Communication
In the General > Agent > Communication section of the policy, you can assign one or several Relay machines or the Endpoint Communication Server to the target endpoints, then configure the proxy preferences for the communication between the target endpoints and GravityZone.
Endpoint communication assignment
When the GravityZone Endpoint Communication Server or multiple Relay agents are available in the network, you can assign them to target endpoints via policy. The Endpoint Communication Server is a GravityZone default component.
To assign the Endpoint Communication Server or Relays to target endpoints:
In the Endpoint communication assignment table, click the Name field.
The list of Relay endpoints detected in your network is displayed. The Endpoint Communication Server is displayed with the prefix
ECSin the list.
Select an entity.
Optionally, enter a custom name or IP address.
Click the
Add button.The Endpoint Communication Server or Relay endpoint is added to the list. All target endpoints will communicate with Control Center via the Communication Server or the specified Relay.
Follow the same steps to add several Relays, if available.
To change the priority of an assignment:
Open the
More menu and click Edit.Use the arrows in the Priority column to move the relay up or down.
You can also edit the custom name or IP address.
Click the
confirmation icon to save the changes.
To delete an assignment, open the More menu and click Delete.
Communication between endpoints and Relays or GravityZone
In this section, you can configure the proxy preferences for the communication between the target endpoints and the assigned Relay machines, or between target endpoints and GravityZone Control Center (when no relay has been assigned):
Use previous settings, to use the same proxy settings defined with the installation package.
Use the proxy defined in Agent > Settings, to use the proxy settings defined in the Agent > Settings section of the current policy.
Do not use proxy, when the target endpoints do not communicate with the specific GravityZone components via proxy.
These configuration settings are being used in the following endpoint operations:
Submitting EDR events to GravityZone.
Full Remote Shell sessions between GravityZone and endpoints.
Live Search query sessions between GravityZone and endpoints.
Services that retrieve files, on demand, from the GravityZone web console:
Quarantine
Investigation packages
Communication between endpoints and Bitdefender Cloud Services
In this section, you can configure the proxy preferences for the communication between the target endpoints and Bitdefender Bitdefender Cloud Services:
Keep installation settings, to use the same proxy settings defined with the installation package.
Use the proxy defined in Agent > Settings, to use the proxy settings defined in the Agent > Settings section of the current policy.
Autodetect proxy settings, to automatically detect the proxy settings used by your browser.
Do not use proxy, when the target endpoints do not communicate with the specific GravityZone components via proxy.
If the option Use the proxy defined in Agent > Settings is selected, but the proxy is not configured, then the connected relay will be used as a proxy.
Remote Shell connection with endpoint
When activated, this setting enables the initiation of remote shell connections with endpoints in your environment.
The Remote Shell feature enables your security team to perform advanced forensics on target endpoints involved in XDR incidents.
Important
For this feature to be functional multiple criteria must be met. For more details see Remote Shell session prerequisites.