Prerequisites for ControlUp for Desktops
- 28 May 2025
- 2 Minutes to read
- Print
- DarkLight
- PDF
Prerequisites for ControlUp for Desktops
- Updated on 28 May 2025
- 2 Minutes to read
- Print
- DarkLight
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback!
Important
Read this article and make sure you meet the prerequisites before you deploy ControlUp for Desktops.
This article covers the prerequisites for implementing ControlUp for Desktops. For additional information, visit the following articles:
- ControlUp Synthetic Monitoring communication requirements
- ControlUp for VDI communication ports (US Region)
- ControlUp for VDI communication ports (EU Region)
Network requirements
Tenant name
Some of these URLs require you to enter your tenant name. To find your tenant name, go to Configuration > Downloads.
Managed physical endpoints must have access to these URLs:
URL | Type | Notes |
|---|---|---|
| <tenant-name>.sip.controlup.com | HTTPS and WSS over port 443 (SSL) | The ControlUp for Desktops Agent connects to WSS (secure websocket) on the tenant for Remote Control, Remote Shadow, and Remote Shell using the configured proxy. |
| downloads.sip.controlup.com | HTTPS over port 443 (SSL) | Used for downloading new ControlUp for Desktops Agent versions. |
| cdn.spm.controlup.com/waapi | HTTPS over port 443 (SSL) | Required only for ControlUp for Compliance |
| cdn.spm.controlup.com/agent | HTTPS over port 443 (SSL) | Required only for ControlUp for Compliance |
| securedx-cdn.controlup.com | HTTPS over port 443 (SSL) | Required only for ControlUp for Compliance |
| https://edgedx.blob.core.windows.net/artifacts/appdx/latest/appdx_chrome.xml (for Google Chrome) and https://edgedx.blob.core.windows.net/artifacts/appdx/latest/appdx_edge.xml (for Microsoft Edge) | HTTPS over port 443 (SSL) | Required for deploying the ControlUp for Apps browser extensions. |
To use the ControlUp applications in your browser, you must have access to the these URLs:
URL | Type | Notes |
|---|---|---|
| <tenant-name>.sip.controlup.com | HTTPS and WSS over port 443 (SSL) | WSS (secure websocket) connection to the tenant is required for Remote Control, Remote Shadow, and Remote Shell. |
| app.controlup.com | HTTPS over port 443 (SSL) | |
| google.com/recaptcha | HTTPS over port 443 (SSL) | Used for authentication (reCAPTCHA) |
| gstatic.com/recaptcha | HTTPS over port 443 (SSL) | Used for authentication (reCAPTCHA) |
| maps.google.com | HTTPS over port 443 (SSL) | |
| edgedx-functions.azurewebsites.net | HTTPS over port 443 (SSL) | Required only for the first time you sign in to your environment and create your tenant. |
| https://prod-dex-login-eastus.controlup.com (for US region) or https://prod-dex-login-westeurope.controlup.com (for EU region) | HTTPS over port 443 (SSL) | Required only for SAML SSO |
Synthetic Monitoring
ControlUp for Desktops can include proactive synthetic monitoring and alerting. Visit Networking Requirements for Synthetic Monitoring for details.
SSL inspection
If you have a proxy or firewall performing SSL inspection, you must have the trusted certificate installed on devices with the ControlUp for Desktops Agent installed. The certificate must be accessible to the Computer account (and not only the User account).
Alternatively, you can disable SSL inspection for your tenant URL (<tenant-name>.sip.controlup.com).
Proxy server
You can configure the ControlUp for Desktops Agent to use a proxy server during Agent installation.
If your proxy is only open when a user account is signed in, and you want to monitor the device when no user account is signed in, configure your proxy to bypass the following URLs:
- <tenant-name>.sip.controlup.com
- downloads.sip.controlup.com
ZScaler VPN
If you are using a ZScaler VPN, follow the instructions in this article to ensure that you can see the real IP addresses of your devices.
Antivirus exclusions
Whitelist the following directories in your antivirus software (including next-gen security products such as Crowdstrike, Carbon Black, etc.):
C:\Program Files\Avacee\sip_agent\
C:\ProgramData\Avacee\sip_agent\scripts
C:\Program Files\ControlUp\AgentManager
C:\ProgramData\ControlUp\EdgeDx\UserSurveys
Alternatively, if you are unable to whitelist directories, you can whitelist the following executables:
C:\Program Files\Avacee\sip_agent\SIPAgent.exe
C:\Program Files\Avacee\sip_agent\RCNotifications.exe
C:\Program Files\Avacee\sip_agent\UserPrompt.exe
C:\Program Files\Avacee\sip_agent\WinFocusMonitor.exe
C:\Program Files\Avacee\sip_agent\Wow64MIHelper.exe
C:\Program Files\Avacee\sip_agent\uwp\Survey.exe
C:\Program Files\Avacee\sip_agent\wpf\SentimentUI.exe
C:\Program Files\ControlUp\AgentManager\AgentManager.exe
Test your connection
To make sure you have all networking and proxy requirements in place, run our network tester tool.
Was this article helpful?