How to manage endpoints outside the company's network
Bitdefender GravityZone is the first security management solution to properly address the scalability and performance challenges faced by enterprises today. Built from the ground up for heterogeneous environments, and using a unique design approach, GravityZone unifies control for virtualized, physical, and mobile endpoints.
The purpose of this article is to guide GravityZone (On-Premises) administrators to manage endpoints outside the company network.
To manage endpoints with Bitdefender Endpoint Security Tools (BEST):
Configure port forwarding rules
Install BEST through GravityZone Control Center
Create and assign custom policies to endpoints
Configure a port forwarding rule
In the default GravityZone setup, you can manage the endpoints only when they are directly connected to the corporate network.
To manage BEST over the Internet, you need to configure port forwarding on the corporate gateway for the appliance running the Communication Server role. Consequently translating the public IP address and port 8443 to GravityZone's Communication Server IP.
Install Bitdefender Endpoint Security Tools (BEST)
You can deploy Bitdefender Endpoint Security Tools on an endpoint:
•Locally, by running an installation package.
•Remotely, by running an installation task from the GravityZone Control Center.
For more information, refer to the GravityZone Administrator’s Guide.
Create and assign a custom policy
Endpoints are initially assigned with the default policy. You need to create and assign a specific policy for endpoints located outside the corporate network.
To create a custom policy for this scenario:
- Go to the Policies page.
- Click the Add button at the upper side of the table to create a new policy.
- Choose a suggestive name for the policy and enter it in the General > Details section of the policy.
- Go to General > Communication section.
- In the Endpoint Communication Assignment table choose the Communication Server for which you have configured port forwarding, from the Name drop-down menu.
- Replace the value displayed in the Custom Name/IP field with the public IP address of the Communication Server.
- Click the Add button at the right side of the table to assign the Communication Server.
- In the Update section, check that the check box Use upgrade.bitdefender.com as fallback location is selected.
- Configure other policy settings according to your needs. For details, refer to the GravityZone Administrator’s Guide.
- Save the policy.
Endpoints inside the company’s network receive updates from the GravityZone Update Server. In the Update policy section, the Use upgrade.bitdefender.com as fallback location check box is selected by default. If the update locations are unavailable, the fallback location will be used.
If the endpoint is located outside the network, the operation will fail and the endpoint will use the public IP address instead.
To assign the policy:
- Go to the Network page.
- Select Computers and Virtual Machines from the views selector.
- Select the endpoints which go outside the company premises.
- Click the Assign Policy button at the upper side of the table. Alternatively, you can right-click the selection and use the contextual menu to assign the policy.
- Choose your policy from the drop-down menu.
- Click Finish to save and apply changes.
Australia: (+61) 1300 888 829, (+61) 3 8373 7858
Canada: (+1) 647 977 5827, (+1) 647 367 1846 
Deutschland: (+49) 023049117193, (+49) 2319 892 8016, (+49) 2318 868 042 
España: (+34) 935 026 910, (+34) 932 202 373 
France: +33 (0)1 47 35 79 59 
België: +32 28 91 98 90 ; 070 35 83 04 
New Zealand: (+64) 0800 451 786 
Osterreich: (+49) 2319 892 8016, (+49) 2318 868 042 
România: (+40) 21 264 1777, (+40) 374 303 077 
Schweiz: (+49) 2319 892 8016, (+49) 2318 868 042 
United States: (+1) 954 414 9621, (+1) 954 281 4669 
United Kingdom: (+44) 2036 080 456, (+44) 2080 991 687 
WorldWide: (+40) 31 620 4235, (+40) 374 303 035