Page tree
Skip to end of metadata
Go to start of metadata

ManagementServer Modules

Module Server

Server - Overview

The Overview panel can be used to check on server status information and to install and manage subnet servers. It displays the following server properties:

  • Name: The server name.
  • Type: The server type (Main server, Subnet server, Secondary server).
  • Server: The name of the governing ManagementServer (only for subnet servers and secondary servers).
  • Number of clients: The number of clients currently assigned to the selected server.
  • Last access: The timestamp of the last synchronization with the main ManagementServer (only for subnet servers).
  • Status as per: The last signature update attempt.
  • Version: Version number and date.
  • Status: Server status information, such as its update status.
  • Program update: If an update is available for a subnet server, the status is displayed here.

The toolbar and the right-click context menu contain the following options:

  • Refresh
  • Server setup wizard
  • Delete: Remove one or more subnet server(s) from the list. This does not remove the actual software from the subnet server.
  • Synchronize (context menu only): Initiate a manual synchronization of the selected subnet server(s).
  • Assign clients: Assign existing clients or groups to subnet servers that bundle the communication of these clients with the main server to optimize network utilization. The allocation of clients or groups to subnet servers functions separately from the grouping of clients in the Clients/ManagementServers panel. That means that clients that have been assigned to different subnet servers can still be grouped together.
  • Install subnet server: Add a new subnet server. In the following dialog window, enter the Computer name of the prospective subnet server. Next, enter a user account with administrator permissions on the subnet server. Confirm with OK to initiate the remote installation, which can be tracked using the Installation overview window. A remote subnet server installation is subject to the same prerequisites as a remote installation of G DATA Security Client. Subnet servers use Microsoft SQL Server 2014 Express, which does not support Windows Vista and Windows Server 2008/2003. On such systems, subnet servers can be installed through the subnet server option of the local installation of G DATA ManagementServer.
  • Uninstall server: Initialize a remote deinstallation of the selected subnet server, which can be tracked using the Installation overview window. A remote deinstallation can only be carried out on authorized subnet servers.
  • Authorize server: To prevent unauthorized access to server data, locally installed subnet servers need to be authorized. Only after authorization will the ManagementServer start synchronizing data with the subnet server.
    • Subnet servers that are installed remotely using the function Install subnet server are automatically authorized. Only locally installed subnet servers and subnet servers that have been upgraded from version 12 or earlier need to be authorized manually.
  • Permit program update (context menu only): Subnet servers with ManagementServer version 12 require a manual installation of a database server, before they can be updated to version 14. On such systems, install Microsoft SQL Server 2014 Express (Windows Server 2008 R2/Windows 7 and newer) or Microsoft SQL Server 2008 R2 Express (Windows Server 2003/2008/Windows Vista) first, then use this option to permit the program update. After the update, use GdmmsConfig.exe on the subnet server to configure the connection to the database. More information can be found in the Reference Guide.
  • Properties (context menu only): Display properties for the selected server, including the version of the ManagementServer, virus signatures and client program files.

Server - Manage users

As system administrator, you can authorize additional users to configure G DATA ManagementServer through G DATA Administrator. Click Add, then enter the User name, the Account type (Integrated authentication, Windows user, Windows user group), the Permissions for this user (Read only, Read/Write, Read/Write/Restore backups) and enter a Password.

Server - Tenant management

The system administrator may create additional user accounts for the G DATA administrator interface in the following way:

Klick Add and enter the Tenant, a Unique identifier, the corresponding User and a Description, if necessary.

The green plus sign allows for the quick creation of a new user account, for which you need to choose User name, Account type, Permissions and a Password.

After the creation of a tenant a new, correspondingly named node in the Clients/ManagementServer panel is established which contains a base structure similar to a fresh installation. The previously existing structure with the existing clients is transferred to the Standard node. Clients can be moved from the Standard node to the new tenant.

Beware: The client names need to be unique among all tenant nodes! It is for example not possible to have a client with the name "PC-WORKSHOP" both in tenant A and tenant B.

Modules and options that can be configured individually for each tenant will display a drop-down menu to choose the tenant for which the option is to be set. In this way, individual Reports or recipients for email notifications can be defined.

The creation of an Installation package also allows for the selection of the tenant, and the newly installed client will be integrated into the proper tenant node immediately.

To sign in to G DATA Administrator with a tenant account, select Integrated authentication in the login screen. The Clients/ManagementServer panel will then only display the node of that tenant, and it is not possible to access any other tenant node or the Standard tenant.

Using a tenant account does not allow the usage of any ManagementServer modules except the ReportManager.

Furthermore, the following G DATA modules and components cannot be used in combination with the Tenant management:

Server - Infrastructure logs

The Infrastructure logs panel displays server status information such as signature update and program file update information. The toolbar and context menu options are identical to those in the client module Logs > Infrastructure logs.

As of version 15.1, failed login attempts to G DATA Administrator are displayed with the username and IP address entered.

Module General settings

General settings - Cleanup

The Cleanup settings allow you to configure whether various items should automatically be deleted after a specified period of time:

  • Automatically delete infrastructure logs: Delete infrastructure logs that are older than the set number of days.
  • Automatically delete scan logs: Delete scan log files that are older than the set number of days.
  • Automatically delete security events: Delete security reports that are older than the set number of months.
  • Automatically delete report history: Delete generated ReportManager reports that are older than the set number of months.
  • Automatically delete clients following inactivity: Delete clients that have not logged on for a set number of days.
  • Automatically delete patch files: Delete patch files that have not been used for more than the set number of days.

General settings - Synchronization

In the Synchronization area, you can define the synchronization interval between the ManagementServer and clients, subnet servers and Active Directory:

  • Clients
    • Main server synchronization interval and checking for new updates: Enter the time interval in which the clients connect to the ManagementServer to check for new updates or settings. The default value is five minutes.
    • Notify client if settings have been changed on the server: Tick this setting to notify clients immediately of new settings, regardless of synchronization interval.
    • Limit the number of concurrent connections to the server: Specify how many clients can simultaneously connect to the ManagementServer. The number of Clients depends on the specifications of the server and network infrastructure. If you are experiencing performance issues, reducing the number may improve server performance.
  • Subnet server
    • Interval for synchronizing: Define the interval for synchronization between main ManagementServer and subnet server(s).
    • Send new reports to the main server immediately: Enable this option to transfer new reports to the main server immediately, regardless of the synchronization interval.
  • Active Directory
    • Synchronize Active Directory regularly: Enable regular synchronization between ManagementServer and Active Directory. Synchronization is only carried out if at least one group has been assigned an Active Directory Organizational Unit.
    • Interval: Define the interval with which G DATA ManagementServer should synchronize Active Directory content. If you select a daily interval, you can define the exact time of the day at which the synchronization should take place.

General settings - Backup

Backup is available as an optional module.

To make sure that backups are carried out successfully, enough free disk space needs to be available on the client (backup cache) and on the server (backup storage). For server and clients you can define threshold values for warning messages and error messages. When the amount of free disk space on the client or the server drops below the warning threshold, a warning message will be added to the Security events module, and the client cache will be automatically cleaned up, retaining the latest archive but removing all others (if they have been uploaded to the ManagementServer). When the amount of free disk space on the client or the server drops below the error threshold, an error message will be added to the Security events module. Server backup storage and client cache will be automatically cleaned up. If there is still not enough free disk space on the server, backups will not be carried out.

Under Server backup paths a path can be entered where all backups being generated are stored. If no path is entered here, all backups are stored under C:\ProgramData\G Data\AntiVirus ManagementServer\Backup or C:\Documents and Settings\All Users\Application Data\G Data \AntiVirus ManagementServer\Backup.

As all backups generated by the G DATA software are encrypted, there is also the option of exporting backup passwords and saving them for later use. The Import backup archives button enables access to backups that are stored in other folders.

General settings - Email

G DATA ManagementServer can automatically send alarm notifications when certain events occur. Enable email notification by selecting the appropriate Reports (Virus results, Permission requests, etc.). Select the intended recipient under Recipient group(s). You can use the Limit to prevent an excessive amount of email traffic in the event of a massive virus attack. After selecting a recipient, click Trigger test alarm to send a test alarm.

Click the pen icon to open the Email settings window to define mail groups and mail server authentication.

Email settings

Enter the SMTP server and Port (normally 25) that G DATA ManagementServer should use to send email. In addition a (valid) sender address is required so emails can be sent. If your SMTP server requires authentication, click SMTP authentication to configure it. You can set up SMTP AUTH to authenticate directly on the SMTP server, or SMTP after POP3, if the SMTP server requires it.

Under Mail groups you can manage recipient lists, such as Management or Administrators.

General settings - Android

The Android panel features settings for the authentication of Android clients as well as Firebase Cloud Messaging.

Under Authentication for Android clients, enter a Password with which Android devices will have to authenticate with the ManagementServer. To be able to use emergency actions, you have to enter the Sender ID and API key (Server key) of your Firebase Cloud Messaging account. Free accounts for this push notification framework can be registered at Consult the Reference Guide for more information about Firebase Cloud Messaging.

Module Updates

All clients have their own local copy of the virus signature database, so that virus protection is also guaranteed when no connection to the G DATA ManagementServer or the Internet is available. Updating virus signatures (as well as program files) on clients takes place in two steps, which can both be automated. In the first step, the latest files from the G DATA update server are downloaded to the G DATA ManagementServer. The Updates module lets you configure this process. Subsequent distribution of the updates to the clients can be configured under Client settings > GeneralUpdates.

Updates - Signature updates

On the Signature updates panel, you can configure the process of downloading signature updates from the G DATA update server to G DATA ManagementServer.

The following information and settings are available under Status:

  • Version engine A: The current version of the virus signatures for engine A on G DATA ManagementServer.
  • Version engine B: The current version of the virus signatures for engine B on G DATA ManagementServer.
  • Last execution: Timestamp for the last execution of the virus signature update process.
  • Status: The status of the virus signature update process.
  • Update status: Update the Status field.
  • Run update now: Carry out an immediate update of the virus signature database on G DATA ManagementServer.

Under Automatic updates, the virus signature update can be scheduled. To do this, check the box next to Run update periodically and specify when and with what cycle the update is to be carried out. To enable automatic updating, your G DATA ManagementServer must be connected to the Internet and you must have entered the user name and password that you have received upon registration under Updates > Access data and settings. If the server connects to the Internet via a proxy server, your proxy credentials must also be entered there.

Updates can be distributed centrally (from the ManagementServer or subnet server to clients) or, if you activate Peer to Peer update distribution, decentralised (allowing already updated clients to distribute updates to other clients). Be sure to check the port requirements for this option.

Updates - Program updates

In the Program Updates section, you configure the download of client program files from the G DATA update server to ManagementServer. Program file updates should be installed automatically so that all clients can use the full scope of G DATA CyberDefense products.

The following information and settings are displayed under Program Files (Client):

  • Current version: The current version of the client program files stored on the ManagementServer.
  • Last run: The last run of the update process.
  • Status: The status of the update process.
  • Update Status: Updates the status.
  • Start update now: Starts an immediate update of the client program files on G DATA ManagementServer.

In the Automatic updates section, you can schedule the update of client program files. The settings are identical to those under Signature updates.

G DATA ManagementServer itself can only be updated via a Start menu item. To do this, call up the Internet Update entry in the G DATA ManagementServer program group in the Start menu.

Program file updates are not issued every hour, so the update interval can be set to a daily or weekly request. Scheduling program file updates is also recommended for servers that are not permanently connected to the Internet. The Internet connection option will only perform an update if G DATA ManagementServer detects that the server has an Internet connection. The only reason not to have program files updated automatically by G DATA ManagementServer is if the Internet connection is not always available. To prevent files from being automatically distributed to clients, appropriate configurations are required in the Client Settings module.

A program update can also be started manually on the client. Proceed as follows:

Clients > Clients > Overview > search/filter desired clients in the list > right click on the clients > Update program files now

Program file updates always require a reboot of the client computer.

MailSecurity for Exchange

As with G DATA Security Client, MailSecurity for Exchange performs an automatic upgrade when a new version is available on ManagementServer. To ensure that the latest version of the Exchange plug-in is used, the Internet Update tool of ManagementServer has the Update program files (client) feature. If the Exchange plug-in updates its program files automatically according to the configuration, this will be done the next time it connects to the ManagementServer. Alternatively, an upgrade can be performed manually using G DATA Administrator.

Updates - Staged distribution

In the Staged distribution area, you can specify whether to apply program updates to all clients simultaneously or in stages. A staged distribution reduces the server and network load that occurs during a program update.

If you choose staged distribution, you can specify whether the distribution is automatic or you can specify yourself which clients are to receive program updates first, which clients come after, and the extent to which the distribution is subdivided into different distribution stages.

The first level always includes five clients.

If you do not want to use staged distribution, it is possible to disable the automatic program update option within G DATA Administrator and then distribute it via the context menu on a group or individual basis.

To do this, select the desired client or client group. Right-click to open the menu. Click on Update program files automatically to remove the check mark and thus disable the automatic program updates.

Alternatively, you can also make the settings via the client settings General under Updates.

Updated client software may need to be tested to ensure compatibility with all client configurations on the network. Although minor version changes usually have no side effects, a staged rollout is recommended. Staged distribution can be enabled in the Updates module. Only when the program file has been successfully updated on the clients of one stage, it will be installed on the clients of the next stage.

The number of stages can be defined manually. The larger the network, the more stages are recommended to ensure a smooth installation. It is also possible to configure after how many days the next stage is updated. With the default value of three days, clients can be checked for problems to stop the distribution of a particular update if serious problems occur. The staged distribution settings can be changed by editing the Config.xml configuration file.

Program file updates always require a reboot of the client computer.

For some client roles, this must be carefully planned so that the computer is not restarted during an important task. In these cases, the Restart after update setting controls client behavior. The end user can be notified that their computer needs to be restarted. This restart can be forced or a report can be generated in the Security Events section so that the administrator can manually intervene and restart the computer at a later time.

Updates - Access data and settings

With your online registration you received access data for updating the virus databases and program files. Enter these under User name and Password. Select the nearest Region to ensure optimal speed when downloading updates.

The Version check (enabled by default) should always be switched on because it improves update speed. If, however, problems arise with virus signature databases, switch off the version check. During the next update, the integrity of all virus signature database files will be checked and files will be redownloaded if necessary.

Proxy settings opens a window in which proxy server credentials can be entered. You should only enter these if an update cannot be executed without a proxy server.

G DATA software can use the Internet Explorer proxy connection data (from version 4). First configure Internet Explorer and check whether the test page of our update server is accessible: In the Proxy settings window, switch off the option Use
proxy server. Under User account, enter the account for which you have configured Internet Explorer (the account with which you have logged in to your computer).

Updates - Signature rollback

In rare cases, a virus signature update can lead to a false alarm or similar problems. It can make sense to block the latest virus signature update and use a previous one instead. Under Rollbacks you can indicate how many of the virus signature updates you would like to hold as a reserve for engine rollbacks. The default value here is the last five signature updates for each engine.

Should the latest update for one of the engines result in problems, the network administrator can block it for a certain time interval and distribute a prior signature update to the clients and subnet servers.

On clients that are not connected to G DATA ManagementServer (e.g. notebooks used in business travel), no rollbacks can be carried out. A block of new updates from the server to the client cannot be retracted without contacting G DATA ManagementServer.

With the affected engine selected in the Engine dropdown list, its most recent engine updates are listed under Blocked updates. Select the update(s) that should be blocked and click OK. Those updates will no longer be distributed, and clients that have previously received them will be rolled back to the most recent non-blocked update (when they connect to the ManagementServer). Optionally, new updates can be included in the block: tick Block new updates until and select a date.

Modul ReportManager

The ReportManager creates reports with information from various areas of the G DATA security solution. The reports are sent by e-mail to selected recipients, but can also be accessed directly via G DATA Administrator.

Export the list as a CSV file

Update the table

Remove selected report

Create new report
ImportImport existing configurations (.dbdat)
ExportExport Report Settings as .dbdat

You can call up all reports that have already been sent by clicking on the plus sign on the left in the overview. You can see the date and time when the respective report was created and sent. Double-click on the date to open the respective report in G DATA Administrator.

Right-click on the report to open the menu to perform the following actions:

UpdateUpdate the table
RemoveRemove selected report
DuplicateCreate a copy of the selected report
Execute immediatelyImmediately receive the selected report. To view it, click on the plus sign on the left and then double-click on the entry with the current date.
HistoryIn a larger overview window you can see all the reports that have been sent. Double-click on the date to open the respective report.
PropertiesOpens the report definition. Among other things, you can adjust the time of execution, recipient and modules.

The G DATA Defense Report cannot be edited or deleted. However, it can be duplicated for editing.

Create or edit a new report

Module License management

Using the License management panel you can have an overview of the G DATA software licenses that are currently in use. If you need additional licenses, you can get in contact with G DATA at any time by selecting a license and clicking Extend license.

Using the button Export you can export the license information to a text file.

Module ActionCenter

G DATA Administrator connects to G DATA ActionCenter in order to manage iOS devices and to enable network monitoring. Create an account and enter the User name and Password here.

The use of G DATA ActionCenter requires a valid G DATA license. Make sure that you have entered your Internet Update User name and Internet Update Password under Updates > Access data and settings.

  • No labels