Environment
- App Control Agent (formerly CB Protection): All Supported Versions
- App Control Console (formerly CB Protection): All Supported Versions
- Microsoft Windows: All Supported Versions
Symptoms
- Server/App Control console is down or unavailable
- Wanting to avoid or circumvent blocks on endpoint(s) while server is down
Cause
Planned or unplanned downtime of the App Control Server/Console
Resolution
Planned Downtime Options (from the console):
- Change the "Disconnected Enforcement Level" to Medium or Low Enforcement
- Login to the Console
- Navigate to Rules > Policies
- Click to edit each desired policy
- Change "Enforcement Level (Disconnected)" to Low or Medium
- Revert when downtime is complete
- Put the devices into local approval mode
- Login to the Console
- Navigate to Assets > Computers
- Select computer(s) > Action > Move to Local Approval
- Revert when downtime is complete
Unplanned Downtime (Manually):
- Place the device into low/med enforcement or into local approval mode
- Login to the affected device
- Open admin CMD prompt
- Run commands:
cd c:\program files (x86)\bit9\parity agent
dascli password <Password>
dascli enforcement low (or med)
dascli status (confirm enforcement level)
- Restart endpoint or CB Protection agent service to revert enforcement level.
- Put the device(s) into local approval mode:
- Login to the affected device
- open admin CMD prompt
- Run commands:
cd c:\program files (x86)\bit9\parity agent
dascli password <Password>
dascli disconnect
dascli enforcement 35
dascli status (confirm enforcement level shows local approval)
- After the server is back up :
- Run the command:
cd c:\program files (x86)\bit9\parity agent dascli password <Password>
dascli disconnect
- OR - Restart endpoint or App Control agent service to revert enforcement level.
- Confirm the agent is back to being connected and in the correct enforcement mode by running the command
dascli status
Additional Notes
- Lowering the enforcement level or changing to local approval does come with risk. Refer to the User Guide for more information.
- Transitioning from Low Enforcement back to High enforcement can locally approval all unapproved files depending on policy setting. Refer to the User Guide for more information.
Related Content