G DATA 365 | MXDR

Guide for switching from G DATA Essentials to G DATA 365 | MXDR

To ensure a smooth transition from G DATA 365 Essentials to our new product G DATA 365 | MXDR for customers with a G5 service level, we would like to provide you with a guide to help you do this. This will enable you to carry out the upgrade the client software independently.

Explanations of terms

At this point, some explanations of the various setting options for configuring G DATA 365 | MXDR in the context of Prevent - Detect - Respond.

  • Prevent → Minimize vulnerabilities and prevent incidents.

  • Stop malicious code → By default, malicious code is stopped and, if possible, placed in quarantine. If this function is disabled on a system, malicious code will continue to be logged and analyzed by our analysts.

  • Learning mode (applies to service levels G7 and G5 for more than 50 seats) → "Stop malicious code" is deactivated for the first two weeks. Possible false alarms can be eliminated without negatively impacting production.

  • Risk: A known virus or risk-ware can be executed on the system and be used to gain data, access rights or escalate privileges.

Example of a classic antivirus solution: The software recognizes known malware and automatically puts it in quarantine.

  • Detect → Making incidents visible with sensors and detection patterns.

  • Exceptions → Certain applications or folders are no longer monitored.

  • Risk: A software can be exploited in the event of a security vulnerability, or a folder can be used to execute or distribute malicious content. Furthermore, the execution of the malicious content is not prevented and not monitored either.

Example: Our sensors not only detect malware, but also the behavior of attackers. Exceptions for entire drives therefore offer a large attack vector, as they cannot be seen by the agent.

  • Respond → Responding to incidents and limiting damage.

  • Response by Analysts → On systems where remote analysis & response is disabled, no response such as network disconnection or data queries are carried out. Analyst response is activated by default (24/7).

  • Risk: At the time in question, no decision can be made by G DATA and therefore an incident cannot be stopped / contained at the time it is detected. In such a case, G DATA sends a response recommendation to the customer, which can then only take place with a time delay.

Example: With authorized access, our analysts can respond to an incident even at three o’clock in the morning on a Sunday, without contacting you first and asking for approval or support.

Uninstalling existing G DATA Security Clients

To install the agents for G DATA 365 | MXDR, the old G DATA Security Clients must first be uninstalled. It is important that the system is restarted after this.

Uninstallation via G DATA Management Server

or a step-by-step instructions on uninstalling via the G DATA Management Server, please see the page Uninstalling Client via G DATA Management Server.

Uninstall the client (locally) with the setup or installation package

Every setup package you start on a client checks if a client is already installed or not. If a client is already installed and its version number is the same as the client you are trying to install, an uninstallation is suggested instead. Confirm the uninstallation prompt to remove all client software from your computer

The following setup packages can be used for this:

  • Setup of the client installation from our website.

  • Setup in the client installation directory: %ProgramData%\G Data\client.

  • Client installation package (see: Create an installation package).

A silent uninstallation (without graphical interface) can also be performed with the setup package. Information about the required parameters can be found on the Setup Parameters page.

Uninstall the client (locally) via G DATA AVCleaner

For a description of the AVCleaner tool and its uses, see G DATA AVCleaner.

After uninstalling the clients and before installing the new software, the system must be restarted!

Installation of the agent

After restarting the system, the agents for G DATA 365 | MXDR can be installed.

The agent is installed on Windows endpoints for individual installations via the command prompt. On a larger scale the agent can be rolled out by script via a group policy. Depending on the service level, our G DATA Security Operations Team will assist you if necessary.

You get the setup file from our G DATA Security Operations Team.

You have two options for installing the program using the installation file.

Installation with wizard via installation file

1.

Open the installation file and select the desired language.

Sprachauswahl

2.

Select Installation.

Installation auswählen

3.

Select a destination folder for the installation.

Ordnerwahl

4.

Enter the setup ID that you received from G DATA.

Eingabe Setup-ID

If there are already agents on endpoints in this organisation unit, authorized users can also view the setup ID in the G DATA Web Portal on the details page of an already installed endpoint.

Show screenshot
G DATA 365 | MXDR SetupID

5.

After entering the setup ID, the agent will be installed on the system.

1.

Open a command prompt with administrative permissions.

2.

Change to the directory in which the setup file is located.

3.

Start the setup with the following command:

[name_of_setup_file].exe /i /s /id=[????????-????-????-????????????]

Replace ????????-????-????-???????????? with your setup ID. This was given to you as part of the onboarding process by our G DATA Security Operations Team.

If there are already agents on endpoints in this organisation unit, authorized users can also view the setup ID in the G DATA Web Portal on the details page of an already installed endpoint.

Show screenshot
G DATA 365 | MXDR SetupID

4.

Confirm the command. The agent will now be installed on the system.

Documentation

You can find the online documentation for G DATA 365 | MXDR in our documentation hub. There you will find the documentation of all aspects of the G DATA Web Portal as well as of the administrative layer.

The documentation covers all aspects of G DATA 365 | MXDR; should some of the documented elements and features not be present in your version, this is probably due to the specific configuration of your product. Should you be interested in additional modules such as the integration of G DATA Mobile Device Management or other features, feel free to get in touch.