchronization work only from slave to master when use the delete option
7. Incomplete functionality for Authentication Code for invalid keys
8. Console is blocking after some inactivity time period when is ruled the option More Details for an existing
   policy
9. Incorrect "No issues detected" info displayed in the dashboard
10. The response for "List Installed Software" WMI script is not working on Win 2K3
11. At files with 0k generated by the agent when the disk is full causes the console to close when accessing
    the status page for that client
12. The server is not writing all the time correctly the name of pc


      •   BitDefender Business Client:


1. Uiscan dump in "MODULE_NAME: uiscan" on win vista x64 after an endurance test
2. Memory dumps on windows 2000 caused by Trufos
3. Invalid crash dump's created by the BDCH mechanism
4. Bdagent crash in NTDLL on Win 2K
5. Uiscan dumps on bdch module
6. Vsserv crash in as2core module
7. Svchost crash on windows 2003 during endurance test
8. No text displayed in the web pages when web access is blocked by Time Limiter
9. Seccenter crash on liveent.dll
10. Bdwizreg crash on Windows Vista x64 in bdguictl.dll.



                                                                                                                       14
               The content of this document is confidential and classified as BitDefender's Proprietary Information.
BitDefender Management Server – White Paper




9. FAQ
    Q: How can I check whether the policies I set have been received and applied at client level?
    A: By double-clicking the policy in question, and selecting the “more details” option, you can find out
    the policy status for each client.


    Q: After successfully installing the product, when I access the management console and try to
    connect, the answer I receive is: “No connection could be made because the target machine actively
    refused it”
    A: There are two possible options:
    •   The BitDefender Management Server service has stopped .Please try to restart it.
    •   When trying to connect, you used an incorrect server address name/ip or port on the console.
        Please make sure that you typed in the correct address.


    Q: The BitDefender installer asks for a password to the SQL Server database, but it does not accept
    the password I provide. Why?
    A: Please make sure that the password is at least 7 characters long, and that it contains al least one
    uppercase letter, one lowercase letter, one digit and one non-literal symbol.


    Q: Irrespective of how I schedule the update policy, the client configuration always indicates that the
    automatic updates are not enabled and that the update interval is 1 hour (even if I set the frequency
    update to 1 day or to 12 hours in the update policy).
    A: When scheduling updates, you do it at policy level. The client no longer updates by itself, but only
    when the policy requests it to do so (according to the update schedule in the policy). That is why the
    client settings do not indicate the actual update schedule.


    Q: Where can the admin check when the client last updated and when the next update is scheduled
    for?
    A: There are several possibilities:
    •   Go to the current policies section, right click the policy you are interested in and select the "more
        details" option. This is where you can find update-related information such as: last run, run count,
        expected time to run etc. The information in the "response" tab indicates when the last update was
        performed.
    •   Another possibility is to generate an update report, which will contain all update-related details.
    •   The third possibility would be to do the following:
        •   Double click the client name
        •   Click the BitDefender Business Client link at the top of the page
        •   Go to Live Update Settings, where you can find the options related to Bitdefender Live Update.


    Q: What is the difference between targets and clients?
    A: The term “targets” may refer to any of the following:
    •   all clients
    •   one group of clients


                                                                                                                     15
             The content of this document is confidential and classified as BitDefender's Proprietary Information.
BitDefender Management Server – White Paper




    •   a single client
    One policy can have several targets (e.g.2 groups of clients). Therefore, the "target" tab will include all
    policy assigns, while the “client” tab will include all clients where the policy has been or is applied.
    Please remember that a client may appear twice in the target window (eg: the policy was assigned to
    2 groups and the client is part of both).
    In addition to that, the policy will appear in the "clients" tab once, while the "response" tab will contain
    information about the last time the policy was applied to that client.


    Q: How is automatic detection performed?
    A: A BitDefender proprietary driver detects all traffic within the network. Therefore, the first time a
    computer communicates inside the network it will be detected.
    Note: The BitDefender computer detection driver does not discover computers outside the broadcast
    domain.


    Q: The dashboard contains a list of EM-related warnings. Based on what criteria is component
    monitored?
    A: The Management Server monitoring criteria are the following:
    •   ClientsNotGrouped – ungrouped clients
    •   NoManagingActivity – clients which have the agent, but no products installed
    •   DefaultPassword – the default password to the console has not been changed
    •   NoNetBuilder – NetBuilder has never been run
    •   TrialExpires / Expires – the product is about to expire
    •   DuplicateClients – there are duplicate clients, that is clients with the same mac


    Q: Based on what criteria are Desktop Clients monitored?
    A: The Desktop Clients monitoring criteria are the following:
    •   DesktopUpdates – installed clients with no update policies assigned
    •   DesktopUpdatesErrors – update errors occurred on several clients
    •   NewThreats – certain clients have received the “virus found” warning


    Q: How does automatic detection work?
    A: The BDMS detection driver is a passive driver that listens on the network for traffic such as: PING
    reply, ARP broadcast, any UDP broadcast. Any computer that generates such traffic will be added to
    management database.


    Q: How will the agent and the policies be deployed when a new PC connects to the network?
    A: If the “Enable Automatic Deployment” option (Tools -> Auto Deployment) is activated and the
    deployment rules are defined, BD Management Agent will be deployed on any computer detected by
    the BDMS driver and matching the deployment rules. BitDefender Business Client will be installed
    only if the corresponding option is checked.


    Q: What do single, master and slave server mean?


                                                                                                                     16
             The content of this document is confidential and classified as BitDefender's Proprietary Information.
BitDefender Management Server – White Paper




    A: There are 3 possibilities:
    •   Single master: only manages clients and no other server is connected to it.
    •   Master: directly connected only to slave servers and it does NOT manage clients directly.
    •   Slave: directly connected to its managed clients and it can also be managed by a master server.


    Q: Why do I need to install a new SQL Server?
    A: The main element of BitDefender Management Server is a database containing all the necessary
    information. You may choose to install a new SQL Server (SQL Express) or use an existing database.


    Q: Why does the Windows message “windows can’t verify the publisher of this driver software” appear
    during the installation process?
    A: This message is displayed because Client Security uses a firewall driver that is in the process of
    being signed. The same window may appear when installing BDMS.


    Q: What happens if there is an older SQL on the clients’ server?
    A: The product will not work. BitDefender does not update other products. The product only operates
    subject to the system requirements indicated in its technical specifications.


    Q: If the database breaks down, do you provide any recovery scripts?
    A: BitDefender uses internal scripts so that the entire process is automatic and invisible to the user.


    Q: What is the use of dot net 2.0? If an older version is identified, will it be updated?
    A: Crystal reports and Sql need it to operate properly. BitDefender can identify and upgrade any older
    version of dot net 2.0.


    Q: What is the difference between an update server and an http server?
    A: The update server is used in order to download update files from the BitDefender update locations.
    The http server is used to publish these updates internally.


    Q: What happens if I lose/forget my console password?
    A: You must contact support and you will receive recovery guidance.


    Q: Is it possible to detect the computers located in a different broadcast domain?
    A: No


    Q: Is it possible to place computers from another broadcast domain under the Unmanaged node?
    A: Yes, it is. However, they will all appear in the dashboard, registered with the router’s MAC.


    Q: Why must the agent be installed first?




                                                                                                                    17
            The content of this document is confidential and classified as BitDefender's Proprietary Information.
BitDefender Management Server – White Paper




    A: One possible answer would be that the administrator first wants the respective computers to be
    managed and only then to see, based on WMI tasks, whether they require Client deployment.


    Q: Is it possible to use the AD mechanism for deployment?
    A: Yes.


    Q: Who initiates synchronization? The Server or the Agent?
    A: The Agent.




                                                                                                                      18
              The content of this document is confidential and classified as BitDefender's Proprietary Information.

								
To top