November 05, 2020 By BlueAlly
With a near-100% mobile workforce, large enterprises, MSPs and MSSPs are finding managing and protecting employee endpoints to be difficult, costly and complex. SonicWall designed Capture Client 3.5 to make multi-tenant management easier, allowing you to create and deploy new tenants through the adoption of global baseline policies, while also offering customers the flexibility to build and deploy custom policies for specific tenants.
Extensive interviews with a global base of IT administrators revealed the need to quickly create, configure and enforce global policies and compliance based on user group, device and location. Respondents also wanted us to produce effective patch and version management that would allow them to quickly see whether endpoint security products were up to date, what versions were installed, and the extent of unpatched vulnerabilities across each tenant. We were also tasked with updating the Capture Client platform to deliver timely alerts and remediation processes to ease operational costs and ensure customer service levels.
With Capture Client 3.5, we wanted to see our enterprise customers and managed services providers gain greater visibility into endpoint devices. Via a quick snapshot of the health of all tenants, administrators can instantly see infections and vulnerabilities. This reduces the need to dig down into each tenant to see each of these possible issues, making management easier. We’ve also made it easy for administrators to see what versions of Capture Client is installed across endpoints.
Digging down reveals what devices are online, what content is accessed, what is blocked, and what web pages or users cause the most alerts. This offers a great deal of useful insight, such as who has games installed, who is hitting violations of the company’s Internet usage policies, or if a certain new productivity-wasting website is impacting team performance or affecting your bandwidth.
Capture Client 3.5 also offers admins a greater degree of control through a new concept called Scope of operations. Scope allows administrators to granularly pick their context of visibility and control — not only across tenants, but also for groups within tenants, or across all their tenants for a more high-level view. This generates a number of different opportunities for multi-tenant operations:
- Flexible version management can immediately push agents out to all tenants or roll out in batches to better control field issues.
- When new threats are detected, administrators can quickly add new definitions to all tenants via the inheritance feature, which pulls from the global policy set by the enterprise or managed service provider.
- As mentioned before, if a website is dominating bandwidth or impacting performance, one can amend content filtering policies on the fly across all tenants.