Presentation is loading. Please wait.

Presentation is loading. Please wait.

DAY ONE AFTERNOON Kaseya Essentials Bootcamp Kaseya University

Published byChristopher Floyd Modified over 8 years ago

Similar presentations

Presentation on theme: "DAY ONE AFTERNOON Kaseya Essentials Bootcamp Kaseya University"— Presentation transcript:

1 DAY ONE AFTERNOON Kaseya Essentials Bootcamp Kaseya University
Developed by Kaseya University Show all machines 5 labs have agents installed. Go through one lab thoroughly. Powered by IT Scholars Kaseya Version 6.2 Last updated on Jan. 24, 2012

2 Roadmap! Monday, Day One Morning Monday, Day One Morning
Overview System Architecture Agents Monday, Day One Afternoon LAB Review Agent Template and Policy Management Concepts Audit Patch Management Tuesday, Day Two Morning Monitor Ticketing Monday, Day One Morning Overview System Architecture Agents Monday, Day One Afternoon LAB Review Agent Template and Policy Management Concepts Audit Patch Management Tuesday, Day Two Morning Monitor Ticketing Tuesday, Day Two Afternoon LAB Review Agent Procedures Remote Control Live Connect Friday, Day Three Morning Agent Template vs. Policy Management System Info Center

3 LAB REVIEW

4 Org & Machine Groups Screenshot taken after Part1

5 Agent Deployment Packages Screenshot taken after Part3

6 AD Users Screenshot taken after Part3

7 AD Machines Screenshot taken after Part3

8 LAN Watch Screenshot taken after Part3

9 Agent Status Screenshot taken after Part3

10 Agent Icon in System Tray Screenshots taken after Part3

11

12 Views: Windows 2003 Server Screenshot taken after Part4

13 Views: XP Screenshot taken after Part4

14 Agent Menu Screenshot taken after Part5

15 Application Blocker Screenshot taken after Part6

16 Agent Log Report Screenshot taken after Part7

17 AUDIT

18 Three Types of Audits Baseline Audit System Audit Latest Audit
The Baseline Audit captures the configuration of the system in a known working state. System Audit The System Info captures the system’s information that will rarely change (i.e., processor, disk drive, memory, etc.). Latest Audit Latest Audit captures the most up-to-date configuration of the system and you will configure it to audit changes made to the machine on a daily basis.

19 AUDIT Baseline Audit and System Info should be executed only once.
Baseline Audit, System Info, and Latest Audit are done by default when an AGENT is installed on a machine. Future Topic - Use Policy Management Module to schedule the LATEST AUDIT for a specific Organization or Machine Group.

20 AUDIT Assumption Tasks The auditing has been completed and scheduled
View the audit information of the computers

21 View Audit View all the tabs under the two groups, View Group Data and View Individual Data. Note what type of information can be obtained through audit and what it can be used for future applications.

22 Audit Summary View Audit Information. Audit Summary
Provides a view of the data returned by audits of machines. Configure Column Sets Create NEW Column Sets

23 Revisit Machine Views Views (Machine Views)
Review Imported Views from the IT Service Delivery Kit. Review specific Machine Views

24 Review Inventory Information
Perform an Inventory Data Walkthrough Machine Summary System Information Installed Applications All Executable Files Add/Remove programs Note the Uninstall String for each Application Software Licenses Documents

25 Agent Template vs. Policy Management

26 Benefits of Agent Templates
Consistency of Service delivery Standard Practice Kaseya Agent Basic Configurations is pushed during initial Kaseya Agent Installation NOTES to PS / Course Contributor: Standard practice: What templates do you normally create in a BC? The basic ones, e.g. Base, Wkst, Server? More detailed ones: Win2008, Exchange2003, Exch2007, SQL, etc?

27 Benefits of Policy Management
Consistency of Service delivery Standard Practice Ensure distributed systems are in Compliance with IT policies Simplify the application and management of policies based on Organizations or Machine Groups. NOTES to PS / Course Contributor: Standard practice: What templates do you normally create in a BC? The basic ones, e.g. Base, Wkst, Server? More detailed ones: Win2008, Exchange2003, Exch2007, SQL, etc?

28 Agent Template vs. Policy management
Agent Template will push agent configuration settings during initial Kaseya Agent Installation Policy Management will ensure that Agents will follow certain Agent Policies. Allow for simplified policy enforcement across distributed organizations. STAY TUNED….. NOTES to PS / Course Contributor: Standard practice: What templates do you normally create in a BC? The basic ones, e.g. Base, Wkst, Server? More detailed ones: Win2008, Exchange2003, Exch2007, SQL, etc?

29 Agent Templates Settings
Agent settings are copied during installation of Kaseya Agent Agent Deployment Package can reference an Agent Template

30 Agent Settings Menu options Credentials Working Directory
Check-in Control Other options Audit Scan / Patch Scan Event Log Settings Agent – Alerts Monitor Sets Agent Procedures

31 LAB Assumptions In the next few months a large number of computers will be added to your environment You figured that there are only three type of machines in your environment Tasks Develop three customized agent templates that incorporate the required agent settings for machines with similar roles Instructional lab computers Guest computers Servers

32 A Group for Agent Templates
Create a machine group for templates, called “Templates”. Open the System module. Go to Orgs / Groups / Depts > Manage. Verify if the Organization “FIU-<USERNAME>” is checked. Click on Machine Group on the right hand side of the module. Click on New.

33 A Group for Agent Templates
Create a group by typing its name “Templates” under Machine Group Name. Click Save.

34 Creating Agent Templates
Create three agent templates: “Server”, “Instructional”, and “Guest” Open the Agent module. Go to Install Agents > Create. Type in “Server” in the textbox under New Machine ID. Select “Templates” under the Group ID textbox. Click on Create. Repeat steps 6-9 for the “InstructionalTemplate” and “GuestTemplate”.

35 Note An agent template will have an orange square icon   to emphasize the fact that the agent template will never be installed on a computer. Its sole purpose is to provide additional customized settings for agents with similar roles so that such setting can be added to the settings of already deployed agents or be used as part of an agent package.

36 LAB Assist Review Steps Watch the Video demonstration
Watch the Interactive demo Practice on your Virtual Lab This and the following two slides are just to make sure that instructor has demonstrated the steps on his/her own virtual lab and the students had a chance to practice the same steps using the interactive videos and/or their own virtual labs.

37 PATCH MANAGEMENT

38 Patch Management Patch Scan Patch Policy File Source Reboot Action Patch Update

39 Background Story At this time, operating system patches are applied on an individual basis. An organized and closely monitored method is needed to facilitate and monitor distribution and application of all necessary patches to the managed computers. Kaseya's Patch Management module allows you to accomplish all these tasks and monitor patch activities.

40 Exercises Implement policies that will keep the computers updated and avoid potential security risks by having non-patched computers within the environment. Set up Kaseya to scan all the computers to allow the VSA to keep a detailed record as to which patches have been installed. Configure Kaseya to download the patches from one central server to save bandwidth and decrease redundant network traffic. Initial Step is to run a Patch Scan to make sure you have data for the walkthrough.

41 LAB Tasks To keep an accurate record of all the patches installed on each computer, it would be best to schedule a scan, through Kaseya's VSA, to all the computers. While this is not a heavy process, it would still be best to schedule the scan during a time when the computer is otherwise idle.

42 Patch Scan Using Scan Machine, schedule a scan to run every day at 3:00am on all the agent templates. Open the Patch Management module. Go to Manage Machines > Scan Machine.

43 Patch Scan Go to Manage Machines > Scan Machine.

44 Patch Scan Select all the agent templates.
Click on the Schedule button.

45 Patch Scan Set the scan to run Daily at 3:00am with a Distribution window of 1 hour. Click on Submit.

46 LAB Assist Review Steps Watch the Video demonstration (Step 1)
Watch the Interactive demo (Step 2) Practice on your Virtual Lab (Step 3) This and the following two slides are just to make sure that instructor has demonstrated the steps on his/her own virtual lab and the students had a chance to practice the same steps using the interactive videos and/or their own virtual labs.

47 LAB Background information Tasks
Policies are like templates in which you can approve/deny a group of patches, or an individual patch. Tasks Create two policies One for all the XP machines One for the Windows 2003 Server machines The policies should automatically apply All Security Updates approved on all machines All optional updates pending approval.

48 Note We create W2K3 and XP templates.
If there were Windows 2008 servers or other servers in the environment, it would be better to name the policy for all the Windows servers as just "Servers” By the same token, if the were other workstations in the environment, it would be better to name the policy for all the workstations as just "Workstations".

49 Creating Patch Policy for W2K3
Create a patch policy, W2K3-PM-Policy-<USERNAME> Set it to apply all future Security Updates by default. Everything else should be set to Pending Approval. Use a filter to deny patches that are optional and have not been superseded by other updates.

50 Creating Patch Policy for W2K3
Go to Patch Management > Patch Policy > Create/Delete. Type “W2K3-PM-Policy-<USERNAME>” for the policy name. Click on Create.

51 Creating Patch Policy for W2K3
Go to Patch Policy > Approval by Policy. Select “W2K3-PM-Policy-<USERNAME>” under the Policy dropdown list. Click on the green checkmark for all the Security Update rows. The Green checkmark is under the column Default Approval Status. Make sure the other rows’ Default Approval Status is set to Pending Approval. Click on Total at the bottom of the table. A new page will load up.

52 Creating Patch Policy for W2K3

53 Creating Patch Policy for W2K3
Click on Filter... A new window will open up.

54 Creating Patch Policy for W2K3
Select Optional Updates from the Classification / Type dropdown. Select Not Superseded from the Superseded dropdown. Click on Apply

55 Creating Patch Policy for W2K3
Click on Select All. Click on Deny.

56 Creating Patch Policy for XP
A patch policy, XP-PM-Policy-<USERNAME> Set it to all future Security Updates by default Everything else should be set to Pending Approval.

57 Creating Patch Policy for XP
Go to Patch Management > Patch Policy > Create/Delete. Type “XP-PM-Policy-<USERNAME>” for the policy name. Click on Create.

58 Creating Patch Policy for XP
Select “XP-PM-Policy-<USERNAME>” under the Policy dropdown list. Click on the green checkmark for all the Security Update rows.. Set the other rows’ Default Approval Status to Pending Approval.

59 Creating Patch Policy for XP
Approve all Security Updates for all patch policies.  Go to Patch Management > Patch Policy > Approve By Patch. Click on Edit next to Patch View. A new window will open up.

60 Creating Patch Policy for XP
Select All Security Updates (High Priority) from the Classification / Type dropdown. Select Not Superseded from the Superseded dropdown. Type “<USERNAME> Patch View” in the View Name textbox. Click on Save.

61 Creating Patch Policy for XP
Click on Select All. Click on Approve.

62 Patch Policy Policy / Group By Views Classification vs. Product Views
Note: Between the two views the Default Approval Status is determined by: Highest Lowest Denied Pending Approved Approval

63 LAB Background information Tasks
Downloading all the patches to a file server and distributing it to all the machines on network will allow you to save bandwidth. Tasks Configure all the templates to pull from the file server using the UNC path “\\dc\PatchTemp” Set the patch directory to “C:\PatchTemp” on the dc If the computer cannot access DC, it should then download from the internet.

64 Setting Patch File Source
Using File Source set up all the machines so that they download their updates from the DC. If the DC is unreachable, the machine should then download it from the Internet. The UNC path should be “\\dc\PatchTemp” while the local directory should be “C:\PatchTemp”.  Open the Patch Management module. Go to Configure > File Source. Select all the agent templates. Select Pulled from file server using UNC path. Type “\\dc\PatchTemp” next to Pulled from file server using UNC path. Select “fiu-<USERNAME>.mr” next to Machine Group Filter. Select “dc.mr.fiu-<USERNAME>” next to File share located on. Type in “C:\PatchTemp” next to in local directory. Select the Download from Internet if machine is unable to connect to the file server checkbox..Click on Apply.

65 Setting Patch File Source

66 LAB Background Information Tasks
Certain updates require the Windows OS to restart to finish installation. Tasks Set up the XP machines so that they restart only when a user is not online. For servers, set up an notification so that you can plan the restart and notify in advance the users of the server maintenance.

67 Setting Reboot Action Use Reboot Action to set the Guest and Instructor templates to Skip reboot if user logged in immediately after applying new patches and updates. Then, set the Server template to notify you immediately, via , when a reboot is required after applying new patches and updates.  Open the Patch Management module. Go to Configure > Reboot Action. Select the Guest and Instructor templates. Click on Skip reboot if user logged in. Click on Apply. Repeat steps for the Server template. Set the Server template to send the reboot notification to your personal . Why do we need to change the Server Template Reboot Action from the default Skip reboot if user logged in?

68 Setting Reboot Action

69 Note Setting to skip reboot means it may take longer for the patch to take effect, thus increasing the risk of vulnerability. The instructional computers are set to reboot at night automatically after an install, since no user work at night and we do not worry about losing open files. However if the target machines were end user machines, the best policy would be to set the workstations to "ask" and reboot if not logged in. The KaUsrTsk.exe is the application that determines whether a user is logged in or not.  

70 LAB Assumptions Tasks We have setup the patch policies to our liking.
We need to setup Kaseya to apply the patches automatically to the machines.

71 Applying Patch Policies
Go to Patch Management > Manage Machines > Automatic Update.

72 Applying Patch Policies
Select all the template agents in the list

73 Applying Patch Policies
Click on Schedule

74 Applying Patch Policies
Click on Daily Set the run time to 5:00 AM with a distribution window of 1 hour. Click on Submit

75 LAB Assumptions All three agents templates contain all the patch management settings. Tasks Push the settings captured in the templates to all the currently deployed agents with the similar roles.

76 Copy Settings Copy the settings from the templates to the specified computers on the network. Server template will be used for the MR building. Instructional template will be used for the SCIS and CEC buildings. Guest template will be used for the GL building.

77 Copy Settings Open the Agent module. Go to Configure Agents > Copy Settings. Click on select machine ID link and a new window will open up.

78 Copy Settings Select “fiu-<USERNAME>.templates”.
Click on “Server” from the list of templates shown.

79 Copy Settings Select All under Do Not Copy, Replace for Patch Settings, Patch File Source and Patch Policy Memberships, Agent Procedure Schedules.

80 Copy Settings Note: When you have a schedule in Agent Procedures activity on an agent template, you need to make sure Agent Procedure Schedules is selected in copy settings. Select all the computers in the MR building and click on the Copy button. Repeat steps for the Instructional and Guest templates.

81 LAB Background Information Tasks
Windows Automatic Update can interfere with the functionality of Kaseya's Patch Management and must be disabled. While Kaseya allows you to disable Windows Automatic Update from within the Patch Management module this option cannot be implemented in a template and must be implemented by selecting agents that check in. Tasks Disable Windows Automatic Update for all computers.

82 Disabling Windows Auto Update
Open the Patch Management module. Go to Configure > Windows Auto Update. Select all the computers. Select Disable – Disable Windows automatic Update to let patch management control system patching. Click on Apply.

83 Note If the checkboxes are missing, please wait 5-10 minutes and refresh the page as the Patch Scan is not completed yet. Checkboxes will not display for any machine that either has an operating system that does not support Windows Automatic Updates, or for which an initial Scan Machine has not been completed.

84 LAB Assumptions Microsoft has released a new KB article and it entails a new version of Internet Explorer; however, management has asked you not to install it and to prevent future installations of it via Windows Updates. Tasks Use KB Override to accomplish this task since it will override all current patch policies and future patches. KB article (KB944036) for IE8.

85 Denying a Patch Globally
Prevent Internet Explorer from installing by using KB Override.  Go to Patch Management > Patch Policy > KB Override. Type in “944036” in the KB Article textbox. Click Deny.

86 Initial Update One Time Patch Update
Initial Update will complete a patch update process on machines NOTE: All patches that are approved will be installed. If no Patch Policy is assigned all patches will be installed NOTE: It will automatically reboot the machines without any warning.

87 Roadmap! Monday, Day One Morning Monday, Day One Morning
Overview System Architecture Agents Monday, Day One Afternoon LAB Review Agent Template and Policy Management Concepts Audit Patch Management Tuesday, Day Two Morning Monitor Ticketing Monday, Day One Morning Overview System Architecture Agents Monday, Day One Afternoon LAB Review Agent Template and Policy Management Concepts Audit Patch Management Tuesday, Day Two Morning Monitor Ticketing Tuesday, Day Two Afternoon LAB Review Agent Procedures Remote Control Live Connect Friday, Day Three Morning Agent Template vs. Policy Management System Info Center

88 The End!

Download ppt "DAY ONE AFTERNOON Kaseya Essentials Bootcamp Kaseya University"

Similar presentations

ESafe Reporter V3.0 eSafe Learning and Certification Program February 2007.

ESafe Reporter V3.0 eSafe Learning and Certification Program February 2007.
VMWare Workstation Installation. Starting Vmware Workstation Go to the start menu and start the VMware Workstation program. *Note: The following instructions.

VMWare Workstation Installation. Starting Vmware Workstation Go to the start menu and start the VMware Workstation program. *Note: The following instructions.
How to use a scanner Throughout this slide show there will be hyperlinks (highlighted in blue) follow the hyperlinks to navigate to the specified Topic.

How to use a scanner Throughout this slide show there will be hyperlinks (highlighted in blue) follow the hyperlinks to navigate to the specified Topic.
NetAcumen ActiveX Download Instructions

NetAcumen ActiveX Download Instructions
System Center Configuration Manager Push Software By, Teresa Behm.

System Center Configuration Manager Push Software By, Teresa Behm.
Installing SAS 9.3 Raymond R. Balise Health Research and Policy.

Installing SAS 9.3 Raymond R. Balise Health Research and Policy.
Installing SAS 9.3 Raymond R. Balise Health Research and Policy.

Installing SAS 9.3 Raymond R. Balise Health Research and Policy.
11.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

11.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
Hands-On Microsoft Windows Server 2003 Networking Chapter 7 Windows Internet Naming Service.

Hands-On Microsoft Windows Server 2003 Networking Chapter 7 Windows Internet Naming Service.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.
Kaseya Fundamentals Workshop

Kaseya Fundamentals Workshop
Maintaining and Updating Windows Server 2008

Maintaining and Updating Windows Server 2008
Administrator’s Guide

Administrator’s Guide
VMWare Workstation Installation. Starting Vmware Workstation Go to the start menu and start the VMware Workstation program. *Note: The following instructions.

VMWare Workstation Installation. Starting Vmware Workstation Go to the start menu and start the VMware Workstation program. *Note: The following instructions.
Hands-On Microsoft Windows Server 2008 Chapter 11 Server and Network Monitoring.

Hands-On Microsoft Windows Server 2008 Chapter 11 Server and Network Monitoring.
11 MAINTAINING THE OPERATING SYSTEM Chapter 5. Chapter 5: MAINTAINING THE OPERATING SYSTEM2 CHAPTER OVERVIEW Understand the difference between service.

11 MAINTAINING THE OPERATING SYSTEM Chapter 5. Chapter 5: MAINTAINING THE OPERATING SYSTEM2 CHAPTER OVERVIEW Understand the difference between service.
SUS Services ECE Computer Facilities. SUS Services Software Update Services Microsoft Security And Critical Update Service Microsoft Security And Critical.

SUS Services ECE Computer Facilities. SUS Services Software Update Services Microsoft Security And Critical Update Service Microsoft Security And Critical.
16.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 16: Examining Software Update.

16.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 16: Examining Software Update.
11 MAINTAINING THE OPERATING SYSTEM Chapter 5. Chapter 5: MAINTAINING THE OPERATING SYSTEM2 CHAPTER OVERVIEW  Understand the difference between service.

11 MAINTAINING THE OPERATING SYSTEM Chapter 5. Chapter 5: MAINTAINING THE OPERATING SYSTEM2 CHAPTER OVERVIEW  Understand the difference between service.
VMWare Workstation Installation. Starting Vmware Workstation Go to the start menu and start the VMware Workstation program. *Note: The following instructions.

VMWare Workstation Installation. Starting Vmware Workstation Go to the start menu and start the VMware Workstation program. *Note: The following instructions.

Similar presentations

Ads by Google