Health Dashboard
Overview
Health Dashboard is a brand-new feature designed to provide a comprehensive overview of endpoint issues and status within your network. Different widgets offer important insights into the health and performance of endpoints and highlight critical concerns that require your attention. You can monitor your network's health with the intuitive visuals and customizable features that Health Dashboard provides in this unified view.
Eligibility
To use the feature, you must meet the following requirements:
Your company has a valid license key.
You have administrative privileges over the company's network.
You have access to the My company > Early access tab to select Health Dashboard and enroll your company in the program.
Discovering widgets
Health Dashboard widgets provide enhanced visibility over the entire network. Each widget centralizes endpoints and classifies them based on different statuses, issues, and types.
Endpoints overview
This widget encompasses the endpoints available in your network and classifies them based on their management and connectivity status in the following categories:
Managed endpoints
This section presents all the endpoints in your network that have the security agent installed.
Active endpoints
This section informs you about all the managed endpoints that were online in the last 24 hours or are online at the moment of reporting.
Offline endpoints
In this section, you can view the number of managed endpoints that have been offline for more than 24 hours.
Unmanaged endpoints
This section displays the number of endpoints that do not have a security agent installed from a GravityZone console perspective.
Inventory
This section provides details about the managed endpoint types that can be virtual or physical machines, Security Servers, containers, container hosts, and their operating systems (Windows, Linux, macOS).
Note
The data availability may differ depending on the license included in your current plan.
Endpoint issues
This widget provides you with details about endpoint issues discovered within your network. The endpoints are grouped into three major categories and then divided based on their status:
Healthy: includes endpoints that have none of the displayed issues.
Warning: includes endpoints that are not connected to the Bitdefender Global Protective Network, endpoints with policy settings changed using Power User that remained active, isolated endpoints, and endpoints with disabled modules in the policy.
Critical: Includes endpoints with malfunctioning modules, unresolved malware detections, expired modules and endpoints with no modules installed.
The endpoints are classified as follows:
Important security issues:
Unresolved malware detections: endpoints may require a system restart to complete the disinfection process; endpoints can have unresolved detection where no remediation action was taken or, other causes that may require additional investigation.
Policy settings changed using Power User: policy settings were changed using Power User and remained active.
Communication issues
Not connected to Bitdefender Global Protective Network: endpoints cannot establish communication with Bitdefender Global Protective Network.
Isolated: endpoints are network-restricted and communicate only with the GravityZone console.
Modules issues
Disabled modules: endpoints have protection modules disabled from the policy.
Malfunctioning modules: endpoints have protection modules installed and enabled from the policy but are not operating properly.
Expired modules: endpoints are unlicensed and protection modules have expired.
Modules about to expire: installed endpoints exceeding the license limit that are currently in a 30-day grace period.
Product update status
In this widget, you can find information related to product updates. The endpoints are grouped into three major categories and then divided based on their status:
Healthy: includes endpoints that have the latest product version and are considered up-to-date.
Warning: includes endpoints that have product updates disabled from the policy or, require a restart to complete a product update process. These endpoints are counted only in this category.
Critical: includes endpoints that have checked and discovered available updates but could not install them.
The endpoints are classified as follows:
Updated: endpoints are up to date, and no new updates are currently available.
Pending restart: endpoints require a system restart to complete the product update process.
Update disabled: the product update option is disabled from the policy applied on endpoints.
Outdated: includes endpoints that have checked and discovered available updates but could not install them.
Security content update status
In this widget, you can find information related to Security content updates. The endpoints are grouped into three major categories and then divided based on their status:
Healthy: includes endpoints that were online and updated their security content in the last 24 hours.
Warning: includes endpoints that have security content updates disabled from the policy or, were offline for more than 24 hours. These endpoints are counted only in this category.
Critical: includes endpoints that were online within the last 24 hours but could not install security content updates.
The endpoints are classified as follows:
Updated: includes endpoints that were online and updated their security content in the last 24 hours.
Outdated: includes endpoints that were online within the last 24 hours but could not receive security content updates.
Update disabled: the security content update is disabled from the policy applied on endpoints.
Offline more than 24 hours: endpoints were offline for more than 24 hours.
Endpoints policy status
In this widget, you can view the policies assigned, applied, or changed on your endpoints. The endpoints are grouped into three major categories and then divided based on their status:
Healthy: includes all compliant endpoints.
Warning: includes endpoints that were offline after the policy was edited and have not received the new settings.
Critical: includes non-compliant endpoints and endpoints on which the policy settings were changed with Power User.
The endpoints are classified as follows:
Compliant: endpoints have a policy assigned, and the settings are applied.
Non-compliant: includes endpoints where the policy was assigned but not applied, endpoints that have multiple policies assigned, but the latest is not the one applied, and endpoints with settings modified using Power User.
Offline since latest policy changes: endpoints were offline after the policy was edited and have not received the new settings.
Policy settings changed using Power User: the policy settings were changed on endpoints with Power User.
Inherited policy: endpoints have policy settings that are inherited or enforced from above.
Directly applied policy: endpoints have a policy that is directly assigned and applied.
Assigned policies using assignment rules: endpoints have policies assigned based on assignment rules.
Endpoint modules status
Provides an overview of the protection modules' coverage for your endpoints. The chart presents the modules and indicates their status, whether they are enabled, disabled, or not installed on endpoints.
License
The widget provides information about all your current products and their status.
Endpoint patch management
This widget informs you about the status of patches on your endpoints. You can view endpoints with the following indicators:
Total: the total number of managed endpoints that have the Patch Management module installed.
Up to date: endpoints are up to date, and no new patches are currently available.
Require reboot: endpoints require a system restart to complete the patch installation process.
Patch download failed: patches could not be downloaded on endpoints.
Patches available, not installed: endpoints have patches available, but no patch installation task was initiated to install them.
Patch installation failed: downloaded patches could not be successfully installed on endpoints.
Never checked available patches: endpoints never checked for patches. Patch Management is disabled from the policy, or no maintenance window is configured.
Didn’t check for patches in the last 30 days: endpoints have not checked for available patches in the last 30 days.
Missing non-security patches: endpoints reported that new non-security patches are available.
Missing security patches: endpoints reported that new security patches are available.
Note
The data availability may differ depending on the license included in your current plan.
Endpoints encryption status
Informs you about the encryption status of the endpoints. The widget displays the number of endpoints that are compliant or non-compliant with the encryption policy settings.
Compliant: includes endpoints with volumes that are all encrypted or unencrypted according to the policy.
Non-compliant: includes endpoints that have the status of the volumes inconsistent with the assigned policy. For example, only one of two volumes is encrypted or an encryption process is in progress on that volume.
Note
The data availability may differ depending on the license included in your current plan.
Permission issues on macOS
This widget contains information about different issues caused by insufficient permissions on your macOS endpoints:
System extensions not allowed: endpoints require permission to install system extensions to enable full protection. Allow extensions in Security > Privacy preferences and restart your system.
Full Disk Access not allowed: endpoints require Full Disk Access for Antimalware On-Access, Advanced Threat Control , and EDR modules to function properly. Open Privacy settings and grant Full Disk Access.
Network extension not allowed: endpoints require network extensions to be enabled.
Tunneling application not allowed: endpoints require a proxy configuration. Allow BDLdaemon application to add proxy configuration.
SSL certificate not allowed: the Bitdefender root certificate may not be installed, or trusted, or its installation failed on endpoints.
Security Server status
Helps you evaluate the status of the Security Servers. You can easily identify the following indicators:
Total: the total number of Security Servers in your network.
Stopped: the number of Security Servers that are stopped.
Underloaded: the number of Security Servers with less than 5% of their scanning capacity used.
Overloaded: the number of Security Servers where the scan load exceeds 90% of their capacity.
Outdated (Security Content): the number of Security Servers that were online within the past 24 hours but could not receive security content updates.
Storage scanning enabled: the number of Security Servers that have storage scanning enabled.
Storage scanning disabled: the number of Security Servers that have storage scanning disabled.
Note
The data availability may differ depending on the license included in your current plan.
Exploring multidimensional data
Health dashboard enables you to explore multidimensional data by browsing from a statistical level directly into detailed views. You can seamlessly navigate from any widget to specific sections and efficiently analyze critical concerns that require your attention.
The drill-down from most widgets primarily focuses on the Network section, but it also extends to other areas of Control Center, based on the widget. From the License widget, you can easily access your company's licensing details, and using the Endpoint modules status widget, you can quickly generate an Endpoint Modules Status report to have more insight into the module coverage on your endpoints.
To navigate from each widget:
Log in to GravityZone Control Center.
On the Monitoring page, select Health dashboard.
Find the widget of interest.
Depending on the widget, you can drill down by clicking the widget entries, the numbers next to them, or the widget title. An entry must have at least one endpoint.
After your selection, you are automatically redirected to the corresponding area of the Control Center.
From here, you can continue your investigation and optionally save the view, add more filters, generate a report, or take remediation actions where possible.
Note
Views opened from certain widgets, such as Endpoint policy status, Endpoint encryption status, Security Server status, and Endpoint patch management, are temporary and marked with the label Restricted view. You can filter, investigate, and take actions, but you cannot save these specific views. To access them again, you will need to drill down from the dashboard.
The following example illustrates how to investigate outdated endpoints in your network. To start the investigation, locate the Product update status widget and click on the Outdated entry.
You are redirected to the Network page, automatically filtered to display only the list of endpoints that have checked and discovered available updates, but could not install them.
From here, you can save the view for later reuse, apply additional filters to narrow the scope, open endpoint details for insights, and investigate why the updates failed on these particular endpoints. You can also take actions directly, such as starting a manual update task.
For more information, refer to Sorting, filtering and searching for endpoints.
In another example below, you have an endpoint in your network where patches failed to install. To start, locate the Endpoint patch management widget and click the Patch installation failed entry.
You are redirected to the Network page, where you can view the list of endpoints with downloaded patches that could not be successfully installed.
This type of view, marked at the top of the page as a Restricted view, cannot be saved for later reuse. However, you can still investigate the cause of failure by selecting the endpoints in the list and generating a Network Patch Status report.
You can also take actions directly, such as retrying the patch installation or scheduling a maintenance window. For more information, refer to Patch Inventory.
Customizing views
Health Dashboard helps you create your own customized views or use a predefined one and quickly switch between them as needed. You can customize filters and add, remove, resize, or move widgets according to your needs, then save everything in a single view.
The available filters can help you focus on data that is most relevant to your organization. You can use the company filter to view details corresponding to the company you manage, while the tags filter allows widgets to reflect specific data based on the tags assigned on endpoints. You can choose to view details about endpoints with automatic or custom tags or endpoints with no tags assigned.
You can further tailor your experience by selecting and moving widgets. The feature dynamically adjusts to your changes.
To add or remove widgets, use the steps below:
Click the Settings button in the right-hand corner of the page.
Search for specific widgets if necessary.
Select or deselect the target widgets. You can also remove widgets using the close button from the upper-right corner of each widget.
Apply the changes.
You can also resize widgets according to your needs.
Creating custom views
You can save your preferences in a customized view using the steps below:
Select General view from the Smart views section.
Personalize according to your needs. Use the Discard changes button from the upper right corner of the page to undo your selections if necessary.
Save your changes using the Save as button from the upper right corner of the page.
Enter a name for the view and click Save. You can find the new view in the Custom section.
Editing, renaming, and deleting custom views
You can edit a custom view anytime; however, please note that you need to save your changes after applying them.
To edit a custom view, follow these steps:
Choose a custom view.
Personalize according to your needs. Use the Discard changes button to undo your selections if necessary.
Save your changes using the Save button in the upper-right corner of the page.
To delete or rename a custom view, click the corresponding vertical ellipses from the views panel and select the action.
Exporting widgets data
The export functionality helps you access and manage the centralized data from all widgets outside GravityZone Control Center. The events are exported in the widely available CSV format, making it easier to import into other software programs tailored for your business. The exported file contains details about all endpoints counted in each widget.
To export data on your computer, follow the steps below:
Click the export
button from the upper right side of the Health Dashboard page.Select Export CSV.
Depending on your browser settings, the file may be downloaded automatically to a default download location, or a download window will appear, where you must specify the destination folder.
A toast notification on the Health Dashboard page will inform you when the export is complete.
Note
Columns corresponding to some widget entries are aggregated in the CSV file.
Submitting feedback
To let us know your thoughts, you can use the Feedback button available in the upper-right corner of the Health Dashboard page. Additionally, you can also use the feedback dialog available if you opt out of the program. We eagerly await and value your input on this feature.