Over the past few weeks, I have written about how ControlUp for Compliance enhances the digital employee experience by providing IT teams with an easy-to-use solution that helps continuously improve their endpoint devices’ security posture and reduce risk through autonomous detection and remediation of vulnerabilities and weak security configurations. Those blogs have been users’ perspectives of ControlUp for Compliance; in this blog, I want to take you deeper down into ControlUp for Compliance and talk about the process and services that ControlUp for Compliance uses.
This blog does not pertain to most ControlUp for Compliance users, but it was designed for Level 3 IT folks and others who need to understand its underlying machinations better.
Installing the ControlUp for Compliance Agent
As a quick overview, let’s go over the ControlUp for Compliance agent. The agent collects data from the devices and initiates remediation. ControlUp for Compliance requires that the Edge DX be installed on a device as well as a separate ControlUp for Compliance agent.
To enable your device to use ControlUp for Compliance and install the agent, go to the ControlUp for Compliance dashboard and click the Configuration icon in the upper right. This will display all the DX devices eligible for ControlUp for Compliance.
From this dashboard, on the right side of each row, you can install the agent on individual machines or use the checkbox on the far left to install it on multiple devices.
Once the agent deployment process is instantiated, it will run in the background.
The ControlUp for Compliance agent is installed using the ControlUp (Edge DX) Agent Manager. The Agent Manager will directly pull the ControlUp for Compliance agent from ControlUp and install it on the Windows machine.
After the ControlUp for Compliance agent has been deployed, you can select a predefined template to start your journey to securing your device. You can schedule the time for scanning or remediation processes at this time as well. For more information on how to do this, see my previous blogs on ControlUp for Compliance.
The ControlUp for Compliance agent process consumes around 300 MB of memory during the initial scan and remediation phase. When the task is finished, the memory consumption decreases to about 15 MB.
Verify that the ControlUp for Compliance Agent Service is Installed and Running
ControlUp for Compliance has an agent service and a process. If you have issues with ControlUp for Compliance, you should verify that these are running. You can view these using the Task Manager.
If these are not seen, you can verify that the agent is installed and operational by looking at the installed programs on your device and verifying that you have the ControlUp agent manager, Edge DX, and ControlUp for Compliance agents installed. If these are not installed, you will need to install them.
Verify that the services are running.
ControlUp for Compliance requires three ControlUp services to be running: Agent Manager, ControlUp for Compliance Agent, and ControlUp SIP Agent (Edge DX agent).
You can use Windows Services to verify that these are running.
All three of these should show a running status and a startup type of automatic. If these are shown but not running, you can right-click them and start them.
Sometimes, it is more convenient to verify these from the command line. You can use PowerShell to accomplish this.
To use PowerShell to verify that the Edge DX (SIP) service is running, enter get-service “*ControlUp*”. Both should have a status of running.
To verify that the ControlUp for Compliance Agent Manager is running, enter get-service “* CUPSRMA *”. It should have a status of running.
If a service is not running, you can start it by using Start-Service. If the service is shown as running but you are still having issues with it, you can try restarting it using Restart-Service.
Where the Files and Logs Are Kept
To verify that the ControlUp for Compliance files are installed, navigate to C:\Program Files\ControlUp\SRM\. You should see multiple files in this location. The logs directory is also located here.
To verify that the Edge DX files are available, navigate to C:\Program Files\Avacee\sip_agent\.
Although this was a short article, hopefully, it gave you a little bit more insight into the process, services, and files that ControlUp for Compliance needs to operate so it can enhance the digital employee experience by providing your IT team with a solution that helps continuously improve their endpoint devices’ security posture and reduce risk through autonomous detection and remediation of vulnerabilities and weak security configurations.
For more information on ControlUp for Compliance or any of our other award-winning products or to schedule a personal demo, hier klicken.
