Remote Administration AVG 8.0 Remote Administration 1
Contents General Description AVG Admin Setup AVG Admin Server Deployment Wizard AVG Admin Server and Monitor AVG Network Installer Wizard AVG Admin Client AVG Admin Console New features
General Description New architecture – layers, communication protocol User Interface adjustments – intuitive, user-friendly, flexible layout Easy to understand terminology AVG 8.0 is not compatible with AVG Admin 7.5
Fundamental Components AVG Remote Administration Setup AVG Admin Server Deployment Wizard AVG Admin Server AVG Admin Server Monitor AVG Admin Console AVG Network Installer Wizard AVG Admin Client
AVG Admin Setup (I) Setup does not uninstall AVG Admin 7.5 Remote Administration 7.5 and 8.0 can run on one server Language localization Czech, English, German, French, Italian, Brazillian Portuguese Setup is not responsible for configuration Configuration is created by the Server Deployment Wizard
AVG Admin Setup (II) Program Location %programfiles%\AVG\AVG8Admin separate folder for each component Graphical reports Setup requires a valid license number
Image 1 – AVG 8.0 Remote Administration setup Installation - Type Image 1 – AVG 8.0 Remote Administration setup
Installation - Full Mode All components available: Admin Console Admin Server Graphical Reports Network Installer Wizard Documentation DataCenter role and UpdateProxy role
Installation – Module selection Image 2 – Selection of Remote Administration modules
Installation – Lite Mode Admin Lite server can only act in the UpdateProxy role Network Installer (hidden installation using a script) DataCenter and Admin Console are not available Recommended for small networks
Admin Server Deployment Wizard Initial configuration and later reconfiguration Allocation of AVG Remote Administration roles Scripts for DB creation or conversion to a higher version No initial configuration is created by default The Deployment Wizard has to be completed in order to make AVG 8.0 Remote Administration functional
Admin Server Deployment Wizard Image 3 – AVG Admin Server Deployment Wizard
Admin Server Deployment Wizard Image 4 – Current state of AVG Admin Server
DataCenter Configuration Database configuration Creation of new database Database backup and conversion Supported databases: Firebird MS SQL 2005 Express Edition (and MSDE) MS SQL Server 2000/2005 Oracle 10g
DataCenter Configuration Image 5 – DataCenter role configuration
UpdateProxy Configuration Define local folder for “mirrored” update files URL for local and public update servers Connection string to machine running Master DataCenter (if different) Local proxy server configuration Included also in Lite Mode configuration
UpdateProxy Configuration Image 6 – UpdateProxy role configuration
Image 7 – Deployment progress
AVG Admin Server (I) DataCenter role, UpdateProxy role, or both Completely new communication protocol Admin Server service is launched after computer startup listening on TCP port 4158 Admin Server can not process AVG 7.5 requests
AVG Admin Server (II) Configuration is stored in avgadmsv.ini file Initial configuration of the Admin Server is done by the Server Deployment Wizard Advanced configuration is available in the Admin Server Monitor Monitoring of new Remote Administration releases and self-update function
DataCenter Role (I) Admin Server is able to serve more clients simultaneously (performance) It is not possible to execute pure SQL queries for security reasons All trafic is encrypted with 192-bit Blowfish algoritm by default
DataCenter Role (II) 3rd party SQL API++ library for unique access to different DB systems using native drivers (ODBC drivers are not used) The same version of AVG 8.0 Remote Administration and AVG Data Center is required Database conversion to the higher version is reliable Generated conversion scripts, less human-written code
Communication Scheme
Communication Protocol All logic is moved from client to server All communication is handled by a set of commands initiated from the Admin Console or the AVG Client Priority management is implemented to control load peaks
Communication Ports 4158 – main port for communication between Client and Server, Console and Server 6051 – direct communication between Console and Client, configurable 6054 – direct communication between Console and Server, non-configurable, implemented collision detection
Central Event Management Event Templates Virus found on a station Station not communicating for more than N days Station is not up-to-date Subscription for specific events
UpdateProxy Role Download service with proxy-like behaviour Update distribution to the clients Lower Internet traffic Faster updating of stations Remote administration of UpdateProxy server
Update Scheme New update file downloading AVG Station User Update AVG station is receiving update files AVG Admin Server Update servers AVG station is asking for update files Is there the needed update file? AVG Station Downloaded update files User
Segmented Server Functionality The intention is to split Admin Server load on multiple hardware resources Admin Server functionality is segmented (DataCenter and UpdateProxy role) Each segment can be installed separately to facilitate performance optimization
AVG Admin Server Monitor (I) Configuration possibilities Change or verification of license number Modification of logging level Communication port (4158 by default) Password protection of Admin Server connection
Admin Server Monitor Settings Image 8 – Admin Server Monitor Settings: General
Admin Server Monitor Settings Image 9 – Admin Server Monitor Settings: DataCenter
AVG Admin Server Monitor (II) Configuration possibilities Local update files folder URL of public update servers Local proxy server configuration SMTP server and administrator‘s e-mail details
Admin Server Monitor Settings Image 10 – Admin Server Monitor Settings: UpdateProxy
HTML Status Page Easy access to AVG Admin Server details Test of Admin Server availability from the clients Overview of stations in an error state Information about server load Update download statistics
Image 11 – AVG Admin Report: HTML Status Page
AVG Network Installer Wizard (I) Creation of installation script Remote network installation Clear requirements for remote installation Remote AVG Uninstallation
AVG Network Installer Wizard (II) Automatic download of the latest installation package Detailed information about installation processes Retrieving installation log files from remote stations
Requirements – Operating system MS Windows 2000 with SP4 and SRP1 MS Windows 2003 Server with SP1 MS Windows XP Professional with SP2 MS Windows Vista MS Windows XP Home manual installation and start AVG Agent service is necessary
Requirements – Services & ports Ping ICMP type 0 – Incomming echo request File and printer sharing TCP ports 139, 445 and UDP ports 137, 138 Remote Procedure Call TCP and UDP ports 135 Communication on TCP port 6150
Network Installer – Method Image 12 – Choice of installation method
Network Installer – Basic No detailed settings Parameters needed for installation of AVG on stations Connection string to DataCenter 7 easy steps
Network Installer – Advanced Option for detailed settings of all installation parameters Includes logging level, AVG Agent service port, selection of components 10 easy steps
Network Installer – Components Image 13 – Remote AVG Installation: Step 3/10
Network Installer – Installation Image 14 – Remote AVG Installation: Step 9/10
Network Installer – Script mode Script serves as an AVG installation template Used for automatic installation on other stations in the network Options and components determinations
Network Installer – Script mode Image 15 – Installation script options
Network Installer – Lite Interface Image 16 – Creation of installation script only
AVG Admin Client (I) Represented by Remote Control Communication Library Responsible for synchronizing configuration of AVG 8.0 Client with the DataCenter
AVG Admin Client (II) Mandatory items are marked in the User Interface and can not be changed Remote Administration is not displayed in the list of components no error state alarm when the DataCenter is not accessible temporarily
AVG Admin Client Settings Image 17 – Remote Administration settings in Client
AVG Admin Console Modular User Interface Information about all stations Notification about new versions (clients and server) License Management Quick Help Windows (FAQ)
Image 18 – AVG Admin Console
Architecture (I) Designed for station administration only Pure monitoring mode for workstations is not implemented Mandatory values are forced onto the clients, non-mandatory values are read from the clients
Architecture (II) Client mode of configuration identical interface with Advanced settings on the client Admin mode of configuration plain list of values is displayed in each section
Station Identification By station name By station name and domain By station IP address By station MAC address Elimination of possible problems in less structured networks
Image 19 – Non-compliance conditions Non-compliance State Image 19 – Non-compliance conditions
Image 20 – Admin mode of Shared settings
User access restrictions Opening License Activate/Re-Activate dialog Opening the Virus Vault Deleting items from the Virus Vault Restoring files from the Virus Vault Opening the Advanced settings dialog Sending of bug reports
Firewall Management Monitoring of all firewall settings Mandatory flag can be set for single rules within the firewall configuration
Scan Result Options All Scan Results (positive and negative) Positive scan results with info or higher severity Positive scan results with warnings or higher severity Positive scan results with PUPs or higher severity Positive scan results with infections or higher severity
Graphic Reports Two graph types Several report templates Export to PDF, HTML, XLS Schedules for periodic reports Delivered by e-mail
Image 21 – AVG Admin Report Viewer Graphic Reports Image 21 – AVG Admin Report Viewer
Migration from AVG 7.5 to 8.0 - Server AVG Remote Administration 8.0 can be installed along with AVGAdmin 7.5 Each server (TCP Server 7.5 and Admin Server 8.0) work independently, with their own configuration and database Admin Console 8.0 can not connect to TCP Server 7.5 and vice versa Databases are not compatible and cannot be converted
Migration from AVG 7.5 to 8.0 - Client AVG 8.0 can not be installed together with AVG 7.5 Installation process of AVG 8.0 removes AVG 7.5 automatically AVG 7.5 can not connect to Admin Server 8.0 and vice versa
Migration from AVG 7.5 to 8.0 (I) AVG Admin 7.5 can export a list of client’s station names AVG Network Installer 8.0 is able to load this list and install AVG 8.0 onto all listed stations Stations are looked up by their name -> valid DNS/WINS record is required
Migration from AVG 7.5 to 8.0 (II) AVG 8.0 connects to Admin Server 8.0 after installation AVG Network Installer 8.0 can remove successfully upgraded stations from AVG Admin 7.5 Result: all reinstalled stations are configurable from Admin Console 8.0, stations that cannot be reinstalled remain connected to AVG Admin 7.5
New Features Planned support for more DB types Central event management AVG Admin Server self-update Remote uninstallation Central management of Update servers Simple and intuitive terminology and User Interface
Thank you for your attention 69