Add Roaming
Endpoints
- You can protect Windows and Mac devices outside your network by installing the Shield agent on each roaming device
- Click 'Configure' > 'Objects' > 'Roaming Devices' > 'Download Agent'
- You can manually install the agent on devices or install it remotely through Endpoint Manager.
- Once installed, you can deploy policies to the devices as required
- Roaming devices cannot connect to internal domains unless configured appropriately in the 'Network' interface.
- Set an anti-tampering password to prevent users uninstalling the agent from the device. Windows devices only.
-
Click 'Configure' > 'Objects' > 'Roaming Devices' to view all enrolled roaming devices:
Roaming Agents - Table of Column Descriptions |
|
---|---|
Column Header |
Description |
Company |
Applies to MSPs only. The name of the company to which the roaming device is enrolled. |
Computer Name |
The label of the endpoint. |
OS Version |
The version number of Windows or Mac operating system on the endpoint. |
Device Unique ID |
String generated by the agent to identify the device to Secure Internet Gateway. |
Status | Shows whether the roaming device is connected to SIG or not.
|
Agent Version |
Version number of the XSIG roaming agent deployed on the endpoint. |
Actions |
Control for removing endpoints. |
The interface allows you to:
- Click 'Configure' > 'Objects' > 'Roaming Devices' > 'Download Agent'
- Manually install the agent on endpoints - Click 'Configure' > 'Objects' > 'Roaming Devices' > 'Download Agent'. Manually Install the agent on target devices. The devices will be automatically enrolled.
- Import from Endpoint Manager - You can remotely install the agent on managed Windows endpoints from the Endpoint Manager console.
Add new devices
- Click 'Configure' > 'Objects' > 'Roaming Devices'
- Click 'Download Agent' at the top-right:
Choose your download options in the 'Download Agent' dialog:
- Select Company - MSPs only. Select the customer organization for which you want to enroll devices.
-
Download for Windows - The agent installation package for Windows devices. See Enroll Windows devices for more details.
- Download for mac OS - The agent installation package for Mac OS devices. See Enroll Mac OS devices for more details.
- Get Endpoint Manager Agent Windows Link - Get Endpoint Manager Agent Windows Link - Reveals the link you need to remotely install the agent on Windows endpoints through Endpoint Manager. See Import Windows Devices from Endpoint Manager for more details.
- Click 'Configure' > 'Objects' > 'Roaming Devices'
- Click 'Download Agent' at the top-right
- Click 'Download for Windows' in the 'Download Agent' dialog. The installation file is in .msi format.
- Transfer the setup files to the Windows devices you want to enroll.
Next, install the agent on the device(s).
- Double-click the setup file or right-click and select 'Install' from the context sensitive menu.
The
installation wizard starts.
- Click 'Next' and complete the agent installation wizard.
- Click
'Finish'
That's it. The device is added and listed in the 'Configure' > 'Objects' > 'Roaming Devices' interface.
- Note - no security rules are applied to roaming device by default. You can create and apply device specific policies according to your requirements.
-
See 'Apply Policies to Networks, Roaming / Mobile Devices' for advice on how to configure and deploy security policies to roaming devices.
- Click 'Configure' > 'Objects' > 'Roaming Devices'
- Click 'Download Agent' at the top-right
- Click the 'Download for Mac OS' button in the 'Download Agent' dialog. The installation file is in .pkg format.
- Transfer the agent to the Mac OS devices that you want to enroll.
Next, install the agent on the device(s).
- Double-click the package file to start the installation wizard.
- Click
'Continue'
Choose the agent installation location in the next step:
- To install the agent in the default location, click 'Continue'. To install the agent in a different location, click the disk icon, navigate to the new location and click 'Continue'.
The next step lets you choose the installation type and start the installation.
- Click 'Install'
The installation requires your user account to continue.
- Enter your device user name and password in the respective fields and click 'Install Software'
- The installation starts:
- Click 'Close' to exit the wizard when installation is finished:
Once installed, the agent starts communicating with the Secure Internet Gateway server. The device is visible in 'Configure' > 'Objects' > 'Roaming Devices'.
- Note - no security rules are applied to roaming device by default. You can create and apply device specific policies according to your requirements.
- See 'Apply Policies to Networks, Roaming / Mobile Devices' for advice on how to configure and deploy security policies to roaming devices.
Import
Windows Devices from Endpoint Manager
- Click 'Configure' > 'Objects' > 'Roaming Devices'
- Click 'Download Agent' at the top-right
- Click 'Get Endpoint Manager Windows Link':
- Use this link as the 'Package URL' to install the agent on managed endpoints.
Process in brief:
- Login to Endpoint Manager
- Click 'Devices' > 'Device List' > 'Device Management' tab
- Select the Windows device(s) on which you want install the packages
- Click 'Install or Update Packages' and select 'Install Custom MSI/Packages'
- Paste the agent download link into the 'MSI/Package URL' field
- Configure the other remote installation options as required
- Click 'Install'
- See https://help.Xcitium.com/topic-399-1-786-10139-Remotely-Install-and-Update-Packages-on-Windows-Devices.html if you need additional help to install packages via Endpoint Manager.
Configure Anti-Tampering Password
- The anti-tampering password helps stop the agent from being uninstalled from a roaming device.
- Once set, the agent cannot be removed unless the password is provided.
- Password protection is only available for Windows devices.
Set an uninstallation password
- Click 'Configure' > 'Objects' > 'Roaming Devices'
- Click 'Anti-Tampering Password' on the top right
- Select Company - MSPs only. Select the customer organization for which you want to set a password.
- Password – Create a unique key that is required to uninstall the agent.
- Click 'Save' for your settings to take effect
- Repeat the process to set password for other companies
- The password protection will take effect after ten minutes.
Note: The password protection applies only to the agents of version 1.5 and later. |
- Roaming devices that no longer need web protection can be removed from Secure Internet Gateway.
- Any security policies also be removed from the deleted devices.
- To minimize errors while deleting SIG agent, we recommend deleting SIG agent only with a disabled VPN. Please disable VPN or any other application, then continue to delete the agent.
Remove a roaming device
- Click 'Configure' > 'Objects' > 'Roaming Devices'
- Click the trash can icon beside a device to delete it
-
Click 'OK' to confirm device removal.