Checking the endpoints status
Each endpoint is represented in the network page by an icon specific to its type and status.
For detailed status information, refer to:
Management status
You can check the management status of your managed endpoints by using the Management status filter.
Endpoints can have the following management statuses:
Managed - endpoints on which the security agent is installed.
Unmanaged - detected endpoints on which the security agent has not been installed yet.
Connectivity status
The connectivity status concerns all virtual machines and only the managed computers. Managed endpoints can be:
- Virtual machine, offlineA grey icon indicates that the endpoint is offline.
- Virtual machine, onlineA blue icon indicates that the endpoint is online.
- Physical machine, offlineA grey icon indicates that the endpoint is offline.
- Physical machine, onlineA blue icon indicates that the endpoint is online.
An endpoint is offline if the security agent is inactive for more than 15 minutes. Possible reasons why endpoints appear offline:
The endpoint is shut down, sleeping or hibernating.
Note
Endpoints appear online even when they are locked or the user is logged off.
The security agent does not have connectivity with Bitdefender Control Center or with the assigned Endpoint Security Relay:
The endpoint might be disconnected from the network.
A network firewall or router might block the communication between the security agent and Bitdefender Control Center or the assigned Endpoint Security Relay.
The endpoint is behind a proxy server and the proxy settings have not been properly configured in the applied policy.
Warning
For endpoints behind a proxy server, the proxy settings must be properly configured in the security agent installation package, otherwise the endpoint will not communicate with GravityZone console and will always appear offline, no matter if a policy with the proper proxy settings is applied after installation.
The security agent has been manually uninstalled from the computer, while the computer did not have connectivity with GravityZone Control Center. Normally, when the security agent is being manually uninstalled from a computer, Control Center is notified of this event, and the computer is flagged as unmanaged.
The security agent has been manually uninstalled from the endpoint, while the endpoint did not have connectivity with Bitdefender Control Center or with the assigned Endpoint Security Relay. Normally, when the security agent is being manually uninstalled from an endpoint, Control Center is notified of this event, and the endpoint is flagged as unmanaged.
The security agent might not be working properly.
To find out for how long endpoints have been inactive:
Display only the managed endpoints. In the Filters menu located at the upper side of the table, select all the Management status filter and click on the Managed checkbox.
Click the Last seen column header to sort endpoints by inactivity period.
You can ignore shorter periods of inactivity (minutes, hours) as they are likely the result of a temporary condition.
For example, the endpoint is currently shut down.
Longer inactivity periods (days, weeks) usually indicate a problem with the endpoint.
Note
It is recommended to refresh the network table from time to time, to update the endpoints information with the latest changes.
Security status
You can check the security status of your managed endpoints by using the Security issues filter.
An endpoint has security issues provided at least one of the following situations applies:
Antimalware protection is disabled.
The license has expired.
The security agent product is outdated.
Security content is outdated.
Malware is detected.
The security agent is compromised.
The connection with Bitdefender Cloud Services could not be established, due to the following possible reasons:
A network firewall is blocking the connection with Bitdefender Bitdefender Cloud Services.
Port 443, required for the communication with Bitdefender Bitdefender Cloud Services, is closed.
In this case, the antimalware protection relies solely on local engines, while in-the-cloud scanning is off, meaning that the security agent cannot provide full real-time protection.
If you notice an endpoint with security issues, click its name to display the Information window.
You can identify the security issues by using the Security issues filter. Make sure to check for security information in all the information page's tabs.
Further local investigations may be needed.
Note
It is recommended to refresh the network table from time to time, to update the endpoints information with the latest changes.
Checking the container status
Each container is represented in the network page by an icon specific to its type and status.
Refer to Network object types and statuses for a list with all available icon types and statuses.
Security status
You can identify containers with security issues by checking the Security issues column. To view only containers with issues, configure the Security issues filter accordingly.
A container has security issues provided at least one of the following situations applies:
Antimalware protection is disabled.
The license has expired.
The Bitdefender product is outdated.
Security content is outdated.
Malware is detected.
The connection with Bitdefender Bitdefender Cloud Services could not be established, due to the following possible reasons:
The container has internet connectivity issues.
A network firewall is blocking the connection with Bitdefender Bitdefender Cloud Services.
Port 443, required for the communication with Bitdefender Bitdefender Cloud Services, is closed.
In this case, the antimalware protection relies solely on either the host agent or the host's Security Container, while in-the-cloud scanning is off, meaning full real-time protection is not available.
If you notice a container with security issues, click its name to display the Information window.
Further local investigations may be needed.
Note
It is recommended to refresh the network table from time to time, to update the endpoints information with the latest changes.
The endpoints that do not receive any updates in the past 24 hours are automatically marked With issues, regardless of the security content version present on the relay or on the GravityZone Update Server.