Sketchbook: Manage Engine - Endpoint Central

These are just some Sketches about the work did in Edotto SRL about some Manage Engine - Endpoint Central functionalities.

Manage Engine - Endpoint Central ¶

What this application is exactly?

Endpoint Central (formerly Desktop Central) is a unified endpoint management and security solution that helps in managing servers, laptops, desktops, smartphones, and tablets from a central location. It’s a modern take on desktop management that can be scaled as per organizational needs.

Down below will be shown the functionalities that I’ve learned during my job. They could be incomplete or perhaps not the best practice.

Home: it is possible to see the dashboard just for having the actual situation of all pc, configurations and so on.

Patch management is useful to keep on all Security patches on all Domain’s PCs. It is possible also to update third party software but I’ve found unstable, so I had used it only for critical and important updates of OS.

It is possible to keep an eye also to all Missing or Installed patches on PCs you manage.

Actually, it is possible to use Manual patching if only need to patch a single computer, otherwise Automatic is useful for all pc in the business network:

You can see which manual configuration has been deployed in past operations and create a new one with “Install/Uninstall patch” and you’ll see this screen:

Select the patch you need to install to a specific single/group of PCs and then click on deploy!

Automatich Patch updates are useful to keep the workspace as safe as possible updating the 0day fixes and OS updates.

On the left click on automatic updates ( when you are on Patch Tab) and you will see this screen:

You have an history of the Automatic patches applied, that keep on updating the automatic task you previously assigned. To create a new on click on “new task” and a new page is going to open:

4 steps are required and they are on the left. The most important thing is on second page where you have to select the update type to the task. I recommend going for Security Updates on Important and Critical, and Service Pack and Feature Pack for the OS.

These updates are going automatically during the week, and they will do their job. If something is not working you can check the summary (as task images above) and see what kind of problem is happening.

Inventory tab is a focus on every single device you added in UEM. You can check almost every aspect of a device and do some operations.

On the left you can click on Computers and:

Here there is a table with the PCs that have the agent installed. Red icon mean is disconnected, green means device is online.

Tip: sometimes red and green are not real, probably a pc has been disconnected from few minutes and the UEM did not check the status. But if you click on the pc icon, it will instantly refresh (when red to green could take more seconds to change state).

When icon is green you can see these functions:

If you click on pc name, you will have a page with multiple tabs that has detailed information on that specific pc:

In here it is possible to do many operations as described.

There is a Tools Page to do massive actions instead of using atomic operations in Inventory Pages. It is very easy to understand, looking to the left, which massive operation are available:

This is a useful page if you need some kind of reports that other department need to trace inside the company. I did not used in my time, but is quite easy to have look and program scheduled reports:

Agent is the main application that is installed in Business devices to let the UEM control them. Without the installation of agents, it is not possible to control any function or any deploy in Devices.

Of course agent could be installed in different Domains: it could be possible that if you have an installed Active Directory central server, you don’t have possibility, after 60 days, to control a device inside the domain: this is an example of people always in Smart Working. This is very useful for the Agents to cooperate between different domains.

The “Office” could be, for example, an example of all devices registered to a specific company, indipendently from Active Directory Domains (as explained above). That’s the common way to go if you have heterogeneous situations.

There is also a Table List where you can see where agents are installed.

If you want to install agent to a new device you can follow steps as the image down below shows:

Will be described ASAP.

Will be described ASAP.