CLOUD SOLUTIONS

Manage your company

As a user with the Manage company right, you can check or change your company details and license settings, and manage authentication settings, such as two-factor authentication, password expiration, account lockout, and single sign-on.

To get the the My Company page follow the steps below:

  1. Log in to GravityZone

  2. Click on your profile in the upper right side of the screen.

  3. From the drop-down menu, select My Company.

The information is divide into three sections:

The following fields will be available for editing:

Note

Fields marked with * can not be left blank.

Basic company details
48409_3.png
  • Company name - enter the name of the company.

  • Country - select the country the company is based in.

  • Field of activity - the main field of activity the company operates in.

Management permissions
48409_4.png
  • Your Bitdefender Partner can assist with the security management - check this box if you want this company's partner to have access to managing endpoint security directly. If this box is not checked:

    • The company will still appear in the Network page, but its network will be invisible to its partner.

    • The company's partner will be able to manage its subscription further on.

    • The company's partner will be able to enforce two-factor authentication even though they cannot manage its user accounts.

    • The company's partner will be able to create only specific reports, which do not disclose network information.

Additional company details
122476_5.PNG
  • Registered address - Enter the physical address of the company’s office

  • Phone number - enter the company's official phone number.

  • Logo. You can add the company's logo image. All reports and email notifications issued for this company will include the logo image.

    To add the company’s logo:

    1. Click the Change button.

    2. Browse for the image logo on your computer.

    3. Click Open.

    To reset the logo to the image provided by Bitdefender, click the Default button.

The following fields will be available for editing:

Note

Fields marked with * are mandatory.

Login security
122476_6.png
  • Enforce two-factor authentication.

    The two-factor authentication (2FA) adds an extra layer of security to GravityZone accounts, by requiring an authentication code in addition to Control Center credentials.

    This feature requires downloading and installing the Google Authenticator, Microsoft Authenticator, or any two-factor TOTP (Time-Based One-Time Password Algorithm) authenticator app - compatible with the standard RFC6238 - on the user's mobile device, then linking the app to the GravityZone account and using it with each Control Center login. The Authentication app generates a six-digit code each 30 seconds. To complete the Control Center login, after entering the password, the user will have to provide also the six-digit authentication code.

    Two-factor authentication is enabled by default when creating a company. After that, at login, a configuration window will prompt users to enable this feature. Users will have the option to skip enabling 2FA for three times only. At the fourth login attempt, skipping the 2FA configuration will not be possible and the user will not be allowed to log in.

    If you want to deactivate the 2FA enforcement for all GravityZone accounts in your company, just uncheck the option. You will be prompted with a confirmation message before the changes come into effect. From this point on, users will still have 2FA activated, but they will be able to deactivate it from their account settings.

    Note

    • You can view the 2FA status for a user account in the Accounts page.

    • If a user with 2FA enabled cannot log in to GravityZone (because of new device or lost secret key), you can reset its two-factor authentication activation from the user account page, under Two-factor authentication section. For more details, refer to User Accounts.

  • Set maximum password age to 90 days.

    This option enables the password expiration policy. Users need to change their passwords sooner than the specified age. Otherwise, they will not be able to log in to GravityZone anymore.

  • Lock out accounts after 5 login attempts with invalid passwords.

    This option limits the number of consecutive invalid passwords to prevent attacks. When the counter reaches the threshold, the account is locked out and the user needs to reset their password.

    The policy applies to the accounts created in GravityZone.

    A notification will be sent out to all company’s users when the account lockout option is being enabled on a certain company.

Configure single sign-on using SAML
122476_7.png

GravityZone supports service provider(SP) initiated single sign-on (SSO) as a simple and secure alternative to the classic login with username and password.

This method requires integration with 3rd party identity providers (IdP) using SAML 2.0, such as AD FS, Okta, and Azure AD, that authenticate GravityZone users and provide them access to Control Center.

This is how GravityZone SSO works:

  1. Users enter their email addresses in the GravityZone login page.

  2. GravityZone creates a SAML request and it forwards the request and the users to the identity provider.

  3. Users are required to authenticate with the identity provider.

  4. After authentication, the identity provider sends a response to GravityZone in the form of an XML document signed with an X.509 certificate. Also, the identity provider redirects users to GravityZone.

  5. GravityZone retrieves the response, validates it with the certificate fingerprint, and allows users to log in to Control Center with no other interaction from them.

Users continue to automatically log in to Control Center as long as they have an active session with the identity provider.

To enable SSO for a company, you need to do the following:

  1. Configure the identity provider to use GravityZone as service provider. For supported identity providers and configuration details, refer to this article.

  2. In the company details page, under Configure single sign-on using SAML, enter the identity provider metadata URL in the corresponding box.

  3. Configure users under the company to authenticate with their identity provider. For details, refer to Managing User Authentication Methods.

To disable single sign-on for a company you manage, delete the identity provider metadata URL.

After disabling single sign-on for a company, users will automatically switch to log in with GravityZone credentials. Users can obtain new passwords by clicking the Forgot password? link on the Control Center login page and following the instructions.

After re-enabling SSO for a company, users will continue to log in to Control Center with GravityZone credentials. You need to configure manually each account to use SSO again.

Note

Click the Next button in the lower right side of the screen to proceed to the next screen.

Your company's licensing information is divided into these sections.

License information

This section displays your company's ID and chosen billing method.

48409_1.png

Note

The Billing method can have one of these values:

  • Pre-paid - either a trial key or a license key with predefined validity (6 or 12 months) was used.

  • Monthly usage - a monthly subscription plan.

Note

The following options are available only for companies with monthly subscriptions:

  • Change to Pre-paid license - this will allow you to add a license key and change to a yearly billing method.

  • View monthly usage report - clicking this button will redirect you to the Reports page and will open a Monthly License Usage Report.

Bitdefender partner

This section displays relevant information on your partner company.

48409_2.png

Use the Change Partner button to designate a different partner company.

License usage details

This section provides information relevant to your current license usage. Depending on your billing method, different information will be displayed:

Your standard products and add-ons are displayed, along with additional usage information:

48409_6.png
  • Product name - the name of the product you are using.

  • Product type - indicates if the key belongs to a standard product or an add-on.

  • Product status - shows if the product is still active, expired or a trial.

  • License key - the unique ID that grants you access to a Bitdefender product.

  • Expiry date - the date when your license will expire.

  • Total units - indicates the maximum units available for this license.

  • Usage breakdown - indicates the number of units that are currently being used by your company.

Adding a Product

To add a product follow the steps below:

  1. Click the Add product button.

  2. Type in the license key in the Add new product window.

  3. Click the Check validity button.

    48409_8.png

    Note

    In some cases, adding a specific license key will replace one of the products currently used by your company. This may lead to a change of the feature set you will have.

    Warning

    Depending on your company type, some products may be incompatible.

  4. Click the Add product button.

Removing a product

To remove a product from your company follow the steps below:

  1. Select the product you want to remove.

  2. Click the Remove product button.

  3. Click the Remove button to confirm the removal.

    48409_7.png

A table provides information regarding the status of your subscription:

48409_5.png

Note

Depending on your license, one or more of these fields may not be visible to you.

  • Product name - the name of the product you are using.

  • Product type - indicates if the key belongs to an Endpoint Security or to a Bitdefender EDR product.

  • Product status - shows if the product is still active or if it has expired.

  • License key - the unique ID that grants you access to a Bitdefender product.

  • Total units - indicates the maximum number of units that are available on this license.

  • Minimum commitment - indicates the number of endpoints that you have committed to deploy this product on.

  • Reserved units - indicates the number of units that have been assigned to your company.

  • Available units - indicates the number of unites that are still available for your company.

  • Used units - indicates the number of endpoints where you have deployed Bitdefender products.

  • Subscription end date - the date when your subscription will expire.

  • Auto-renewal - indicates if, and when, your subscription is set to automatically renew.

Note

You can use the Refresh Details button check for any changes in the displayed information. Once clicked, the button will be grayed out for 30 minutes.