Site icon Emsisoft Help

Emsisoft Management Console User Guide

emsi

Emsisoft Management Console is made for network administrators, managed service providers and IT professionals and provides centralized remote

management of Emsisoft Anti-Malware (including Home, Business Security and Enterprise Security license plans).

It’s part of my.emsisoft.com and can also be pinned as an app to your app launcher.

Single Workspace Dashboard

Workspaces:

Devices:

Best practices:

Create a new workspace

Open MyEmsisoft and navigate to the ‘Workspaces’ dashboard in the ‘Management Console’ menu block. Click the ‘Create Workspace’ button and enter a new, unique name for your workspace.

If you already see an automatically created workspace in MyEmsisoft, feel free to rename it in its Workspace Settings panel any time.

What is a workspace?
Workspaces typically represent the boundaries of your company or organization.

Licenses are applied on workspace level, which means your workspace can either be in trial mode or have a full version license assigned for all your devices.

When creating a new workspace, you automatically become the Primary Owner, but you can invite other users to join your workspace. E.g. you may want to request feedback on your protection status from an IT professional. See ‘Inviting users‘ for details.

Firewall configuration

Device configuration
Devices running Emsisoft Anti-Malware with default Windows Firewall configurations should work automatically. If non-default firewall settings exist, it is best to add a whitelist entry for *.emsisoft.com. Precise server names if your firewall doesn’t allow wildcards like ‘ * ‘ are detailed in our Firewall Configuration Guide, with additional servers and ports listed below.

Add devices to a workspace

Go to your workspace overview panel and click the ‘Download & install protection’ button.

Add devices via direct (tagged) download or email invitation 

Direct download

Other options

Command prompt, share link and send email options

Important security advice for installation tokens

Note that the download filename must not be changed. It contains a unique identifier/token (36 characters sequence) to authenticate the installed device directly with your workspace.

Warning: Never share your installer with the public! For security reasons, it is advisable to always set an expiration date for your tokens.

Installation tokens and default protection policies

By default, newly installed devices are added to the ‘New computers’ protection policy group in your workspace.

If you require them to be added to a different policy group, please navigate to the protection policy settings and create an additional installation token at the right side in the panel. All devices installed or connected via the custom installer of that policy group will then be added to that policy group instead of the default group.

Manual connection via command line

If you have a larger number of already installed endpoints (e.g. managed by Emsisoft Enterprise Console) and would like to automatically connect them to your workspace, you may use the following command line parameters to initiate the connection:

%ProgramFiles%\Emsisoft Anti-Malware\a2start.exe /applytoken=<installtoken>

<installtoken>: Your custom installation token can be obtained from the ‘New computers’ protection policy group.

Mass deployment via GPO

Please see our guide:
Deployment via Group Policy on Windows Servers/Active Directory

Apply a license to a workspace

When creating a new workspace, the first device that gets added automatically activates a free trial license. You can add multiple devices during the trial period.

To switch to a full version license, go to the Workspace Settings panel and click the ‘Apply license key’ link. Once confirmed, your license will be deployed to all your devices.

Invite users to your workspaces

As a Primary Owner or Workspace Admin you can invite additional users and assign them different user roles. Go to the Workspace Settings panel and click the ‘Invite a user’ button to send an invitation by email.

If the invited user doesn’t yet have an Emsisoft user account, the user will be guided through sign up first.

User roles

Billing Contact Protection Manager Workspace Admin Primary Workspace Owner
Devices X X X
Policies X X X
Reports/logs X X X
Licensing X X X
Edit users X X
Change owner X

 

All user and partner permissions explained in detail.

Primary Workspace Owner

Is the legal owner of the workspace and responsible for all activities within a workspace. Has full access to everything and can re-assign ownership to another user.

Typical use case: The buyer of the license.

Workspace Admin

Has full access to your workspace and can view/edit all devices, policies, alerts, logs, reports, users and the license of your workspace. Workspace Admins can change all user permissions except those of the Primary Workspace Owner.

Typical use case: An organization has multiple full-access administrators to share management tasks of the workspace.

Protection Manager

Can view/edit all devices, policies, alerts, logs, reports, but can’t change the workspace settings such as user roles and licensing.

Typical use case: A trusted third party who has more experience with security software manages the protection for the workspace, i.e. an IT professional or the ‘computer geek’ in the family.

Billing Contact

Is responsible for license payments. Can view/edit license information, but doesn’t have access to devices or other workspace settings.

The billing contact receives license renewal reminders from us.

Typical use case: A managed service provider (MSP) or reseller who sells the malware protection in a bundle with other services, i.e. general computer maintenance services.

Workspace overview: Protection status of your devices

Select any of your workspaces in your Workspaces Dashboard to see all connected devices in that workspace. The table provides a quick overview of what’s going on in your environment and will signal issues printed in red.

Pay special attention to the Protection Status and Last Update columns, as they indicate potential issues that may affect your security.

The column ‘Protection Policy’ tells you which device settings policy currently applies to a particular device. Special tags, e.g. [5 edits], indicate how many custom settings were made on the device that deviate from the assigned group policy settings.

‘Last User’ and ‘User Policy’ indicate which user is currently (or was last) logged on at the device and which permission policy applies.

The last column provides a menu with 3 vertical dots with shortcuts to common tasks such as malware scans, or to edit the device settings.

Tip: Hover your workspace name on the left side menu and you’ll see a little pin icon. Click that to pin your workspace permanently to your menu for quick access.

Edit global protection policies for groups of devices

We recommend the use of device groups that reflect your internal organization structure, e.g. your marketing team may require to exclude specific work related programs from protection for best performance; or your customer support team may require silent operation of the Emsisoft protection to avoid any kind of popups during work.

Instead of changing the configuration for each device individually, you can save a lot of time by simply creating groups and applying specific settings either globally or for selected sub-groups, as required.

The ‘Protection Policies’ panel allows you to edit and re-arrange the hierarchy of groups on the left, and modify the policy settings of the selected group on the right.

Protection Policies with all software settings 

The panel includes all software settings as they are displayed on the endpoint. Additionally, you can modify some customization properties, e.g. to hide news popups or to redirect the purchase links to a custom website. See ‘UI Customization‘ settings.

Policy groups with inheritance

The highest hierarchy is always your Workspace root group. Any changes you apply there will automatically be inherited to all sub-groups. Click ‘Add’ and drag&drop a group to the desired hierarchy level.

Assign devices to groups

Click on the policy group on the right top to see all devices in the selected group. Drag&drop a device to a different group to re-assign the device.

Newly added devices will automatically be added to the ‘New computers’ group that comes with more restricted default settings.

Modify group settings

Select a group on the left to see all protection settings on the right.

Note that all settings that are different to the next higher hierarchy have a have a blue circular arrow icon on the right. Click the blue circular arrow icon on the right to reset and to restore the inheritance of a particular setting. 

Settings are saved in real-time and typically applied to your devices within the minute.

Policy templates

Please see our Best practices for Managed Service Providers (MSPs) for details on applying policy templates to multiple workspace policies.

Edit local user permission policies for groups of devices

Like the Protection Policies you can define default permissions for user accounts. Select a permission group on the left to see the assigned users.

Users can either be local user accounts on your devices or Active Directory Domain users in your network. Click ‘Add user’ to specific a new user.

For simplification we recommend working with default groups though. The protection software on the endpoint can automatically assign permissions based on available local account permissions.

The permission groups in the Permission Policies in the Workspace reflect the Windows users like Admin, Non-Admin. So, the permissions group according to which user is logged in: Admin or Non-Admin

Default permissions:

Alternatively, you can change the default permissions to one of the following:

Receive infection notifications

Go to the bottom in settings on the left of the workspace to set up new notification triggers. When adding new notifications, you can select the real time protection components which you want to receive notifications from.

Device overview: Protection status and quick access

The content of the device overview panel matches what users see locally on those devices when they open the protection software.

See what the local user on the device sees. 

The first tile shows the current protection status. The background color of the tile provides basic information about potential issues:

The Device Health section provides a quick overview on security relevant parameters of the device. Add custom notes for future reference here.

The Device Details section displays general hard and software details.

Protection settings of a device

While it is strongly recommended to work with protection policies and groups, you can also change software settings on individual devices if required. Such changes override any inherited policies.

Once your edits are completely synchronized with the device (usually within the minute) they will show the number of edits (if that filter was selected) on the right of the actual device. Click on it to go to the settings of the device and click on the blue circular icon on the right to restore the inherited setting value.

Scan for malware

We recommend to run a manual malware scan right after installing the protection software, or at any time when you suspect an infection. It makes sure that the system hasn’t been compromised and the real-time protection components can reliably do their job.

The following scan types are available:

Manage quarantined objects

All findings of the on-demand scanner and the real-time protection are first put in quarantine instead of deleting them right away. That security measure allows to restore potentially wrongly detected objects later.

Emsisoft Anti-Malware automatically re-scans quarantined objects after each online update and offers to restore the data to its original location if it turns out the detection was wrong. You can run a manual quarantine re-scan at any time by hitting the ‘Re-scan all’ button on the right bottom corner.

If you suspect a wrong detection, tick the checkbox in front of the object in question and hit the ‘False detection’ button at the bottom. That submits the quarantined item to the Emsisoft Lab for further investigation.

Select an object and click ‘Restore’ to get the file and its settings restored to their original locations. By clicking ‘Delete’ the data will be permanently removed and can not be restored any longer.

Logs of a device

Emsisoft protection software logs a number of events, such as the date and time of online updates, malware scans, real-time protection alerts, and more. Use those logs to investigate issues or to verify proper use of the software.

Password protection

By default, local machine Windows administrator logins have full access. To restrict this, changes need to take place in two places in Emsisoft Management Console:

  1. Select one of the permission policy groups to use, or click the “workspace” permission policy group and then click “new group” to create a permissions policy restricting access to the level desired.
  2. Add any users required to this policy by clicking : Add user. 
  3. Move users from one to another group by clicking on the 3 vertical dots to the right of the user listed. 
  4. Create or use a pre-existing protection policy in the same way, with an administrator password enabled. Add any computers required to this protection policy.

It is recommended to create an administrator password and restrict permissions on the workspace level as described in step 1 above rather than in protection policies nested within the workspace. Move users or computers to less restricted permission and policy groups from there as needed.

The endpoint(s) must be restarted for this to take effect completely. Permissions are applied only during initial connection of Emsisoft Anti-Malware to Emsisoft Management Console when the program starts.

Exit mobile version