Overview of the ZeroLock™ Management Console Endpoint Details homepage.
This article walks through the Endpoint Details page.
From the Endpoints homepage, double-clicking anywhere on the row of an endpoint will open its Endpoint Details page.
Actions Drop-down list
The ACTIONS drop-down menu lists the actions that could be taken on an endpoint. Greyed out items are not available on this specific endpoint.
The status of the selected Endpoint.
Options: Green - Connected, Red - Disconnected, Yellow - Deactivated, Pink - Quarantined.
The three (3) blocks to the right represent the counters for the severity types of alerts.
Options: High - red, Medium - yellow, and Low - green.
|LAST CHECK-IN||The time since the endpoint has checked in with the ZeroLock™ Management Console (ZMC). This is done every 30 secs.|
|HOSTNAME||The name of the system on which the ZeroLock™ Agent resides.|
|IP ADDRESS||The IP address of the endpoint.|
|MAC ADDRESS||The MAC address of the endpoint.|
|The IP address of the Collector. This is the service that resides in the containerized repository and collects endpoint events and threat information.|
|The name of the config profile assigned to the endpoint. Configuration Profiles allow the ZMC administrators to control ZeroLock™ Agent behavior on protected Endpoints.|
|Are used to identify a specific set of endpoints, usually by functionality such as all database servers or by functional area (e.g., accounting systems or Web nodes). Assigning permissions by group enables an administrator to restrict what a ZMC user can do.|
|The operating system of the endpoint.|
|The version of the ZeroLock™ Agent that is installed.|
Activity logs consists of two (2) columns:
- TIME is when something occurred
- INFO is a brief description of the occurrence.
This feature provides an administrator alternative, command prompt access to an endpoint. There may be instances when an endpoint must be isolated, or quarantined, from the company’s network to protect the integrity of that network. In the event of a malware attack, for example.
Once quarantined, the SHELL provides a means for connecting to that endpoint to determine the extent of the damage without risking the entire network.
From this screen and using the provided shortcuts ‘help’ and ‘get’, an administrator has the ability perform troubleshooting of endpoint issues, view the current list of endpoint settings, and manage the endpoint.
Endpoints may be archived but not deleted. To archive an endpoint, the endpoint must first be disconnected.
Once disconnected, the Archive Endpoint option will no longer be greyed out. Selecting Archive Endpoint followed by Archive on the next screen and the endpoint will no longer be visible on the Endpoints page.
Archiving an endpoint can NOT be undone.