• How to Deploy the Agent on Your Master Image for PVS/MCS/Linked/Instant Clones

    ControlUp does not save any unique data on the managed machines. Therefore, there is no need for additional preparations beyond the proper installation of the agent and allowing inbound TCP 40705 on the master image using Citrix PVS, MCS, or VMware linked clone technologies. 

    There are two possible methods of deployment that an administrator can use to mix-and-match for different groups of monitored machines. Regardless of the method, the agent settings for deployment from the console (as well as for ongoing communication) are found in the Agents Settings tab:

    IMPORTANT: Regardless of the method used, to monitor the PVS/MCS/clone machines, each machine must be added separately. 

    Method 1

    Deploy the ControlUp Agent to the master/golden image from the console, by adding the golden/master image’s machine. Once the machine is ready it turns green, and the agents on each computer deployed from that template is ready.

    Advantages

    • When upgrading the console and environment, the agents can be updated on-the-fly from the console until the master image is updated.

    Disadvantages

    • The master/golden image domain needs to be joined and able to connect to the ControlUp production environment to be configured properly.
    • The console deployment does not automatically create a Windows Firewall to enable the inbound 40705 port.

    Method 2 

    Install the agent using our MSI package here. Select the proper version to match your console version and build, and then install the agent on the master/golden image.
    To do so, click here, or go to Settings > Agent and click Download MSI Package and the Agent Package Download page appears.

    Advantages

    • Agent MSI can be installed in non-domain master/golden images or on an environment that is not connected to ControlUp. 
    • The MSI installation also creates an inbound allow rule enabling the TCP 40705 port.

    Disadvantages

    • The MSI cannot be replaced from the console, so PVS/MCS/clones remain with an older agent and while they can be monitored, new agent functionalities might not be available until the master/golden image is updated.
    • Currently, previous MSI agent must be removed before installing a new version. This can be done manually or using a remove/add script of your own.

    q1.pngq2.png

    Secure communications between ControlUp Console/Monitor and ControlUp Agent

    To secure the communication between the installed agent and the ControlUp environment, we recommend you do the following.

    1. On any computer running the ControlUp agent, enable a Firewall inbound rule that allows access to port 40705 only to authorized computers.
    2. Add these computers which ideally should use static IP addresses:
      • Computers running the ControlUp Monitor service
      • Computers running the ControlUp Console

    If you don't own a firewall for your network, we recommend using the built-in Windows firewall alongside a Group Policy to apply the firewall rule to all machines running the ControlUp Agent.

    Note: This recommendation reduces the risk of a potential attacker manipulating a ControlUp Agent using malicious code in case that potential attacker has penetrated the organization network. 

     

  • Signed Agents

    By default - our agents aren't signed.

    However, if you need a signed agent, you can download it from here - Link
  • ControlUp Network Impact & Bandwidth Usage

     

    In ContolUp, the Console & Monitor retrieve data from servers, hypervisors, workstations, user sessions, etc. This action can impact your network bandwidth, though not dramatically as we successfully stick to a very low usage with our ControlUp Agent.

    This is the average network traffic communication information - 

    Single Agent for Console\Monitor communication channel - 1KBps.

    This roughly means that a single ControlUp console will consume the following bandwidth:

    • Console connected to 100 agents- 100KBps
    • Console connected to 1,000 agents- 1MBps
    • Console connected to 10,000 agents- 10Mbps 

    For example: 

    If you have 5 ControlUp consoles running on a single RDS server, and each console is connected to 1,000 agents the total bandwidth usage for ControlUp on this server would be 5MBps

    In edition, in order to optimized performance we suggest to set also a data collector for your Monitor. You can do this in the following article in section 3 in -> Click here

    The extensions (Hypervisors, XD sites...) also consume bandwidth but compared to 1,000 agents that should be negligible - around 100-200KBps when working in large environments.

    Disabling the Flat Process Views can reduce network traffic between the ControlUp agent to the Console\Monitor by up to 50%. Although processes are available to Monitor when you focus on a specific Computer as demonstrated in the screenshot below:

    2018-02-12_14-44-48.jpg 2018-02-12_14-28-53.jpg

  • What are the benefits of using the ControlUp agent?

    ControlUp agents, deployed remotely onto added computers, provide you with:

    In-depth monitoring

    • Detailed machine-level/session performance metrics
    • Assessment of computer stress level
    • Locate and rapidly isolate issues affecting end users

    Advanced management actions

    • Manage systems services, registry and file system of multiple machines simultaneously
    • Interact with user sessions, controlling their state and activity
    • Run, terminate, or limit resource consumption for any process on your network

    Configuration comparison of different computers with respect to

    • Registry values and keys
    • System services, including startup type, current state, and credentials
    • Software packages and updates installed
    • Irregular or non-uniform configurations of file systems

    ControlUp agents have minimal performance impact

    • CPU usage – consistently 0% to 1%
    • RAM consumption – 60 to 90 MB
    • I/O – zero disk activity
    • No software hooks, no drivers and no reboot needed

    Prerequisites for ControlUp agents

    • Windows OS (all versions supported, from Windows XP to Server 2012 R2)
    • .Net Framework 3.5 SP1 or 4.5
    • Single incoming TCP port (by default 40705) open for ongoing console/monitor communications
    • RPC and WMI access for initial deployment via the console, if access not available manual installation can be done using an MSI package
  • What are the ControlUp agent prerequisites?

    Here are the prerequisites for the ControlUp Agent:

    • Windows operating system - Windows 7 to Windows Server 2019. (Windows 2003 is not supported.)
    • Net Framework 3.5 SP1 or .Net Framework 4.5 and above.
    • A single open incoming TCP port (40705 by default) for ongoing console/monitor communications.
    • RPC and WMI access for initial ControlUp agent deployment via the console.
      If RPC/WMI access is not available the agent can be installed manually using the agent MSI package.
  • What is the performance impact of the ControlUp Agent?

    The ControlUp agent is a lightweight component that was designed from the ground up to enable rapid deployment and minimal performance footprint on the managed computer. The expected CPU usage is 0%-1% with 2% spikes, RAM usage should be approximately 50MB to 100MB and IOPS counters for the agent executable should normally show zero activity. The ControlUp agent does NOT require a reboot while being installed or uninstalled and no special configuration is needed when the agent is deployed on a VDI master image.

  • Do I need to reboot a computer when installing or uninstalling the ControlUp agent?

    No.

    ControlUp agent deployment and removal do not require a reboot of the managed computer. By default, ControlUp Agent is deployed in temporary mode, which means that the agent uninstalls automatically after a period of inactivity.