Skip to main content

Synchronizing ConnectWise Automate computers with GravityZone

Note

Bitdefender has started a controlled rollout of the advanced computer synchronization features. These features include the Computer Synchronization Options section under Deployment Settings. For users to be eligible for the rollout process, they need to install the plugin version 1.4.0.167 or later. In the following period, Bitdefender will progressively deliver the new features to eligible users, with the aim of reaching the entire installation base as soon as possible.

In the Deployment section, you can configure how to deploy the Bitdefender security agent (Bitdefender Endpoint Security Tools) to your managed machines in ConnectWise Automate Control Center. For details on the features available with Bitdefender Endpoint Security Tools, refer to Security agents.

Deployment Settings

In the Deployment Settings section, the integration allows you to configure the settings for deploying the Bitdefender security agent through the integration on new unprotected machines in the ConnectWise Automate Control Center inventory. 

cw_automate_deployment_settings_p_170292_en.png

To configure the security agent deployment settings, follow these steps:

  1. Under Deployment Options, select one of these options:

    1. Next to Download Timeout, select a time limit within which the installation package should be downloaded.

    2. Use the On/Off switch to enable or disable Setup Downloader for the security agent deployment.

      When Setup Downloader is enabled, the Bitdefender Plugin uses this file to deploy the Bitdefender security agent on Windows computers instead of the full kit.

    Note

    The Enable Setup Downloader option does not support Linux and macOS. On computers running Linux and macOS, the Plugin continues using the full kit when deploying the Bitdefender security agent.

  2. Under Installation Options, select Automatically reboot if needed. This option is useful when the computer needs to restart following the Bitdefender security agent installation. If you leave this check box unselected, the endpoint will remain unprotected until the next manual reboot.

  3. Under Computer Synchronization Options, configure the scope and event handling for the synchronized computer.

    The options for the computer synchronization options are the main tool for you to control the synchronization of ConnectWise computers. The computer synchronization task is performed automatically by the plugin each hour.

    Note

    The Computer Synchronization Options section is available starting with plugin version 1.4.0.167 as part of a controlled rollout. If this section is not available in your integration yet, you can use the Automatic Deployment Retry option under Deployment Options to set the time interval for the Bitdefender security agent to retry installation in case of errors.

Configuring computer synchronization options

These options cover two areas:

  • Scope – it refers to the computers affected by the sync task. Scope may be:

    • Only synchronized entities – the sync task operates on ConnectWise Automate computers that have an association with GravityZone endpoints.

    • Entire inventory – the sync task operates on all computers, regardless they have an association with GravityZone endpoint or not.

  • Event actions – they refer to the action taken for sync events. Event actions may be:

    • Report only – the task only reports events in the interface and you have to handle them manually.

    • Handle – the task tries to handle the events according to the configured options. 

To configure the Computer Synchronization Level settings, follow these steps:

  1. Select one of the available options, as described in the table below.

    Computer synchronization level

    Scope

    Event actions

    Monitor and report synchronized computer status

    The sync task operates only on computers that have an association.

    The sync task only reports events in the Computers Events screen. It ignores the options in the Synchronization Event Handling section.

    Monitor and handle synchronized computer status

    The sync task operates only on computers that have an association.

    The sync task handles events according to the options in the Synchronization Event Handling section.

    Automatic computer synchronization

    The sync task operates on all computers (whether they have an association or not), except exclusions.

    The sync task handles events according to the options in the Synchronization Event Handling section.

    Note

    The Automatic computer synchronization level has in scope all computers belonging to mappd ConnectWise clients for Bitdefender security agent deployment.

    To exclude computers, clients, and locations from installing the Bidefender agent, please create exclusions under Deployment Exclusions.

  2. Select the type of action for handling each event:

    • Automatic - the synchronization task tries to handle the event without your intervention. If it fails, the event will be presented to you for manual fixing.

    • Manual - you have to manually handle each event generated in the Client Events screen of the plugin.

      The synchronization task applies the configured actions only if you selected Monitor and handle synchronized computer status or Automatic computer synchronization.

      For example, if you select Automatic computer synchronization and the event handling for all the generated events is set to Manual, the sync task will generate events for possible synchronization issues, but it will not handle them. That means you need to go to the Computer Events screen and take any actions there manually.

  3. Click Save Settings to apply the configuration.

    The synchronization task starts generating and handling events within the next hour.

Automatic actions for synchronization events

The following table describes the automatic actions taken by the computer synchronization task on each generated event:

Event type

Automatic action

Destination Moved

Moves the Bitdefender security agent in GravityZone to match the inventory location in ConnectWise Automate Control center, inside the same clients or between clients.

Destination Deleted

Reinstalls the Bitdefender security agent on the computer.

Rogue Endpoint 

Moves the Bitdefender security agent in GravityZone by uninstall and reinstall to match the inventory location in ConnectWise Automate Control Center.

Note

Automatic action for Rogue Endpoint event type is available for Windows OS computers only. For Linux and macOS computers, the Bitdefender agent must be uninstalled manually.

Manual actions for synchronization events

You can view and handle synchronization events manually in the Computer Events screen. This section displays only events that have been configure for manual handling or that the system has failed to handle automatically.

To handle an event, follow these steps:

  1. In the Computer Events grid, select the check box corresponding to the event and click Handle event.

    bitdefender_plugin_cwa_computer_events_170292_en__2_.png
  2. In the details window, select an action from the predefined list.

    bitdefender_plugin_cwa_computer_events_handling_170292_en__1_.png

The available actions for each event are described in the table below. Each event has two or more possible actions.

Event type

Description

Manual actions

Destination Moved

The computer was moved from its original location, inside the same client or between clients.

  • Move the Bitdefender agent according to the position of the ConnectWise computer.

  • Ignore this event. This event is generated again after running the computer sync task.

Destination Deleted

The Bitdefender security agent was uninstalled from the ConnectWise computer.

  • Reinstall the Bitdefender security agent.

  • Exclude the computer from deployment process. This event is not generated again after running the deployment process.

  • Ignore this event. This event is generated again after running the computer sync task.

Association Missing

The Bitdefender security agent is not associated with the ConnectWise Automate.

  • Associate the Bitdefender security agent with the ConnectWise Computer. Installation not required.

  • Ignore this event. This event is generated again after running the computer sync task.

Rogue Endpoint 

 The Bitdefender agent was found outside the target client or tenant.

  •  Move the Bidefender agent according to the position of the computer in ConnectWise Automate.

  • Exclude computer from the deployment process. This event is not generated again after running the computer sync task..

  • Uninstall the Bitdefender agent. Available for Windows computers only. For Linux and macOS, the Bitdefender security agent must be uninstalled manually.

  • Ignore this event. This event is generated again after running the computer sync task.

Destination Creation

 The Bitdefender  agent is not installed on the ConnectWise computer.

  • Install the Bitdefender agent.

  • Ignore this event. This event is generated again after running the computer sync task.

Source Deleted

 The computer located in the ConnectWise client is no longer present.

  •  Uninstall the Bitdefender agent from GravityZone.

  • Leave Bitdefender agent installed.

  • Ignore this event. This event is generated again after running the computer sync task.

Auto Deployment

The integration uses auto-deployment to install the Bitdefender agent on new, unprotected machines. If you use the Computer Synchronization Options section under Deployment Settings, deployment attempts occur with each recurrent sync task. If this section is not available to you yet, deployment attempts occur once per day. To ensure successful deployment, verify that the target location is specified and the computers are not excluded.

Note

If the computer synchronization level under Deployment Settings is set to Automatic computer synchronization, all mapped inventory is in scope for Bitdefender agent deployment.

You can select Auto Deployment for Windows workstations and servers, macOS, and Linux machines.

  1. In Automate Control Center, go to Tools > Bitdefender GravityZone.

  2. Go to Auto Deployment.

  3. Select the check boxes corresponding to your target machines.

  4. Click Save Settings in the upper right-hand corner to confirm the changes.

    If you are using the computer synchronization options under Deployment Settings, automatic agent deployment occurs with each recurrent sync task. If these features are not available with your plugin,automatic deployment begins within 10 to 15 minutes.

    cw_automate_auto_deployment_p_170292_en.png

Deployment Actions

In the Deployment Actions section, you can perform different actions depending on whether you are using the plugin version with advanced synchronization options.

  • If you are using the plugin version without advanced synchronization options, you can manually initiate installation or uninstallation commands on machines, clients, or locations. Use the right-side menu to make specific selections. If an action is not applicable, the corresponding options in the right-side menu are grayed out. For example, for unprotected machines, the Uninstall GravityZone and Sync Features buttons are disabled.

  • If you are using the plugin version with advanced synchronization options, you can manually install, uninstall, or synchronize the Bitdefender agent on computers, clients, or locations. By default, the section does not display inventory data. To view entities, use the Client and Location filters and click the Load data button. To reset the filters, use the Clear All Filters option at the bottom of the section.

    Note

    Loading large inventories may take some time. For best performance, it is recommended that you select up to 3,000 computers at a time.

    cw_automate_deployment_actions_p_170292_en.png

In the grid, you can view the following details on computers:

  • Client name

  • Location name

  • Computer name

  • Machine type, which refer to the operating system running on the computer: Windows for workstations, Windows for servers, MacOS, or Linux.

  • Bitdefender agent installation status, which can be:

    • Installed - the Bitdefender agent is installed.

    • Verification Pending - Bitdefender agent verification has not started yet.

    • Not Installed - the Bitdefender is not installed.

    • Installed without features - the Bitdefender agent is installed without protection modules or other features.

    • Installed with Issues - the Bitdefender agent has issues with Full Disk Access and system extensions on macOS, or with critical services not started on Linux, such as bdsrvscand, epagd or bdlogd.

    • Install Pending - Bitdefender agent installation has not started yet.

    • Uninstall Pending - uninstalling the Bitdefender has not started yet.

  • Online state - the computer is either online or offline.

  • Sync type - the Bitdefender agent synchronizes its features with the GravityZone policy or with the installation package.

    Note

    The synchronization type is configured in the Client Mapping or Client Subscriptions sections when using the Deployment Modes wizard:

    • Package - Package Defaults or Custom Package

    • Policy - Sync with Policies

The following actions are available in this section:

Some options may be grayed out if they do not apply to the selected targets. For example, the Uninstall GravityZone and Sync Features buttons are grayed out when you select unprotected computers.

  • Sync GravityZone - installs the Bitdefender agent on computers or synchronizes its status.

  • Uninstall GravityZone - uninstalls the Bitdefender agent from computers.

  • Sync Features - removes or adds protection modules or other features to the Bitdefender agent according to the active GravityZone policy or to the installation package.

    Note

    The option is only available for Windows operating systems.

  • Refresh - reloads inventory data in the grid.

To install the Bitdefender agent:

  1. Select targets in the Client and Location filters.

  2. Click the Load data button to populate the grid with computers.

  3. Select one or more computers.

  4. Click Sync GravityZone.

An install task starts for the selected machines that have the Bitdefender agent not installed. If the Bitdefender agent is installed, the Sync GravityZone action will synchronize the status of the computer and check these scenarios:

  • The computer moved inside the client locations or between clients from the same tenant.

  • The Bitdefender agent was uninstalled.

  • The Bitdefender agent belongs to another GravityZone company that is not part of the ConnectWise tenant.

  • The computer is still present in ConnectWise.

ConnectWise Automate Control Center must remain open until the installation is complete to avoid aborting the process. If any issues are found, or if the Bidefender agent installation was not successful, an event will be generated under Computer Events.

To uninstall the Bitdefender agent:

  1. Select targets in the Client and Location filters.

  2. Click the Load data button to populate the grid with computers.

  3. Select one or more computers.

  4. Click Uninstall GravityZone.

  5. Click Uninstall.

    An uninstall agent task starts for selected computers.

To sync the currently installed Bitdefender agent features against the assigned package or policy:

  1. Select targets in the Client and Location filters.

  2. Click the Load data button to populate the grid with computers.

  3. Select one ore more computers that have the Bitdefender agent installed.

  4. Click Sync Features.

    An assessment will be performed locally on each target machine to determine if there are any features that need to be added or removed. Depending on the configured synchronization type, features active in the assigned policy or features active in the installation package will be added or removed.

Deployment Exclusions

In the Deployment Exclusions section, you can exclude machines, clients, and locations from installing the Bitdefender agent on them. Use the right-side menu to make specific selections.

To exclude certain machines from agent installation:

  1. Select one or more machines.

  2. Click Enable Exclude.

To remove an exclusion:

  1. Select one or more excluded machines.

  2. Click Disable Exclude.

Note

The Deployments Exclusions section is available in the Bitdefender GravityZone area and in the Client and Location screens.

Deployment History

The Deployment History section displays the list of install and uninstall commands started on machines in the past. Each entry provides you the following details:

  • Client name

  • Location

  • Computer name

  • Command type (installation or uninstallation)

  • Command status (whether the command was successful, failed or it is pending or executing)

  • Output details

  • Date and time of task completion.