UGC Device management from the UGMC Console

A UGC managed device added to UGMC will appear in the realm management web console in Endpoints ➜ Devices.

In Endpoints ➜ Devices, you can do the following with the managed devices:

  • Add a new endpoint device (discussed earlier in the Placing UGC Managed Devices Under UGMC Management section).

  • Edit the endpoint device's properties, i.e., update the device name, description, template groups applied to it, and synchronization type.

  • Delete the selected endpoint device.

  • Enable/disable endpoint device synchronization.

  • Enable/disable all network connectivity.

  • Задание частоты синхронизации соединений UGMC и управляемых устройств UGC.

  • Отображение уникального кода устройства, необходимого для подключения управляемых устройств UGC к UGMC.

  • Reconnect a device i.e. re-register an endpoint device in UGMC. The connection code will be re-generated.

  • Start forced synchronization.

  • Display the settings applicable to this endpoint device (Preview button).

In this section, you can also view the following parameters for each endpoint device:

Name

Description

Name

Name of the endpoint device.

Version

Version of the UserGate Client software installed on the device.

Last access time

The date and time when the endpoint device was last connected.

Telemetry

The following information is displayed:

  • The IP address of the endpoint device used for Internet access.

  • The NetBIOS name.

  • Время последнего подключения управляемого устройства UGC к UGMC.

  • The user whose account was used to log in.

  • The computer's name in the local network.

  • The OS version installed on the endpoint device.

  • The version of the UserGate Client software installed on the device.

  • The UserGate client CPU used (extent to which the endpoint device's CPU is loaded by the client).

  • The UserGate client memory used (how much RAM is consumed by the UserGate client).

  • The physical RAM usage (how much RAM is used on the endpoint device).

  • The virtual memory usage (how much virtual memory is used on the endpoint device).

Endpoint device monitoring

Shows detailed endpoint system information. A more in-depth discussion of this topic will follow.

В случае возникновения ошибки синхронизации конфигурации конечного устройства доступен просмотр отчёта (нажать Показать отчёт), в котором отображены время последнего подключения к управляемому устройству, название правила, тип объекта, ставшего причиной сбоя синхронизации, и описание ошибки. The sync failure does not change how firewall rules are applied to the endpoint device when errors occur (i.e., the firewall rules set during the last successful synchronization remain in effect); service and process management as well as registry queries are still available.

Endpoints templates group

The template groups applied to the UGC managed devices.

The creation of template groups was discussed earlier in the UGC Managed Device Template Groups chapter.

HIP profiles

The list of HIP profiles. An HIP profile will appear in the list only if it is used in firewall rules.

A color status indication tells whether the endpoint device matches the HIP profile:

  • Green: the endpoint matches the profile.

  • Red: the endpoint does not match the profile.

В случае несоответствия к просмотру доступен отчёт (нажмите Посмотреть отчёт), содержащий информацию о времени последнего получения данных, название профиля и объекта HIP, тип и несоответствующий элемент объекта.

For more details, see the HIP Profiles section.

LogAn devices

The name of the UserGate Log Analyzer server to which the endpoint device sends diagnostics logs and telemetry data.

Last successful sync time

The mode, date, and time of the last successful synchronization of the endpoint device with UGMC. The mode can be one of the following:

  • Auto sync: the settings are applied to the device automatically. A change to any setting in any template of the template group applied to the managed device is propagated immediately to the device.

  • Disabled: sync mode is disabled.

  • Manual sync: in this sync mode the settings are applied on clicking the Sync now button. This option is useful when many template settings need to be changed and applied to the device at once. In this case, you need to disable synchronization, make the desired changes to the templates, and then enable the Manual sync mode.

The Endpoint device monitoring tab is needed for monitoring the state of a UGC managed devices. It shows the following parameters of the endpoint device:

Name

Description

General

General information about the device (computer name, OS type and version, UserGate Client software version, IP address, system boot time, and the current device time in the timezone set on the endpoint device) and about the user whose account was used to log in (user's profile photo, name, and status, account type (local or domain), phone, and email).

Important! To display complete information about domain users, you need to connect the LDAP connector in the Management Center User Catalogs section.

Performance

The following information is displayed:

  • CPU usage, i.e. the loading on the central processor.

  • Endpoint device CPU usage by the UserGate Client process.

  • Endpoint device virtual memory information.

  • Physical RAM information.

  • Client memory used by the UserGate Client.

  • Disk information: the disk size, type, and performance.

  • UGC managed devices status, or the status of the UserGate Client: online/offline (endpoint device availability) or disabled (UserGate Client was disabled from UGMC using the Disable button).

Connection security

The security information for the endpoint device, namely status of firewall, antimalware, Windows Update, and Windows Security Center, as well as disk encryption (BitLocker) information.

USB devices

Information about the connected USB devices:

  • Идентификатор устройства: пара идентификаторов VID/PID (Vendor ID/Product ID) и номер версии устройства.

  • Название устройства.

  • USB класс, например mouse, printer.

  • Сервис: драйверы, использующиеся для работы с устройством.

Startup items

The list of applications configured to start automatically on system login.

Processes

The list of processes running on the endpoint device.

Нажатие кнопки Завершить процесс позволяет завершить процесс на конечном устройстве, используя UGMC.

Services

The list of services running/stopped on the endpoint device.

By clicking Stop service/Start service, you can attempt to stop or start a service on the UGC managed devices from UGMC.

Registry keys

View the registry. Available values:

  • HKEY_LOCAL_MACHINE.

  • HKEY_USERS.

You can search for registry keys. Для этого необходимо нажать Найти (отображается при наведении указателя мыши на название каталога).

Installed software

The list of software installed on the UGC managed device showing the vendor name and version number.

Installed updates

The list of updates installed on the UGC managed device showing the Microsoft KB number, product information, vendor name, and installation date.

Restore points

The list of available restore points and information about them.

In the UserGate Management Center web interface, you can filter the UserGate Client MDs available to display:

  • enabled or disabled endpoint devices;

  • blocked or non-blocked endpoint devices;

  • online (connected to UGMC), offline (disconnected from UGMC), or not linked (not yet connected to UGMC) endpoint devices;

  • consistent (Endpoint synchronized successfully) or inconsistent endpoint devices (with errors detected during MD synchronization);

  • meeting or not meeting the security requirements.

In addition, an advanced search mode is provided that allows you to create complex search filters using a specialized query language.