Skip to main content

Using the Power User module

Overview

Enabling the Power User module in BEST for Mac allows you to use it for troubleshooting purposes.

On macOS, Power User operates via commands executed through a command-line interface application called PowerConsole.

A password is required to execute specific Power User commands. However, no password is needed to run general commands such as querying feature statuses.

Note

The Power User module is available starting with BEST for Mac version 7.21.53.200096.

Install Power User

The default installation kit does not include the Power User module. You need to configure the installation package and add the module to it.

New installation

To install BEST along with the Power User module, follow these steps:

  1. Configure the installation package:

    1. Log in to GravityZone Control Center.

    2. Go to the Network page from the left-side menu and click on the Installation packages section.

    3. Click the Add button. A configuration window is going to be displayed.

    4. Complete the fields with the necessary information.

    5. Select Power User along with all other modules that you want to install.

    6. Save your changes.

  2. Install BEST locally or remotely.

    After you have created the package, you can download and run it on your endpoint, or you can install BEST remotely. For more information, refer to Install security agents - standard procedure.

Existing installation

To add the Power User module when BEST is already installed on the endpoint, follow these steps:

  1. Log in to the GravityZone Control Center.

  2. Go to the Network page from the left-side menu.

  3. Select the endpoints where you want to install the module.

  4. Click the Actions button at the upper side of the table and choose Reconfigure agent.

  5. Select Power User and any other modules you want to install.

    Note

    For more information on using the Reconfigure agent task, refer to Reconfigure agent.

  6. Click Save.

Enable Power User

After the module is installed on the machine, follow these steps:

  1. Log in to GravityZone Control Center.

  2. Go to the Policies page from the left-side menu.

  3. Select the applied policy or the one that you want to apply on your endpoints.

  4. Go to General > Agent and click Settings.

  5. Click the Power User toggle to enable the feature.

  6. Set a password.

  7. Click the Save button.

  8. Apply the policy, if it was not applied previously.

policy_settings_power_user_p_1312810_en.png

Access Power User

The Power User functionality is managed using the PowerConsole application on your Mac. PowerConsole is located at the following path:

/Library/Bitdefender/AVP/product/bin/PowerConsole

best_mac_power_console_1312821_en.png

To access Power User, follow these steps:

  1. Open Terminal on your Mac.

  2. Navigate to the folder where PowerConsole is located.

    cd /Library/Bitdefender/AVP/product/bin/

  3. Open PowerConsole as root.

  4. When asked, enter the root password.

  5. Execute supported commands.

  6. For certain commands, you must enter the Power User password.

Manage Power User

To easily find endpoints with policies modified in Power User mode, follow these steps:

Apply filters

  1. Log in to the GravityZone Control Center.

  2. Go to the Network page from the left-side menu.

  3. Go to Filters area and click the More field.

  4. Select Policy type and click Apply.

  5. In the new Policy type filter, select the Edited by Power User option and click Apply.

Check the endpoint

  1. Log in to the GravityZone Control Center.

  2. Go to the Network page from the left-side menu.

  3. Click the name of the endpoint you are interested in.

  4. On the information page, click the Policy tab to view the applied policy.

  5. On the information page, click the Protection tab to view the active modules and other related details.

If you have modified the policy in Power User mode, a notification is displayed in the command-line console (Terminal) on your Mac.

best_mac_power_user_reset_policy_1312996_en.png

Revert the changes made with Power User

To revert the changes made in Power User mode, use one of the following methods.

Save the applied policy again

  1. Log in to the GravityZone Control Center.

  2. Go to the Policies page from the left-side menu.

  3. Open the policy template assigned to the endpoint with Power User rights.

  4. Click Save.

The original settings are reapplied to the target endpoint.

Assign a new policy

  1. Log in to the GravityZone Control Center.

  2. Go to the Network page from the left-side menu.

  3. Open the Actions menu or right-click the endpoint with Power User rights.

  4. Select the Assign policy option.

  5. Select a different policy.

  6. Click Save.

Use the Power User module

You can execute Power User commands with PowerConsole by following any of these methods:

  • Via interactive product console session

  • As individual commands

Interactive session

A PowerConsole interactive session can be started by launching a PowerConsole session without any arguments. During the interactive session, the Power User module can receive and process as many commands as you want.

For Power User commands to have effects, the feature must be enabled and have a password configured. This precondition will be set only once via policy.

During an interactive session, you will be prompted to enter the Power User password only one time. All commands used afterwards will not require a password.

If the password you have entered is incorrect, the command will not be executed. If 5 consecutive incorrect passwords are entered, there will be a timeout of 5 minutes in which no commands can be executed.

Note

If the Power User password is changed during an interactive session, the new password will be requested for the next command.

Power User commands are not case-sensitive.

Example:

  1. Open Terminal.

  2. Navigate to the PowerConsole folder.

    cd /Library/Bitdefender/AVP/Product/bin/

  3. Open PowerConsole as root.

    sudo ./PowerConsole

  4. Enter your root password to access the interactive mode.

  5. Enter any supported command.

    AntimalwareOnAccess enable

  6. Enter the Power User password.

    The password is required for the first command. Subsequent commands no longer require the Power User password.

  7. Enter the q command to exit the interactive mode.

    If you re-enter the interactive mode in the same session, you are no longer asked for the root password.

best_mac_power_interactive_mode_1313027_en.png

Individual Power User commands

Any Power User command can also be individually sent as an argument to the PowerConsole session, using the Terminal.

Note

Power User commands are not case-sensitive.

The syntax is as follows:

./PowerConsole /c <PowerUser command>

The product console will request the Power User password as input and will perform the requested action if the password is correct.

Regardless of the outcome of the command (successfully processed, wrong command, wrong password etc.), the PowerConsole session will exit on finish.

Example:

  1. Open Terminal.

  2. Navigate to the PowerConsole folder.

    cd /Library/Bitdefender/AVP/Product/bin/

  3. Execute the command as root.

    sudo ./PowerConsole /c AntimalwareOnAccess enable

  4. Enter your root password.

  5. Enter the Power User password.

For the subsequent commands in the same PowerConsole session, you will be only asked for the Power User password.

best_mac_power_individual_commands_1313027_en.png

Power User commands

Power User supports commands as listed below.

Note

Power User commands are not case-sensitive.

PowerUser help

This command lists all the available Power User commands based on your installed features.

best_mac_power_user_1313057_en.png

<Feature> enable or <Feature> disable

These commands either enable or disable the selected feature.

The available features are:

  • AntimalwareOnAccess

  • AdvancedThreatControl

  • NetworkProtection

  • IncidentSensor

  • DeviceControl

Note

You can enable, disable or query Network Protection, if you have at least one feature installed from the Network Protection suite.

Examples:

AdvancedThreatControl enable

NetworkProtection disable

PowerUser enable all or PowerUser disable all

These commands enable or disable all features that can be modified in Power User.

PowerUser resetPowerUser reset t, and PowerUser reset time

This command resets all changes performed through the Power User module by re-applying the most recent GravityZone policy.

The t or time optional parameters are used to set the number of minutes until the policy is reapplied.

For example, if you want Power User to reset after 10 minutes, you must use the following command:

PowerUser reset t=10

<Feature> get config

This command showcases the status of the selected feature.

Note

This command will display statuses only for installed features.

Example:

NetworkProtection get config

PowerUser get settings

This command returns an overview of all available features, along with their statuses and exclusions (if available).

best_mac_power_user_get_settings_1313057_en.png

Advanced Threat Control exclusions

The following commands can be used for ATC exclusions:

  • AdvancedThreatControl exclusions list

  • AdvancedThreatControl exclusions [add process=<process file path>]

  • AdvancedThreatControl exclusions remove [process=<process file path>]

Note

You can only add or remove one exclusion per command. You can also select and copy the exclusions found in Power User and paste them into the add or remove commands.

Examples:

AdvancedThreatControl exclusions list
AdvancedThreatControl exclusions add process=/Applications/Google Chrome.app/Contents/MacOS/Google Chrome
AdvancedThreatControl exclusions remove process=/Applications/Google Chrome.app/Contents/MacOS/Google Chrome

Antimalware On-access exclusions

The following commands can be used for Antimalware On-access scan exclusions:

  • AntimalwareOnAccess exclusions list

  • AntimalwareOnAccess exclusions add [file=<file path>] [folder=<folder path>] [extension=<extension type>] [process=<process file path>] [cmdline=<command string>] [sha256=<string value>] [thumbprint=<string value>] [threatName=<string name>]

  • AntimalwareOnAccess exclusions remove [file=<file path>] [folder=<folder path>] [extension=<extension type>] [process=<process file path>] [cmdline=<command string>] [sha256=<string value>] [thumbprint=<string value>] [threatName=<string name>]

Note

You can only add or remove one exclusion per command. You can also select and copy the exclusions found in Power User and paste them into the add or remove commands.

Examples:

AntimalwareOnAccess exclusions list
AntimalwareOnAccess exclusions add file=/Users/admin/Desktop/invoice_2025.pdf
AntimalwareOnAccess exclusions remove file=/Users/admin/Desktop/invoice_2025.pdf
best_mac_power_user_am_exclusions_1313057_en.png

Network Protection exclusions

The following commands can be used for Network Protection exclusions:

  • NetworkProtection exclusions list

  • NetworkProtection exclusions add [ips=<ip address>] [urls=<url>] [apps=<app file>]

  • NetworkProtection exclusions remove [ips=<ip address>] [urls=<url>] [apps=<app file>]

Note

You can only set one value per exclusion and one exclusion per command. You can also select and copy the exclusions found in Power User and paste them into the add or remove commands.

Examples:

NetworkProtection exclusions list
NetworkProtection exclusions add ips=192.168.1.15
NetworkProtection exclusions remove ips=192.168.1.15

Power User suggestions

The module offers suggestions when a command is incorrect or incomplete.

Note

Your insights and suggestions play an important role in helping us enhance and refine the new Power User CLI module. Let us know what you think.

best_mac_power_user__suggestions_1313057_en.png
In this section: