sophos central

How to Allow/Block a URL through Sophos Central

To allow/block a URL through Sophos Central, you can follow the steps and reference screenshots in this blog.

1. Launch the Sophos Central Admin.

2.  Click on the Global Settings on the left pane of the page:

3. Click on the Website management in General pane:

4. Click on the Add button to add the URL you want to allow access:

5. A pop box for adding website customization will appear. Then fill up the URL/domain and the Category, and click save button:

6. Click on the Endpoint protection tab in the left pane and then click on the Policies tab:

7. Click on the Add Policy button in the right top corner:

8. A pop-up as shown below will appear:

9. Select the feature as Web Control and type as User. Click on the continue button.

10. Give it a policy name and select the user from the available user and drop it to Assigned users as shown below:

11. Now click on the Settings Tab and turn on Control sites tagged in Website Management and click add new:

12. Add the website tag and the follow-up Action you wanted, click save, and you are done:

6 Reasons an Excellent RMM is Essential

In particular, managed service providers are examples of modern IT firms that are not merely “local enterprises.” For instance, maintaining track of all the machines and endpoint management might be a challenging chore for an administration in charge of a network that spans numerous states and countries. Fortunately, RMM (remote management and monitoring) softwares are readily available, and the following are 6 benefits of RMM.

What Does Remote Monitoring and Management Software Entail?

You’re not isolated if you’re inexperienced with remote monitoring and management software. RMM is an IT technology class that enables internal IT staff and managed service providers (MSPs) to remotely monitor an industry’s networks, equipment, and endpoints. All the devices a corporation uses receive remote monitoring and management software, commonly known as network management software. This program enables IT staff to remotely monitor the safety and condition of all network servers and devices.

Top 6 Reasons an Organization Needs an Excellent RMM 

There are several advantages to implementing RMM systems in your company. RMM keeps your firm from dealing with problems that may have been avoided. Whenever a team of specialists monitors your system, you receive improved security against attacks, lower expenses, and tremendous productivity increases.

  • Minimize Downtime: Downtime poses a significant risk to enterprises. It results in significant financial damage, and your clients lose faith in your solutions. When your services fail, your staff members cannot access any of their data, particularly emails and any software necessary for their employment. RMM services usually monitor your servers 24 hours a day, seven days a week, and are capable of addressing any issue that creates downtime.

    Meanwhile, you’re paying for staff, facilities, and a lack of output. It will be impossible for customers to get in touch with you, and you won’t be able to live up to their requirements.

    Therefore, RMM is an excellent tool for keeping your systems operating. There might be a variety of reasons you lose connection to your systems, but if you don’t keep an eye on them, you will be unable to prevent it from happening.
  • Security– Remote administration and monitoring software ensure that machines are operationally sound. These applications also get real-time information about security breaches or invasions. RMM monitoring solutions can prevent many types of security breaches since they are fully aware of everything that occurs in a given network. It may be configured to track log-in sessions and block out the visitor after a certain number of attempts. These settings can be modified using the admin interface.

    Assume an unauthorized user attempted to connect to the network using a laptop. This strange computer, as well as failed log-in attempts, will be recognized by the Rmm application. Furthermore, the application may use the camera capability of a smartphone to snap an image of the person attempting to enter the system.
  • Monitoring and notifications in real-time– The customer care team can identify a situation before it becomes an issue for your customers. Any possible issues will be known to an MSP supporting and monitoring the company’s infrastructure, allowing them to be fixed before they have a negative impact on the client’s operations.

    This is critical because when you are tardy in resolving the issue, it might harm your customer’s business and expose him to different cybersecurity dangers. You no longer need to fight fires with real-time monitoring. Retroactive fixes will release resources, allowing you to preserve money and gain more clients.
  • Maintenance- RMM will manage all of your routine maintenance. It is critical to managing your systems since it maintains updates, safety, and overall system health. A healthy system translates into a healthy business. You may rely on the data you have exposure to. RMM monitors your technology to ensure you can retrieve your information and complete your tasks.
  • Productivity– The purpose of RMM implementation is to increase productivity. In your business, productivity loss is the last thing you want. Through automation, MSPs may work more efficiently while providing their clients with more remarkable service. It also enhances productivity, enabling them to accept more customers and develop their operations.

    Your organization can only expand if you are developing it, which you cannot do if you are not generating. RMM will monitor and maintain your equipment so that you may continue to supply your products and services to an increasing number of clients.

    The leading cause of the current boom in remote monitoring and management is that it has completely transformed how businesses and MSPs handle IT.
  • Reduce Your Travel Expenses– Assume you are experiencing issues with a PC or smartphone in a distant location. A technician does not require you to observe activities or inspect the system.

    You may significantly reduce airfare and other trip-related costs when maintenance and monitoring can be completed with little travel. Indeed, your IT team may maintain continual contact using mobile device apps so that when an emergency scenario arises, you can warn the required individuals to take the necessary measures before disasters occur.

    The tech needs to be present in one place to handle everything, so he doesn’t need to visit your site to check on how things are doing. Because of remote monitoring and management apps, your company is not only more efficient, but it can also boast about rapid reaction times and accuracy.

Final Thoughts

A competent RMM tool is required to handle massive volumes of devices successfully. If you aren’t already utilizing one and wish to grow your business or gain additional insights about your networking, start immediately. You’ll soon question how you survived without one.

Your engineers may provide a higher level of customer assistance if you provide them with the most effective tools. Detect problems before they happen, do more remote work, and conserve time.

RMM software is the next step if you’re enthusiastic about professionally monitoring your networks or developing your IT services company.

RMM Admin

Here’s why you need an RMM Admin to make life easy

Perks of outsourcing an RMM Admin 

These are times that we see many jobs getting scarce, many going back to working from the office, many shifting to permanent WFH and many trying the hybrid working model. But an MSP (Managed IT Services Provider) has been serving through the remote working model since inception. Remotely managing their client’s IT Network from the very beginning. These are companies that broke the stereotype of a break-fix model (fixing equipment after it is damaged) and moved to a proactive approach (monitoring and managing the device so that issues don’t arise).  

MSPs do this by using a tool – RMM. 

RMM is a tool that MSPs (Managed Service Providers) use to access and safeguard their client’s IT Network. 

RMM stands for Remote Monitoring and Management, it is a tool that helps MSPs remotely monitor and manage their client’s IT Network. The one who manages it is an RMM Admin. 

Wondering who an RMM Admin (RMM Administrator) is? 

Getting an RMM Admin in developed countries like the USA, UK, and ANZ can often prove to be too costly when compared to equally skilled engineers in developing countries. 

All the tasks that an RMM engineer would do sitting in the office, are done by an RMM Engineer sitting remotely anywhere else in the world.

What does an RMM Admin do? What can they help you with? 

It may seem like a simple task which involves monitoring and managing but within that, the following services are included: 

  • An RMM Admin will help in onboarding new clients
  • They’ll help manage and configure alerts 
  • They’ll do Patch Management 
  • Schedule and Automate Tasks to save time and improve efficiency 
  • Monitor devices and network performance 
  • They would monitor system core services 
  • An Admin would manage third-party integrated plugins & solutions 
  • They will patch and upgrade RMM tools 
  • They’ll also enable Scripting & Automation 
  • An Admin would take care of any vendor liaison 
  • Create/Customize Client Reports and schedule them so that the clients get their reports from time to time. 

Why do you need an RMM Admin? 

  • The MSP doesn’t need to source and hire engineers 
  • As there is no in-house engineer, the cost and time of training them reduces
  • Overall cost savings as you don’t have to spend much money on training an already trained engineer 
  • Time Savings when you consider the time saved in resource planning, training etc.

Cost Savings 

According to salary.com, the annual cost you’d incur for an L1 and L2 engineer in the USA ranges from $63,887 to $80,635 and $69,000 to $106,000 respectively. 

But at the same time when you outsource the same to a Master MSP in India, the total cost you’ll incur for an L1 and L2 engineer both would be 1/3rd of the price you pay there.  

Vendors we support

All RMMs are more or less the same or have similar basic functionalities. Our skilled engineers have expertise working on Platforms like ConnectWise Automate, N-able N-central, NinjaOne, Atera, Kaseya, Datto etc. Here’s an RMM Tool Comparison for you to decide which tool you want to finalize.

RMM Audit: 

You must have surely invested a lot in your RMM Tool but are you getting the maximum return of investment from it? How would you optimize it to its full capacity? An Audit of your RMM will give you a detailed RMM Audit report which will show the loopholes it has and what areas need rectification. 

The step following would be to rectify the loopholes that were found. 

Frequently Asked Questions

What is an RMM and a PSA?

RMM stands for Remote Monitoring and Management Tool and PSA is a Professional Service Automation Tool. You can manage an entire IT Network with an RMM whereas a PSA lets you manage tickets, and invoices and does time-tracking etc.

What is RMM Automation?

When you use an RMM tool to automate any feature like automating sending daily reports, automation to clean up the disk drive when it is 80% full or trigger notifications when a certain activity takes place etc.

What is SolarWinds RMM?

Earlier known as Solarwinds, now known as N-able N-central. N-central is the RMM Platform owned by N-able.

Is Intune an RMM?

No. Intune is a Mobile Device Management and a Mobile Application Management Software. It lets you manage apps on the device and the device on a whole but you cannot remotely perform the functions that an RMM would perform for the client. Intune lacks the ability to centrally monitor, manage and automate across multiple clients, which an RMM tool can.

What are the top RMM tools and PSA platforms for MSP?

The market leaders in the RMM Platforms are ConnectWise Automate, N-able N-central, Datto (now owned by Kaseya), Kaseya etc. Market leaders of PSA Platforms are OpenAir, Dynamics365, Autotask, ConnectWise Manage etc.

Conclusion

Infrassist uploads a new blog every week. Keep an eye on our blog section to learn more about resolutions to all your technical problems.

Connectwise Automate

ConnectWise Automate: Show details of Devices that are more than 4 years old

This solution is related to ConnectWise Automate.

One of our MSP clients had this requirement where he wanted to remove devices from his network that were more than 4 years old.

Out of the thousands of devices/nodes in this client’s IT Network, it would have been impossible to manually check the individual manufacturing details of each.

And when our team went ahead to find a solution to this, we found that there was no such report in ConnectWise Automate’s Report Manager. That is when we knew that we’d have to take this into our own hands and find a way out. And so we did.

Goal:

To check the computer devices’ age of manufacturing using ConnectWise Automate Control Centre RMM.

Steps:

Open Automate RMM, and click the Systems Option > Automation > Searches > Advanced Searches.

Here is the formula that we used to export data of devices in the network that were more than 4 years old.

[Computer.Bios.StartDate] Is less than or equal to …

Add the date that you want. Press Enter and go to the Options Tab beneath it where you will find an option to “Export all data to Excel“. This formula will give you the list of all devices that are there in the IT Network.

Here is the excel sheet that got exported. In this Excel you’ll find all data, from here you can filter and sort details using Sort and Filter or the Ascending and Descending option in the dates column.

Upcoming

We do a lot of resolutions on ConnectWise Automate, solutions that are often not there in their system but our expert team cracks it.

There are ConnectWise Automate blogs on our website that talk about C-Drive Utilization of each workstation in the network, changing the format of the Executive Summary Report that is generated and fixing the inability to download custom agents.

We upload technical blogs on our website on a weekly basis, so keep an eye on it. And click here to have a look at all the blogs that we have uploaded this far.

Clock Drift Monitoring N-able

Fix Clock Drift Monitoring error on N able N central

Clock Drift monitoring service on N able N central, monitors if the clock is running at the correct time on the server or not. It basically matches the time on the server with an authoritative time such as a public NTP server or one of your choice.

However, sometimes the monitoring service comes up with errors when there is a problem with the configuration. This blog post is about one such error.

201 Cannot convert value “rror: 0x800705B” to type “System.Double”. Error: “Input string was not in a correct format.” At line:158 char:1 + $global:resultoffset = [double]$stat; + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidArgument: (:) [], RuntimeException + FullyQualifiedErrorId : InvalidCastFromStringToDoubleOrSingle

Here is how you can fix the error on N able N central:

  1. Open the Monitoring service on N Central and check the NTP server that it uses as its Authoritative server. By default it will be pool.ntp.org unless configured otherwise.
  2. Try to ping the NTP server in Step 1 from the server. Most likely, there will be no response to the ping requests from the server.
  3. This is caused by a connection issue to the NTP server. Because the N Central Agent is unable to connect to the NTP server, it is not able to pull the time data because of which the monitoring service shows up with a misconfigured error.

This is most probably because the firewall is blocking the connection from the device/ N Central Agent to the NTP server. In order to fix this, we need to allow this connection on the firewall.

Once the connection is allowed, you should be able to receive a ping response from the NTP server which means that the connection is working now.

In a few minutes, depending on the service scan interval, the service should be back to normal with the correct status as per the time on the device.

Also, if you find that RDP connections are not working on your N able N central platform, you can find its resolution here in this blog.

Upcoming

We upload blogs on our website every week. To be updated about it, keep an eye on it.

rmm patch update ctr office apps via policy

RMM patch update issue for click-to-run type office apps via policy

 

Continuum/ConnectWise Command

Continuum, acquired by ConnectWise company is now called ConnectWise Command. It has technologies and integrated services spanning security, backup and monitoring. The platform anticipates and tackles MSPs’ next challenges—mostly helps enterprise-grade managed service providers. It helps the IT support teams monitor, troubleshoot and manage all devices in the network.

What is this blog about?

While we were working on ConnectWise Automate, we found that RMM patches were not getting updated automatically, you always had to manually update these in the CTR type of installations.

Now to resolve this,

Go to: ConnectWise Command > Patching > Legacy Patching > Patch Policies: MS Office Support

Patching Support for Microsoft Office

When you set your patch policies, the configuration of security and critical updates for M365 is recommended.

Why?

Because the RMM agent relies on Microsoft Updates which are made available via a Windows Update.

Difference between the 2 types of Installation: MSI vs. Click-to-Run (CTR)

MSI

MSI is the legacy installation method for Microsoft Office products.

This type of installation use the Standard Windows Update Method:

  • To retrieve updates
  • Deliver the updates
  • Apply them to patch policy configuration

Click-to-Run (CTR)

Click-to-Run is a fairly new type of installation method. This is the technology used to install Office 365 subscriptions as well as most versions of Office 2013 and newer.

It is a new way to deliver and update Microsoft Office to broadband customers. Click-to-Run (CTR) uses Microsoft virtualization and streaming technologies; it does not receive updates via Windows Updates (Microsoft Updates).

To update the Click-To-Run Office version, Microsoft includes Update Options in the Microsoft Applications itself.

Therefore, Click-to-Run Office versions do not support patching through Continuum patch policies.

continuum1
Figure 1: Office Click-to-Run updates are included in the Microsoft Application

How would you know if your Office Version is MSI-Based or Click-to-Run?

The simplest method for determining the installation type is to verify if the program contains an Office Updates section. To identify that, is simple:

  1. In any MS Office application, navigate to File → Account.
  • If the installation is MSI: The no Office Updates section is visible.
  • If the installation is Click-to-Run: An Office Updates section will be visible.
Figure 2: Office Click-to-Run vs MSI-based

How to Handle Patching for Click-to-Run Installations

For Click-to-Run installations, patching is not supported through patch policy. You must ensure automatic updates are enabled in Office:

  1. In the MS Office application, navigate to File → Account.
  2. In the Office Updatessection, locate the Update Options menu (see Figure 1).
  3. In the Update Optionsmenu, verify Enable Updates is selected.

Note: Updates are handled automatically with Enable Updates selected, but users may occasionally see a confirmation prompt before updates are applied.

Supported Office Versions

Below is a breakdown of patch policy support by Office version, installation method, and license type.

MS Office VersionInstallation TypeLicense TypePatch Policy-Supported
Office 2007AnyAny
Office 2010AnyAny
Office 2013.MSIVolume
Click-to-RunPer User 
Office 2016.MSIVolume
Click-to-RunPer User 

“C:Program FilesCommon Filesmicrosoft sharedClickToRunOfficeC2RClient.exe” /update user

This should trigger the Update GUI.

You can also run this silently by adding displaylevel=false forceappshutdown=true:

“C:Program FilesCommon Filesmicrosoft sharedClickToRunOfficeC2RClient.exe” /update user displaylevel=false forceappshutdown=true

Upcoming:

We upload blogs on our website every week. Keep an eye out on our blog section.

N-central RDP Connections

Is your N-Central, Take Control RDP Connection not working?

N-Central, Take Control RDP Connections not working

N‑able™ Take Control is a remote support solution which has troubleshooting tools designed to help you resolve issues quickly and effectively.

The Take Control tool on N-Able is the default and preferred (mostly) tool to connect to any server or workstation. But sometimes, there are problems quite frequently wherein the Take Control does not work for various reasons.

The alternative in such cases is using RDP to connect to the device. However, in such cases, we need RDP to be enabled on the device before we can use this option. In some cases, because we don’t have access to the server, it is not possible to enable RDP.

To work around this issue, we can add a registry key via the N-Able Tools command line. This is done to enable RDP remotely on the server without having to access the server. However, please note that the device needs to have N-central Professional License and “Direct Support” enabled under N-Able Device settings.

 

In the device view on N-central, Navigate to Tools > Command prompt

Paste the below mentioned key to ensure RDP connections are accepted:
reg add “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server” /vfDenyTSConnections /t REG_DWORD /d 0 /f

 

In some cases, after entering the login credentials the server returns the error: “An authentication error has occurred. The function requested is not supported. Remote computer: <computer name or IP>. This could be due to CredSSP encryption oracle remediation.

 

What is CredSSP?

CredSSP stands for Credential Security Support Provider protocol. As the name itself suggests, CredSSP is a Security Support Provider and it is implemented by using the SSPI – Security Support Provider Interface.

 

Why does a CredSSP error occur?

It occurs if you are trying to establish an unsecured RDP connection and if the connection is blocked by an Encryption Oracle Remediation policy setting on the server or client. This setting defines how to build an RDP session by using CredSSP, and whether an unsecured RDP is allowed.

This error usually is caused when CredSSP updates are not installed on the client or the server, or when the Windows updates on the server are not up to date. Ideally, to resolve the issue, CredSSP updates need to be installed for both client and server so that RDP can be established in a secure manner.

However, if this error still comes up, even after installing the updates, or for some reason, you are unable to install the updates and need to access the server, the error can be bypassed via another registry key. Again, the N-central license requirements need to be in place for the Tools to work.

If presented with a credSSP issue, paste the following key:
REG ADD “HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters” /v AllowEncryptionOracle /t REG_DWORD /d 2

and the issue should be resolved.

 

Upcoming

We upload new blogs on our website quite frequently.  Keep an eye out for those.

Lastly, if you need any help with more such IT Solutions, you can reach out to us. We’ll be happy to resolve your queries. 

 

n-central n-able heartbeat expired

N-Central N-able Take Control Heartbeat expired

If you are using N-central N-able as your RMM Tool and the tool is working fine, read further if the take control heartbeat has expired or is not working.

 

Take Control heartbeat expired as per below screenshot or Take Control does not work, but N-central agent is working perfectly otherwise

 

  1. Try restarting the service “SolarWinds N-able MSP Anywhere Updater Service (N-central)” and “SolarWinds Take Control Agent (N-central)”(if present – otherwise proceed to the next step) and wait for a few seconds. If still does not work, please proceed to the next step

 

  1. Open the device on N-central and go to Settings -> Properties and disable the check box – “Install Take Control”

n-central take control heart beat

 

  1. After a few seconds, go to the folder C:\Program Files (x86) and rename “BeAnywhere Support Express” as “BeAnywhere Support Express.old”. Please note that this can also be done remotely via NCentral File System Tool if the machine is assigned a Professional License

 

  1. Once that is done go back to Settings -> Properties and enable the check box to Install Take Control.

Once the above steps are completed, it will take a few minutes to download and install the Take Control service after which it should be working.

 

 

Upcoming:

We keep uploading new blogs every week on our website- keep an eye out for those.

Lastly, if you need help with more such IT Solutions, feel free to reach out to us. We’ll be happy to resolve your queries. 

 

ConnectWise Automate- Display C-drive utilization only in Executive Summary Report

Connectwise Automate -Executive Summary Report  

If you’re using ConnectWise Automate RMM, and you want to change display C-drive utilization in the Executive Summary report, read further.  

ConnectWise Automate RMM- formerly known as Labtech, is a popular brand for remote monitoring and management. The tool is said to help eliminate technician inefficiencies, automate IT Services, and much more.   

  

The issue (change format of Workstation Drive Utilization in your Executive Summary Report):  

In the Executive Summary Report generated by ConnectWise Automate, the Workstation drive utilization section displayed unwanted information. As you can see in the image below, the previous report showed Workstation Drive Utilization statistics of C-drives along with information of recovery drives (which was not needed). The 100% Drive Utilization may seem alarming to a viewer at first- which happened in the case of our client. They wanted us to work on this and wanted a solution where only the disk drive utilization of C Drives would show. After all, that was the information that mattered the most.

Disk drive showing all drives

 

Our Solution for ConnectWise Automate C drive Utilization

In order to set this up, these were the steps that we followed: 

  1. In the ConnectWise Automate Dashboard, open Report Center and select Report List on the left. 
  2. Then, select subDriveUsage – which is a subreport used by the Executive Summary report.
  3. Click Edit report > Modify Report (which is at the bottom of the screen) 
  4. Report Designer opens for the subDriveUsage report. Now, select Edit Data Source at the top. 
  5. Here, you can view the Query Editor screen. You will want to add onto the Where SQL field so that it reads: DriveIsInternal = 1 AND Driveletter like ‘C’ 
  6. After this change has been done, click OK in the Query Editor screen.
  7. Now you will want to select Publish to Database at the top so this information can be published for the subDriveUsage report. 
  8. Then, select the Executive Summary report from Report List and select Edit report > Modify Report. 
  9. No further changes need to be made here. Finally, you can select “Publish to Database” and name it according to your preference. Here we have it as “Executive Summary without Recovery drives” with the Add New Report button. 

 

Output:

Disk Drive Utilization

 

Upcoming: 

Lastly, if you need help with more such IT Solutions, feel free to reach out to us. We’ll be happy to resolve your queries.