G DATA 365 | MXDR

Endpoints

Endpoints are all devices on which an G DATA Agent is installed. This can be, for example, a laptop, desktop PC, server or a virtual machine. Currently, devices running Microsoft Windows are supported.

In the G DATA Web Portal under "Endpoints" you will find a list of all endpoints that have already connected to our G DATA Web Portal backend and have not been deleted.

Filter options

The list can be filtered by organisation unit (see screenshot).

Endpoint list

In the row of each endpoint, you can see at a glance the name of the endpoint, its status, when the G DATA Agent was last seen by the G DATA Cloud Backend, the version of the installed agent, the tag you have assigned and the organisation unit in which the endpoint is located.

These states are possible

Agent installed
The G DATA Agent is installed on the endpoint.

Uninstallation planned
The uninstallation of the agent has been marked for this endpoint, but has not yet been started or carried out. The endpoint was not yet accessible.

No agent installed
If this status is displayed, the endpoint agent has been uninstalled but not removed from the list.

Click on this row to open the detail window.

Move To

At this point authorized users can move the endpoint to another organization unit.

Tag

It is possible select predefined tags or to assign tags of your choice to each endpoint. This can be, for example, the name of the employee who owns this device. Or you want to indicate that this endpoint has a specific function (e.g. cash register systems, control units or similar).
The tags we have predefined are ClientOS, ServerOS and Critical.

Systems that are tagged Critical are prioritized. This tag should therefore be be assigned with consideration.

To create a tag, click on Add description… (→ 1).

Create tag

If tags have already been assigned, the Add description… label is no longer displayed. If you want to create another tag, click in the line with the assigned tags.

Click on the X to delete a tag (→ 2). It is important that you save your entries with the blue save icon (→ 3) to have the tags persisted.

Agent configuration

This section is for your information. Changes can only be made here by our G DATA Security Operations Team.

These points are activated by default. Both the immediate stopping of malicious code and the analysis by our G DATA Security Analysts are a prerequisite for a prompt and effective response to prevent damage from a security incident.

At product launch before onboarding, a precise list was drawn up with our {secoperation team} as to which of your systems we exclude from the agent’s response or from analysis by our G DATA Security Analysts. This was done after a precise risk analysis.

If you have any change requests for individual endpoints during operation, please contact our G DATA Security Operations Team.

You can use the "Pause agent (15 minutes)" button to prevent work from being blocked for 15 minutes if the scan process detects anomalies on the endpoint.

Please note that scanning processes will continue to be carried out. Findings are logged during this time and only the work on the endpoint is not directly interrupted. The function is not to be used for performance purposes.

Exclusions

This section is for your information. Changes can only be made here by our G DATA Security Operations Team.

If technical problems occur that you suspect are related to our agent, it is not necessary to define exclusions. Contact us in this case and we will check and rectify the problems as quickly as possible.

Uninstall Agent

At this point you can use the uninstall the agent and remove the endpoint from the list. Endpoints on which an installed agent is still running cannot be removed from the list.

Benachrichtigung bei Funden auf den Endpunkten

It is possible to activate notifications on endpoints where the agent is installed in case of detections on the respective system. They are displayed via the Windows notifications and help users understand why an application is blocked.

You can activate these notifications via the role administration or via the detail view of the organisation units.