Chat with us, powered by LiveChat

Emsisoft Cloud Console User Guide

  • February 18, 2019
  • 10 min read

Emsisoft Cloud Console is made for network administrators, managed service providers and IT professionals and provides centralized remote management of Emsisoft Anti-Malware (including Home, Business Security and Enterprise Security license plans).

It’s part of my.emsisoft.com and can also be pinned as an app to your app launcher.

Workspaces:

Devices:

For partners and MSPs:


Create a new workspace

Open MyEmsisoft and navigate to the Workspaces Dashboard. Click the ‘Create Workspace’ button and enter a new, unique name for your workspace.

If you already see an automatically created workspace in MyEmsisoft, feel free to rename it in its Workspace Settings panel any time.

What is a workspace?

Workspaces typically represent the boundaries of your company or organization, but can also define your home computers group.

Licenses are applied on workspace level, which means your workspace can either be in trial mode or have a full version license assigned for all your devices.

When creating a new workspace, you automatically become the Primary Owner, but you can invite other users to join your workspace. E.g. you may want to request feedback on your protection status from an IT professional. See ‘Inviting users‘ for details.

Add devices to a workspace

Go to your workspace overview panel and click the ‘Add Device’ button.

Important security advise for installation tokens

Note that the download filename must not be changed. It contains a unique identifier/token (36 characters sequence) to authenticate the installed device directly with your workspace.

Warning: Never share your installer with the public! For security reasons, it is advisable to always set an expiration date for your tokens.

Installation tokens and default protection policies (new in version 2019.4)

By default, newly installed devices are added to the ‘New computers’ protection policy group in your workspace.

If you require them to be added to a different policy group, please navigate to the policy settings and create an additional installation token at the top of the panel. All devices installed or connected via the custom installer of that policy group will then be added to that policy group instead of the default group.

Manual connection via command line (new in version 2019.4)

If you have a larger number of already installed endpoints (e.g. managed by Emsisoft Enterprise Console) and would like to automatically connect them to your workspace, you may use the following command line parameters to initiate the connection:

%ProgramFiles%\Emsisoft Anti-Malware\a2start.exe /applytoken=<installtoken>

<installtoken>: Your custom installation token can be obtained from the ‘New computers’ protection policy group.

Apply a license to a workspace

When creating a new workspace, the first device that gets added automatically activates a free trial license. You can add multiple devices during the trial period.

To switch to a full version license, go to the Workspace Settings panel and click the ‘Apply license key’ link. Once confirmed, your license will be deployed to all your devices.

Invite users to your workspaces

As a Primary Owner or Workspace Admin you can invite additional users and assign them different user roles. Go to the Workspace Settings panel and click the ‘Invite a user’ button to send an invitation by email.

If the invited user doesn’t yet have an Emsisoft user account, we will guide them through sign up first.

User roles

Billing Contact Protection Manager Workspace Admin Primary Workspace Owner
Devices X X X
Policies X X X
Licensing X X X
Edit users X X
Change owner X

 

Primary Workspace Owner

Is the legal owner of the workspace and responsible for all activities within a workspace. Has full access to everything and can re-assign ownership to another user.

Typical use case: The buyer of the license.

Workspace Admin

Has full access to your workspace and can view/edit all devices, policies, alerts, logs, reports, users and the license of your workspace. Workspace Admins can change all user permissions except those of the Primary Workspace Owner.

Typical use case: An organization has multiple full-access administrators to share management tasks of the workspace.

Protection Manager

Can view/edit all devices, policies, alerts, logs, reports, but can’t change the workspace settings such as user roles and licensing.

Typical use case: A trusted third party who has more experience with security software manages the protection for the workspace, i.e. an IT professional or the ‘computer geek’ in the family.

Billing Contact

Is responsible for license payments. Can view/edit license information, but doesn’t have access to devices or other workspace settings.

The billing contact receives license renewal reminders from us.

Typical use case: A managed service provider (MSP) or reseller who sells the malware protection in a bundle with other services, i.e. general computer maintenance services.

Workspace overview: Protection status of your devices

Select any of your workspaces in your Workspaces Dashboard to see all connected devices in that workspace. The table provides a quick overview of what’s going on in your environment and will signal issues printed in red.

Pay special attention to the Protection Status and Last Update columns, as they indicate potential issues that may affect your security.

The column ‘Protection Policy’ tells you which device settings policy currently applies to a particular device.

‘Last User’ and ‘User Policy’ indicate which user is currently (or was last) logged on at the device and which permission policy applies.

The last column provides a hamburger menu with shortcuts to common tasks such as malware scans, or to edit the device settings.

Tip: Hover your workspace name on the left side menu and you’ll see a little pin icon. Click that to pin your workspace permanently to your menu for quick access.

Edit global protection policies for groups of devices

We recommend the use of device groups that reflect your internal organization structure, e.g. your marketing team may require to exclude specific work related programs from protection for best performance; or your customer support team may require silent operation of the Emsisoft protection to avoid any kind of popups during work.

Instead of changing the configuration for each device individually, you can save a lot of time by simply creating groups and applying specific settings either globally or for selected sub-groups, as required.

The ‘Protection Policies’ panel allows you to edit and re-arrange the hierarchy of groups on the left, and modify the policy settings of the selected group on the right.

The panel includes all software settings as they are displayed on the endpoint. Additionally, you can modify some customization properties, e.g. to hide news popups or to redirect the purchase links to a custom website. See ‘Customer Care‘ settings.

Policy groups with inheritance

The highest hierarchy is always your Workspace root group. Any changes you apply there will automatically be inherited to all sub-groups. Click ‘Add’ and drag&drop a group to the desired hierarchy level.

Assign devices to groups

Click the ‘Devices in this group’ tab on the right top to see all devices in the selected group. Drag&drop a device to a different group to re-assign the device.

Newly added devices will automatically be added to the ‘New devices’ group that comes with more restricted default settings.

Modify group settings

Select a group on the left and switch to the ‘Group settings’ tab on the right to see all protection settings.

Note that all settings that are different to the next higher hierarchy level are printed in bold, have a light grey background and a blue handle on the left. Click the ‘Reset’ icon on the right to restore inheritance of a particular setting.

Settings are saved in real-time and typically applied to your devices within the minute.

Edit local user permission policies for groups of devices

Similar to the Protection Policies you can define default permissions for user accounts. Select a user group on the left and switch to the ‘Users’ tab on the right to see the assigned users.

Users can either be local user accounts on your devices or Active Directory Domain users in your network. Click ‘Add’ to specific a new user.

For simplification we recommend working with default groups though. The protection software on the endpoint can automatically assign permissions based on available local account permissions.

Default permissions:

Alternatively, you can change the default permissions to one of the following:

Receive infection notifications

Go to the bottom of the workspace settings panel to set up new notification triggers. When adding new notifications, you can select the real time protection components which you want to receive notifications from.

Device overview: Protection status and quick access

The content of the device overview panel matches what users see locally on those devices when they open the protection software.

The first tile shows the current protection status. The background color of the tile provides basic information about potential issues:

Protection settings of a device

While it is strongly recommended to work with protection policies and groups, you can also change software settings on individual devices if required. Such changes override any inherited policies.

Once your edits are completely synchronized with the device (usually within the minute) they will be printed in bold with a grey background and a blue handle on the left on the actual devices in their Settings panel. Hover the setting and click the ‘Reset’ icon on the right to restore the inherited setting value.

Scan for malware

We recommend to run a manual malware scan right after installing the protection software, or at any time when you suspect an infection. It makes sure that the system hasn’t been compromised and the real-time protection components can reliably do their job.

The following scan types are available:

Manage quarantined objects

All findings of the on-demand scanner and the real-time protection are first put in quarantine instead of deleting them right away. That security measure allows to restore potentially wrongly detected objects later.

Emsisoft Anti-Malware automatically re-scans quarantined objects after each online update and offers to restore the data to its original location if it turns out the detection was wrong. You can run a manual quarantine re-scan at any time by hitting the ‘Re-scan all’ button on the right bottom corner.

If you suspect a wrong detection, tick the checkbox in front of the object in question and hit the ‘False detection’ button at the bottom. That submits the quarantined item to the Emsisoft Lab for further investigation.

Select an object and click ‘Restore’ to get the file and its settings restored to their original locations. By clicking ‘Delete’ the data will be permanently removed and can not be restored any longer.

Logs of a device

Emsisoft protection software logs a number of events, such as the date and time of online updates, malware scans, real-time protection alerts, and more. Use those logs to investigate in issues or to verify proper use of the software.

 

Rating: 4.0/5. From 4 votes.
Please wait...

Similar topics