Understanding How Processes and Services Affect Desktop Security

Endpoint Security

Over the past few weeks, I have written about how Secure DX enhances the digital employee experience by providing IT teams with an easy-to-use solution that helps continuously improve their endpoint devices’ security posture and reduce risk through autonomous detection and remediation of vulnerabilities and weak security configurations. Those blogs have been users’ perspectives of Secure DX; in this blog, I want to take you deeper down into Secure DX and talk about the process and services that Secure DX uses.

This blog does not pertain to most Secure DX users, but it was designed for Level 3 IT folks and others who need to understand its underlying machinations better.

Installing the Secure DX Agent

As a quick overview, let’s go over the Secure DX agent. The agent collects data from the devices and initiates remediation. Secure DX requires that the Edge DX be installed on a device as well as a separate Secure DX agent.

To enable your device to use Secure DX and install the agent, go to the Secure DX dashboard and click the Configuration icon in the upper right. This will display all the DX devices eligible for Secure DX.

Figure 1: Agent Installation

From this dashboard, on the right side of each row, you can install the agent on individual machines or use the checkbox on the far left to install it on multiple devices.

Once the agent deployment process is instantiated, it will run in the background.

The Secure DX agent is installed using the ControlUp (Edge DX) Agent Manager. The Agent Manager will directly pull the Secure DX agent from ControlUp and install it on the Windows machine.
After the Secure DX agent has been deployed, you can select a predefined template to start your journey to securing your device. You can schedule the time for scanning or remediation processes at this time as well. For more information on how to do this, see my previous blogs on Secure DX.

The Secure DX agent process consumes around 300 MB of memory during the initial scan and remediation phase. When the task is finished, the memory consumption decreases to about 15 MB.

Verify that the Secure DX Agent Service is Installed and Running

Secure DX has an agent service and a process. If you have issues with Secure DX, you should verify that these are running. You can view these using the Task Manager.

 

Figure 2 – Secure DX Processes

If these are not seen, you can verify that the agent is installed and operational by looking at the installed programs on your device and verifying that you have the ControlUp agent manager, Edge DX, and Secure DX agents installed. If these are not installed, you will need to install them.

Figure 3 – Verifying Agent is Installed

Verify that the services are running.

Secure DX requires three ControlUp services to be running: Agent Manager, Secure DX Agent, and ControlUp SIP Agent (Edge DX agent).

You can use Windows Services to verify that these are running.

Figure 4 – Services

All three of these should show a running status and a startup type of automatic. If these are shown but not running, you can right-click them and start them.

Sometimes, it is more convenient to verify these from the command line. You can use PowerShell to accomplish this.

To use PowerShell to verify that the Edge DX (SIP) service is running, enter get-service “*ControlUp*”. Both should have a status of running.

Figure 5 – Viewing Service Using PowerShell

To verify that the Secure DX Agent Manager is running, enter get-service “* CUPSRMA *”. It should have a status of running.

Figure 6 Viewing Status of Secure DX Service

If a service is not running, you can start it by using Start-Service. If the service is shown as running but you are still having issues with it, you can try restarting it using Restart-Service.

Where the Files and Logs Are Kept

To verify that the Secure DX files are installed, navigate to C:\Program Files\ControlUp\SRM\. You should see multiple files in this location. The logs directory is also located here.

Figure 7 – Log Location

To verify that the Edge DX files are available, navigate to C:\Program Files\Avacee\sip_agent\.

Figure 8 – File Location

Although this was a short article, hopefully, it gave you a little bit more insight into the process, services, and files that Secure DX needs to operate so it can enhance the digital employee experience by providing your IT team with a solution that helps continuously improve their endpoint devices’ security posture and reduce risk through autonomous detection and remediation of vulnerabilities and weak security configurations.

For more information on Secure DX or any of our other award-winning products or to schedule a personal demo, click here.

 

Trentent Tye

Trentent Tye, a Tech Person of Interest, is based out of Canada and its many, many feet of snow. FUN FACT: Trentent came to ControlUp because, as a former customer, the product impacted his life in so many positive ways—from reducing stress, time to remediation, increased job satisfaction, and more—he had to be our evangelist. Now an integral part of ControlUp’s Product Marketing Team, he educates our customers, pours his heart and soul into the product, and generally makes ControlUp a better place. Trentent recently moved to be closer to family. He does not recommend moving during a pandemic.