The Clients/ManagementServers panel displays all clients and servers that are managed by G DATA Administrator. Select the Clients tab to display clients or the ManagementServers tab to display ManagementServers (primary servers, secondary servers and subnet servers).
Clients and ManagementServers are displayed in a node-based list. As in Windows Explorer, nodes that contain subordinated nodes appear with a small plus symbol. If you click on them, the structure expands and enables the view of the underlying nodes. Clicking the minus symbol collapses the list.
In the toolbar, you will see the most important client and server management commands, some of which are also displayed in the Organization menu. The availability of these options depends on the clients/ManagementServers that have been selected:
- Expand/collapse all: Expand or collapse all items in the network tree.
- Show disabled clients
- Add group
- Enable client: Add a Windows or Linux client to the Clients tab by entering its name or IP address.
- Installation overview
- Send installation link to mobile clients: Send an installation link to Android and iOS clients.
The Clients tab lists the various types of clients under five top-level nodes:
- All ManagementServers: Windows, Linux, Mac and Android clients.
- Exchange: Clients with the MailSecurity for Exchange plugin.
- Sendmail/Postfix: Linux clients with the Sendmail/Postfix module.
- Squid: Linux clients with the Squid module.
- iOS Mobile Device Management: iOS clients.
Before clients can be managed, they need to be added to the Clients tab and deployed. The procedure depends on the type of client, the network size and the configuration:
- Windows: Use the server setup wizard, the Find computer(s) dialog window, the Enable client toolbar option or the Active Directory support to add Windows clients, then deploy G DATA Security Client.
- Linux: Use the Enable client toolbar option to add Linux clients, then deploy G DATA Security Client for Linux.
- Mac: Use the Enable client toolbar option to add Mac clients, then deploy G DATA Security Client for Mac.
- MailSecurity for Exchange: Deploy G DATA MailSecurity for Exchange. The Exchange client is then automatically added.
- Android: Use the Send installation link to mobile clients toolbar option to send an e-mail to the client. This initiates the deployment of G DATA Internet Security for Android. The Android client is then automatically added.
- iOS: Enter your login for G DATA ActionCenter in the ActionCenter module. Use the Send installation link to mobile clients toolbar option to send an e-mail to the client. After the end user has accepted the Device Management configuration, the iOS client is automatically added.
The following types of icons are shown on the Clients tab:
- Top-level node
- Group (Active Directory link)
- Client (disabled)
- Laptop client
- Mobile client
- Linux server
- Linux client
- MailSecurity for Exchange client
- Non-selectable devices: Devices like network printers fall under this category.
When a client, group or ManagementServer is selected, the corresponding client modules are displayed as tabs in the module area. Depending on the type of node you select, different modules are available. For example, when you select a desktop client, the tab Client settings will be enabled. For Android clients, on the other hand, you get access to the Android settings tab.
Client settings can be imported and exported. Right-click on a client and choose Export settings to export settings from the Client settings and PolicyManager modules to a .dbdat file. To import settings, select a client or group, choose Import settings and select the scope and the settings file.
Clients - Installation overview
The Installation overview window can be used to keep track of installation progress. It opens automatically when a remote installation task is added, or can be opened by clicking the Installation overview button in the Clients/ManagementServer panel's toolbar.
The Installation overview window lists all clients that have pending and completed remote installation tasks. The Type column shows the type of installation (for example G DATA Security Client; G DATA Internet Security for Android; Subnet server). After a remote installation has been completed, the Status column will be updated. For clients that have been added via Active Directory synchronization, the Next installation attempt column shows the time at which the remote installation will be started.
Right-clicking an entry offers the following options:
- Refresh: Refresh the list.
- Delete entry: Remove the selected entry from the list.
- Show installation log: Show the installation log for the selected entry.
- Try again: Retry a failed installation attempt.
Clients - Send installation link to mobile clients
The window Send installation link to mobile clients lets you send an installation e-mail to mobile clients. Depending on the selection on the Clients tab, the window will contain options for Android or iOS clients.
Opening the e-mail on the mobile client lets users install G DATA Internet Security for Android (when deploying Android clients) or enable Device Management (when deploying iOS clients). After completing the respective procedure, the mobile client(s) will show up on the Clients tab.
In order to send mobile clients an installation link, G DATA ManagementServer needs to be able to send e-mails. Make sure to enter your login data for an SMTP server under General settings > Email > Email settings.
In order to send an installation link to Android clients, the following information should be entered:
- Password: If you have not yet entered a mobile authentication password under General settings > Android > Authentication for mobile clients, enter it here.
- Recipient(s): Enter one or more e-mail addresses, separated by line breaks or commas.
- Subject: Enter the subject of the installation email.
- Content: Enter the body text of the installation email. It must contain the preconfigured placeholders for installation links.
Click OK to send the installation link.
When deploying Device Management to iOS clients, several settings allow you to customize the appearance of the Device Management request to the end user:
- Name: Enter the Device Management name.
- Description: Enter the Device Management description.
- Organisation: Enter your organization's name.
- End User License Agreement: Enter an End User License Agreement.
- Recipient(s): Enter one or more e-mail addresses, separated by line breaks or commas.
Click OK to send the installation link.
Before sending an installation link to an iOS client, make sure you have entered your ActionCenter login data in the ActionCenter module.
Clients - Active Directory
G DATA Administrator's Active Directory support imports computer objects from local domains' organizational units. Create a new group, right click it, and select the option Assign AD item to group. In the dialog window that opens, select Assign to AD group and choose the LDAP server. The Select button will provide a list of available servers. It is also possible to connect to another domain by clicking Add. The option Automatically install G DATA Security Client on newly added computers will initiate a remote installation of G DATA Security Client for every computer that is added to the Active Directory domain, as long as it meets the remote installation requirements. Enter User name and Password for a domain account with sufficient permissions on clients, as well as the installation Language.
By default, G DATA ManagementServer synchronizes its data with the Active Directory server every six hours. This value can be changed under General settings > Synchronization.
Active Directory changes are automatically synchronized with Management Server. However, if clients are moved between domains, the Active Directory link of the Management Server group for the previous domain must be manually unassigned. After assigning an Active Directory item from the new domain to a Management Server group, the clients will then be automatically synchronized to the appropriate node on the Clients tab.
Clients - Menu Organization
When the Clients tab has been selected, the Organization menu is displayed in the menu bar, offering access to settings related to client organization.
Show disabled clients
Using the option Show disabled clients, clients that have not (yet) been enabled can be shown. Disabled clients are shown as grayed out icons.
Clients can be combined into groups to apply settings to multiple clients at once. Easily distinguishable security zones can be defined since all settings can be made for both single clients and for entire groups. Select a ManagementServer or group, and then click the Add group option. After entering a group name, clients can be assigned to the new group by dragging and dropping them onto it. To move a large number of clients into a group, use the Clients > Overview module. Select the clients that should be moved, right-click and choose Move clients.
The Edit group option opens a window where the Add and Remove buttons can be used to add clients to groups or remove them from groups. This option is only available when a group has been selected on the Clients tab.
Individual clients can be removed from the client list with the Delete command. G DATA Security Client is not uninstalled by removing the client from the list.
To delete a group, all of its included clients must be either disabled or moved to other groups as necessary. Only empty groups can be deleted.
The Find computer(s) window can be used to add clients to the Clients tab and enable them. Clients can be found by IP address and enabled directly from within the dialog window. The Find computer(s) window will contact all computers in a specified IP range. The range can be defined using a Start IP and End IP (such as 192.168.0.1 and 192.168.0.255), or a Subnet address (in CIDR notation, such as 192.168.0.0/24). To make sure that only available clients are listed, select Only search for available clients (Ping). Click Start search to start the network search. Computers will be listed as soon as they are found. If the search process is taking too long, it can be canceled by clicking Cancel search.
All computers that respond to the IP check are listed, including their IP address and computer name. Using the Enable button, the respective clients can be added to the Clients tab. The search result includes enabled clients, if applicable - these can be disabled by clicking Disable.
Organization - Rule wizard
When clients connect to ManagementServer for the first time, they are automatically added to the group New clients if no group has been defined when enabling the client or creating the installation package. The Rule wizard can be used to create rules that regularly move new clients to predefined groups.
Rules can be managed using the New, Edit and Delete buttons and the arrow buttons next to the rule list. The Import and Export buttons can be used to import/export the rules as .json files.
Under Settings, the general settings for the execution of the rules can be defined:
- Schedule: The rules are executed Hourly, Daily or Weekly.
- Time: Define the exact point of time at which the rules are executed.
- Apply group settings: After being moved, clients are automatically assigned the settings from the group to which they were moved.
- Only move clients from the group "New clients": The rules only apply to clients from the group New clients. If this option is deselected, the rules apply to all clients. This can cause clients to be moved around multiple times and should usually be left selected.
- Execute now: Execute the rules immediately.
Using a number of settings, you can define rules that automatically move clients between groups:
- Rule type: Select whether the clients are selected by Computer name, IP address, Domain or Default gateway.
- Client placeholder: Enter the search string that is used to select clients. You can use placeholders. For example, enter Sales_* to select all clients with the name prefix Sales_ (when using the Computer name setting) or 192.168.0.[1-100] to select all clients with IP addresses between 192.168.0.1 and 192.168.0.100 (when using the IP address setting).
- Client type: Select which client types are moved (All, Workstation, Server, Android device or Laptop).
- Groups: Enter one or more groups or select them by double-clicking on a group in the tree view. When multiple groups have been entered, the selected clients will be divided equally over the groups.
Organization - Installation package
Create installation package for Windows clients
This function can be used to create an installation package for G DATA Security Client. Use the package to install G DATA Security Client locally. See the chapter Local installation (Windows) for more details.
Create installation script for Linux/Mac clients
This function can be used to create an installation script for G DATA Security Client for Linux and G DATA Security Client for Mac. Use the script to install G DATA Security Client locally. See the chapters Local installation (Linux) and Local installation (Mac) for more details.
G DATA ManagementServer lies at the core of the G DATA architecture: it administers the clients, automatically requests the latest software and virus signature updates from the G DATA update server and controls the virus protection within the network. G DATA ManagementServer uses the TCP/ IP protocol to communicate with the clients. For clients that are temporarily disconnected from G DATA ManagementServer, jobs are automatically accumulated and synchronized when communication is re-established. G DATA ManagementServer has a central Quarantine folder. Suspicious files can be encrypted and secured, deleted, disinfected or forwarded to the G DATA Security Labs if necessary. G DATA ManagementServer is managed using G DATA Administrator.
When you exit G DATA Administrator, G DATA ManagementServer continues to be active in the background and manages the processes you have set up for the clients.