Endpoints
      Back to home
      1. Vali Cyber Knowledge Base
      2. ZeroLock®
      3. Endpoints

      ZeroLock® Management Console: Endpoint Details Homepage

      Overview of the ZeroLock Management Console Endpoint Details homepage.

        Overview

        This article walks through the Endpoint Details page.

        From the Endpoints homepage, double-clicking anywhere on the row of an endpoint will open its Endpoint Details page.   

        Endpoints Homepage 2.0.1

        Actions Drop-down list

        The ACTIONS drop-down menu lists the actions that could be taken on an endpoint.  Greyed out items are not available on this specific endpoint.

        Endpoint Details Actions Dropdown 2.0.1

        Endpoint Details

        Endpoint Details Screen 2.0.1

        STATUS

        The status of the selected Endpoint.  

        Options:  Green - Connected, Red - Disconnected, Yellow - Deactivated, Pink - Quarantined.
        ALERTS

        The three (3) blocks to the right represent the counters for the severity types of alerts.

        Options: High - red, Medium - yellow, and Low - green.
        LAST CHECK-IN The time since the endpoint has checked in with the ZeroLock™ Management Console (ZMC). This is done every 30 secs.
        HOSTNAME The name of the system on which the ZeroLock™ Agent resides.
        IP ADDRESS The IP address of the endpoint.
        MAC ADDRESS The MAC address of the endpoint.

        COLLECTOR IP

        		 The IP address of the Collector. This is the service that resides in the containerized repository and collects endpoint events and threat information.

        CONFIGURATION PROFILE

        		 The name of the config profile assigned to the endpoint. Configuration Profiles allow the ZMC administrators to control ZeroLock™ Agent behavior on protected Endpoints.

        GROUPS

        		 Are used to identify a specific set of endpoints, usually by functionality such as all database servers or by functional area (e.g.,  accounting systems or Web nodes). Assigning permissions by group enables an administrator to restrict what a ZMC user can do.

        OS

        		 The operating system of the endpoint.

        SW VERSION

        		 The version of the ZeroLock™ Agent that is installed.

        ACTIVITY LOG

        Activity logs consists of two (2) columns:

        • TIME is when something occurred
        • INFO is a brief description of the occurrence.
        Activity Log 2.0.1

         

        SHELL

        This feature provides an administrator alternative, command prompt access to an endpoint. There may be instances when an endpoint must be isolated, or quarantined, from the company’s network to protect the integrity of that network. In the event of a malware attack, for example.

        Shell 2.0.1

        Once quarantined, the SHELL provides a means for connecting to that endpoint to determine the extent of the damage without risking the entire network.

        MAINTENANCE 

        From this screen and using the provided shortcuts ‘help’ and ‘get’, an administrator has the ability perform troubleshooting of endpoint issues, view the current list of endpoint settings, and manage the endpoint.

        Maintenance 2.0.1

        Archiving Endpoints

        Endpoints may be archived but not deleted.  To archive an endpoint, the endpoint must first be disconnected

        Disconnected Endpoint Main Screen 2.0.1

         

        Once disconnected, the Archive Endpoint option will no longer be greyed out.  Selecting Archive Endpoint followed by Archive on the next screen and the endpoint will no longer be visible on the Endpoints page.

        Archiving an endpoint can NOT be undone.  

        Archive Endpoint Warning 2.0.1-1