Remote Administration AVG 8.0 Remote Administration 1

Contents General Description AVG Admin Setup AVG Admin Server Deployment Wizard AVG Admin Server and Monitor AVG Network Installer Wizard AVG Admin Client AVG Admin Console New features

General Description New architecture – layers, communication protocol User Interface adjustments – intuitive, user-friendly, flexible layout Easy to understand terminology AVG 8.0 is not compatible with AVG Admin 7.5

Fundamental Components AVG Remote Administration Setup AVG Admin Server Deployment Wizard AVG Admin Server AVG Admin Server Monitor AVG Admin Console AVG Network Installer Wizard AVG Admin Client

AVG Admin Setup (I) Setup does not uninstall AVG Admin 7.5 Remote Administration 7.5 and 8.0 can run on one server Language localization Czech, English, German, French, Italian, Brazillian Portuguese Setup is not responsible for configuration Configuration is created by the Server Deployment Wizard

AVG Admin Setup (II) Program Location %programfiles%\AVG\AVG8Admin separate folder for each component Graphical reports Setup requires a valid license number

Image 1 – AVG 8.0 Remote Administration setup Installation - Type Image 1 – AVG 8.0 Remote Administration setup

Installation - Full Mode All components available: Admin Console Admin Server Graphical Reports Network Installer Wizard Documentation DataCenter role and UpdateProxy role

Installation – Module selection Image 2 – Selection of Remote Administration modules

Installation – Lite Mode Admin Lite server can only act in the UpdateProxy role Network Installer (hidden installation using a script) DataCenter and Admin Console are not available Recommended for small networks

Admin Server Deployment Wizard Initial configuration and later reconfiguration Allocation of AVG Remote Administration roles Scripts for DB creation or conversion to a higher version No initial configuration is created by default The Deployment Wizard has to be completed in order to make AVG 8.0 Remote Administration functional

Admin Server Deployment Wizard Image 3 – AVG Admin Server Deployment Wizard

Admin Server Deployment Wizard Image 4 – Current state of AVG Admin Server

DataCenter Configuration Database configuration Creation of new database Database backup and conversion Supported databases: Firebird MS SQL 2005 Express Edition (and MSDE) MS SQL Server 2000/2005 Oracle 10g

DataCenter Configuration Image 5 – DataCenter role configuration

UpdateProxy Configuration Define local folder for “mirrored” update files URL for local and public update servers Connection string to machine running Master DataCenter (if different) Local proxy server configuration Included also in Lite Mode configuration

UpdateProxy Configuration Image 6 – UpdateProxy role configuration

Image 7 – Deployment progress

AVG Admin Server (I) DataCenter role, UpdateProxy role, or both Completely new communication protocol Admin Server service is launched after computer startup listening on TCP port 4158 Admin Server can not process AVG 7.5 requests

AVG Admin Server (II) Configuration is stored in avgadmsv.ini file Initial configuration of the Admin Server is done by the Server Deployment Wizard Advanced configuration is available in the Admin Server Monitor Monitoring of new Remote Administration releases and self-update function

DataCenter Role (I) Admin Server is able to serve more clients simultaneously (performance) It is not possible to execute pure SQL queries for security reasons All trafic is encrypted with 192-bit Blowfish algoritm by default

DataCenter Role (II) 3rd party SQL API++ library for unique access to different DB systems using native drivers (ODBC drivers are not used) The same version of AVG 8.0 Remote Administration and AVG Data Center is required Database conversion to the higher version is reliable Generated conversion scripts, less human-written code

Communication Scheme

Communication Protocol All logic is moved from client to server All communication is handled by a set of commands initiated from the Admin Console or the AVG Client Priority management is implemented to control load peaks

Communication Ports 4158 – main port for communication between Client and Server, Console and Server 6051 – direct communication between Console and Client, configurable 6054 – direct communication between Console and Server, non-configurable, implemented collision detection

Central Event Management Event Templates Virus found on a station Station not communicating for more than N days Station is not up-to-date Subscription for specific events

UpdateProxy Role Download service with proxy-like behaviour Update distribution to the clients Lower Internet traffic Faster updating of stations Remote administration of UpdateProxy server

Update Scheme New update file downloading AVG Station User Update AVG station is receiving update files AVG Admin Server Update servers AVG station is asking for update files Is there the needed update file? AVG Station Downloaded update files User

Segmented Server Functionality The intention is to split Admin Server load on multiple hardware resources Admin Server functionality is segmented (DataCenter and UpdateProxy role) Each segment can be installed separately to facilitate performance optimization

AVG Admin Server Monitor (I) Configuration possibilities Change or verification of license number Modification of logging level Communication port (4158 by default) Password protection of Admin Server connection

Admin Server Monitor Settings Image 8 – Admin Server Monitor Settings: General

Admin Server Monitor Settings Image 9 – Admin Server Monitor Settings: DataCenter

AVG Admin Server Monitor (II) Configuration possibilities Local update files folder URL of public update servers Local proxy server configuration SMTP server and administrator‘s e-mail details

Admin Server Monitor Settings Image 10 – Admin Server Monitor Settings: UpdateProxy

HTML Status Page Easy access to AVG Admin Server details Test of Admin Server availability from the clients Overview of stations in an error state Information about server load Update download statistics

Image 11 – AVG Admin Report: HTML Status Page

AVG Network Installer Wizard (I) Creation of installation script Remote network installation Clear requirements for remote installation Remote AVG Uninstallation

AVG Network Installer Wizard (II) Automatic download of the latest installation package Detailed information about installation processes Retrieving installation log files from remote stations

Requirements – Operating system MS Windows 2000 with SP4 and SRP1 MS Windows 2003 Server with SP1 MS Windows XP Professional with SP2 MS Windows Vista MS Windows XP Home manual installation and start AVG Agent service is necessary

Requirements – Services & ports Ping ICMP type 0 – Incomming echo request File and printer sharing TCP ports 139, 445 and UDP ports 137, 138 Remote Procedure Call TCP and UDP ports 135 Communication on TCP port 6150

Network Installer – Method Image 12 – Choice of installation method

Network Installer – Basic No detailed settings Parameters needed for installation of AVG on stations Connection string to DataCenter 7 easy steps

Network Installer – Advanced Option for detailed settings of all installation parameters Includes logging level, AVG Agent service port, selection of components 10 easy steps

Network Installer – Components Image 13 – Remote AVG Installation: Step 3/10

Network Installer – Installation Image 14 – Remote AVG Installation: Step 9/10

Network Installer – Script mode Script serves as an AVG installation template Used for automatic installation on other stations in the network Options and components determinations

Network Installer – Script mode Image 15 – Installation script options

Network Installer – Lite Interface Image 16 – Creation of installation script only

AVG Admin Client (I) Represented by Remote Control Communication Library Responsible for synchronizing configuration of AVG 8.0 Client with the DataCenter

AVG Admin Client (II) Mandatory items are marked in the User Interface and can not be changed Remote Administration is not displayed in the list of components no error state alarm when the DataCenter is not accessible temporarily

AVG Admin Client Settings Image 17 – Remote Administration settings in Client

AVG Admin Console Modular User Interface Information about all stations Notification about new versions (clients and server) License Management Quick Help Windows (FAQ)

Image 18 – AVG Admin Console

Architecture (I) Designed for station administration only Pure monitoring mode for workstations is not implemented Mandatory values are forced onto the clients, non-mandatory values are read from the clients

Architecture (II) Client mode of configuration identical interface with Advanced settings on the client Admin mode of configuration plain list of values is displayed in each section

Station Identification By station name By station name and domain By station IP address By station MAC address Elimination of possible problems in less structured networks

Image 19 – Non-compliance conditions Non-compliance State Image 19 – Non-compliance conditions

Image 20 – Admin mode of Shared settings

User access restrictions Opening License Activate/Re-Activate dialog Opening the Virus Vault Deleting items from the Virus Vault Restoring files from the Virus Vault Opening the Advanced settings dialog Sending of bug reports

Firewall Management Monitoring of all firewall settings Mandatory flag can be set for single rules within the firewall configuration

Scan Result Options All Scan Results (positive and negative) Positive scan results with info or higher severity Positive scan results with warnings or higher severity Positive scan results with PUPs or higher severity Positive scan results with infections or higher severity

Graphic Reports Two graph types Several report templates Export to PDF, HTML, XLS Schedules for periodic reports Delivered by e-mail

Image 21 – AVG Admin Report Viewer Graphic Reports Image 21 – AVG Admin Report Viewer

Migration from AVG 7.5 to 8.0 - Server AVG Remote Administration 8.0 can be installed along with AVGAdmin 7.5 Each server (TCP Server 7.5 and Admin Server 8.0) work independently, with their own configuration and database Admin Console 8.0 can not connect to TCP Server 7.5 and vice versa Databases are not compatible and cannot be converted

Migration from AVG 7.5 to 8.0 - Client AVG 8.0 can not be installed together with AVG 7.5 Installation process of AVG 8.0 removes AVG 7.5 automatically AVG 7.5 can not connect to Admin Server 8.0 and vice versa

Migration from AVG 7.5 to 8.0 (I) AVG Admin 7.5 can export a list of client’s station names AVG Network Installer 8.0 is able to load this list and install AVG 8.0 onto all listed stations Stations are looked up by their name -> valid DNS/WINS record is required

Migration from AVG 7.5 to 8.0 (II) AVG 8.0 connects to Admin Server 8.0 after installation AVG Network Installer 8.0 can remove successfully upgraded stations from AVG Admin 7.5 Result: all reinstalled stations are configurable from Admin Console 8.0, stations that cannot be reinstalled remain connected to AVG Admin 7.5

New Features Planned support for more DB types Central event management AVG Admin Server self-update Remote uninstallation Central management of Update servers Simple and intuitive terminology and User Interface

Thank you for your attention 69