User Scoping and Blackout Windows Highlight New Versions of Syxsense Secure and Manage
Syxsense Secure and Syxsense Manage have announced an exciting new array of features, including user scoping, blackout windows, and an optimized patch scanner.
New Syxsense Features Announced
Syxsense, a global leader in IT and security management solutions, today announced new features for what was formerly Cloud Management Suite, now called Syxsense Secure and Syxsense Manage.
To the existing feature set, Syxsense has added:
- User Scoping: Limits individual console users to only those devices their Syxsense User Account is authorized to see and manage (more on this below);
- Blackout Windows: Provides intelligence about when updates can occur and respecting those sensitive times. Tasks ask devices if their local time zone falls within the blackout hours; if it does, no actions will start until the blackout hours have passed (more on this below);
- HIPPA, SOX, and PCI Compliance Reports: New Reports that will document security success against compliance agency standards;
- Optimized Patch Scanner: Performance improvements make Patch Scans run faster on target machines;
- Security Access: The auto-logout timeframe from the console is now configurable by administrators; there is also an option to email users on every login to the console to detect unauthorized login attempts.
While these and hundreds of other enhancements and bug fixes are part of the new release, the two most importance features are User Scoping and Blackout Windows.
User Scoping limits individual console users to only those devices their Syxsense User Account is authorized to see and manage This ensures that users can manage, secure, and patch only those devices within their scope. Unauthorized users will not be able to act on or see devices not to their assigned scope.
How Scope is Defined
An admin user creates a GROUP in Syxsense. That group can contain queries, devices, sites or other groups and can be based on any inventory attribute.
- Group membership can be created from specific devices, sites, other groups, or queries.
- If a query is assigned to a group, that query is reevaluated on a refresh (5 minutes), and the managed devices can change dynamically.
- If new devices are added to a site assigned to a group, they will be on the same refresh (5 minutes).
How Scope is Assigned
In the User Accounts module for an individual user, a drop down of available groups allows assignment of a single group to that user. Also highlighted are the two new User Account options for enhanced security (see screen shot below).
How a Scope is Filtered in Console
Similar to a query results view, the device grid is filtered by referencing a small background table containing the deviceID results for that query/group.
Actions a Scoped User Cannot Perform
- Create, edit, or delete alerts.
- Create, edit, or delete SCHEDULED reports (regular reports work).
- Create Discovery tasks.
Blackout Windows give devices more intelligence about when updates can occur, respecting sensitive times. Tasks ask devices if their local timezone falls with the blackout hours. If it does, no actions start until the blackout hours are over.
Using Blackout Windows in Tasks
To understand when tasks will run, the Task Schedule step to the Wizard now has three choices:
- Start: Time the task will run, if it is now, in a maintenance window or in the future.
- Repeat: How often the task will run.
- Protect: The new settings for Blackout Hours when devices are protected from change.
Take note of the illustrated timeline (see screen shot, below) that shows when the task will run, including blackout times.
Where Blackout Windows are Defined
Blackout windows can be defined at global level for all devices, on a task (overrides global), and on an individual device (overrides task).
- Global Blackout: Set in Settings: Communications (Timers), Blackout hours. This sets general work hours for all devices across the globe during these hours. No devices will run tasks unless overwritten by a higher level of blackout window (Device or Task level).
- Task Level Blackout: Set in the Task Create Wizard: Task Schedule Step, Protect dropdown. NOTE: Tasks have the option “No Protected Hours.” This disables all Blackout windows (even device) and allows you to deploy software or patches in an emergency.
- Device Level Blackout: Set on the device: Choose the device, Overview, Tools (Device Config). Device level settings are for highly sensitive devices, such as servers or the CEOs computer
Syxsense is the leading provider of innovative, intuitive technology that sees all and knows everything about every endpoint, in every location, everywhere inside and outside the network, as well as in the cloud. It combines the power of artificial intelligence with industry expertise to manage and secure endpoints by stopping threats before they occur and neutralizing threats when they happen. The Syxsense Endpoint Security Cloud always-on technology performs in real-time so businesses can operate free of disruption from security breaches that cripple productivity and expose them to financial risk and reputational harm.