Change Guardian provides the following user interfaces:
For more information about the Change Guardian interfaces, see the Change Guardian User Guide.
Following are the web-based interfaces:
The Change Guardian dashboard is the new dashboard that provides an quick view of events generated as a result of preconfigured policies. For more information, see Change Guardian Dashboard in the Change Guardian User Guide.
The Administration Console is the main user interface for viewing and interacting with Change Guardian data. As an administrator, you can perform tasks, such as:
Create users.
Configure LDAP settings.
Search and view events.
Creating event and alert routing rules.
Create filters and tags for events.
The Threat Response Dashboard is the main user interface for viewing and triaging alerts. For more information, see Threat Response Dashboard in the Change Guardian User Guide.
Agent Manager provides a central location from where you can manage your agents directly on the agent machine or remotely install and update agents on assets. You can perform the following tasks using Agent Manager:
Get a list of computers to which you can deploy agents. This list is populated by the results of a query against a directory services (Active Directory) or imported from another list.
Remotely install Client Agent Manager (CAM) on a computer that never had any agents. CAM receives instructions from Agent Management Services.
Remotely install agents on a computer by using the Agent Management Service.
Upgrade an existing agent.
NOTE:However, you can roll back the updates.
Set configuration of the agents.
Collect the installation logs.
Start, stop and restart agents remotely.
An asset is a device that you can monitor using Change Guardian. In Agent Manager you can view the computer attributes, such as computer name and operating system, and the groups to which the computer belongs. If you have the appropriate permissions, you can use the Membership tab to modify the computer’s membership in static asset groups. You can see the last heartbeat time from the asset.You can filter the assets or asset groups to see only the items that meet certain criteria. Expand Filter Values, and then use any combination of the available conditions. Specify values for the conditions you select, and then click Apply.
An Asset Group is a set of assets or devices that you want to associate with one another. Each Asset Group can contain assets, another Asset Group, or a combination of assets and an Asset Group.
Agent Manager displays the following Asset Groups:
All Assets All assets added or imported to Agent Manager.
Approved Assets Assets to which Agent Manager successfully deployed Change Guardian Agent. You do not need to authenticate multiple times for any ‘Install or Upgrade Agents' activity. If the Client Agent Manager service cannot communicate with the Agent Management Service, the asset will move to the “Assets that have not communicated” group.
Assets that have not communicated Asset from the “Approved asset” group that cannot communicate with Agent Management Service. To move such assets to “Approved asset” group, check if the Client Agent Manager service is communicating with Agent Management Service.
Assets not in any group Assets that are not part of user-defined group where Agent Manager installed the agent. To categorize the assets from this group to any user defined group, select the asset, go to Manage Asset > Move Assets to a Group and select the required group.
User defined groups A list of user defined groups and the categories. To organize and manage assets, you can create your own asset groups under 'User defined groups' section and copy assets from 'Approved Assets' group to user-defined group.
You have to add assets using Agent Manager to associate them with the Change Guardian agents.
To add assets in Agent Manager
Log in to Change Guardian, click Integration > Agent Manager.
(Conditional) If no assets were added in Agent Manager, then perform the following steps:
Click All Assets.
Click Manage Assets > Add.
(Conditional) If you have previously added assets in Agent Manager, then perform the following steps:
Under Asset Groups, click All Assets.
Click Add Assets.
(Conditional) To import assets from Active Directory, use the Active Director tab.
NOTE:If you are using Active Directory over SSL or TLS connections, ensure that you have imported the Active Directory SSL certificate to the Change Guardian server. For more information, see Configuring Certificates.
(Conditional) To import assets from a text file, use the Hosts List tab.
Create a text file with a header line containing the columns Hostname, MajorType, and Addresses. Use a tab to separate the columns. In the Hostname column, type the fully-qualified domain names of the computers where you want to deploy agents. Optionally, you can specify the IP addresses in the Addresses column. In the MajorType column, specify whether the operating system is UNIX or Windows.
(Conditional) To manually add an asset, use the Host tab.
This is the interface that allows you to configure and manage policies. For information about policies, see Section 6.0, Configuring Policies.
Policy Editor allows to perform tasks, such as:
Manage application licenses.
Assign policies to assets.
Create and manage policy sets.
Manage asset groups by adding assets to static and dynamic groups.
Create administrative reports such as license utilization, manage assets, assigned policies by assets, and so on.
Create alert rules.
Configure event destinations.
Schedule monitoring.
Configure emails.
Assets displays a list of all computers with Change Guardian agents installed. On the Attributes tab, you can view the computer attributes, such as computer name and operating system, and the groups to which the computer belongs. If you have the appropriate permissions, you can use the Membership tab to modify the computer’s membership in static asset groups. You can see the last heartbeat time from the asset.
Asset groups allow you to perform the following tasks:
Categorize computers
Assign policies to the group instead of to each individual computer. When you add a new computer to the group, Change Guardian automatically deploys the policies assigned to the group to the new computer.
Change Guardian supports the following types of asset groups:
Default groups match specific platforms. You can view the members of default groups, but you cannot modify or delete the groups.
Static groups contain only the assets you manually add to them. To add or remove members, you must manually update the group.
Dynamic groups contain all assets that match the filter criteria you specify for the group.
You can modify the filter criteria, but you cannot add or remove specific assets manually. Every 30 minutes, Change Guardian refreshes the group membership according to the specified criteria.