DLP policy conflict
Dear Support Team, I am experiencing a critical issue with the DLP agent where multiple policies with different enforcement actions are not functioning correctly. Problem Description: I have deployed two DLP policies to a client endpoint with the following
Endpoint Security For Dummies® | ManageEngine Special Edition
ManageEngine Endpoint Central has partnered with Wiley to publish Endpoint Security for Dummies®, a special edition designed to help IT and security professionals strengthen their endpoint defense strategy. Endpoint Security For Dummies® Get your complimentary
Login Issue - Changing UPN and Email Addressess - SSO
We have our login setup with Azure SSO. We are in the process of changing our email addresses and AD account UPN. In Endpoint Central, do we need to recreate our user accounts or is there a way to update those user accounts with the new info so they can
Unable to import thrid party certificate
Hi. We use th DesktopCentral build 11.2.2325.17 The current certificate (issued by our internal enterprise CA) expires on December 1, 2023 It is not possible to renew a certificate issued by our internal enterprise CA. (attached screenshot import-certificate.png)
Zero Day Vulnerabilities in Manage Engine
Hi Im the administrator of a small network at a Not for Profit Organisation in Australia. My knowledge of managing risks such as Zero day is pretty poor so im hoping for some direction Looking through Manageengine, it lists a number of zero day vulnerabilities.
Recently installed ManageEngine Malware Protection causing false positives with Microsoft endpoint protection
This was something that was autoinstalled on my domain computers I believe with a recent cloud agent update. I looked through the cloud agent settings but don't see an option to disable it. Is this possible?
Block Executable - Upload CSV file of known bad HASH
The new feature from our recent upgrade appears very beneficial. https://www.manageengine.com/products/desktop-central/help/inventory/block_executables.html?dci Sadly the very first thing Security & I thought of was not possible. Security & I had this brilliant idea of uploading a CSV file of all known bad executable HASH values. Known Virus, Malware, Cryptos, ect. ect. Sadly the only way to block a hash is to upload the actual .exe. Would it be possible in the future you could add this feature?
MS outlook policies
Dears We want to apply policies to enforce end users using Email tracking as per the below screen shot and denied them to make any change. Policy Name : smime Type of File: PKCS #7 Signature (.p7s)
Changing password globally
Is there a way in desktop central to globally change all computer wireless password of a SSID when we change the password. So we do not have to do this manually. Any help would be great.
Two Factor Authentication
I have TFA using Google Authenticator app on iOS with Desktop Central and was successfully using it. I had to changed devices and need to regenerate the bar code that I originally scanned to set this up. How can I get this added back to Google Authenticator?
Lacking basic security?
I jmust upgraded to the latest version and ran a Nessus scan. Im shocked that have a Critical and several high! Anyone else seeing this?
desktop central and service desk plus integration and 2FA
hi i have 1 login for desktop central which is the admin account i use and i also use this to link DC to service desk plus can i enable this admin account with 2FA on DC without it causing problems with service desk plus integration? thank you
Change from AD web gui login to local without using web gui
Hello, Is there a manual way (not through the web gui) to reset the web management authentication type back to Local Auth from AD Authentication? Thanks in advance.
Badlock exploit
Hello, Is DesktopCentral vulnerable to the Badlock exploit? If so, when will that be patched? Thanks, Brian
Desktop Central - Desire to manage computers by domain
Hello, It would be very useful to us to have the ability to manage computers-by-domain. I recognize that I can "sort" computers by domain, but I would like the ability to add technicians to Desktop Central but only allow them to manage computers: > By Domain and as a subset of that top level distinction > By Operating System (ie, servers -vs- desktop) We have 10 Desktop support persons that have separate responsibilities by location. So for instance 2 Desktop Support persons, work with desktops
Need explanation of this, if possible....
Why does this happens. Please explain.... service.exe executes dcconfig.exe executes cmd.exe executes reg.exe reg.exe then creates a binary file in c:\program files\desktopcentral_agent\logs called "dcagent.reg" It appears you are pulling down the registry values for your agent as a backup or as documentation for support (if needed). Please confirm. Also, is there any way to stop this? We are trying to tighten down reg.exe.
disable windows update locally
I saw it and ill be darned if i can find it again. However i saw where i can block users from using windows update locally on their computers using security settings in DTC but i cant find that setting in DTC. Mind pointing me in the correct direction? I thought it was under configurations > security policy > user> but i cant find it.. I am pretty sure i am just looking past it. Thanks!!!
Lmit Technicians to Managing Dynamic group
We are ready to add our Desktop Support Technicians to Desktop Central, and what I've found is I can't just assign them to managing a Dynamic Group, as I desire. I want to limit their ability to deploy software, or updates, to prevent them from ever deploying to servers on accident, or from rebooting servers etc. I've created Dynamic Groups by OS type (which I expected to find a "desktop" category built in, but have not. And I can ask them to only deploy to these groups, but I want to limit their
Tomcat Vulnerabilities in MEEC
Apache Tomcat Vulnerabilities being reported within MEEC. CVE-2022-29885, CVE-2022-34305, CVE2022-42252, CVE-2023-24998, CVE-2023-34981. Should we be concerned?
CVE-2021-44228 Announcement
Good Morning, Will there be an announcement soon regarding how many Zoho products are affected by this vulnerability? We also have a secure gateway and would like to know if it's affected. Thanks
Import Certificates - Error pfx
When importing the pfx certificate, the error message appers. "Unable to download the intermediate certificate, since Desktop Central server does not have connection to internet!. Configure Proxy"
Disable local authentication / AD when using SAML
Hi, Is there a way to disable local and AD authentication when using SAML yet? This has been identified as very high security risk. Regards, Nathan
Is it safe to delete a custom group after deploying a BitLocker policy?
Good morning, I'm using the Endpoint Central BitLocker Management module and have deployed my BitLocker policy. Since we manage a large number of devices, I created several custom groups specifically for this task. My questions are: If I delete these
Agent communication port same as WEB UI access for administrator
It has come to our attention that the UEM agent communication with the UEM server is currently configured to use the same port as the one designated for administrators to access the UEM web console, e.g. port 8020 Following documentation: https://www.manageengine.com/products/desktop-central/general-how-to.html
Tomcat CVE-2025-24813, CVSS 9.8
Hello, Tomcat has a critical vulnerability that has been fixed in 9.0.99. However, as far as I can tell, our Endpoint Central 11.4.2500.18 still uses 9.0.91 (last updated in build 11.3.2440.01). Any plans to release an update soon? Many thanks in advance.
Anti Virus Exclusions for Desktop Central - Server and Client
Looking all the exclusion required for Endpoint central product.
Where to change TLS settings?
Our cyber security engineer is telling me that his tolls show that Endpoint management is still running tls 1.1 but I went through the security recommendation setting and the only TLS thing was to disable older TLS which I enabled that. So is there other
Client Certificate Authentication
When enabling the Security Function "Client Certificate Authentication" do we need to configure Endpoint Central with an Subordinate Certification Authority of our Root or Sub CA? Or will the Endpoint Central Server build its own CA to provide the Client
Bitlocker Encryption conflict with existing Encryption
Hi all Need to know whether if Bitlocker in endpoint Central enabled what will it do if the windows is allready encrypted with bit-locker. Will endpoint central again encrypt or it will just collect the recovery key ?
TLS 1.0 and 1.1 detected on port 8027
Hi, I don't know if a recent patch has broken this, but now our port scanning service is detecting TLS 1.0 and TLS 1.1 on port 8027. Our Endpoint Central service version is 10.1.2228.11. There is an update available to 10.1.2228.20, but the changelog
Apache Tomcat Vulnerabilities in Endpoint Central
Good Afternoon, There are numerous security vulnerabilities being reported for the version of Apache Tomcat that Endpoint Central is using. CVE-2022-29885 CVE-2022-42252 CVE-2023-24998 CVE-2023-34981 CVE-2023-28709 CVE-2023-24998 CVE-2022-45143 CVE-2022-34305
URL filtering in EndpointCentral with Browser Security add-on does not work in FIREFOX
Hi! We are users of Endpoint Central (Buld 11.3.2400.12) with browsersecurity add-on, and we are having a problem with URL filtering. We have deployed a policy to filter / block some URL's that we do not want managed computers to connect to, but in FIREFOX
Appx Installer vulnerability - CVE-2021-43890
Does anyone know if this affects all Windows 10 versions? And if yes, how would one update this on all endpoints? Can Desktop Central support/deploy this patch (msixbundle and appx files)? https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43890
BitLocker Management
Hi, Trying to deploy BL to members of an AD group to simplify management. I have created a Static group with AD group. However said group won't show up under Policy Deployment
Browser Control Options - QUIC Protocol disabling
I'm looking at adding security for our network's systems and had a question about the browser control options. Is there an easy way to disable the QUIC protocol in all browsers through EPC?
Mouse Jigglers
Is there any way to detect Mouse Jiggler applications from MEEC? I would like to know that screens will lock when the auditor selects a random PC screen to test screen our unattended screen policy when we next get audited. Examples, Move Mouse, Mouse
How to check the CISA published weekly list of vulnerabilities against my Endpoint Central list of CVE's that need patched?
I want to feed to my Endpoint Central on-premises server, a list of CVEs from CISA (example here: Vulnerability Summary for the Week of March 4, 2024 | CISA (this table would have to be parsed out of the html page). The goal is to find out what actual
Change Agent Service Account
I am in the process of removing my domain admin account from use as a service account across my domain. I have created a new service account for endpoint central, and added the account to endpoint central in the credential manager. Before I remove the
New antivirus update definitions
Hi, You introduced in the last version of Endpoint central a new next generation antivirus, I want to ask how will be definition update be applied to it?
Inventory report to scheduled report
Hi! I can run Inventory report from Security reports -> Bitlocker details and filter it by Domain and Custom Group how I can do this scheduled and push results via email (pdf or link). If only query report is option how this can be done ?
Next Page