iSheriff Cloud Endpoint Technical Document:

 

 

Contents:

  1. Introduction
  2. Prerequisites
  3. Download and install
  4. Accessing the Endpoint Console
  5. Maintenance Password
  6. Manually updating the Endpoint
  7. Running Manual scan
  8. Collecting Endpoint Logs

 

Introduction:

 

Service name: Cloud Client Service

 

Port Number: 8000

 

Processes: isfacs.exe, isfagent.exe, ccbdscan.exe (antivirus process), ccavona.exe (antivirus process)

Default Folder Location: C:\Program Files\CloudClient (32 bit)

         C:\Program Files (x86)\CloudClient (64 bit)   


Prerequisite:


Some host and port combinations must be allowed through your firewall in order for Cloud Web Security to operate correctly. Below is a description of each port.

 

Port 

Purpose 

8082

Cloud Filter. This is where the Cloud Web Security service is provided.

8000

Endpoint. This is required if you are using iSheriff Endpoint Agent.

 

Note that is an internal port.

80 and 443

PAC file. This is required if your browsers (or router) are to fetch their PAC file from Cloud Web Security.

cloud.isheriff.com

 

Policy Configuration. This is required if you are using endpoint.

ccpolicy.isheriff.com

 

Endpoint Update. This is required if you are using endpoint.

cdn.isheriff.com

 

Antivirus Update. This is required if you are using endpoint.

avcdn.isheriff.com

 

Log Transfer. This is required if you are using reporting.

syslog01.isheriff.com

443

Service administration. The iSheriff administration portal is similarly unfiltered. Otherwise, it would be possible for you to accidentally block access and then be unable to rectify the situation.

cloud.isheriff.com

online.isheriff.com

 

Following services must be Enabled and set to Automatic:

· Windows Firewall Service

· Windows Security Center Service.

 

Click here to view the Endpoint Download and Installation Instructions.


Accessing the Client Console:

The client console can be accessed by click the status button through the Endpoint icon in the tray monitor.



 

The URL to access the endpoint console is through the browser.

http://127.0.0.1:8000/status



Maintenance Password:


 

This string is used to gain access to administrative tasks and features on the Endpoint.

Recommended is to set this password and then download the Endpoint though there is an option to change the password after installation as well.

* Windows Endpoint could use a Password Protection for uninstall. If Password Protect Uninstaller option is enabled, the Maintenance Password will be required for uninstall Endpoint.

Note: Password values are applied to all policies. Valid Characters A-Z 0-9 only. No special characters are allowed.

 

Instructions to use the maintenance password on the Endpoint:

After installing the Endpoint there are features on the Endpoint console that are not accessible by a normal user and are greyed out.


 

 

In order to gain administrative privileges to the endpoint client we need to perform the following on the client Console:

Click on Setup à Administration à Login



 

Enter the Maintenance Password:



 

You should be able to view all the options that were grayed out after entering the correct maintenance password:

 

Endpoint update:

The Endpoint automatically connects to the Cloud servers for an update/change in the policy/signatures after every 15 minutes.

For manually updating the Endpoint, Please follow the instructions below:

1: Open the Client Console. (https://127.0.0.1:8000/status)

2: Click on System update à Check for updates.

Running a Manual scan:

1: Open the Client Console. (https://127.0.0.1:8000/status)

2: Click on Antivirus à Antivirus Scanner

 

3: Start the scan as per the requirements. (Quick Scan, Full Scan)

 

Click here for the instructions to collect Endpoint Logs.