Kaseya Managed Services Software - Release Notes
New features in Kaseya Backup and Disaster Recovery (v184.108.40.206)
Local Disk Consolidation of Synthetic Full Backups
A large number of issues with synthetic full backup are caused by network locations dropping packets. BUDR 3.1 checks for sufficient space on the local disk, copies the files locally and performs the consolidation, then copies the backup back to the NAS. Consolidation using the local disk dramatically improves the reliability of synthetic full backups. Sufficient local disk space is required to implement this solution. If not enough disk space is available, then remote consolidation is performed.
Previously, installing the BUDR client on multiple machines simultaneously slowed down the network, and in some cases, resulted in failed installs. This enhancement limits the number of simultaneous downloads to prevent this problem. If you schedule too many backup client installs at once, then some of the installs are queued up until the downloads for the prior installs finish.
Updated Build of Acronis
BUDR 3.1 now includes Acronis 9.7-8218.
Error Status of Offsite/Local Server on Status Page
The Backup Status page now includes the error status of Offsite Servers and Local Servers. This means you can immediately tell if an Offsite Server or Local Server is offline by looking at the standard BUDR landing page.
Last Backup on Backup Status Table
The Backup Status table on the Backup Status page now shows when the backup last run, instead of just informing you that it ran "sometime" in the last 24 hours.
Local Server > Status Last Checked
The Local Server page now includes the date and time the status of local server was last updated.
Other Backup Products Installed Warning
Other backup products often conflict with Acronis, causing corrupted backups or hung systems. The Backup Status page now includes a warning when machines have both Acronis and other backup products installed.
Allow Synthetic Backups when Replication Directory is Subfolder of Image Location
If your backup image location was \\nas\share\backups and you wanted to use Offsite Replication to replicate just one machine, you might consider replicating \\nas\share\backups\<agentGuid>, where <agentGuid> is the Agent Guid of the machine you wish to replicate. However, BUDR 3.0 would not recognize backups located in subfolders when performing synthetic full backups and full backups would be replicated completely. BUDR 3.1 now enables full synthetic backups to be replicated correctly when specifying a subfolder of the image location.
Verify Does Not Mark Backup as Invalid
Automatic verification can fail for numerous reasons, such as a machine rebooting during the backup or the network image location going offline. In BUDR 3.0 if this happened, the verify would fail, and then the backup would be marked as invalid, no longer allowing you to mount, restore, re-verify, or convert the image to a VM. With BUDR 3.1, the failed verify is still logged, but the backup still shows up on those pages as a possible backup choice.
New features in Kaseya Backup and Disaster Recovery (v220.127.116.11) – 3 December 2008
Synthetic full backup
Option to allow synthetic full backups which combines a base full image and incrementals to create new base full image. This option is enabled on the Schedule Volumes page and greatly reduces network bandwidth for performing local ‘full’ and for offsite replication.
64 Bit Support
Adds support for installing backup clients on Server 2008 and all Windows 64bit operating systems.
Offsite status now reports files moved offsite, files remaining to be moved offsite and byte
In conjunction with synthetic volume backup, offsite will have significantly lower bandwidth requirements by moving only incrementals.
Offsite server ports are now restricted to between 1024 and 49151.
Restart icons have been added to the Local Server and Offsite Server pages to quickly restart their respective services on a local server or offsite server.
Retry for Image Verify
Retry for data reads with image verify greatly reduces verify failures due to network latency.
Restore- Virtual Disk Conversion
Option to convert .tib files to VMWare VMDK and/or Microsoft VHD format allows for Physical to Virtual conversion or recovery to virtual machine.
Additional security on disk images is provided via image encryption. This option on the Image Password page provides aes128, aes192 or aes256 encryption.
Improved integration with Microsoft Volume Shadow Copy Service for reliable backup of active servers.
Provides a range of ISO build versions for reliable restores on a broader range of hardware configurations.
Backup and recover dynamic volumes including recovery of dynamic volumes to basic volumes.
Backup client update
Customers are not required to install the new BU-DR client to keep using backup. BU-DR will work with a mix of BU-DR client versions 9.1 and 9.5 (the new client version). However, in order for the endpoint to take advantage of the new features including encryption, synthetic backup and image conversion, the endpoint must be updated to the new version of the BU-DR client software.
Customers need to update the Kaseya agent to 18.104.22.168 to cancel a backup with the new 9.5 client. Kaseya recommends deploying the new agent to all systems that have the new backup client software. Use the “Force update even if agent is at…” option to force the agent to update to 22.214.171.124.
New features in Kaseya 2008 SP1 (v126.96.36.199) - 7 September 2008
Audit - System Info
Entering data into a manually added field in System Info as http:// or https:// displays the data as a URL link. To manually add a field click the Show More button, then click the New...* button.
Audit - Documents
The Documents function, located on the Audit tab, can now be accessed as a new tab in the Machine Summary interface. The Machine Summary interface displays when you click any agent status icon.
Scripts - Mac OSX Agent
The Mac OSX agent has been improved to handle installation and log off conditions on all platforms up through OSX 10.5.4. Mac OSX agents are now able run the Execute Shell Command and Execute File script commands as either "system" or as "user" using user credentials. In the initial release of the Mac agent, these commands always ran as "system".
New Sample Reboot Scripts
New sample scripts have been added to support several reboot scenarios:
· Reboot-Ask-No: If user is logged in, ask if it is OK to reboot; assume no after 5 min. If user is not logged in, go ahead and reboot. This script calls Reboot-Ask-No-2 to ask the user.
· Reboot-Ask-Yes: If user is logged in, ask if it is OK to reboot; assume yes after 5 min. If user is not logged in, go ahead and reboot. This script calls Reboot-Ask-Yes-2 to ask the user.
· Reboot-Nag: If user is logged in, ask to reboot every 5 minutes until the user allows the reboot. If user is not logged in, go ahead and reboot. This script calls Reboot-Nag-2 to ask the user.
· Reboot-No-User: Reboot the machine only if a user is not logged in.
· Reboot-Warn: If the user is logged in, warn the user that a reboot will happen in 5 min. If the user is not logged in, go ahead and reboot. (Schedules reboot script 5 minutes from now.)
Dashboards - Alarm Count
All alarm dashboards with an alarm count now pull data from a rollup count table allowing for a more efficient query and update of the dashboard.
Event Log Collection
Prior to this release, when the VSA detected a flood of event log items, the VSA disabled collection of the entire class of events (Error, Warning, Informational, Success Audit, Failure Audit) for a log type on that machine. With this release the VSA introduces two new techniques to better manage certain events from overwhelming the system:
Monitor Log, SNMP Log
Added start date and time to monitor log display allowing for more flexibility when searching log data.
Ticketing - View Summary
Ticketing - Create/View
The View Ticket function name has been renamed to Create/View to better indicate this is the place to go to create new tickets.
Ticketing - Notify Policy
You can now format/customize additional ticket notifications. On the Notification Policy page click the Format button next to the following options to customize the notification email format:
On a per administrator role basis you can now control access to:
Assignee Policy is similar to Due Date Policy. It lets you automatically assign a ticket to an administrator based on the values from an combination of the list fields.
Ticketing - Email Reader
The sender's name is now pulled from the From address in the email header and set as the username in a newly created ticket. Tickets containing no message body and no attachments are now suppressed in place of adding a note that states "No response text provided"
Patch Mgmt -
Seven new filter options related to Patch Management have been added:
· Machines having no patch scan results (unscanned)
· Machines with Reboot Pending for patch installations
· Machines with Patch Test Result
· Machines with Patch Automatic Update configuration
· Machines with Patch Reboot Action configuration
· Machines with Patch File Source configuration
· Machines missing a specific patch (identified by the patch's 6 digit KB Article ID)
Patch Mgmt - Scan Machine
Removed the option for master administrators to schedule a refresh of the patch database that only applies to legacy systems no longer supported by Microsoft and to download the latest Office Detection Tool (ODT). An automatic background process now executes daily to ensure the latest ODT is downloaded to the KServer.
Patch Mgmt - Patch Scan Results Processing
· Moved the processing of patch scan results from the general background process to its own separate background process and added process throttling. This improves overall system response and alert processing time when there are hundreds of machines with updated patch scan results.
· When processing patch scan results, a new script is generated and executed to bring the KBxxxxxx.log and the WindowsUpdate.log up to the server for any patches that are reported as "failed". These logs are occasionally useful in troubleshooting patch installation failures. The logs are found in the Get File function under the Scripts tab for the specific machine. The script log for each machine contains entries indicating that these log files have been pulled up to the server as appropriate.
Scripts - Patch Deploy
The patch installation script generated by the Patch Deploy Installer Wizard now schedules a patch rescan for execution right after the next reboot. This ensures the proper reporting of a patch's status without having to manually run a patch scan on the machine.
Patch Mgmt - Patch Installation Scripts
When patches are executed in a patch installation script, an entry is made in the machine's Script Log. Modified the log entry to include the patch title in addition to the KB article number/security bulletin number.
Patch Mgmt - Patch Scan Script
Added a new script ("Patch Scan") that is available in the Script Editor when either Execute Script or Schedule Script is selected. This "Patch Scan" script can be used to schedule a patch scan as part of a custom script. It will execute the appropriate patch scan script for the selected machine.
NOTE: Running the Patch Scan script executes only one of three secondary patch scan scripts. Each of the three secondary patch scan scripts is appropriate for the selected machine. When the Patch Scan script is run, you will see an entry in the script log and in the Pending Scripts tab of the Machine Summary interface for one of the following: "WUA Patch Scan 1 (x86)", "WUA Patch Scan 1 (X64)", or "Legacy Patch Scan".
Patch Mgmt - Windows Auto Update Scripts
The "Disable Windows Automatic Update" and "Reset Windows Automatic Update" system scripts are now available in any Script Search popup and the Script Editor when either Execute Script or Schedule Script is selected. Since it is not possible to configure a template account with a specific Windows Automatic Update configuration, exposing these two scripts as system scripts now allows an administrator to schedule these scripts for any machine, including template accounts, from the Pending Scripts tab of the Machine Summary interface or to add the execution of these scripts in any other script such as a custom machine setup script.
Patch Mgmt - Initial Update
· Removed the "Skip if machine offline" checkbox. Due to the nature of Initial Update processing, this option is not applicable.
· Added warning for machines that are not a member of a Patch Policy so the administrator knows ALL missing patches will be installed.
· Changed processing order to: (1) Windows Installer, (2) OS related service packs, (3) OS update rollups, (4) OS critical updates, (5) OS non-critical updates, (6) OS security updates, (7) Office service packs, (8) Office update rollups, and (9) All remaining Office updates.
Patch Mgmt -Pre/Post Script
Modified the Pre/Post Script function to include template accounts so the script assignments can be assigned via Agent Copy Settings and Agent Import/Export Settings.
Patch Mgmt - Automatic Update
· Added warning for machines that are not a member of a Patch Policy so the administrator knows ALL missing patches will be installed.
· Added new "Run Once" scheduling option, selected from the Daily/Weekly/Monthly drop-down list, to schedule a non-recurring one-time scheduling for automatic updates.
Patch Mgmt -Approval by Policy
Modified screen layout to support the following enhancements:
· Added the capability to copy approval statuses from the current policy to another selected policy. This was added to support those customers who perform patch testing against a group of test machines using a test policy. Once testing has been completed and the patches have been approved/denied as desired, use the copy feature to copy only the approval statuses from the test policy to a production policy.
· Added the capability to override the default approval status in a policy for patches that are classified as "Manual Install Only" or "Windows Update Web Site". Checking the option checkboxes at the bottom of the table sets existing updates of these types as denied in the policy and ensures future updates of these types in the policy are automatically denied.
Patch Mgmt - Reboot Action
The default value for a machine is now "Skip reboot if user logged in" rather than "Reboot immediately".
Patch Mgmt - Patch Download Location Override
An automated patch update (patch) location override service has been added. This service applies to patches that cannot be downloaded successfully using the original patch download location provided by Microsoft. This service identifies patch download locations (URLs) identified during WUA Patch Scans that are candidates for override location URLs. Candidates are those updates which the WUA Patch Scan reports as multi-file installation packages or as CAB file installation packages. When a new candidate update is identified, an email notification is sent to Kaseya with the update details. These details are used by Kaseya to identify a single executable file installation package. If one exists, an override location URL is added to an override location database (XML file). This override location database is automatically downloaded and processed by a background process every four hours.
The email notification that is sent to Kaseya contains no information other than selected update (patch) data elements from the Microsoft Update Catalog via the WUA Patch Scan. It is possible to disable these notifications by unchecking the checkbox next to "Enable Invalid Patch Location Notifications" on the Configure page under the System tab. If blank, no notification is sent to Kaseya. You will still receive updated patch location overrides prepared in response to notifications reported by other customers, regardless of this setting.
A new patch location warning, "Patch Location Pending", might be observed on the Machine History, Machine Update, Patch Update, and the Patch Details pages. This warning indicates that the update (patch) does not yet have a valid download location URL and it cannot yet be installed. This warning is removed once an override download URL has been provided by the override location database.
K-VNC for Mac OSX
The K-VNC for Macintosh machines has been updated to RealVNC Enterprise version 4.4.2.
Note for OS X 10.5 users - After the first time install of K-VNC, the system must be rebooted before remote control sessions may be established. Remote control sessions to 10.5 requires that a local user already be logged onto the system.
K-VNC for Windows
The K-VNC for Windows machines has been updated to RealVNC Enterprise version 4.4.2.
Remote Control - Terminal Server
This release adds two enhancements to remote control using terminal server.
Remote Cntl > Send Message
You can now identify the currently logged on user of a machine before sending a message to that machine.
Backup is now a separate installable module (BUDR.exe). On install of the 5.1 update, BUDR.exe is installed if either (a) there are some backup licenses or (b) there are some installs of backup.
Backup - Schedule Folders
The schedule folder page no longer allows scheduling a folder backup if the Image Location is not configured
Backup - Image Location
When clearing the Image Location, scheduled backups for that machine are removed.
Separate backup counts are displayed for succeeded/failed/warning/cancelled in the header of the backup report.
Reports - Executive Summary Report
Calculations for the Network Health Score for Operating Systems have been changed. Score thresholds were changed from Vista, 2003, XP, 2000 to Vista/2008, XP/2003, 2000, Mac OS. This means the OS thresholds are basically for "Windows 6.x", "Windows 5.x", "Windows 4.x", and "Mac OS".
Reports- User State Management Power Savings Report
Added a new report for licensees of the User State Management module to calculate actual and possible savings from managing computer power settings with the Power Policy feature of User State Management.
Agents are now supported on Windows Server 2008.
LAN Watch - Active Directory Harvest
When performing a LAN Watch on a primary domain controller, you can now optionally enable/disable the harvesting of AD users and AD computers.
Active Directory- paging
Added paging capability to the "View AD Users" and "View AD Computers" pages.
Master administrators can now set a system wide default for the agent temp directory.
You can now schedule a script to run immediately after an agent update completes. This capability lets you reapply any customizations you have made to managed machines that are lost after an agent update. Typically agent customizations involve renaming or hiding agent identifiers to prevent users from being aware that the agent is installed.
Log Archiving new partition tables using bcp
Partition tables have been added to help manage large amounts of log data for the following tables: nteventlog, monitorCounterLog, monitorProcessLog, monitorServiceLog and monitorSnmpObjectGeLog. A partition table is created every day for each log, for example nteventLogYYYYMMDD. Archiving the partition table uses the Bulk Copy Program (BCP) to efficiently move the data from the database to an archived text file. The archiving is based on the maximum value for that specific log found in Agent -> Log History.
NOTE: The server name is setup using the computer name during installation of SQL Server. If you change the name of the server you need to use sp_addserver and then restart SQL Server. If the computer name has been changed since the original installation then the bcp command will fail because the -S parameter is using the <servername\instancename> that was the <computername\instance> at time of installation.
Function Access - Messages and Tasks
You can now enable/disable access to both the Messages and/or Tasks panes shown in the View Dashboard page of the Home tab on a per administrator role basis. Select Function Access under the System tab to set these rights.
Function Access - Documents
You can now enable/disable access to document deleting and document uploading on an administrator role basis. Select Function Access under the System tab to set these rights. Documents are managed using the using the Audit > Documents page.
System - Configure
A new checkbox exists on the Configure function used to force an automatic redirect to use SSL when ever anyone attempts to log into your system via http. To activate, check "Automatically redirect to https at logon page".
Installer / Updater
The Kaseya Server installer and updater now pulls the latest hotfixes prior to the final step of reapplying the database schema.
Third Party Copyrights
A new Third Party Copyrights button displays in the System > Configure page, next to Release Notes and Show License. This information identifies open source and third party software licensed for use by Kaseya.
Database Views - Patch Views
An "InstallationWarning" column has been added to the following views:
The column returns 'Manual Install Only', 'Windows Update Only', 'Product Upgrade Only', or an empty string as appropriate.
Database Views - System Status Functions
Added three new SQL user-defined functions (pseudo-parameterized views) to return the counts displayed in the operating system pie chart and the missing patch pie chart seen on the View dashboard page under the Home tab. These functions are used just like views. Refer to the help topics under Database Views for:
VSA API Web Service
|New features in Kaseya 2008 (v188.8.131.52)- 10 March 2008|
Monitoring, Active Directory, State Management, and more
The agent icon will always remain visible in the system tray for systems configured to show the icon. Prior to this release, Windows would hide the icon if it had not been accessed in a while.
Added a new status icon to represent that an agent is online and that someone is logged into that machine. If someone is logged in, then the tool tip for the icon lists the login name.
Machine ID / Group ID filter -
The machine ID / group ID filter area now lists the number of machines matching the current machine/group/view filter. Use this information as a quick reference to identify the number of machines potentially effected by any action.
View Definitions - Collections
Collections are now defined using the View Definition window in the machine ID / group ID filter. A new check box labeled "Only show selected machine IDs" lets you specify an arbitrary list of machine IDs seen when using this view. Collections, as with all View Definitions, can be private, shared or public.
View Definitions - Missing Patches
The View Definition window includes a new "Use Patch Policy" check box showing machines missing patches greater than or equal to a specified number to optionally apply the patch policies. If this box is checked, only missing approved patches will be counted.
View Definitions - Patch Scan Options
The View Definition window includes the following new options for patch scan scripts:
All alert email functions have database access
All alert email functions now include data pulled from the database. The same format provided in the Get Variable script function may be used in any alert formatted as follows: <db-view/column>. For example, to include the computer name of the machine generating the alert use <db-vMachine/ComputerName>
The Audit > SW Licenses function highlights when duplicate licenses are found on the same group. The duplicate license count is now a link that lets you drill down and get a list of machines that share the same license code.
Added the following to the Machine Info tab:
Added new log type Log Monitoring
Machine Summary -
New Ticket link
The Machine Summary page now includes a New Ticket link at the top of the page. Clicking the link opens a new ticket assigned to this machine id. An optional interface allows you to configure this link to access external systems as well. See the Machine Summary online user assistance topic for details.
External Link to Machine Summary
The following URL displays the Machine Summary web page for a specific machine ID: http//servername?machName=MachineID.groupID
The application Packager function used for creating custom installations now supports output packages larger than 2 GB.
The Distribution function, under the Scripts tab, histograms the recurring schedules for scripts. This function quickly highlights potential server loading by showing peaks where multiple machines are scheduled to run the same script at the same time. This release adds a drill down capability to the histogram such that you can click any peak on the histogram and get a list of machines that make up that peak.
Scripts -CheckVariable - Evaluated Expression
A new script IF EvaluateExpression command evaluates expressions consisting of script variables from a parent script and six mathematical operators +, -, *, /, (, and ) to perform the comparison to determine whether to execute the THEN or ELSE statements. For example, you can evaluate the expression
IF (#variable1# + #variable2#) * 100 > #variable3#
where the variables contain numeric values from a parent script that obtained them using GetVariable commands.
The OS type selection for script steps now includes the options for "Mac OS X" and "All Windows Operating Systems".
A new option sends an alert for the GetFile script command when the file is identical to the one that was retrieved the last time.
GetVariable - Expressions
Added the ability to specify an expression that consists of script variables and six mathematical operators +, -, *, /, (, and ) that will be evaluated and assigned to a new script variable. For example, ((#variable1# + #variable2#) + 17.4) / (#variable3# * 4). The script variables must contain numeric values.
GetVariable - WMI Values
Added the ability to specify a WMI namespace, class, and property and assign the retrieved value from a managed machine to a script variable. The format of the specified WMI property is NameSpace:Class.Property<. For example, root\cimv2:Win32_OperatingSystem.FreePhysicalMemory
Set Registry Value
Added ability to set registry values with the data type REG_MULTI_SZ. Separate each string with the two character sequence of "\0". Use the three character escape sequence of "\\0" to include "\0" as part of a value string. This capability requires the Kaseya 2008 agent.
Dashboards and Dashlets
Added a new Dashboard List function to manage configurable monitoring windows called "Dashboards". Each administrator can create their own dashboards and add one or more custom "Dashlets" in each dashboard. Each dashlet has the following customizable attributes; position, size, machine filter, header and refresh rate. Dashlets include:
The Alert > Agent Status > Format Alert Email window now has two new formats. One for a single machine going offline. The second when multiple machines in the same group go offline. Note that a separate alert is generated for each machine group.
Pre-Packaged Monitor Sets and Event Sets
Kaseya 2008 features a wide variety of performance and service monitor sets and event sets. These sets monitor server and workstation performance objects including SQL, Exchange and other key performance objects such as DNS, DHCP and disk drives. Event sets monitor the Windows event logs for a variety of application, security and system event entries. Events set alerts are defined using Monitor > Alert > Edit Event Sets. Sample monitor sets and events sets are loaded with the installation of Kaseya 2008 or by using the System > Configure page. Sample monitor sets and sample event sets can be identified by the naming convention. Each name begins with ZC-.
Monitor Set Naming Example:
ZC-SV3 - DHCP Server - DHCP Services
Event Set Naming Example:
ZC-CM1-E1 Antivirus Events
Monitoring - General
Added new function to monitor the parsing of log files.
Windows Event Logs
Enhancements to Windows Event Logs:
Monitor Sets - Counters
In the Counter Thresholds tab of Monitor Sets enter an instance of *ALL for a monitor set object, as opposed to selecting *Total which combines the results. For example, if multiple drives are determined to exist on a machine, based on the Audit function, the monitor set with an instance of *ALL will dynamically select a counter for each drive.
Monitor Sets - Services
In the Services Check tab of Monitor Sets, select the *ALL selection to monitor all services set to automatic on a monitored machine, instead of having to address each service individually.
Monitor Sets - SNMP
In the SNMP Sets wizard in SNMP Sets select an instance of All to address each SNMP instance in an SNMP object separately. These instances are identified by the last SNMP walk perform during a LAN Watch.
SNMP Sets - Percentage Comparison
SNMP Sets now provides a percentage comparison of one SNMP Object to another, for example, if ifInErrors is greater than x% of total UcastPackets.
SNMP Quick Sets
An SNMP walk during a LAN Watch identifies all SNMP objects that apply to an SNMP device. Using Assign SNMP, you can click the link of a discovered SNMP device and create an SNMP "quick set" to monitor that device.
Monitor Sets and SNMP Sets -
Monitor sets and SNMP sets can to set to automatically adjust their alarm thresholds based on real word data for a specfied time period. Once an auto-learn session has been completed, the alarm thresholds can be fine-tuned manually.
Monitor Sets and SNMP Sets -Individualized Sets
An "individualized" monitor set or "individualized" SNMP set can be created for a specific machine or SNMP device, based on a "standard" monitor set, a "standard" SNMP set or a "standard" SNMP quick set. From that point forward changes made to the individualized set apply only to the machine or device it is monitoring.
System Check - Custom Name
Added custom name to system check. The name is used in alarm and email format templates.
Ticketing > Email Reader can now be customized to ignore emails containing specific text strings. Use this feature to prevent ticket creation when emails are received from things like email bounces. Typical bounced emails contain the string "Undeliverable: ".
External Link to View Ticket
The following URL displays the Ticketing > View Ticket web page for a specific ticket:
Added a Product column to various patch screens to help identify the product category associated with the specific patch. Also added this attribute to the Patch Details screen. For those cases where a specific patch is used across multiple operating system families (i.e., Windows XP, Windows Server 2003, Vista, etc.), the product category is "Common Windows Component". Examples of the "Common Windows Component" product include Internet Explorer, .Net, Windows Media Player, MDAC, MSXML, etc. This attribute has replaced the patch name on those screens where patch name was previously displayed.
Patch Status -
Added a "Reboot Now" button next to the "Reboot Pending" notification on the Patch Status page. Clicking the button schedules an immediate reboot on the machine. A confirmation dialog box is presented to prevent inadvertent reboots.
Added capability to schedule automatic updates on a monthly basis. Automatic Updates can be scheduled daily, weekly on a specified day of the week, or monthly on a specified day of the month (1-31).
NOTE: When processing monthly automatic updates, if the current month has fewer days than the scheduled day of the month, the automatic updates is processed on the last day of the month. For example, if the current month is April and the scheduled day of the month is 31, the patches are scheduled on April 30th.
Added a new machine level patch alert. This alert, when configured, is generated when the Windows Automatic Update Policy on the machine is changed to a setting (disabled, enabled, user control) that is different from that specified in the Windows Auto Update function under the Patch Mgmt tab. The Windows Auto Update function displays the current Windows Automatic Update Policy setting on the machine. This setting is obtained during each patch scan, and the alert is generated, if necessary, during the processing of patch scan results.
A "Patch Group By" dropdown list has been added to allow the user to change how the displayed patches are grouped. Before this release current grouping was based on the update classification and could not be changed. Now, the user can group by either update classification or product. The screen layout was modified to include both product and update classification in the presented data. Patches are still sorted by KB article within each grouping so that patches having the same KB article number are next to each other.
Changes to approval/denial of patches include:
Approval by Policy - Group By
Modified the screen to be able to select the view of the status table based on update classifications or based on products. Both views are presenting totals from the same data source, so the total patch count for each approval status are the same, just distributed differently depending on the view selected. When a drill down is selected to the patch details page, the patches are grouped by the classification (sorted within classification by product) or by product (sorted within product by classification) based on the view selection.
Approval by Policy - Save As
Added "Save As" capability to copy the current patch approval policy as a new policy with identical settings. All patch approval/denial statuses are copied as are the default approval statuses for the policy.
Approval by Policy - Default Approval Status
Default approval status can now be set for each update classification and each product within a patch policy rather than just for the policy. This allows setting patch policies to automatically approve selected update classifications such as security updates while automatically denying other update classifications such as service packs and automatically setting the rest of the update classifications to pending approval. It also allows setting patch policies to automatically deny patches for selected products such as Office 2000 while automatically approving patches for products such as Office 2007 while automatically setting patches for the rest of the products to pending approval.
NOTE: If there is a conflict between the two default values, the more restrictive default value is used. For example, if one default is denied, the patch is set to denied. If one default is pending approval, the patch is set to pending approval. Both defaults must be approved for the patch to be set to approved.
Approval by Patch
Added a new function under Patch Mgmt > called "Approval by Patch". The data displayed on this page is the same data available in "Approval by Policy". It is just displayed from the patch perspective rather than from the policy perspective. Approving or denying patches from this page provides an "approve or deny once" capability. Includes the ability to filter the list of patches.
NOTE: This function is only available for master administrators because it affects ALL patch approval policies.
Added a new function under Patch Mgmt called "KB Override". Using this page, you can set a default patch approval status override (Approve or Deny) for a specific Microsoft knowledge base (KB) article. This override status is used rather than the patch policies' default approval status when adding a new patch to all patch approval policies. It also resets the approval status for the specified KB article in ALL patch policies. To add the KB override, a patch must already exist in the system with the specified KB article number.
NOTE: This function is only available for master administrators because it affects ALL patch approval policies.
A new option in Remote Cntl > Chat, "Automatically close chat window when either party ends chat" lets you control how the window behaves at the end of a chat session. Uncheck this box to leave the chat session open after the other side closes the window. This gives people a chance to read the last message or copy data into another file.
ActiveX installs all remote control views for the admin and the remote control server for the user when the admin uses the Video Streaming function. This can cause problems if the user's browser blocks ActiveX controls from running. With this release, if the user's browser detects the ActiveX control could not run, then the user is presented with a link to manually download and run the remote control package manually.
K-VNC is now supported on Windows 2000, XP, and 2003 in addition to Vista.
Added a new Backup Status dashboard, which provides:
The time period over which to collect results is selectable.
Enhancements to backup set management include:
Alarms are now optional for alerts. Additionally, two new alerts have been added:
Enhanced error detection and recovery.
Backup report now offers option to include or exclude machines without data.
Monitor Action Log
New log describing the actions that occur when a monitor alarm threshold is met. Contains information on alarm created, ticket created, scripts scheduled, and emails sent.
Event Log Frequency
New report displaying top number (N) of windows event logs per machine ID.
Added Log Monitoring to system activity.
Added Log Monitoring Custom allowing to count, total, average, min and max of log parser custom number fields.
Report - Monitor Action Log
Added monitor action log to monitor reports section.
DNS Computer Name
The fully qualified DNS computer name is now available for any machine that is a member of a domain. Members of workgroups return the computer name only in this field. Display the DNS Computer Name in either the Agent > Agent Status function or in the Aggregate Table report.
The CPU Count number, returned by audit, is now available on both the Agent > Agent Status function or in the Aggregate Table report.
Added capability for the following to be aged and/or archived:
The archiving of logs places log table data into text files. These text files are stored at a specified location and categorized by log table and machine ID.
Agent Install Packages - Standard Administrators
Standard administrators are now restricted to creating agent install packages using existing group IDs.
A Macintosh agent is now supported. The agent type is specified in the Create Package wizard in the Agent > Deploy Agents function. If an administrator password is omitted from the Macintosh installation package, the installer prompts for administrator credentials during the installation as long as the silent option is not selected.
The Agent > Rename Group function under the agent tab, lets you rename any machine group ID or subgroup.
Agents now check in using a GUID instead of the machine ID. Old agents can still check in using the machine ID and are fully supported except for renaming capability. Renaming now just changes the display name of the agent. The agent GUID stays the same. So in order to rename agents in the new system, the agent must be upgraded to Kaseya 2008 first.
Hide Common Computer Names
Typical laptop computers may have multiple MAC addresses and LAN Watch may detect both MAC addresses for the same laptop, for example, wireless LAN vs. direct connect LAN. So an additional checkbox has been added to hide machines that have a common computer name in the same group ID. Only the MAC address used by the agent to connect to the Kserver is reported.
This release supports Intel's vPro-enabled processors.
LAN Watch has been extended to integrate with Active Directory. Running LAN Watch on a primary domain controller automatically discovers all computers and users listed in AD. Two new functions, View AD Computers and View AD Users, display Active Directory results. You may also deploy agents to Active Directory computers found by LAN Watch as well as update user information pulled from Active Directory.
Any user discovered by LAN Watch may be tagged as a new Administrator logon or User logon to the VSA using View AD Users. These logons are all authenticated by the domain controller the logon is attached to. So now you can use a single logon on both your network and the VSA, all controlled by Active Directory.
NOTE: You can remove both the Domain field and the Remember Me checkbox from the logon page by checking the appropriate boxes on the Logon Policy function under the System tab.
Copy Settings - Exclude Patch File Source
A new Agent > Copy Setting option, Patch File Source, lets you exclude or replace the patch file source. The patch file source is frequently a customer-specific setting and should not be overridden when copying settings.
The System > Migrate function has been replaced with a new Agent > Import/Export function. Exported accounts capture all machine settings, including script schedules, into an xml file. Use Import/Export to move settings attached to any agent. Note that Import/Export only moves settings and not data attached to a machine. Log data is not moved with Import/Export.
Suspend all agent operations (scripts, monitoring, patching, etc...) without changing the agent settings. Use Suspend to disable accounts without deleting the agent or modifying any of the agent's settings.
Admin Role Management
Administrator management has been enhanced with this release to allow non-master administrators to more securely manage other administrators. The administrator management functions under the System tab, restrict non-master administrators to only seeing other administrators that are members of the same roles. Note that master administrators rights may never be removed by standard administrators. Effected functions are:
A new Enable All/Disable All button gives you a quick way to turn access on or off for all functions for an admin role. Click Disable All when configuring an admin role that does not have access to many functions.
Function Access -
Access to the tabs on the Machine Summary page can now be granted or blocked on a per admin role basis using Function Access.
Function Access -
Lock Settings to Match
Function Access settings for an admin role may now be locked to some other admin role. Any changes to the Function Access list for one admin role are automatically applied to all roles locked to it. If you create unique admin roles in order to isolate access to machine group, but want to give each role the same list of functions, then you can use this new feature to manage all function access from a single role.
License limits now flow down to subgroups. Subgroups now inherit the license limit applied to their parent groups if the subgroup does not have a limit specifically applied.
The login policy is now enforced for both user and administrator logins. Prior releases only applied login policy to administrator accounts.
The customize function now lets you further customize the logon screen. You can add additional links on the left edge of the screen. This may be a useful spot to place a link to the Video Streaming page (/getHelp.asp) for example.
Database Views -
Added a new column to the vBackupLog database view. imageSize shows the size in bytes of the backup file. If the log entry does not relate to a backup then this column returns a zero.
API Web Service
Added a web service that provides an API (application programming interface) to the VSA. Enable the web service using the System > Configure function. Once enabled, the web service may be queried from the URL http://<your-vsa-server>/vsaWs/KaseyaWS.asmx using a valid administrator credential. A test client example, access control rules, and further details may be found in the directory <kaseya-install-dir>\vsaWs.
Kaseya Endpoint Security v1.2 (v184.108.40.206) - 10 March 2008
The current available version is directly off the Grisoft RSS feed and will be updated within 15 minutes of Grisoft posting an updated
The "Threats" column nows present a link to the manage threats page filtered on that individual machine. The top machine filter is not affected.
Individual agents no longer have update schedules. The KServer now tracks updates and schedules update scripts on individual agents only as needed. This results in timelier updates with less overall activity.
Because of the new automatic update script assignment, periodic (recurring) updates are no longer allowed. This page is for "manual push" only.
KES updates now honor the "File Source" settings under Patch. So KES can now deploy updates to agents that are not internet-connected (as long as they can reach the file share and the file share can reach the Internet).
The KES Agent now goes to the VSA server for updates when the File Source is KServer or Internet
Select All has new behavior. Now it selects all of the threats in the current filter instead of just the current page.
Now has a "Purge" button in the action bar for "clean up". This will remove the threat from the active threat list (and put it in the history list) without triggering any script on the agent.
There are now two tabs. The "Current Threats" tab is conceptually identical to the old page, showing threats that are current or in process of being taken care of. "Historical Threats" are threats that have been taken care of either through a clean, delete, restore, or purge.
Additional filters: "machine", which allows narrowing by machine without affecting the top-level filter (useful for stepping back and forth from the status page). "Time" filters on the discovery date by min/max/in between. "Categories" filters on the threat type"”whether antivirus or antispy. "Action" and "Status" filters by what action (if any) has been taken and what the progress of that action is (pending/failed).
Filters added to make log more useful. "Time" filters by when the event occurred (you have a lower and an upper date, and if either is empty that end is "open", so both empty means "all"). "Categories" lets you pick events to view by category. "Message" lets you text search the message for some particular string.
KES Alarms are now assigned via sets. These sets are created on the new "˜Define Alarm Sets' page, and assigned on the "˜Apply Alarm Sets' page.
There are new KES alarms.
The profile UI has been updated to more closely reflect AVG. A few new options have been added as well.
A new tab called "Exchange" allows for configuration of the new real-time monitor for Exchange (see MS Exchange Install/Remove below)
There is a new button on the view threats page "˜Add to PUP Exclusion List'. Any threats selected when this is pressed will be added to an exclusion list for the profile assigned to the machine they were found on. If AVG decides a file by this name is a PUP on any machine with this profile, this file will be ignored (excluded).
There is now an option to choose which profile to assign to a machine at install time.
MS Exchange Install/Remove
Added support for real-time monitoring of Exchange Servers. This page allows you to install Exchange Server support on any KES endpoint that is also an Exchange Server. Different licensing applies.
New features in v220.127.116.11 - June 5th, 2007
Exec Sum Report
The OS score weighting can now be customized. You can individually weight the OS score given to Vista, 2003, XP and 2000. Enter the % weights (0 to 100) in the four columns normally used for %score. Place Vista in the 100% column, 2003 in the 75% column, and so on. All legacy OSs are given a zero. If you have a large number of legacy OSs deployed, considered turning off the OS score.
Added WARNINGS and/or NOTES to screens affected by Initial Update to better inform users of its impact on patch management functions.
Patch Mgmt - Patch Status
Enhanced the Patch Status page with the following:
Patch Mgmt - Rollback
Added the date, if available, that the patch was installed to the screen similar to the Patch History screen.
Patch Mgmt - Cancel Updates
Add a notation to the "Pending Update Install Status" column to indicate that the patches currently pending installation are being processed by Initial Update. Canceling pending updates will now also cancel Initial Update.
Patch Mgmt - File Source
Enhanced the File Source page with the following:
Patch Mgmt - Windows Automatic Update
Added checkbox to "Force auto-reboot if user is logged on" to the "Configure - Force Windows Automatic Update configuration to the following settings" setting. We also changed the underlying default to NOT force the reboot. This is a Windows Update registry setting that only affects Windows Automatic Update. Windows Automatic Update cannot use Kaseya's Reboot Action settings.
Patch Mgmt - Office Source
Added the ability to filter by Office products/product codes to make it easier to set multiple machines to a common Office source share. Since the same Office product can have one of several product codes, the filter ensures that only products with the same product code are selected together.
The status monitor pop up window no longer counts or displays template accounts (agents that have never checked in).
Fixed problem with file list that would not list shared files unless that admin also had rights to upload and delete shared files. All admins may see shared files.
Disk Info List
Show used space in addition to free and total space for all disk drive space tables and reports.
Application Changes Alert
You can now add exclude directories to the Application Changes alert. Any application added or removed to these directories will not generate an alarm. The exclude path may contain wildcards.
KServer modifications include the following:
Agent - Pause Command Processing
The processing of the Pause Script command has been shifted from the KServer to the Agent to avoid the possibility of putting all process threads to sleep in the server for a prolonged period which would result in Agents going offline.
Agent - Workgroup/Domain name
The Agent now reports whether the computer is joined to a workgroup or domain and the corresponding name. This information can be used in creating a view as well as shown on the Agent status page and reports.
Agent - Response Issue
The Agent detects a connection corruption caused by security software that blocks KServer messages requesting an immediate checkin. The corrupted connection was causing a 3 minute timeout before establishing a new connection to run the pending tasks. When the Agent detects the symptoms of this condition, it removes the timeout so that the tasks can run at the specified checkin period.
Agent - Event log description
Resolved an issue so that the event log description is properly retrieved when the vendor provides multiple event log message DLLs. Also fixed an issue with retrieving the description when the vendor provides only a 64-bit event log message DLL.
Agent - Event log collection
Resolved an issue with retrieving event log information on Vista when the application provides access only through the newer event log interface and omits backward compatibility through the legacy interface.
Agent Contact Administrator Menu Item
Resolved an issue that opened the Administrator login page instead of the User login page when selecting the "šContact Administrator agent menu item.
You can now sort the Event Logs and Script Log by column in the Agent Logs function under either the Agent Tab or the single machine interface.
Added a checkbox to the Edit Profile function called Show notes as tooltip. Checking this for any machine ID will display the notes field for that machine to display on the tooltip for the agent's status icon. Use this feature to quickly access notes for any particular machines.
Exec Summary Report
The OS score weighting has been changed to (Vista-2003:100%, XP:75%, 2000:50%, NT4:25%)
Administrators can not remove their names from the list of available administrators to chat with. The list seen by administrators (in the Chat function under the Remote Cntl tab) and the list seen by users in the user login are controlled separately.
Added a test function to verify the credentials work
System information now inserts a link to the PC manufacturer's support site when a field in the System Information table may be used to access this data. Currently supported manufacturers are:
Added option to list machines that have never checked in. Use this filter to list template accounts.
Monitor - System Check
Enhanced the capabilities of Custom command within the System Check function. Custom commands will now require an output file assigned by the administrator. Alarms will be created by searching the output file for a specific value(s) by using the operator contains or does not contain.
Remote Control - K-VNC
Added support for K-VNC to provide remote control on Vista.
Remote Control - RAdmin
Added support for RAdmin 3.0. RAdmin 3.0 includes full support to remote control Vista.
Remote Control RDP
Support remote control of a terminal server running on a port other than the default port 3389.
Remote Control Policy
Machine Policy now support a fourth policy type. Require permission will not allow remote control unless a user gives permission. If no one is currently logged in, then permission is denied.
Automatic SQL Script Variables
SQL view parameters are now available as automatically declared script variables. Use the format #SqlViewName.ColumnName# in a script variable to access the dbo.SqlView.Column for the machine ID executing the script. These automatic variables allows you to skip the call to GetVariable with the option SQL View Data with the format of SqlViewName/ColumnName. See the context sensitive help for the System tab. Database Views function for a list of the SQL views and columns that are available.
GetVariable Script Command
Added a new option"š SQL View Data"š that will place the result of a database query to retrieve data from an SQL view for a specific machine ID or for the machine ID executing the script. The format of the parameter for this option is SqlViewName/ColumnName/mach.groupID or SqlViewName/ColumnName. The latter format is an explicit form of the automatic SQL script variable. See the context sensitive help for the System tab; Database Views function for a list of the SQL views and columns that are available.
Audit - Documents
There is a new function under the Audit tab named Documents. Use the Documents function to store files associated with a machine ID. Typically, people store things like scanned copies of purchase receipts, contract information, and configuration notes here.
Agent on Vista x64
The Agent now runs on Vista x64. Drivers provided with the Agent are signed. The only known restrictions are:
The password is now set to never to expire when it is set using the Reset Password function under the Remote Cntl tab. This feature requires a new Agent, version 18.104.22.168 or above.
New features in v22.214.171.124 - January 29th, 2007
Vista Support, Improved Monitoring
|Patch Management, Expanded Support||Added full patch support for Microsoft Exchange, SharePoint, Vista, and Office 2007|
|Patch Management"š File Source||Added validation code to alert the administrator when a LAN file source Machine ID no longer exists or if any of the required data is missing.|
|Patch Management"š Initial Update||Added support for the execution of a script before Initial Update and/or after Initial Update. These scripts are configured on a per machine basis in the new Patch Mgmt"š Pre/Post Script function.|
|Patch Management"š Alert||Added two new patch alerts: |
|Patch Management||In an attempt to minimize the need for installation media when patching Office 2003, the new command line switch, /MSOCACHE"š has been added. The " /MSOCACHE" switch only applies to Office 2003. When the patch database is updated, this switch is automatically added to all Office 2003 patches. It is not automatically added to Office 2003 service packs. When this switch is used, the system determines if the MSOCache exists on the target machine. If the MSOCache does exist and this switch is used, the system will automatically use the run silently switch ("/Q") thereby relying on the MSOCache rather than requiring the actual installation media. If the MSOCache does not exist on the target machine, the existing switch will be used. If a patch installation fails that uses the "/MSOCACHE" switch, it typically means that the MSOCache could not be used by the patch.|
|Patch Management"š Office Source||Added support for configuring a machine with Office installed to use a network share or a directory on the local hard drive as the Office installation source rather than the default CD-ROM. This feature modifies the machine's registry so Office will look to the alternate location for the Office installation source. The provided source is validated to be sure that the source is compatible with the installed edition/version of Office.|
|Copy Settings||If the source machine (the machine you are copying from) does not have a credential, then the credential is not changed on the target machines. Use this to create template accounts that do not effect the credential of target machines.|
|Scripts||All Kaseya Scripts run after a machine reboots were named REBOOT-xxxx. We received several support requests asking why Kaseya reboot their server when in fact the script was run as a result of a reboot and did not cause the reboot. To end this misconception, we have changed this naming convention to START-xxxx|
|Audit - Software License||The product installation key (CD key) is recovered during audit when it is available.|
|Audit "šÃ„Ã¬ Add/Remove Programs||Audit now returns the add/remove program list.|
|Remote Control Status||Currently logged in user for each machine ID, if any, is displayed on the Control Machine function.|
If any admin is currently remote controlling a box, the admin name is also listed.
|Remote Control Notification Policy||Allow policy to be defined on a per machine basis. |
|Remote Control Log||You can now report on remote control activity. The system now maintains a separate remote control log for each machine ID. You can view (Agent Tab - Agent Logs) or report (Reports Tab - Logs) on the Remote Control Log just like any other log.|
|Disable Remote Control on Install||Adding the /x option to the agent install package (Agent Tab - Deploy Agents) automatically disables remote control from the client side after a successful agent installation.|
|Remote Control Verbose Mode||The Enable verbose relay flag is now remembered on a per admin basis. If you enable the verbose relay in a remote control of FTP session, that flag is automatically set the next time you remote control of FTP. The verbose relay flag is typically left off and is not needed for normal operation.|
|System Check||System Check verifies a remote machine, such as a web server, is functioning by connecting to it on a recurring basis. You can prevent temporary outages from sending alarms by specifying the length of time a check must fail before issuing an alarm.|
|Agent Status||Time Zone is now available for display in the Agent Status table.|
|Monitor - Agent Status Alert||The system now detects when a batch of agents go offline at the same time (usually resulting from an internet outage). The system will now send only a single email listing all machines that went offline at the same time. Prior to this release, an email was sent for each machine ID.|
|Monitor - SNMP||Time between SNMP monitor requests has been reduced. In older versions, the interval between SNMP monitor request could have become prohibitively long if the SNMP Probe (Agent) was monitoring hundreds of SNMP Devices. The polling and connections are now multithreaded; creating narrow data sample intervals.|
|Monitor - SNMP||When Kaseya first discovers an SNMP device, a deeper initial request of SNMP data is now being performed. The initial SNMP Discovery will now include a 'deep dive' return of SNMP data. The SNMP branches currently being queried are: iso.org.dod.internet.mgmt.mib-2.interfaces and .iso.org.dod.internet.private.|
|Monitor - SNMP||Added link to Assign SNMP Monitor page to view list of auto discovered SNMP data.|
|Monitor - SNMP||Added new function allowing the user to customize SNMP Device names and Types.|
|Monitor - SNMP||Added filters to the SNMP Log function to allow the user to filter log entries that contain certain text or values.|
|Monitor - SNMP||If the user removes the SNMP Community name, all associated SNMP Devices will be removed and logs cleared.|
|Monitor - SNMP||The SNMP Probe will attempt to find SNMP Table descriptions where possible and automatically insert the results into the monitor item description. (Example: If asking for the ifEntry.ifInOctets for interface #2, Kaseya will identify, if available, that interface #2 is the external firewall connection and add it to the description)|
|Monitor - General||Pop-up warning on log-in will inform the user that Alarms are currently disabled.|
|Monitor - General||If the update of a monitor set is not contextual (does not significantly change the monitor item), the logs will not be cleared.|
|Monitor - General||All monitor sets will continue collecting data even if the administrator changes the Kaseya temp directory.|
|Monitor - General||When a SNMP Community Name reference is removed, all related SNMP Agents will be removed also.|
|Monitor - General||Added more descriptive information within monitor set expanded information to the following web pages; Log Summary, Alarm Summary, Alarm Status, Monitor Set Status, Monitor Summary, Live Connect.|
|Monitor "šÃ„Ã¬ System Check||Added Duration to all system checks for alarms.|
|Monitor - Alarms||History of note entries can now be kept on all Alarms.|
|Monitor - Alarms||If a monitor set generates an alarm email, an additional email notification can be sent if the Alarm value transitions back 'out of' its alarm state.|
|Monitor - Reports||Allows the user the ability to select a monitor counter and calculate the 95th percentile (or 5th) for each counter. Also added was a comparison feature; allowing two machines to be reported (trended) upon side-by-side.|
|Monitor - Reports||Added trending reports with 'number of days' filter and comparison features.|
|Monitor - Reports||Added trending reports for all SNMP Objects (again with comparison feature).|
|Monitor - Reports||Added Monitor Configuration Report listing the monitor set configuration for the machines selected.|
|Monitor - Copy Settings||'Copy Settings' will now include all monitor sets information when copying machines with the same operating system. Monitor sets will not be copied if the operating systems is not supported by monitoring and/or copying from Windows 2000 to Windows XP/2003.|
|Monitor - Assign Monitor/SNMP Sets||New edit icon, when clicked will allow the editing of existing monitor set deployment parameters on the specific machine/device.|
|Monitor Sets and Logs||All monitor sets will stay collecting data even if the administrator moves or renames the Kaseya temp directory.|
|Monitor - Log Summary||Added icon indicator and action to refresh specific monitor object on the machine or device.|
|Monitor - Log Summary||Added Filters to log and chart data.|
|Monitor - Log Charts||Added more description info and X/Y titles to charts.|
|Monitor Console - Machines Online||Added Customized zones Red/Yellow/Green|
|Monitor Console - Popup Windows||Fixed positioning of console windows alignment.|
|Monitor Console - Group Alarm||Removed View drop down list. Group alarm status page will now use the main view filter.|
|Deploy Agents||Agents can not be deployed over the network (using Install Agents function) to Vista machines unless UAC is disabled.|
|Agent Installer||The agent is not compatible with Vista-64|
Kaseya Managed Service Provider Software v4.7 - January 2007
|Platform Support||Kaseya is ready for Windows Vista. Version 4.7 allows administrators to extend the power of automated IT services to workstations and servers running Windows Vista. In addition, Kaseya 4.7 now includes a Vista Readiness report that will identify which machines are ready for upgrade and which are not ready and why.|
In addition, support for the Kaseya agent has been extended to systems running the Windows XP and 2003 64 bit operating systems.
|Audit||To provide more detail to the information collected from machines during the audit process, the audit will now collect the Add/Remove Programs listing from managed machines.|
|Audit - Add/Remove Program Listing||A new menu option has been added to view the Add/Remove Programs information. The Machine Summary and Software reports have been enhanced to support the reporting of the Add/Remove Program information.|
|Audit - Software Licenses||In version 4.7, the Software License audit will collect, display and report the corresponding product keys.|
|Patch Management||The enhancement and expansion of Patch Management is a continuous process. With version 4.7, the scope of platforms supported has been expanded. Support for Microsoft Office 2007 has been added along with various usability enhancements.|
|Patch Management - Supported Platforms||Full patch scan and patching functionality has been added for the following servers: |
|Patch Management - Microsoft Office Media Location||To ease the process of patching machines with Microsoft Office, a function to specify the location of the Office media has been added. This function will allow the administrator to use a network share or a directory on the local hard drive as the Office installation source rather than the default CD-ROM.|
This feature modifies the machine"šÃ„Ã´s registry so Office will look to the alternate location for the Office installation source. The source is validated to ensure that it is compatible with the installed edition/version of Office.
|Patch Management - File Source||To help ensure the reliable delivery of patches to a machine, the system will now alert the administrator when a LAN file source Machine ID no longer exists or if any of the required data is missing.|
|Patch Management||To further minimize the need for installation media when patching Office 2003, a new command line switch /MSOCACHE has been added.|
The switch only applies to Office 2003. When the patch database is updated, this switch is automatically added to all Office 2003 patches. It is not automatically added to Office 2003 service packs.
|Patch Management - Patch Database Distribution||To conserve bandwidth in an environment, the system allows for the designation of a local file share as the patch file source. To extend the conservation of bandwidth, the patch database, mssecure.xml, will also be distributed from the local file share if it is specified as the patch file location.|
|Remote Control||To increase security, privacy and accountability, new features have been added to the Remote Control function. The administrator can now create access notification polices by machine. In addition, there is a new log to track the remote access.|
|Remote Control - Access Notification Policy||Remote control access notification policies can be created by machine. The access notification policy can be set for the following: |
|Remote Control - Logs||A new log has been added to the system to track the start and end of a remote control session along with administrator notes if required.|
The Remote Control Log can be viewed and reported upon in the same manner as other logs within the system.
|Kaseya Agent||The Kaseya agent is one of the key components of the system. The agent is responsible for the service delivery, data collection and overall management of the servers and workstations where it is installed. With each new version of Kaseya, the capabilities of the agent are refined and expanded. In version 4.7, the agent will now utilize a persistent connection with the Kaseya server. This enhancement provides huge benefits not only in version 4.7 but in the future releases of the Kaseya framework.|
|Kaseya Agent - Connection||Currently the agent uses a polling frequency to perform a quick check-in with the Kaseya server. With version 4.7, the agent will utilize a persistent connection with the Kaseya server. This persistent connection creates a series of benefits. |
The reduction in the amount of data flowing as well as the reduced resource usage on the server increases the scalability and performance of the system.
A persistent connection between the agent and server also increases the performance of the system. For example, a request to remote control a machine can now be carried out almost immediately.
|Kaseya Agent - LAN Watch||More flexibility in defining the new device alert has been added in version 4.7. In previous versions, LAN Watch generated an alert when a new device was found on the LAN that had not previously been on the LAN for the last 7 days. This time period is now selectable.|
|Reports||New reports are being added along with updates to existing reports. The details will be identified in the Release Announcement.|
|Real Time Monitoring||To increase performance, ease of use and the overall functionally of Real Time Monitoring, version 4.7 adds new features and enhancements in the following areas: |
|Real Time Monitoring - Console||Several enhancements have been added to the Console for increased performance and better visibility. These include: |
|Real Time Monitoring - Alarms||To provide better tracking and analysis of Alarm information, a history of the note entries can now be kept on all Alarms.|
To provide better visibility and management of the agent and SNMP monitoring, the system can now send an email notification when the alarm value transitions out of' its alarm state.
|Real Time Monitoring - System Check||System Check verifies if a remote machine, such as a web server, is functioning by connecting to it on a recurring basis. To prevent temporary outages from sending alarms, the length of time a check must fail before issuing an alarm can be specified.|
|Real Time Monitoring - SNMP Monitoring||The SNMP monitoring in version 4.7 has been significantly enhanced. The enhancements provide increased performance and capacity, more depth in the information collected from devices and better presentation of the information collected. The following items have been enhanced: |
In version 4.7, when an SNMP device is first discovered, a deeper initial request for SNMP information is being performed. This deeper request will automatically discover objects within the device that can be monitored. This will help ease the process of setting up the SNMP monitoring for a particular device. This information can be viewed from a new link that has been added on the Assign SNMP Monitor page.
To further aide the identification of devices, a new function has been added to allow for the entry of a user defined Device Name and Type. By increasing the information collected, displayed and defined for a particular device, the creation of monitor sets becomes easier and, the monitoring is more accurate which creates a more productive environment for the management of the machines and devices.
|Real Time Monitoring - Logs||Data collected as a result of the Monitor and SNMP Sets is stored in the monitor log for query and reporting. In version 4.7, the monitor logs can be filtered to view entries that contain certain text or values.|
|Real Time Monitoring - Reports||The following reports have been added: |
New features in v126.96.36.199 - 21 August 2006
Minor Maintenance Release
|Maintenance||Fixed minor display related problems|
|Monitor - Edit||Changed 'alarm duration' logic. The system will now look back in the log table to see if there any records that were under the alarm threshold. If there are none, instead of going into 'alarm' (old behavior), it will continue to look to the next oldest log value. If that value is over the alarm threshold, the system will only then go into 'alarm'.|
|Monitor - Reports||Added trending reports with 'number of days' filter and comparison features.|
|Monitor - Copy Settings||'Copy Settings' will now include monitor sets.|
|Monitor - General||When a SNMP Community reference is removed, all related SNMP Agents will be removed also.|
|Monitor - Edit||When a monitor set is edited, the logs will not be reset unless the counter, service or process specific information is changed.|
|Monitor - Logs||Logs now have icons that indicate that there are log entries for the corresponding monitor item.|
|Monitor - Logs||Added 'character match' filters to log tables. Allowing for searches of the log table entries (i.e. " ... show all service log entries like 'stop'")|
|Monitor - Logs||Added 'day range' filter to counter graphs (similar to SNMP logs).|
New features in v188.8.131.52 - 19 July 2006
Minor Maintenance Release
|Maintenance||Fixed minor display related problems|
|Remote Control||Added ability to independently set the screen width and height in terminal server sessions. See the Set Parameters function|
|LAN Watch||IP scanning range is now restricted to 11 bits (2048 addresses)|
|Patch Mgmt - Initial Update||Modified the Initial Update screen to include update status from "scheduled" through the various "processing steps" to "completion".|
|Patch Mgmt - File Source||Modified the File Source screen to improve the clarity of the source for the patch files and the patch file's destination on the target machine.|
|Monitor - Edit||Added 'Group Alarm Column' selection as a step in the Add function for Monitor Sets and SNMP Sets.|
|Monitor - Assign Monitoring||Modified PerfMon commands to start counters after an agent machine has been re-booted.|
|Scripts (support of Monitor)||A script named ExecuteSNMPWalk.has been included in the Sample Scripts/Config Changes area. This script is very valuable if the user is new to the SNMP device.|
|Reports - Patch Management||The Patch Status section of the Patch Management Report has been modified to display the same patch status as displayed on the Patch Mgmt - Machine Update page. Previously, the only statuses presented were "installed" or "missing". Now, more detailed status information is displayed when applicable.|
New features in v184.108.40.206 - 30 May 2006
Advanced Monitoring, Backup, Ticketing, and more...
|User Remote Control Options||Users logging in to remote control their machine are now presented with the standard remote control options prior to starting remote control.|
|Event Set alerts||You can now set independent email addresses for different event sets on the same machine ID. This lets you send alerts generated by different application events to different administrators.|
|Event Sets||Added the ability to import and export event sets.|
|Agent Menu||Due to popular demand, we have returned to calling the agent the 'Agent'. All references to Client have been changed back to Agent.|
|Script Directory||Added ability to import and export entire script directories (all scripts and sub-directories in any script directory).|
|Agent Status||Added a Reset Filter button to quickly remove any advanced filter settings on the Agent Status function. The advanced filter may reduce the number of machine IDs displayed. Click Reset Filter to quickly display all machine IDs.|
|Views||You can now share views with other administrators or administrator roles. Click the Share button on the edit views page to set up share permissions. This release also adds significant filtering capability to views. You can now: |
|Run Audit schedules System Info||You can now schedule System Info data collection in conjunction with Run Audit (under the Audit tab). System Info may cause high CPU utilization on the client and normally runs once after the first audit. Use the new checkbox option to schedule System Info collection to run again or run recurring for any checked machine. The System Info scheduler has been removed from the System Info data display.|
|Reset Password||Added a new option allowing you to specify whether to create a new account in the administrators group or not.|
|LAN Watch Alert||In previous versions, LAN Watch generated an alert when a new device was found on the LAN that had not previously been on the LAN for the last 7 days. That time period is now fully programmable. If you have a network where devices may be turned off for extended periods, increasing this value beyond the longest time a device remains off prevents that device from generating an alert when it turns back on.|
|Agent Status||Added clickable column headers so you can sort this table by any column displayed. Clicking a header the second time sorts in reverse alphabetical order.|
|Status Monitor||Added a paging control to the status monitor. Previously you were limited to at most 100 machines. Now you can monitor all machines using the standard paging control.|
|Alerts||With the introduction of advanced monitoring, Alert functionality takes advantage of advanced monitoring by incorporating options beyond just simple email alerts. Alerts now support: alarms, email, script execution. The alert summary list on the Home page has been replaced with the alert status list on the monitoring console. Here you can Open/Close alerts.|
|Patch Installation Issue||An issue that prevented patches from being scheduled for installation by either Machine Update or by Automatic Update when the number of uninstalled patches for the specific machine was large (about 70) has been resolved.|
|Patch Mgmt - Windows Automatic Update Configuration||A new Patch Mgmt function, Windows Auto Update, has been added under the Configure section. This function will report the machine's current Windows Auto Update settings for Windows 2000 (SP3 & SP4), Windows XP and Windows Server 2003. Additionally, an administrator may override the user's setting, including disabling it, and prevent the user from making changes.|
|Patch Mgmt - Initial Update||A new Patch Mgmt function, Initial Update, has been added under the Setup section. This function allows an administrator to schedule a machine to be fully updated with all approved service packs and patches. This function is typically used after a new machine is initially scanned for missing service packs and patches and basically performs a 'patch-until-done' process.|
|Patch Mgmt - Exclude Machines||This function has been removed. Use the manual scheduling (Machine Update and Patch Update) to control what machines get which patches.|
|Patch Mgmt - Patch Update||The capability to ignore a machine for a particular patch has been removed. Use manual scheduling (Machine Update and Patch Update) to control what machines get which patches.|
|Patch Mgmt - File Source||Added option to copy the downloaded patch files to the temp directory on local drive having the most free space (default), or to copy them to the temp directory on the same drive where the Agent is installed.|
New features in v220.127.116.11 - 18 October 2005
Corrected a problem that failed to update correctly in rare situations. This data dependent problem only occurs in certain combinations of Microsoft SQL 2000 and IIS. This release handles any configuration and will safely update to v18.104.22.168
New features in v22.214.171.124 - 17 October 2005
Backup and Disaster Recovery
New optional add-on module providing complete volume and folder backup facilities. Scheduled offsite replication transfers all image backups to a remote FTP site at scheduled times.
Office Patch Installation
The Patch Mgmt system now supports Microsoft Office updates for Office 2000, Office XP, and Office 2003 on the Windows 2000, Windows XP, or Wondows 2003 operating systems.
Because virtually all Office 2000 service packs and patches require the user to provide the Office installation CD(s), the user must be logged in and must respond affirmatively to a dialog in order for the Office 2000 patches to be installed. If the user responds negatively or does not respond within five minutes or is not logged in, the patches will not be installed. On the Machine Update and Patch Update screens, those patches will display the following status: User not ready to install. Because of the requirement for the installation CD(s), these patches are excluded from installation when the machine is configured for Automatic Update under the Patch Mgmt tab.
All service packs and a few patches for Office XP and Office 2003 require the user to provide the Office installation CD(s). In these cases, the command line switch has been set to /INSTALL-AS-USER /DELAY-AFTER=60. This enforces the requirement that the user must be logged in and must respond affirmatively to a dialog in order for the Office service packs or patches to be installed. If the user responds negatively or does not respond within five minutes or is not logged in, the patches will not be installed. On the Machine Update andPatch Update screens, those patches will display the following status: User not ready to install. Because of the requirement for the installation CD(s), these patches are excluded from installation when the machine is configured for Automatic Update under the Patch Mgmt tab.
Windows Messenger and MSN Messenger Patch Installation
The Patch Mgmt system now supports Windows Messenger (versions 4.7 and 5.x) and MSN Messenger (versions 6.x and 7.x) patch detection and where available patch installation. In some cases, actual patches are not provided by Microsoft because the fix has been provided in the latest version. On the Machine Update and Patch Update screens, those patches will display the following status: Product upgrade only. When this is shown, the user must go to the appropriate Microsoft web site and download/install the current version.
Patch policy logic has been changed. From this release forward, if a patch is denied for a collection, then that patch will be denied for any machine belonging to that collection, even if that machine belongs to another collection that approves the same patch. This logic is the reverse of previous releases. The unassigned policy has been eliminated since it is no longer necessary with this type of logic. The system now approves all patches for deployment to any machine that belongs to no collections.
Windows Installer Patch Behavior
Patches for the Windows Installer are now automatically installed any time any other patch is installed. This was done to be consistent with Microsoft's Windows Update processing and because of patch dependencies on the current version of Windows Installer. Since the Windows Installer patches are automatically applied, they are no longer available under the Patch Approval function under the Patch Mgmt tab.
A new Patch Status function, under the Patch Mgmt tab, provides a quick summary of which machines are missing patches, have failed installations attempts, or have installations pending. There is also a new Test function on this page. Test will validate that the entire patch distribution and installation system functions properly with the selected machine's current settings. Use Test to verify a machine's setup if patch installs fail.
Patch File Source
Two new buttons, "Reload System Server" and "Reload File Server", have been added to the File Source function under the Patch Mgmt tab. The "Reload System Server" button will delete all exisitng patches on the KServer so that they will automatically get refreshed. The "Reload File Server" button does the same for the file server that is setup to be a source of patches.
Exec Summary Report
Added extensive customization to this report . You can now add additional fields and completely control the network health score calculation.
A few minor terminology changes appear in this release to clarify system components better.
Time zone detection
Time zone detectionThe system now automatically detects the time zone of your browser and converts all displayed times from server time to your local timeTime zone detection. Furthermore, the time zone of each client is reported up. You can view the current time at a client by hovering the mouse over the status icon and viewing the tool tip (client update required). You can also view the local time at the client on the Single Machine Interface, under the Machine Info tab, by clicking the client status icon.
Deleting an account only removes the machine ID from the system. The all data associated with that account will not be removed until off hours. A new button has been added to the Delete function under that Client table to remove all data from the database not associated with a machine ID immediately.
Force Admin Password Change
You can now force any administrator to change their password at the next login. Both the Set Password and Create/Delete functions in the Admin Accounts section of the System tab support this. On the Set Password function just check the box in the far right hand column to flag an account as requiring a password change at the next login. Create/Delete support setting this flag at admin account creation time.
The new Login Hours function under the System tab lets you specify hours of the day and days of the week administrators may log into the system. Policy is enforced on a per administrator role basis.
Machine Changes Report
The Machine Changes report lets you compare all hardware and software differences between all selected machine's latest audit and either their own baseline audit or an audit from a single selected machine. Use this report to identify differences between a reference machine and all other machines on your network.
Changed this function to display data for one machine at a time, like Installed Apps and SW Licenses.
This release has renamed the tab formerly known as Monitor to Alerts. The functions under the Alerts tab focus exclusively on the alerting functions built into the standard system.
Admin Email Address
Master administrators can now set the email address of any administrator on the Create/Delete function in the Admin Accounts section under the System tab. Click the edit icon next to any email address to change it.
FTP on XP
Modified Windows Firewall on XP to temporarily approve the FTP process during the FTP session. This prevents the Windows Block/Unblock dialog from popping up on remote user's screens.
Patch Deploy Wizard
Added ability to download a patch from a URL in the script built by this wizard.
Client Temp Directory
This release adds a new function named Temp Directory under the Client tab. This function lets you specify the directory used by the client to store temporary files.
Get Variable Script Command
This release adds the following options to the GetVariable script command: Client Temp Directory, file size, and file last modified date.
A Run Now button has been added to scheduled scripts and tasks. Use this button to run the task immediately without modifying any existing recurring schedules applied for that task.
You can now set a maximum bandwidth consumed by the client. Set the Bandwidth Throttle value in the Check-in Control function, under the Client tab, to the desired maximum rate. The default value is disabled to let the client use all available bandwidth.
File extensions used for ticket attachments and Get File items had their file extensions changed to force some browser versions to download them correctly. IIS 6 (used by Windows Server 2003) blocks unknown file extensions by default. With this release, any files requiring new extensions have a .bin added to the end of the existing filename. IIS 6 recognizes the .bin extension by default.
Fixed a bug in the Migrate function that prevented public scripts and reports from importing properly.
Script Error Logging
Checking the "Continue script if step fails" check box, found on each script line, continues executing the script if that step fails. You can now optionally enable/disable logging of messages to the script log when a step fails but the script continues executing. To enable logging check the "Enable logging of script errors marked" found on the Configure function under the System tab.
First function after logon
You can now specify the first function displayed after logging into the system. Select the desired function from the drop down control in the Preferences function, under the System tab.
Client Menu Customization
You can now specify the tool tip appearing when the mouse hovers over the client icon. You can also customize the Contact Administrator label.
Client Installer Customization
You can now use a command line option to specify the title in the progress and dialog box windows shown to the user during installation of the Client. The Client installer also supports a new command line option to install with remote control disabled. To remote control the machine after installing with this new option, a user must first select the Enable Remote Control menu item from the client icon.
As mentioned above, Task Manager has been moved to the Remote Cntl tab. In addition, the Task Manager results window now provides a link to get more information about the reported process. Clicking the process name opens a new window describing any available information about what the process is used for and which company provides that process.
Reset Machine Filter
There is a new Reset button at the top where you can filter down the machines displayed with each function. Clicking the Reset button removes any filtering. Use this function when administrators can not find a machine and you feel they have a filter set up that restricts their view.
MSDE 2000 Service Pack 4
The Kaseya server installation with database engine now installs Service Pack 4 of the Microsoft SQL Server 2000 Desktop Engine (MSDE).
New features in v126.96.36.199 - 8 April 2005
A new function under the Agent tab named Change Group lets you move several machines into a new machine group at once. Use this command to re-organize machines by group.
Advanced Filter Notification
The advanced filter option, used in several reports and the Installed Apps function, now display Filter Active when the advanced filter is set, to limit the application list display. The system provides this notification as a quick visual aid to help determine why expected results do not appear in a report.
The Manage Files tool, accessed through the script editor, has expanded capability in this release. All files, both private and shared, are displayed as links allowing you to directly download any managed file directly through web interface. Click new icon on the Scripts toolbar to get direct access to the Manage Files screen.
Patch Reboot Option
The Do not reboot after update option, on the Reboot Action function under the Patch Mgmt tab, has an additional parameter to send out an email when the patch install completes. Set this option when you have a server, or some other unattended machine, being patched that you do not want to reboot after a patch install. Instead, the system sends you an email reminding you that a new patch has been installed and may not take effect until you reboot the server.
Database Clock Synchronization
v4.4 introduced the ability to separate the database from the rest of the Kaseya server. If you ran your database on a separate server, v4.4 required the clocks on the two servers to be roughly in sync with each other. This update removes that restriction. Server time now uses only the time on the database server as a reference.
Fixed an Agent bug that would occasionally not update the application audit list when applications were removed from a managed machine. This fix requires an Agent update.
Remote Control Encrypt
Encryption is now always on for both Control Machine and FTP. Prior to this release, encryption could be turned on or off as an option. Now the same encryption used to protect all other agent to server communications, protects remote control.
Edit Profile under the Agent tab has been re-written to all multiple machines to be assigned the same contact information at once. Prior released used the Contact Name as a possible login credential, recuiring each contact name to be unique. User Acess provides the unique user login so Edit Profile no longer has this restriction.
Script Special Character
Scripts use the # character to identify named script variables (eg. #scriptVar#). Now the script editor lets you enter a # character in any parameter (if needed) without interpreting that as a script variable. Scripts interpret ## as a single # in any parameter field.
New features in v188.8.131.52 - 11 March 2005
Kaseya now supports separating the SQL 2000 database to a different machine than the server running IIS. There is now a Change DB... button in the Configure function under the System Tab. For detailed instructions to separate your database server, see the online help for the Configure function.
Patch Management File Source
A new option has been added to the Pulled from file server option. The agent on the LAN server can now be configured to pull each patch file from the Internet or directly from the system server. Use the second option if your LAN does not have direct access to the Internet.
Patch Management Reboot Action
Reboot Action under the Patch Mgmt tab has been enhanced as follows:
Clicking the status icon for any machine ID opens the Machine Summary interface. This release greatly expands functionality and enhances the user interface. Independent windows for each machine ID may be open simultaneously. The system divides functions into tabs, providing more screen space for each function, as follows:
The Install tab has been renamed to Scripts. Two new functions have been added to this tab. Script Status moved from the Agent tab to the Scripts tab. The new Distribution function is also under the Scripts tab.
The Distribution under the Scripts tab displays a graphical view showing the time of day each recurring script executes for a group of machines. Some scripts heavily load both the network and the server. This tool provides a quick and easy way to evenly distribute that load across any time interval you choose.
Scripts are now grouped into three categories: My Scripts contains all private scripts for the currently logged in administrator. Public Script groups all the scripts available to all administrators together. Sample Scripts contain samples delivered with the system. You can also approve or deny access to each script category with Function Access under the System Tab.
The Copy Settings under the Agent tab lets you copy all configuration data from one machine ID to any number of other machine IDs. Effected settings include pending script scheduled, alert setup, check-in control, log settings, audit configuration, patch configuration, and remote control configuration.
Set a login credential for the agent to use in Patch Management and the Use Credential script command. If a credential is present, then patch management installs all new patches using this credential. Therefore, Set Credential should always be an administrator credential.
Script Command Updates
Event Log Alerts
You can now set multiple independent event sets for each event log alert. This lets you define event sets to detect specific application behavior. Then you can alert on many different sets without having to combine all the events into a single set.
Install MSIExec Sample Script
A new sample script in the Sample ScriptsInstalls script folder under the Scripts Tab (formerly the Install Tab) installs MSIExec.exe on operatings systems that do not come with MSIExec by default. Win9x, NT4, and Win2000 do not automatically come with MSIExec. Some patches are distributed as MSI files and require MSIExec to install. Use this script when you need to deploy MSI packages to older machines without MSIExec already installed.
Function Access under the System Tab can now give report group access to any administrator group.
Contact Administrator Link
Double clicking the agent icon selects the default item from the agent menu, Contact Administrator.... By default, this logs into the user access page with the access rights for that machine ID. You can now change that URL to anything you like. Optionally, you can also pass in the machine ID and/or group ID used by that agent in your custom URL.
Agent RAM audit
The Agent now correctly reports the amount of RAM on a machine that has more than 2 GBytes installed. This feature requires an Agent update.
Event Log Compression
The Agent now compresses repeated event log entries into a single entry to reduce the volume and processing load. The Agent adds the number of compressed events to the description of the single event log entry reported to the KServer. This feature requires an Agent update.
TCP/IP Connection Keep-Alive
A TCP/IP connection between an Agent and KServer may be dropped by router devices due to an idle timeout. For example, a NAT router may remove from its internal tables any connection that has not transmitted data in 15 minutes, which may be exceeded by an Agent auditing a machine with large disk drives or executing a large patch update. The result is a dropped connection that prevents the Agent from reporting that it completed the task, and so the KServer requests that the Agent perform the same task again at the next checkin. The Agent now keeps the connection open by periodically sending a keep-alive message during long running tasks. This feature requires an Agent update.
A global policy control has been added to the Check-in Policy function under the System Tab. A new checkbox labeled Allow automatic account creation for groups without a policy lets master administrators determine if new accounts may be automatically created when an agent first checks in for group IDs that do not have any check-in policy set. The default value allows automatic account creation.
The Admin History function under the System Tab records the functions visited by each administrator. The system stores the last 30 days worth of activity, including all logins.
The System Log function under the System Tab records the last 60 days of system related activity not associated with any particular machine ID. Some examples include:
A new Summary setting in the Alerts function under the Monitor tab displays a quick view summary showing what alerts are active on each machine. The email recipients list for each alert type appears if the alert is active on that machine ID. Active alert labels become links to the details for that alert. Clicking the link automatically selects the specific alert type and populates the form with the settings active in that alert.
The date format displayed has been changed to 9:55:50 pm 9-Jan-05 or 21:55:50 9-Jan-05. These formats are directly supported by Microsoft Excel and will support direct exporting of date fields in reports.
Two new OS Type selection options have been added to views. All Servers lists only machine IDs with a server operating system loaded (2003, Server 2000, or NT Server). All Workstations lists non-server operating systems. Use this new view to quickly display only one class of machine.
Alert Email Management
Alerts, under the Monitor tab, has an enhanced editing feature allowing you to more easily manage the notification email addresses. Below the Email Recipients edit box, two new radio controls and a Remove button has been added. Selecting Add to current list (the default) will add the email address to the existing notification list. This prevents someone from inadvertantly over-writing the email list with just their email address. Select Resplace list to over-write the current list with a new list. Click the Remove button to quickly remove an email address for the list without alerting any other alert setting.
Skip if offline
Run Audit and System Info, under the Audit tab, now support the Skip if Offline flag. This lets you control exactly when a recurring audit runs. If the machine if offline at the scheduled time, audit gets rescheduled to run at the next scheduled time rather than at the very next checkin.
The Logs Report function under the Reports tab has been modified to run Event Log reports for any event log type, in addition to individual reports for the Application, Security, and System event logs.
Powered By Kaseya
Formerly the Powered By Kaseya logo that appeared in the top right corner of the web page when you replaced the Kaseya logo. The Powered By Kaseya logo no longer appears in the upper right corner of the web page. Instead, a smaller less obvious logo is displayed with the copyright notice at the bottom of each web page.
New features in v184.108.40.206 - 12 December 2004
Email Created Tickets
With this release, the system may be configured to automatically create new tickets from an email. The ticketing system polls a POP email account and creates new tickets or add notes to existing tickets using the data from received emails. This feature lets you reply to an email and automatically add that data to a new or existing ticket. The Email Mapping function under the Ticketing Tab allows a set of defaults to be set-up to fill in the needed fields based on the email address or domain of the email address. Special tags can be put in an email to set field values specifically for an email. The special tags can affect the machine id, category, status, assignee, or priority. This special tag facility is how an existing ticket can have additional notes added.
As an option in Notify Policy you can specify to send an automatic response email to the originator of an email created ticket. Master administrators can specify the canned message sent in reply to these emails. Use this message to let your users know their request has been received and is in process.
Assign Tickets to Groups
The ticketing system now allows tickets to be entered and associated with a machine group or a specific machine id. This facility allows issues that are not specific to a machine to be entered. An example of a specific tag would be ~ticid=532. A full list of these tags is provided in the help information .
Search, part of the View Summary function under the Ticketing tab, restricts the list of tickets to only tickets containing any of the words in the search string. Search examines the ticket summary line, submitter name, submitter email, submitter phone, or any of the notes. Use the * character as a wildcard in the search string.
Merge lets you combine two tickets into one. Use Merge to combine related tickets. The resulting merged ticket contains all the notes and attachments from both tickets. Merge asks you which field values you wish to use in the ticket for all field values that are different between the two tickets. Merge is part of the View Summary function under the Ticketing tab.
The Edit Fields function under the Ticketing Tab allow master administrators to create any number of new fields shown in tickets. New fields may be stings, drop down lists, or numbers. You can limit who sees or can modify each ticket field with the Access Policy function. Master administrators set each ticket field to Full Access, View Only, or Hidden on a per administrator group basis. You can also set access for users. Any change to a field setting automatically enters a new note for that ticket to log the change (this may be disabled in the Access Policy function).
Administrators can now add hidden notes to tickets that can only be viewed by administrators granted access to hidden notes in the Access Policy function. Use hidden notes to add comments or details you want to record and share with other administrators but not users or restricted administrators. Hidden notes are never included in email notifications.
Due Date Policy
Set the due date for each new ticket based on field values. Any combination of list fields may be defined to set a due date. This allows you to set a ticket due date based on the urgency of the ticket and a guaranteed level of service. You can manually override the due date policy on any ticket (if that administrator or user is given rights to edit the due date). Due dates that violate a policy are clearly highlighted.
Multiple Notify Policies per Group
You can now add multiple policies to each group ID in the Notify Policy function under the Ticketing Tab. This allows you do set separate email lists for each policy. For instance, you can set one email list for normal notifications, and a different email list for past due notification. When the assignee changes on any ticket, that administrator is always send a notification even if he is not on the notification list.
Ticket Read Flag
The system now flags when a ticket has been viewed by an administrator. Once viewed, each ticket is marked as read in the View Summary function under the Ticketing Tab. If any user or other administrator adds a note to that ticket, the original administrators View Summary displays shows the ticket as unread. Use this function to quickly identify tickets that have new information.
Submitter Information Fields
New fields have been provided for collecting the ticket's submitter, contact name, contact email and contact phone. These fields will default to user information of the user associated with a machine. These fields can be updated by an administrator where appropriate.
Agent Status Display
The Agent Status function under the Agent Tab is now fully customizable. You can add/more/delete any column of data from this page. Available columns include all the same columns available in the Aggregate Table report. Customize this page to give you an at a glance view of all your managed machines.
Audit now reports all instances of every application (.exe file). Prior to this release audit reported only one copy of an application if multiple were found.
Agent Network Monitor
A recent hotfix to the IPSEC portion of the TCP/IP stack introduced a conflict with the Network Monitoring driver (primarily on Windows Server 2003). The agent update with this release corrects that conflict. The Network Monitoring driver may be safely re-enabled. The new driver loads on the client machine the next time the system restarts.
The Application Blocker and File Access can now block an application or protect a file located in any directory as well as in a specific directory. That means that you can block access to a file without worrying about the path. For example, if you block access to notepad.exe then the agent blocks all copies of notepad.exe on that machine. Protected/blocked files can not be renamed, moved, or deleted. This feature requires an Agent update on the managed machines.
Impersonate User Script Command
The Execute File and Execute Shell Command script commands may now be executed as a specific user. The new Impersonate User script command enables an administrator to specify the login credentials when a file or shell command is executed as the user. Using this command overrides executing as the user currently logged on. This feature requires an Agent update on the managed machines.
Get File Version
The option to get a the version number of a file has been added to the Get Variable script command. After retrieving the version number, then script variable may be used in subsequent IF script command statements for comparison against a specified value. This feature requires an Agent update on the managed machines.
Executive Summary Report
You can now customize the scoring algorithm for the Network Health Score on the Executive Summary Report. You can add more or less weight (or disable) to any of the five components that make up the score. The report now also has a fully customizable How to read this report section at the end of the report.
Aggregate Table Report
Group ID has been added to the Aggregate Table Report. By placing Group ID at the top of the item list, you can generate a report sorted by group ID.
Patch Management Report
The pie charts and summary tables now exclude all missing patches if they are marked as ignore in a Patch Approval policy.
The Tasks function on the Dashboard has been enhanced with this release. A reminder pops up when any task becomes past due. In the reminder dialog, you can ask the system to remind you again in a selectable period of time or simply dismiss the reminder. The main display now lets you edit existing tasks on your list and change the due date or text description.
Agent Download Page
You can now specify which packages are listed on the agent download page (dl.asp) when no id value is passed in. Check which packages appear in the list on the Deploy Agents function under the Agent tab. Only Master administrators can edit this list.
You can now change the logo on the default theme to your own logo. Click on the Customize function under the System tab. Then click the last customize link labeled 'Customize the graphical user interface'. The customization page pops up. Scroll to the bottom and enter a new graphic image in the section labeled Corporate Logo.
Long Machine ID Display
You can now select different display rules when displaying long machine IDs. Each administrator specifies a display format in Preferences under the System Tab. You can select the normal format (that restricts the name length in order to preserve web page formatting) or a new selection that displays the entire machine name and allows it to wrap to new lines where needed.
Kaseya Hotfix reload
The Kaseya server can pull down and apply available hotfixes to itself when it runs Refresh patch database. At the same time, the server checks for any available hotfixes. If it finds new hotfixes that have not already been applied then the server downloads the hotfix and installs them. Click the Reload button to reload all hotfixes for your current Kaseya version number. Click the Scan Machine function under the Patch Mgmt tab to schedule Refresh patch database.
Event Log Alert Processing
The system now automatically compensates when any managed machine floods they system with event log entries. If more than 400 event logs are received in any 3 minute period, the system disables event log collection for that log on that machine.
New features in v220.127.116.11 - 30 September 2004
The first function on the home page, View Dashboard, displays a quick summary of machine activity and highlights actions that need attention. The Layout function lets you customize the display of the dashboard. Dashboard items are:
The Machine Collections section under the Agent tab lets you create an arbitrary group of machines. Combine machines from multiple group IDs into a single collection and set up a View to work with just those machines. Collections are a powerful tool that works in conjunction with patch management, reports, and all the other features of the system.
The patch management system has been significantly improved as follows:
A set of database views has been provided to allow clients to directly access data within the Kaseya repository. These views can be used by to bring data into a spreadsheet for analysis or to prepare reports. The online help provides a description detailing how the master administrator provides view access to users within their organization. Basic walkthroughs and two example applications, Crystal Reporting and Microsoft Excel.
Deploy Agents Wizard
You can now add any agent installer command line switches to an Agent Install Package. Step 3 of the wizard shows all the command line switches being used and lets you add in more. With this, you can create standard silent installs that install into any directory.
The Agent Status function under the Agent tab now lists the last known reboot of each machine. The reset time is determined by the agent so reboot time is only determined after the agent is in place.
Both the Patch Deploy and Application Deploy wizards now explicitly support distribution of MSI installation packages using the Microsoft Windows Installer.
Event Log Sets
Event Log Sets let you refine the matching filters used by event log monitoring nd event log reporting. With an event log set you can define complete filter parameters for individual events, and group them together into a set. For example, you can set up an event log set entry to only alert on event ID 1000 when the source is Internet Explorer. Each set may contain any number of event log definition filters.
A new Script Import icon is displayed on the scripts toolbar. Clicking this (or the Import Script link in the script editor, opens the script import window. In addition to a button to upload a script file, there is now a place to paste in script text directly. There is also a link to a public forum where scripts can be shared with other users. The Export Script link in the script editor may also be used to submit scripts to this forum.
Send Email Script Command
The new Send Email script command allows any script to send an email. Input parameters are to address, email subject line, and email body. In support of this new command, the Get Variable command has been enhanced to let the script dynamically determine the machine ID the script is executing on. Combine this with Send Email to include the relevant machine ID in each email.
Every email notification generated by the ticketing system, now includes a URL link referencing the ticket. Clicking the link to opens the corresponding ticket in a browser. If you are not already logged into the system, you will be prompted to log in first, and then automatically redirected to the ticket.
You can now set the maximum age limit for log entries independently for each log type. The Log Settings function under the Agent tab now provides a unique setting for alert log, agent log, configuration changes log, network statistics log, and script log. Event logs (application, security, and system) are limited to the 500 most recent entries each.
The IP address range used by LAN Watch is configurable now. You can scan any IP range you want rather than only scanning the subnet set for that particular machine. The maximum allowable range is 65,536 contiguous addresses.
Preinstall Remote Control
The new Preinstall RC function under the Remote Cntl tab, lets you pre-load either WinVNC or RAdmin on any machine. Use this function to eliminate the extra wait for remote control install the first time you try to remote control a machine. A pending remote control install will be copied from a template account when a new machine ID is created, so you can combine the preinstall with new agent deployment.
The Status monitor pop up window now supports Views just like the main machine filter control.
New features in v18.104.22.168 - 30 July 2004
Machine Selection Control
The machine selection controls, located in area below the tab bar header and above all data displays, has been greatly enhanced with this release.
Views allow you to display only the machines you are currently interested in. Define as many unique views as you need then quickly switch from view to view using the Select View control. Click the Edit button to create and/or modify views. Views in this release support:
Machine groups can now be divided into subgroups giving you significantly more ability to organize your machines to easily map into any organization structure. Subgroups may be created by either master or standard administrators. (Only master administrators may create top level machine groups.) Define subgroups using Machine Groups Create/Delete function under the System tab.
Master administrators can now restrict any admin group to a sub set of the total system functions. For each admin group, you can turn on/off any of the VSA's functions and tabs. For example, you can prevent a class of administrators from accessing remote control and scripts, but still allow them to see audit and ticketing.
Alert triggered scripts
Task an alert to trigger any script you define with the Alerts function under the Monitor tab. You can run the script on the machine that triggered the alert or on any other machine you specify. The same data reported in the alert, is also passed to the script through temporary variables so your scripts may be highly customized. See online help for Alerts for details.
Patch Management -
Alerts are now part of the patch management system. The system sends the selected administrator an email alert when ever Scan Machine discovers one of the three different patch alert cases:
Patch Management -
Reboot Action options have doubled. You get significantly more control to better fit your user's work habits. The three new settings are:
Patch Management -
Printers, under the Audit tab, will now display the full path names of all items. Check or uncheck the Full column width box to toggle between normal display and full column width display.
You can now create new local accounts on any managed machine using the Reset Password function under the Remote Cntl tab. If an account name does not already exist, then check the 'Create new account' checkbox and enter the new account name and password.
License Summary Report
This release contains a new Software Report titled License Summary. This report provides an at a glance view summarizing the number of machines running each operating system type, Microsoft Office type, and all other licensed applications discovered during the recurring audit.
Aggregate Table Report
Several new fields have been added with this release.
This release supports upgraded versions of WinVNC (v4.0) and Remote Administrator (v2.2).
Run Windows Script
A new sample script titled Run Windows Script as been added to Sample ScriptsConfig Changes folder in the scripts area under the Install tab. This script shows how to deploy and run a Windows Script Host (WSH) script on any machine. Typically run either VBS or JScript scripts. This example JScript file writes a test error message to the Application Event Log.
System Info Scheduler
You can now schedule System Info collection to automatically run on a recurring basis.
New features in v22.214.171.124 - 30 March 2004
Windows 2003 Server with IIS 6 Install
The Kaseya server may now be installed on Windows 2003 running IIS 6. The agent has supported Windows 2003 since version 3 of Kaseya.
Patch Management Report
Added graphical charts to the patch management report. These charts give an at a glance view of the patch status of all your machines.
Added a link to the machine interface popup window on each ticket. Clicking the machine ID link opens the machine summary window for the machine the ticket was issued against. Now you can have all information for the problem machine with one click, including the ability to launch remote control.
Allow maximum address range scanned to be set from 8-bit to 15-bit address space. In previous versions the address range was limited to 8-bit (255 addresses).
You can now add multiple name policies per machine group ID. This lets you rename machines in different IP ranges into the same group ID.
New features in v126.96.36.199 - 5 March 2004
Improved detection and distribution of older patches, particularly for Windows NT4. Added ability to manually apply patches for machines set for Automatic Update. Added support for MDAC.
New GUI Theme
Added a new theme to the web GUI customization (Enterprise Edition only). Select Login Policy, under the System Tab, and click the bottom Customize link. Then select 'Banner' from the theme drop down control. There is now a Home link in the top tab area that brings you back to the start page seen immediately after login.
Agent Dialup Connection Fix
Fixed a problem introduced in version 188.8.131.52 in which the Agent never detected the presence of a dialup connection, and therefore never connected back to the VSA server.
Custom Agent Icon
In addition to displaying your own icon for the Agent in the system tray with the Enterprise Edition, the Agent now also displays your custom icon in the dialog boxes that the Agent presents to the user.
A separate user login value is now saved for each user. Login Name is set in the User Access function under the Agent tab and is securely bound to the password. Contact Name is no longer used for this function and is free to be used for its original function of holding the computer user's name. Existing users will not be able to log in with the Contact Name. They must log in with the machine ID and the reset their login name (or the administrator may reset their password and set a new login name for them).
Database Maintenance Time
The Configure function under the System Tab now lets you set the time of day maintenance will be scheduled instead of always running at 02:00.
LAN Watch/Install Agents
Fixed a bug that prevented more than one agent from being installed at a time.
New features in v184.108.40.206 - 30 January 2004
Graphical User Interface
The VSA user interface has been reworked to better organize functions and modernize the look and feel. The login pages, for both users and administrators, can be completely customized by a Master administrator using the Login Policy function under the system tab. The Enterprise Edition supports full customization of the entire web site and lets you replace the agent system tray icon with your own icon. See the Customize functions on the Login Policy function under the System tab.
Automated patch management has been added. The VSA will automatically detect when new patches need to be applied to each managed machine and install them. You can configure each machine to automatically install all patches or decide on a patch by patch basis for all machines in a group.
Added Deploy Agents and Agent Status (replacing Machine Accounts). This allows each administrator to define their own default agent package. Multiple install packages can also be created and deployed. You can now also share install packages with other administrators by clicking the Share button next to each install package definition. Install Agents now lets you select an install package to deploy (rather than use the default agent).
You can now create groups of administrators and assign rights to those groups. Adding a new administrator to a group automatically gives that administrator all the rights and privileges assigned to that group. Each administrator group defines which machine group IDs they get access to, who they can share scripts and agent install packages with. Administrators may belong to multiple administrator groups.
All scripts now live under the install tab and may be nested into folders. Share rights may, like Deploy Agents, also may be applied to scripts. This lets you share scripts with just any number of selected administrators without making the script public to all administrators.
Modified script scheduler to allow scripts to be scheduled to run on a recurring day of the month. Also there is not a checkbox to tell a script to not run if the agent is offline at the appointed time.
There is a new control for selecting different pages of data on each screen. The page numbers have been replaced with a drop down control listing the first machine ID of each page in alphabetical order. This new tool allows you to quickly locate the page with any specific machine ID.
Get File Fix
Fixed a bug in the Get File script command that caused large file transfers to take exceptionally long.
Added a delete function to the Pending Scripts table in the single machine interface. This will let you remove any pending script from a machine if you need to.
New Sample Scripts
Added new sample scripts to backup My Doc and to initiate Startup Task. Use Startup Task on XP boxes that do not reconnect to the network after a reboot. XP will not connect to the network until an application first needs the network. The agent does not use the network unless a connection exists. The Startup Task script causes the selected PC to use the network one time immediately after startup. This lets the agent connect back to the VSA right away after a reboot. Do not use this script on machines with a dial-up connection to the internet.
App Deploy / Patch Deploy
Modify scripts generated through the wizard for App Deploy and Patch Deploy when the File Share option is selected. Instead of executing from the file share, which may not exist for the Agent when executing as the system, set up the script to do the following:
Hide VNC Icon
VNC icon can now be hidden if the administrator desires it. Also, if a pre-existing password exists then the VSA will not alter it. This lets you set a password and use VNC directly without the VSA. Note: This release updates VNC to add the hidden icon capability. Old passwords are not saved when updating VNC. You will have to reload any passwords you want to use outside of the VSA.
Separated out the RAdmin and VNC parameters into their own function, Set Parameters, under the Remote Control Tab. Also, now when you set User Notification to either Notify or Ask User, the admin name making the request is displayed to the user in the dialog box.
Uninstall RC function added to the Remote Cntl tab. Use this function to remove either WinVNC or RAdmin from the remote machine. If remote control fails with either of these packages, run Uninstall RC and then try Control Machine again.
Video Streaming replaces Manual Control and is automated with ActiveX. Users no longer need to download and run the manual control package.
Agent Status Alert
Added a minutes category for the Agent Status alert Agent has not checked in for. Use minutes to monitor servers you need quick notification for when they go offline.
Added edit icon to Scheduled Reports. Click to edit existing scheduled reports parameters.
HW Audit - Net Protection
Removed Enable HW Audit and Enable Net Protection checkboxes from Agent Tab - Create and Audit Tab - Run Audit. There is now an Enable/Disable button on the Run Audit function to turn on/off the PCI audit driver. Enable Net Protection is now controlled from the Monitor Tab - Network Access function. This lets you easily toggle the state of multiple machines at once instead of having to do each individually.
Allow audit to be scheduled to run at a time of day
File Access and Network Access have been re-written to simplify the user interface. Application Blocker function has been added to prevent selected applications from ever running on a machine.
Administrator Logon Name
Administrators can now change their logon name by selecting the Admin Profile function under the system tab.
Administrator Log Off
Master administrators can now log off any other administrator on the system. See the Enable / Disable function under the System Tab.
System Tab Restructured
System Tab functions have been completely restructured into function groups: Admin Accounts, Admin Groups, Machine Groups, and VSA Server Management.
Configure VSA and Statistics
Server Info has been renamed to Configure VSA. There is also a new function below it named Statistics. All VSA server stats have been moved from the Configure VSA page to the Statistics pages. There are also several more statistical parameters reported such as number of agents currently online (also now reported on the Status Monitor).