Setting up the integration
To set up the Kaseya VSA X integration, you must create an API key in GravityZone. The administrator's API key will be used to link the Kaseya VSA X tenant to their GravityZone root company.
Generating the API key
To generate the API key, follow these steps:
Log in to GravityZone console.
In the upper right-corner on the page, click the welcome menu and go to My Account.
In the API keys section of the account details, click Add.
On the API key configuration page, enter a description and select the following APIs:
Companies
Licensing
Packages
Network
Quarantine
Policies
Event Push Service
Click Generate.
On the new page, copy your API key and saved it in a safe location. After you close the window, the key will no longer be visible.
Kaseya VSA X App registration
To register in the Kaseya VSA X App, follow these steps:
In your Kaseya VSA X tenant, under Integrations, click Bitdefender and then Enable Integration.
Important
For this action, you need a Kaseya VSA X account with administrative rights.
On the next page, click Allow.
This action will generate a system token user used for all background operations. Once the access is allowed, the Bitdefender integration is enabled.
Under Automation, click Workflows.
The following Bitdefender workflows must be activated:
Bitdefender - Detect Workflow
Bitdefender - Disable Policies Workflow
Bitdefender - Install Workflow
Bitdefender - Prerequisites Workflow
Bitdefender - Reboot Workflow
Bitdefender - Uninstall Workflow
To activate a workflow, follow these steps:
Select the workflow.
Click Edit.
Click Details.
Under Status, set the toggle to Active.
Save the workflow.
Repeat the process for all Bitdefender workflows.
Warning
After enabling the Bitdefender integration, the above workflows are imported automatically with Inactive status.
You have to manually set them all to Active, otherwise the Bitdefender integration will not work.
Under Integrations, click Bitdefender and then Go To Integration.
On the next page, click Allow.
This action will generate a user token user used for displaying in the Bitdefender integration the VSA X data information to which the user has access to.
Note
The following rights are necessary for a VSA X user to access the Bitdefender integration:
Permissions: Bitdefender Integration - View Bitdefender Integration; Generate Access Token
Access: Full Access on Organization (and for child nodes) needed in order to be able to successfully run Sync Agent tasks.
Configuration
For the initial integration setup, you must provide the necessary details to synchronize the Kaseya VSA X and GravityZone platforms. To do this, follow the guided steps on the Configuration page as described below.
Note
When connecting for the first time to Kaseya VSA X, you can access only the Configuration page. All the other pages become available after configuring the integration.
My company
This page contains the basic data about the integration.
Under GravityZone credentials, enter the GravityZone API key and the GravityZone API access URL.
Click Validate.
After entering the credentials, the fields under Company info will be automatically populated with details retrieved from GravityZone via API. Details include:
Company name
Company type (either Partner or Customer)
Address
Phone
Whether the company security is managed by a partner or not.
Click Next.
Note
When editing the configuration after the initial setup, the page displays the Save button.
Inventory synchronization
On this page, you select the options that control synchronization between Kaseya VSA X and GravityZone inventories.
To configure inventory synchronization, follow these steps:
Under Synchronization level, select the option for inventory event reporting and handling.
Under Default synchronization mode, select whether to include or exclude the entire inventory in the synchronization scope.
Under Synchronization event handling, select the type of action for handling events. For automatic sync, event handling is further dependent on the synchronization level.
Under Prefix settings, configure naming preferences when synchronizing companies in GravityZone.
Click Next.
Note
When editing the configuration after the initial setup, the page displays the Save button.
Inventory synchronization level
Actions under Synchronization level differ by scope and type.
The action's scope can include:
Synchronized entities only - Kaseya VSA X App operates only on organizations that already have an association with GravityZone companies.
The entire inventory - Kaseya VSA X App operates on all organizations, regardless of whether they have an association or not in GravityZone.
The action type can be:
Report only - Kaseya VSA X App only reports sync events in the interface and you must handle them manually.
Handle - Kaseya VSA X App tries to automatically handle sync events according to the settings. Event handling may include attaching a prefix to the name of the GravityZone company.
Option | Description | Scope | Event action |
---|---|---|---|
Monitor & report synchronized inventory status | Monitors synchronized entities and generates events when detecting discrepancies. | Operates only on entities that have an association. | Reports events on the Inventory Events page. The synchronization task ignores the settings in the Synchronization event handling section. |
Monitor & handle synchronized inventory status | Monitors synchronized entities, generates events and takes action on them according to the settings. | Operates only on entities that have an association. | Tries to resolve events according to the settings in the Synchronization event handling section. |
Automatic inventory synchronization | Monitors all entities, generates events and takes action on them according to the settings. | Operates on all entities (regardless of whether they have an association or not). | Tries to resolve events according to the settings in the Synchronization event handling section. |
Default synchronization mode
In this section, you select whether the synchronization task includes the Kaseya VSA X or not, by default:
Include entire inventory - Bitdefender synchronizes all Kaseya VSA X organizations. Select this option when you want to manage exclusions individually.
Exclude entire inventory - Bitdefender ignores all Kaseya VSA X organizations. Select this option when you want to manually synchronize certain organizations.
Inventory synchronization event handling
In this section, you select the type of action for handling synchronization events. Actions can be:
Automatic - Kaseya VSA X App tries to handle events according to the settings selected under Synchronization level.
Automatic actions are only available for Monitor & handle synchronized inventory status and Automatic inventory synchronization options.
Manual - you must handle events instead of Kaseya VSA X App. Manual actions are available for each issue on the Inventory Events page.
Automatic actions are available with the following synchronization events.
Event type | Description | Automatic action |
---|---|---|
Destination moved | The associated GravityZone company was moved under another partner. | Moves the GravityZone company to match the organization's location in Kaseya VSA X. |
Destination deleted | The associated GravityZone company no longer exists. | Creates a new GravityZone company. |
Association missing | The association between the Kaseya VSA X organization and the GravityZone company no longer exists. | Associates the two entities. |
Prefix-based association missing | The association between the Kaseya VSA X organization and the GravityZone company no longer exists and the GravityZone company used a prefix. | Associates the two entities. |
Prefix settings
In this section, you can specify a prefix to be attached to new GravityZone companies with similar names.
A blank space is inserted between the prefix and the actual name. For example, if you specify "New" as the prefix, a Kaseya VSA X organization named "Abc" would be associated to a company "New Abc" in GravityZone.
The following options are available with the prefix:
Use prefix for creation - the prefix is added to the name of new GravityZone companies as follows:
Always - select this option use the prefix for every new company in GravityZone regardless of its name.
Only if the name already exists - select this option to use the prefix for new companies when their names match existing companies.
Use prefix for association - Kaseya VSA X App searches for GravityZone companies using the prefix and associates them with Kaseya VSA X organizations.
Agent synchronization
On this page, you select the options that control the synchronization of Bitdefender Endpoint Security Tools, the security agent installed on computers. Synchronization include installing the Bitdefender agent and keeping it up to date in terms of protection modules and technologies enabled by policy.
To configure the agent synchronization, follow these steps:
Under Synchronization level, select the option for agent event reporting and handling.
Under Deployment package, select the modules that will install with the security agent.
Under Synchronization event handling, select the type of action for handling events. The available action depends on the option selected under Synchronization level.
Click Next.
Note
When editing the configuration after the initial setup, the page displays the Save button.
Agent synchronization level
In this section, you select the type of action for handling synchronization events. Actions can be:
Synchronized agents only - Kaseya VSA X App operates only on computers that have synchronized agents.
The entire inventory - Kaseya VSA X operates on all computers that have the Bitdefender agent installed.
The action type can be:
Report only - Kaseya VSA X App only reports sync events in the interface and you must handle them manually.
Handle - Kaseya VSA X App tries to automatically handle sync events according to the settings.
Option | Description | Scope | Event action |
---|---|---|---|
Monitor & report synchronized agent status | Generates events for synchronized agents. | Operates only on synchronized agents. | Reports events on the Agent Events page. The synchronization task ignores the settings in the Synchronization event handling section. |
Monitor & handle synchronized agent status | Generates and handles events for synchronized agents. | Operates only on synchronized agents. | Tries to resolve events according to the settings in the Synchronization event handling section. |
Automatic agent synchronization | Generates and handles events for all agents, both synchronized and not synchronized. | Operates on all agents. | Tries to resolve events according to the settings in the Synchronization event handling section. |
Deployment package
In this section, select the modules that will be installed with the Bitdefender agent (Bitdefender Endpoint Security Tools) on computers.
The available modules are:
Antimalware (enabled by default and mandatory)
Advanced Threat Control
Advanced Anti-Exploit
Device Control
Endpoint Detection and Response (EDR) Sensor
Full Disk Encryption
Patch Management
Firewall
Power User
Network Protection
Content Control
Antiphishing
Web Traffic Scan
Network Attack Defense
Additional settings include Remove Competitors, which allows BEST installation only after other security products had been removed from the target systems.
Agent synchronization event handling
In this section, you select the type of action for handling synchronization events. Actions can be:
Automatic - Kaseya VSA X App tries to handle events according to the settings selected under Synchronization level.
Automatic actions are only available for Monitor & handle synchronized agent status and Automatic agent synchronization options.
Manual - you must handle events instead of Kaseya VSA X App. Manual actions are available for each issue on the Agent Events page.
Event type | Description | Automatic action |
---|---|---|
Destination moved | The Bitdefender agent is now under a different parent than the VSA X agent. | The automatic action will reposition the agent in GravityZone according to its location in Kaseya VSA X. |
Rogue Bitdefender agent found | The Bitdefender agent is now under a different parent than the VSA X agent. The new parent is not found under the same tenant or the move requires Bitdefender agent uninstall. | The automatic action will reposition the agent in GravityZone according to its location in Kaseya VSA X by forcing its removal and reinstallation. |
Destination deleted | The Bitdefender agent has been uninstalled and disappeared from GravityZone. | The automatic action will reinstall the agent. |
Install Bitdefender Agent | The Bitdefender agent is not installed on the target computer in Kaseya VSA X. | The automatic action will install the agent, and it will appear in GravityZone. |
Finalize the configuration
On this page, save the configuration to create the integration.
If needed click Back to change settings at previous steps.