• ControlUp Release Notes

    In the next link, you can find all the release notes for all the new versions and previous ones.

    https://www.controlup.com/controlup-release-notes/

    It includes:

    • New Features and Enhancements
    • Bug Fixes
    • Known issues

     

  • Sizing Guidelines for ControlUp v8.x

    This guideline article provides information to properly size the required ControlUp components used during installation and upgrades.

    The article is relevant for the ControlUp Hybrid Cloud solution for version 8.x only. Sizing guidelines for v7.x can be found via this link. For On-Premises Mode Sizing Guidelines, Click Here.

    ControlUp offers scalability for both small and large organizations. We recommend working in N+1 configuration for the Monitor cluster and for the data collectors for high availability.

    Note on ControlUp Monitor scalability - the scalability limit of a single Monitor node is 400,000 concurrent processes. The actual limit of VDI machines per Monitor node depends on the avg. number of concurrent processes per VDI machine.
    For a customer with an avg. of 100 concurrent processes per machine, a single Monitor node will support 4,000 VDI machines, for a customer with an avg. of 160 concurrent processes per machine, a single Monitor node will support 2,500 VDI machines.  

    - - - - -

    VDI based workloads

    The sizing numbers below are based on environments where end-users are running on VDI machines (e.g. Windows 7 or Windows 10 VMs with or without 3rd party software such as Citrix Virtual Apps and Desktops, VMware Horizon or Microsoft WVD).
    The main factor to consider is the number of VDI machines being managed by ControlUp. Please note that when managing more than 500 VDI machines, 
    disabling the process flat views in the real-time console is a mandatory requirement. 

    ControlUp Monitor and Real-time Console hardware sizing 

    ControlUp Component ControlUp Monitor Node(*) ControlUp Real-Time Console(***)
    VDI Workloads  0 - 1,000 1,000 - 2,000 2,000 - 4,000(****) 0 - 1,000 1,000 - 2,000 2,000 - 4,000
    vCPU(**) 4 8 8 2 2 2
    RAM 16 16 32 4 6 8

    (*) For environments with more than 4,000 VDI machines, additional Monitor nodes should be deployed, see below configuration examples for 5,000, 20,000 and 50,000 VDI machines.
    (**) 2.8Ghz clock speed or higher. 
    (***) Per console instance, based on a fully optimized console, see this article
    (****) The scalability limit of a single Monitor node is 400,000 concurrent processes, so the actual limit of VDI machines per Monitor node depends on the avg. number of concurrent processes per VDI machine.

    For a customer with an avg. of 100 concurrent processes per machine, a single Monitor node will support 4,000 VDI machines, for a customer with an avg. of 160 concurrent processes per machine, a single Monitor node will support 2,500 VDI machines.  

    Data Collectors

    Configuring dedicated data collectors for Hypervisors, EUC connections and NetScalers is always recommended, in large environments the data collector should run on a dedicated VM.

    You can get more information about the component here -> ControlUp Data Collector.

    ControlUp Component ControlUp Data Collector (*)
     (**) 0 - 2,000 2,000 - 5,000 5,000 +
    vCPU 2 2 2
    RAM 4 8 8

    (*) One data collector instance is required per Hypervisor, EUC connection or NetScaler. 
    (**) The number of Virtual Machines (per hypervisor connection) or the number of VDI machines (per EUC connection)

    VDI Sizing Examples

    Example Configuration For 5,000 VDI machines
    ControlUp Component # of VM's / Instances  vCPU (per instance) RAM (per instance) Notes
    Monitor Nodes(*)  3  32  N+1 configuration
    RT Console N\A 2  Per console instance 
    Data Collector  2 2  HA configuration(*)

    The example above is based on an avg. of 130 concurrent processes per VDI machine and on an N+1 configuration.
    (*) One data collector instance is required per Hypervisor, EUC connection or NetScaler. Here we assume that the customer has configured a single Hypervisor connection and a single EUC connection.

    Example Configuration For 20,000 VDI machines    
    ControlUp Component # of Instances  vCPU (per instance) RAM (per instance) Notes
    Monitor Nodes(*) 8  8  32  N+1 configuration
    RT Console  N\A  2 Per console instance 
    Data Collector  8  2  HA configuration(*)

    The example above is based on an avg. of 130 concurrent processes per VDI machine and on an N+1 configuration.
    (*) One data collector instance is required per Hypervisor, EUC connection or NetScaler. Here we assume the customer has configured 4 Hypervisor connections and 4 EUC connections

    Example Configuration For 50,000 VDI machines    
    ControlUp Component # of Instances  vCPU (per instance) RAM (per instance) Notes
    Monitor Nodes(*) 18  8  32  N+1 configuration
    RT Console  N\A 2 8  Per console instance 
    Data Collector  20 2 8  HA configuration(*)

    The example above is based on an avg. of 130 concurrent processes per VDI machine and on an N+1 configuration.
    (*) One data collector instance is required per Hypervisor, EUC connection or NetScaler. Here we assume the customer has configured 10 Hypervisor connections and 10 EUC connections.

    - - - - -

    RDSH based workloads
    The sizing numbers below are based on environments where the end-users are running on RDSH based servers. The main factor is the number of concurrent sessions being managed using ControlUp. Note that when managing more than 2,000 concurrent user sessions, disabling the process flat views in the real-time console is a mandatory requirement. 

    ControlUp Component ControlUp Monitor Node ControlUp Real-Time Console(**)
    RDS Sessions  0 - 5,000 5,000 - 10,000(***) 0 - 5,000 5,000 -  10,000
    vCPU(*) 4 8 2 2
    RAM 16 32 4 8

    (*) 2.8Ghz clock speed or higher.
    (**) Per console instance, based on a fully optimized console, see this article. 
    (***) Based on approx. 20 processes per RDS session.

    For further information regarding the Data Collectors - Click here.

    RDSH Sizing Examples

    The scalability limit of a single Monitor node is 400,000 concurrent processes, so the actual limit of RDS hosts per Monitor node depends on the avg. number of concurrent processes per host incl. the host. On average, a single Monitor node will support 10,000 concurrent sessions.
    **The numbers below will vary between organizations due to the number of sessions running on each host. 

    Example Configuration For 5,000 RDS Sessions running on 250 RDSH hosts
    ControlUp Component # of Instances  vCPU (per instance) RAM (per instance) Notes
    Monitor Nodes(*) 2 4 16  N+1 configuration
    RT Console N\A 2  Per console instance 
    Data Collector  2 2  HA configuration(*)

    The example above is based on an avg. of 200 concurrent processes per an RDSH host and on an N+1 configuration.
    (*) One data collector instance is required per Hypervisor, EUC connection or NetScaler. Here we assume the customer has configured a single Hypervisor connection and a single EUC connection.

    Example Configuration For 20,000 RDS Sessions running on 1,000 RDSH hosts
    ControlUp Component # of Instances  vCPU (per instance) RAM (per instance) Notes
    Monitor Nodes(*) 3  8  32  N+1 configuration
    RT Console  N\A  2 Per console instance 
    Data Collector  8  2  HA configuration(*)

    The example above is based on an avg. of 200 concurrent processes per an RDSH host and on an N+1 configuration.
    (*) One data collector instance is required per Hypervisor, EUC connection or NetScaler. Here we assume the customer has configured 4 Hypervisor connections and 4 EUC connections.

    Example Configuration For 50,000 RDS Sessions   
    ControlUp Component # of Instances  vCPU (per instance) RAM (per instance) Notes
    Monitor Nodes(*) 6 8 32  N+1 configuration
    RT Console  N\A 2 8  Per console instance 
    Data Collector 20 2 8  HA configuration(*)

    The example above is based on an avg. of 200 concurrent processes per an RDSH host and on an N+1 configuration.
    (*) One data collector instance is required per Hypervisor, EUC connection or NetScaler. Here we assume the customer has configured 10 Hypervisor connections and 10 EUC connections.

     

    Got a question regarding the sizing? let us know at support@controlup.com

  • ControlUp Monitor Permissions & Security - Cloud ONLY.

    Summary

    Among the ControlUp components, one of the most important ones is the Monitor. The Monitor is a component that you install from within the CU Real-Time Console and is the entity that is in charge of monitoring all the endpoints, hypervisors and more 24\7. 

    The monitor is also the one to monitor the endpoint for alerts based on the triggers that you have set up and also upload the data into Insights, our online reporting system.  

    The best practice is to have the monitor installed on its own dedicated server and provisioned with the necessary resource as explained in the ControlUp Sizing Guidelines article.

    This article will explain how the monitor works, what it does and what permissions we need to give it in order to properly work. 

    If you're using the on-premises solution, refer to the on-premises article in this link.

    The Monitor in Cloud Environments

    After you deploy the monitor, it will be recognized on that machine by its process named "cuMonitor.exe". 

    There are two entities that the Monitor is using on its end:

    1. The "cuMonitor.exe" is running as the "NETWORK SERVICE" account on the Monitor machine only.
    2. The Monitor is also using an AD account that you configure it to use when you set up the monitor, and it uses it for several purposes:
      1. Deploy the ControlUp Agents on remote machines (if the user had administrative rights on the remote machines).
      2. Connect to the machines using port 40705 in order to monitor them. (for Insights, alerting, etc).
    3. The Monitor also uploads the data to our cloud servers so it may populate data in Insights for you. 

    Note - if you have a proxy, you'll need to configure it under the monitor settings by going to Settings > Monitors > Settings (in the window that opened) and then Proxy Settings and configure your proxy.

     2019-05-04_11-38-46.jpg

    In order for the Monitor to successfully upload the data into Insights, for following URLs must be accessible via https from the Monitor VM-

    1. fe1.controlup.com
    2. fe2.controlup.com
    3. fe3.controlup.com
    4. fe4.controlup.com
    5. rt-app.controlup.com
    6. *.amazonaws.com

    Note - customers that use the limited availability 8.x version should add insights-hec.controlup.com:443 as well to the exception list. At the moment, the IP is dynamic for this URL. 

    Permissions in the Security Policy (within ControlUp)

    In the ControlUp Real-Time Console, you'll have to delegate the proper security permissions for the AD account that the monitor is using. This will need to be within the Console in the Security Policy pane.  

    1. In the 'Perform organization-wise actions' section-
      • View All Hypervisors.
      • Connect to Data Source.
      • Use Shared Credentials (in the sub-section 'Shared Credentials Store').
    2. In the 'Run Computer Actions' section-
      • Connect to Windows Computer.
      • Note - If you have Linux machines in your environment, please include the 'Connect to Linux Computer' permissions as well.

    It's best practice to configure the credentials that you use in the environment as Shared - you can read more about it in the following article -> Configuring Shared Credentials.

    Local Policy requirements

    The Monitor AD account defined in the monitor requires the "Allow Log on Locally" user permission on the Monitor machine (the service account defined in the monitor settings-> identity tab).

    Therefore, please verify two things in Computer Configuration\Policies\Windows Settings\Security Settings\Local Policies\User Rights Assignment.

    1. The AD account has the "Allow log on locally" user right.
    2. The AD account is not part of the "Deny log on locally" user right.

    Administrative privileges

    The monitor has the ability to install the ControlUp agent on machines. For example, machines that are booted up agent-less. 

    In the Monitor settings, we state the following-

    inline1140112793.png

    It's best practice to have the AD configured with admin privileges on the endpoint but not mandatory. If you have the ControlUp Agent baked in the golden image or installed on a machine that isn't going to boot without the agent, the AD account used in the monitor can be a non-admin user. 

     

    If you have further questions about the Monitor, feel free to ask us at support@controlup.com

  • ControlUp Monitor Permissions & Security - On-Premises ONLY.

    Summary

    Among the ControlUp components, one of the most important ones is the Monitor. The Monitor is a component that you install from within the CU Real-Time Console and is the entity that is in charge of monitoring all the endpoints, hypervisors and more 24\7. 

    The monitor is also the one to monitor the endpoint for alerts based on the triggers that you have set up and also upload the data into Insights, our online reporting system.  

    The best practice is to have the monitor installed on its own dedicated server and provisioned with the necessary resource as explained in the ControlUp Sizing Guidelines article.

    This article will explain how the monitor works, what it does and what permissions we need to give it in order to properly work. 

    If you're using the cloud solution, refer to the cloud article in this link

    The Monitor in On-Premises Environments

    In On-Premises deployments, there's a different process than the online mode since Insights is also on-prem (if you purchased it). The monitor writes 'Activity Files' into an SMB share and Insights will read the files from there.  

    After you deploy the monitor, it will be recognized on that machine by its process named "cuMonitor.exe". 

    There are two entities that the Monitor is using on its end:

    1. The "cuMonitor.exe" is running as the "NETWORK SERVICE" account on the Monitor VM only.
    2. The Monitor is also using an AD account that you configure it to use when you set up the monitor, and it uses it for several purposes:
      1. Deploy the ControlUp Agents on remote machines (if the user had administrative rights on the remote machines).
      2. Connect to the machines using port 40705 in order to monitor them. (for Insights, alerting, etc).
      3. For onPrem only - Impersonating as the AD account in order to write the activity files to the designated folder. (Activity Files Folder).

    On top of that, there are permissions that you need to configure to the Activity Files share which hold the files that the monitor is passing to Insights.

    Settings for the Activity files folder (Shared & NTFS) - 

    1. NTFS permissions
      • IOP computer account needs to have:
        2019-05-04_23-14-30.jpg
      • Monitor AD account needs to have:
        2019-05-04_23-14-35.jpg
    2. Shared permissions

      • IOP computer account needs to have: 
        ​​2019-05-04_23-14-38.jpg

      • Monitor AD account needs to have:
        2019-05-04_23-14-41.jpg​​

    Permissions in the Security Policy (within ControlUp)

    In the ControlUp Real-Time Console, you'll have to delegate the proper security permissions for the AD account that the monitor is using. This will need to be within the Console in the Security Policy pane.  

    1. In the 'Perform organization-wise actions' section-
      • View All Hypervisors.
      • Connect to Data Source.
      • Use Shared Credentials (in the sub-section 'Shared Credentials Store').
    2. In the 'Run Computer Actions' section-
      • Connect to Windows Computer.
      • Note - If you have Linux machines in your environment, please include the 'Connect to Linux Computer' permissions as well.

     It's best practice to configure the credentials that you use in the environment as Shared - you can read more about it in the following article -> Configuring Shared Credentials.

    Local Policy requirements

    The Monitor AD account defined in the monitor requires the "Allow Log on Locally" user right on the Monitor machine (the service account defined in the monitor settings-> identity tab).

    Therefore, please verify two things in Computer Configuration\Policies\Windows Settings\Security Settings\Local Policies\User Rights Assignment.

    1. The AD account has the "Allow log on locally" user right.
    2. The AD account is not part of the "Deny log on locally" user right.

    Administrative privileges

    The monitor has the ability to install the ControlUp agent on machines. For example, machines that are booted up agent-less. 

    In the Monitor settings, we state the following-

    inline1140112793.png

    It's best practice to have the AD configured with admin privileges on the endpoint but not mandatory. If you have the ControlUp Agent baked in the golden image or installed on a machine that isn't going to boot without the agent, the AD account used in the monitor can be a non-admin user. 

     

    If you have further questions about the Monitor, feel free to ask us at support@controlup.com

     

     

     

  • Enable Auditing for "Analyze Logon Duration" Script

    One of ControlUp's most popular Script Based Actions is the "Analyze Logon Duration" script. 

    In order to make this script work correctly, certain group policies must be put into place to make it fully functional. There are two methods to enable these policies, only one of them must be used. It would not be recommended to set both.

    Enable Legacy Auditing Policies

    1. In the Group Policy Manager, identify the group policy that you want to edit to apply the requisite auditing policies. For this example, I will create a custom GPO called "Legacy Auditing Policy" to contain these settings. Once the GPO is created, right click and select Edit.
    2. The policy you will be setting can be found in Policies\Windows Settings\Security Settings\Local Policy\Audit Policy
    3. You will set the following policies:
      • Audit logon events: Success
      • Audit process tracking: Success, Failure

    Enable Advanced Auditing Policies

    1. In the Group Policy Manager, identify the group policy that you want to edit to apply the requisite auditing policies. For this example, I will create a custom GPO called "Advanced Auditing Policy" to contain these settings. Once the GPO is created, right click and select Edit.
      image001.png

    2. For Advanced Auditing you will actually be enabling multiple policies:
    3. Enable the Advanced Auditing Policies. This can be done by setting the following:
      • Policies\Windows Settings\Security Settings\Local Policies\Security Options
        • Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings: Enabled
      • Policies\Windows Settings\Security Settings\Advanced Audit Policy Configuration\Detailed Tracking
        • Audit Process Creation: Success
        • Audit Process Termination: Success
      • Policies\Windows Settings\Security Settings\Advanced Audit Policy Configuration\Logon/Logoff
        • Audit Logon: Success
      • Policies\Administrative Templates\System\Audit Process Creation
        • Include command line in process creation events: Enabled
      • image003.png

    Increase the logs required for the analysis

    As mentioned at the beginning, some Event logs are small by default (4MBytes) and roll-over very quickly. It is therefore recommended to extend the following logs:

    Microsoft-Windows-GroupPolicy/Operational
    Microsoft-Windows-PrintService/Operational

    Via Group Policy (GPO):

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-GroupPolicy/Operational
    Value: Max Size
    Type: REG_DWORD
    Data:  52428800 (0x03200000)

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-PrintService/Operational
    Value:      Max Size
    Type:       REG_DWORD
    Data:       52428800 (0x03200000)

    Value:      Enable
    Type:       REG_DWORD
    Data:       1
     image005.png

    Or if you prefer to issue the commands in a running computer:

    REM Enable Print Service logging, no retention, size 50MB

    wevtutil sl Microsoft-Windows-PrintService/Operational /ms:52428800 /rt:false /ab:false /e
    REM Enable Group Policy logging, no retention, size 50MB

    wevtutil sl Microsoft-Windows-GroupPolicy/Operational /ms:52428800 /rt:false /ab:false /e
  • ControlUp Legacy Console+Agents
    Version Type Link
    7.0.1.20 Console Download
    7.0.1.20 Agent Download
    7.0.2.11 Console Download
    7.0.2.11 Agent Download
    7.0.2.11 On-Premise Console Download
    7.1.1.150 Console Download
    7.1.1.150 Agent Download
    7.1.1.158 Console Download
    7.1.1.158 Agent Download
    7.1.1.162 Console Download
    7.1.1.162 Agent Download
    7.1.1.162 On-Premise Console Download

    Notes:

    • All "On Premise Console" links are only for the Consoles, NOT the On-Premises server.
    • Agents are the same for On-Premise and Cloud Hybrid versions.
    • If you are running a different version or need any other files, please contact support@controlup.com 
  • ControlUp Versions Lifecycle

     

    Product Name

    Version

    GA Date

    EOM

    EOS

    ControlUp Real-time 

    5.x

    Jan, 2016

     Jan, 2017

     Jan, 2019

    ControlUp Real-time

    6.x

    Jan, 2017

     Sep, 2017

     Sep, 2019

    ControlUp Real-time

    7.0

    Sep, 2017

    Mar, 2018

    Mar, 2020

    ControlUp Real-time

    7.1

    Mar, 2018

    Aug, 2018

    Aug, 2020

    ControlUp Real-time

    7.2

    Aug, 2018

    Feb, 2019

    Feb, 2021

    ControlUp Real-time

    7.3

    Feb, 2019

    Jun, 2019

    Jun, 2021

    ControlUp Real-time

    7.4

    Jun, 2019

    N\A

    N\A

    ControlUp versions progress - three lifecycle phases

    The three phases in the lifecycle of a ControlUp version are General Availability (GA), End of Maintenance (EOM) and End of Support (EOS).

    Maintenance and support through each phase

    General Availability (GA) to End of Maintenance (EOM) 

    Upon General Availability, the released ControlUp version is fully supported and maintained until the End of Maintenance date, which is the General Availability (GA) date of the next version. For example, When ControlUp 7.3 is GA, it will become EOM upon the GA of ControlUp 7.4. During GA, ControlUp will deliver code-level maintenance such as product updates or upgrades. For continued maintenance, ControlUp customers may be required to update or upgrade to a newer version.

    ______________________________________________________________

    End of Maintenance (EOM) to End of Support (EOS)

    After a version release reaches its End of Maintenance date, upon GA of the next ControlUp version, code-level maintenance will not be provided to the previous version; however, the previous version will continue to be supported until it reaches End of Support. The EOM phase lasts from the GA date of the subsequent version until two calendar years after the GA date of the subsequent version. For example, If ControlUp 7.3 has gone from GA to EOM upon the GA of version 7.4, it will become EOS (End of support) two years after that. To further illustrate, if the hypothetical GA date of ControlUp 7.4 is May 1 2019, then ControlUp 7.3 will be EOM from May 1 2019 to May 1 2021, at which point it will become EOS.

    __________________________________________________________________

    End of Support

    Once a version release reaches its End of Support date, the customer may continue to use the version within the terms of product licensing agreement but the available support options will be limited. While there may be historical information in the Knowledge Center or other online resources, those resources will no longer be updated and so these are provided on an as-is basis. The customer will be using the version within the terms of the product license as-is.

    The Version Lifecycle Support Policy is intended exclusively for the benefit of ControlUp customers with respect to the product they purchase. It is not intended to benefit any third parties or apply to any third party products. ControlUp reserves the right to make changes to its Version Lifecycle Support Policy, for all versions or a particular version, at its sole discretion, from time to time, as business needs require, without notice. The Version Lifecycle Support Policy article will be updated with respect to any changes as of their effective date. For the purpose of this policy, the following support definitions apply:

    Support

    • General troubleshooting of a specific issue to isolate potential causes

    • Issue resolution via configuration changes, existing version updates or upgrades

    Maintenance

    • Resolving an issue through version code modification, in case needed

    • Typically delivered via version update or upgrade

    • If a subsequent release contains the fix, the customer may be required to upgrade to the new release

     

    Any questions regarding this policy? Click here to contact support.

    You can find ControlUp’s latest version here (scroll to the bottom).

     

  • Supported OS for the 'Shadow Session' feature.

    The 'Shadow Session' is currently supported only the following server & client pairs:

    Windows Vista + Windows Server 2008

    Windows 7 + Windows Server 2008 R2

    ----

    You can use the 'Shadow Session' between all the OS mentioned above. 

  • How to create Insights web link to use Chrome and not make Chrome your default browser

    Create a short-cut to Insight web link with the following settings  

    Target: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" https://insights.controlup.com/auth

    Start in: "C:\Program Files (x86)\Google\Chrome\Application"2018-09-21_14-20-50.png

  • How A User Gets Added To My Organization

    Hybrid Cloud 

    In Hybrid Cloud any Authenticated User within to your domain has the ability to launch and login to your ControlUp Console, the permissions that apply to those users is equivalent to "Organizational Members." The authentication for these logins is done by ControlUp.

    When you installed ControlUp - it generates an environment GUID number which is based on your Domain\Forest hash. With that, we authenticate that the user that you're using to login with, does indeed matches the environment GUID we have on record.

    You can create multiple organizations inside your environment but the environment GUID will stay the same.  e.g. your license is attached to your environment GUID (domain\forest). Not a certain organization. 

    To learn more about permission delegation - please refer to the following articles:

    It's a best practice to set 'Organization members' with 'Not Set' permission to make sure that users that are not allowed to use ControlUp and do launch it - won't be able to use any actions. 

    Every user that runs the ControlUp Real-Time Console or wishes to log into ControlUp Insights, must launch the Console (at least once) and sign up for a ControlUp Account.  

     

    On-Premises - 

    During the installation of the ControlUp On-Premises Server, you were asked to specify an active directory group for users who will be logging in to ControlUp.

    To identify the configured group  - on the OnPrem server go to: "C:\Program Files\Smart-X\ControlUp Server\Server Settings\ControlUpServerSettings.xml"

    In line 11 you'll see the configured group. 

    2018-09-13_16-53-14.jpg

    When users log in, unless they are a member of the configured security role they're counted in the "Organization Members" column in the Security Policy pane. To learn more about permission delegation - please refer to the following articles:

    2018-09-13_15-51-58.jpg

     

  • Security Policy - View Only Role

    If you would like to grant user permissions to access the Console and view systems and real time performance data, you will first need to create a Security Role for that user or an AD Group. 

    (See the article on Security Policy for details about how to do that.)

    Once you have configured a "View Only" Security Role, you can set the following permissions to grant users the ability to view real time data, but not perform impactful actions. 

    • Organizational Actions
    • Launch Controllers
    • View Incidents
    • View Events
    • View All Hypervisors
    • Use Shared Credentials
    • Connect to Data Source

    Run Computer Actions**
    -Connect to Computer
    -Event Viewer on Remote Computer**
    -File System\Monitor File System**
    -Installed Software\Display Installed Software**
    -Installed Software\Display Installed Updates**
    -Registry\Monitor Machine Registry**
    -Services\Monitor Services**

    **Optional "View Only" Settings that may require Remote Admin Privileges

    view_only_1.png

    view_only_2.png

     

  • How's the number of licensed objects are calculated?

    How's the number of licensed objects are calculated?

    ControlUp can monitor and manage a wide variety of resources/objects in the virtual and/or physical datacenters.

    ControlUp continuously counts the total number of objects that are currently being monitored, and requires a number of licenses that adequately cover the size of the environment.

    Note: From ControlUp v7.1 licensing method was changed. This article refers to v7.1 and above ONLY

    Note: Sessions and servers you see in Help>About>Licensing is not the computers and sessions you see in the Console under the different views. 

    This is how the License page is displayed:

    2018-08-01_15-07-26.jpg

    The exact licensing count will be displayed in the bottom right corner:

    2018-08-01_15-07-40.jpg

    (1) Sessions:

    • User sessions - sessions running on managed TS/RDS servers (e.g. TS/RDS with the ControlUp agent installed)
    • XenDesktop sessions - sessions discovered via the XenDesktop site integration 
      • User Sessions running on Managed Non-TS/RDS Servers or Workstations will NOT be counted here.
      • If the same user session is discovered from a managed TS/RDS server and a XenDesktop site, the session is merged into a single record and consumes a single license

    (2) Servers: 

    • Managed Windows Servers such as SQL, IIS or AD servers (e.g. Windows server OS with the ControlUp agent installed)
      • TS/RDS servers are NOT counted here (TS/RDS servers do not consume a license, only running user sessions are counted)
      • Workstations are NOT counted here

    (3) Workstations:

    • Managed Windows Client such as Windows 7, Windows 8 or Windows 10 (e.g. Windows client OS with the ControlUp agent installed) 

    (4) Cloud Instances:

    • All running EC2 Instances ('AWS State' column) and as long there is no ControlUp Agent installed.

    (5) Agent​​less Managed VMs:

    • Agentless Managed VMs - These are Virtual Machines that are monitored via the hypervisor API with no ControlUp agent running on that VM
    • XenDesktop Brokers - XD brokers discovered via the XenDesktop site integration feature 

    (6) NetScaler Appliances:

    • NetScaler Monitoring has a different pricing module. Please refer to sales@controlup.com for more information about pricing. 
      • There are several flavors for the NetScaler product:
        • NetScaler MPX - 1 license Unit is needed per device or per HA pair of MPX.
        • NetScaler VPX - 1 license Unit is needed per device or per HA pair of VPX
        • NetScaler CPX - 1 license Unit is needed per device or per HA pair of CPX
        • NetScaler SDX – 0 license Unit is needed for the SDX. Every VPX instance hosted on the SDX requires 1 license Unit per HA pair.

    For example, if you are monitoring a XenApp farm on which 800 user sessions are currently running and in addition you monitor 300 VDI workstations and 400 VMs as well as 5 Netscaler appliances you will need a total license of 1500 licensed objects (800 + 300 + 400) plus 5 Netscaler appliances licenses. 2018-04-26_18-47-44.jpg

  • How do I upgrade ControlUp (Hybrid Cloud)?

    Upgrading ControlUp for Online implementations is easy! Simply follow these steps:

    1. Download the ControlUp console from our website - www.controlup.com
      111.png
    2. Agents
      • Before launching the new Console, open your existing Console and disable auto-connect options, then in Agent settings turn off "Deploy Agents automatically" and "Agents will be uninstalled automatically."
        Agent_Settings.png
      • Launch the Console and upgrade your Agents. You can choose to upgrade all Agent by right-clicking the top folder selecting Agent control and Upgrade, or you can do each folder individually as you choose. 
        upgrade_agents.png
        If you have deployed Agents via MSI, then you must perform an upgrade via MSI as well. You can find the most recent versions of the MSI installers here.
    • ControlUp Console is now able to connect to computers running older versions of ControlUp Agent, supporting continuous monitoring and gradual rollout of new agent versions.
    • Minimum supported agent version: 7.1
    • Agents configured as dedicated data collectors (for hypervisors, XenDesktop, AWS, NetScaler) do not support down-level versions and require version 7.3
      Backwards_Compat_Notification.png

    Note: Agent Backward Compatibility supported from 7.3v of ControlUp Console.

    1. Upgrade the monitor from Console Settings > Monitor settings > Upgrade
      monitor_upgrade.png

     

    Video of How to Upgrade ControlUp Console, Agents and Monitors

  • Can I monitor multiple RDS and VDI farms from the same ControlUp Console?

    Yes. ControlUp supports all major RDS and VDI platforms from Citrix, VMware and Microsoft. Multiple server farms and desktop deployments can be monitored and managed in the same console instance, regardless of VDI/RDS version, domain membership, or hardware hosting (physical or virtual).

  • Which Citrix XenApp and XenDesktop versions are supported in ControlUp?

    ControlUp is a Citrix Ready product verified with the following versions: Citrix XenApp 6.x and 7.x and XenDesktop 5.x and 7.x. (up to 7.15 is officially supported as well)

    2017-12-28_1032.png

    Screenshot from – http://www.citrix.com/ready/en/smart-x/controlup

  • Which VMware Horizon View versions are supported in ControlUp?

    ControlUp versions prior to 7.2 support: VMware Horizon View 5.x, 6.x, & 7.x up to Horizon View v7.2.

    ControlUp version 7.2 and above supports: VMware Horizon View version 5.x, 6.x, & 7.x up to 7.6.

  • Does ControlUp support historical reporting?

    Absolutely!  Welcome to ControlUp Insights.  All you need to do is add a monitor to your environment within the ControlUp Real-time console.  Once you've done that, your data is automatically populated with the ControlUp Insights portal.  There you have a plethora of reports providing you with all of your historical data.

     

  • Does ControlUp support e-mail alerts?

    Yes, ControlUp Incident Triggers allow you to monitor specific incidents in your environment, including whenever a computer or process cross a certain stress level, Windows Events, Services and others. The follow-up actions include an e-mail alert option, so ControlUp admins can be notified via e-mail in real-time when important incidents occur in their environment.

    Read more / See Video  

  • Does ControlUp support permissions delegation?

    Yes, the ControlUp Security Policy is a mechanism that allows for configuring user roles and delegating administrative tasks to different ControlUp users on your network. This is especially useful in large enterprise environments in which dedicated administrators or teams are responsible for specific machines or server farms. In addition, you can use our ADMX template to restrict the ControlUp user interface via Group Policies.

    Read more

  • How does ControlUp calculate the Stress Level column?

    The Stress Level column is a flexible health measure calculated as a sum of weights assigned to different columns. For example, the “CPU” column might add 2 points to the Stress Level when it crosses the 70% threshold, while the “Disk Queue” column might add 3 points after crossing the threshold of 2. In order to investigate the reason for a current Stress Level value of a record, click on the Stress Level cell and then click on the triangle in the upper right corner of the cell. You will see a list of counters and their contributions to the total Stress Level of the record. You can configure this behavior by clicking on the “Stress Level” button, located on the ribbon bar. The same is possible for any performance counter cell not at the “green” level.

    Read more

    Watch Video  

  • How do I use ControlUp in Standalone (Offline) mode?

    By default, ControlUp works in an online mode if Internet connectivity is available. If your network is not connected to the Internet, please use the Login Wizard to submit a Standalone (Offline) Registration Form:

     

    If your computer has an Internet connection, you will not see the option to submit a Standalone Registration Form. In order to make this option visible, please add the following registry value before launching ControlUp:
    HKEY_CURRENT_USER\Software\Smart-X\ControlUp\Console\UsedOfflineOnce (DWORD) = 1

    After we finish processing your Standalone registration file, you will receive an e-mail from support@controlup.com (please white-list this address) including your Standalone (Offline) login file that will enable you to work with ControlUp without connecting to ControlUp Hybrid Cloud servers.

  • When working in Standalone (Offline) mode, how can I share my existing ControlUp configuration with other admins in the same organization?

    ControlUp users working in Standalone Mode can transfer their settings to their colleagues by copying the configuration files in the following location – %AppData%\ControlUp\Configuration.

    The configuration (e.g. managed computers list, folders, thresholds…) is stored in an XML file named after the GUID of your ControlUp organization. In order to share your configuration with other admins, simply copy your organization’s XML file(s) and make sure they place them under “ %AppData%\ControlUp\Configuration” folder on the computer they use to run the ControlUp console.

    Note: Your saved credentials are encrypted and safe. Sharing your ControlUp configuration does not allow use of your saved credentials by other users.

  • Does ControlUp support multiple AD forests?

    Yes, you can use ControlUp to manage multiple AD domains and forests, even if no trusts exist between them. In order to configure multiple AD forest support, simply click on the “AD Connections” button on the Settings ribbon. In this window you can add any domain, provided its name is resolvable using DNS and you have valid credentials. Most issues with connecting to foreign Active Directory domains and forests are DNS-related and can be solved by configuring DNS conditional forwarders from your primary DNS servers.

  • Can I install or remove software using the “Programs and Updates” controller?

    Installing or removing software using the “Programs and Updates” controller is not supported. However, you can use the “Processes > Run As” action in the Computers view to run the install/uninstall command for any software on multiple machines.

    Please note that this method is unsuitable for installation/removal routines that require user intervention.

  • Can I choose which fields are used by the controllers to compare Registry/File System/Services/Programs and Updates on multiple machines/user sessions?

    Yes. When comparing objects using the controllers, the columns that you can currently see are used for comparison. By clicking the “Columns” button on the ribbon bar you can configure which columns are displayed:

    For example, say you would like to compare the versions of a program installed on multiple machines, while ignoring the differences in the installation path or install date. To do so, click the “Columns” button and deselect all columns except “Version”. Hit “Refresh” and the updated view will only show differences in version, but not in other columns.

  • I’m monitoring a few machines and would like to view the results on a large screen. Can I modify the row height to make the results fill the screen?

    Yes.

    To do so, just click and drag the border between the row headers. All the rows will be adjusted to match the height you selected, so that you can stretch your rows to fill the screen or squeeze them to fit more data. Also, don’t forget the Full Screen mode, designed especially for control room displays – just hit F11 and switch to full screen mode.

  • How does ControlUp licensing work?

    How is the number of licensed objects calculated?

    To learn more about our licensing, click here