This guide will outline how to deploy, monitor and manage Bitdefender Endpoint Security using Naverisk and the Bitdefender GravityZone Control Centre.
This section will outline how you can deploy BitDefender to your client's workstations and servers through Naverisk.
In order to deploy Bitdefender, follow the below steps in order to create a script pack to be deployed across your Devices:
- Login to your Bitdefender GravityZone https://gravityzone.bitdefender.com/
- Under Network in the left-hand pane click on Packages
3. Choose your package that you wish to deploy by clicking the checkbox next to its name
4. Click on Download on the top grid
5. Choose Windows Downloader
6. Let the installer download, DO NOT RENAME THIS FILE (IMPORTANT)
7. In Naverisk, go to Settings > Script Packs > Bitdefender Deployment
8. Delete the existing “delete me first” file
9. Click on Add File and upload the Bitdefender installer you downloaded
10. Click on the check box for Primary to make the installer you just uploaded the primary file executed by the script pack
11. Under the Parameters section at the bottom, put /silent
12. Click Save
Now that you have created your Bitdefender Deployment script, you can either run this manually through the Devices tab or create a scheduled job to deploy this script pack at a designated time.
While we recommend deploying Bitdefender through Naverisk, you can also use Bitdefender Remote Installation. You can find the details for this in the Bitdefender Control Center > Essential Steps when you first login to the console (as below).
2.0 Monitoring Windows Workstations
Naverisk can integrate into the Microsoft Windows Security center to provide efficient Antivirus monitoring on your Workstation Devices.
This section is intended to walk through the steps of configuring the Naverisk Security Centre for Antivirus, Firewall and Anti-Spyware Monitoring. Naverisk can automatically retrieve information from the Microsoft Action Centre via the Naverisk Agent for alerting and reporting purposes.
Note: Only Microsoft Workstation Operating Systems Windows XP SP3 onwards are supported by the Naverisk Security Centre.
Microsoft Security Centre is designed to report on the status of 3rd party Antivirus applications only – it will not report on the status of Windows Defender or Microsoft Security Essentials.
In order to monitor Server Operating Systems or Microsoft Security Products you will require a device role. For resources around how to perform this, please refer to the Device Role documents found in Naverisk Help.
2.1 Naverisk Security Centre Monitoring - set up
To set up Naverisk Security Centre follow these steps below.
- Log in to Naverisk, Navigate to settings and select the OS Templates Icon;
2. Select the appropriate client and select the 'Green Arrow' to make changes to the desired Operating System Template:
3. Within the OS Template, select the desired security services and signatures to monitor, then save the template.
4. Naverisk has now picked up on Bitdefender Endpoint Security for a Windows 7 workstation below.
3.0 Monitoring Windows Servers
The Windows Security Centre is not available on Server versions of Windows, so we must monitor Bitdefender using Device Roles.
A pre-configured Device Role for Bitdefender is included in Naverisk. This monitors the Bitdefender component services, the Event Log for Bitdefender warnings, and checks the definitions.
This Device Role can be applied to both workstations and servers, either individually or in bulk.
To deploy individually:
- Navigate to the Devices tab
- Go into the Device you wish to add the Role to
- Select the Monitoring tab
- Select the '+' symbol under the Device Roles Section
Here you will be presented with all the Device Roles you would have seen under the Device Roles in the Settings Tab:
5. Select the AV Bitdefender - Endpoint Client role by ticking the check box on the right-hand side of the Device Role.
6. Select Save Roles to assign the Role to this Device.
You can also deploy the role in bulk to multiple devices:
- Navigate to the Device tab.
- Select a Client that you wish to deploy your Device Roles to.
- Select the multiple Devices with the use of the check boxes situated next to the Device on the left hand side as per the screenshot below:
4. In the right-hand corner of your Naverisk Dashboard, next to New Device you will see a drop-down menu called Select a Task. Click on this drop-down and select Update Roles:
5. You will now be presented with a list of Device Roles that is available for assigning to your Devices:
6. Select the AV Bitdefender - Endpoint Client role by ticking the check box beside the role.
7. Click Add Roles
For more details on working with Device Roles, see the Device Roles guide under Naverisk Help.
Tickets are automatically created when issues arise with a Bitdefender client on any monitored device. These will be assigned an appropriate SLA classification depending on the severity of the issue. These tickets are generated from either the Security Center integration or the Device Role, depending on the type of client device.
4.1 Workstations - via Security Centre
The Security Centre is an integration from Microsoft Action Centre, that uses the Microsoft Action Centre API (Application Programming Interface), to retrieve and relay the data that is normally displayed in your Windows OS, to your Naverisk Web Interface.
This data is also integrated into Naverisk’s Reporting system. This allows you to run analytics of your device’s security, which overtime can show you where the weak links are, helping you to strengthen your Clients’ security and allowing you to protect their data more efficiently.
Please be aware that Security Monitoring is only compatible with Windows Workstation Devices due to Microsoft not including the Security Centre within Server OS’s. You will need a Device Role to monitor Security on a Server.
The Security Centre can be enabled by ticking each checkbox. The use of each section is as follows:
- If Service monitoring is enabled, a Failure SLA ticket will be created if the Antivirus service is detected as Stopped for more than 600 seconds.
- If Signatures monitoring is enabled, a Failure SLA ticket will be created if the Antivirus signatures are found Outdated for more than 600 seconds.
- If Firewall Service monitoring is Enabled, a Failure SLA ticket will be created if the Firewall is detected as Disabled/Stopped for more than 600 seconds.
- If Service monitoring is enabled, a Failure SLA ticket will be created if the AntiSpyWare service is detected as Stopped for more than 600 seconds.
- If Signatures monitoring is enabled, a Failure SLA ticket will be created if the AntiSpyWare signatures are found Outdated for more than 600 seconds.
Each threshold can be increased or decreased, depending on your needs. The maximum threshold is 999 seconds.
4.2 Servers - via Device Roles
Each Bitdefender service and logged event, as well as the result of the definition check, are configured by default to create a ticket to warn you of an issue. The SLA severity of these tickets are also set by default to appropriate values. You can change these by editing the Device Role. Please refer to the Device Roles documentation for details on this.
5.0 Scheduling Scans & Updates
In order to schedule Bitdefender updates & scans, you will need to configure this through your Bitdefender GravityZone Control Centre. Note that the current version of Bitdefender does no allow scans and updates to be triggered from within Naverisk.
In the Control Centre this can be done through the Policies Tab and configured to suit your needs:
Once you have created your policy for the Update and Scans, you will then need to assign it to your Devices.
To do this, you will need to navigate to the Network Tab and select the Device you wish to assign the policy too.
Once you have selected the Devices or group of Devices, click Assign Policy:
You can then select the appropriate policy that you wish to assign and click on Finish:
This policy will then filter down to your Bitdefender endpoints.
Reports can be generated in Naverisk that show your customer’s antivirus status. Bitdefender also provides additional reporting via the Control Center.
The Antivirus Detail report can be found under the Reports tab > Device > Antivirus Detail and will look like the below example:
Note that data may be incomplete when clients are first configured. Waiting at least 24 hours for data to be retrieved and logged by Naverisk should provide you with better results.
The Antivirus Summary report can be found in the Reports tab > Client Facing > Antivirus Summary. It will appear as a pie graph as per the below example: