Troubleshooting SSE Agent Health Issues and Recovery
There may be scenarios when a rogue user may manually try to uninstall or delete the installed Skyhigh Client Proxy which has been installed in the endpoint system. To prevent such situations, we have a feature called Tamper protection.
About Tamper Protection
When the Tamper Protection feature is enabled, users are not allowed to remove the Client Proxy software from the endpoint without requesting and receiving a temporary release code from an administrator.
The Skyhigh Client Proxy policies are managed using the ePO software. The Tamper Protection feature needs to be enabled while configuring the policy and the same policy is pushed to all the endpoint systems. Once this policy is pushed out to the endpoints, the client software and the policies will be access protected. Hence, the end user will not be able to uninstall the client or make any changes to the client files & related policy configurations.
Troubleshooting Non-redirection Status
If at any point in time, the Skyhigh Client Proxy stops intercepting & redirecting traffic to the Skyhigh Security SSE network, the agent shows pop up warning indicating the change in redirection status from "Redirecting" to " Not Redirecting" in the Endpoint Security Dashboard present in the endpoint system.
The Client proxy software & related policies are managed by ePO. When the status of the Client Proxy Software changes, in the ePO dashboard, the administrator can monitor the current status of the Skyhigh Client Proxy in real-time. The administrator can determine if the client is intercepting and redirecting traffic from the endpoint to the Skyhigh Security SSE Network by checking the redirection status in the ePO console.
The administrators can view the status against each of the clients installed in the ePO console. The status reflects either “Redirecting” or “Not Redirecting”. A “Not Redirecting” status means that the client is not intercepting and redirecting the traffic. When the administrator observes the status as “Not Redirecting”, they initiate the required troubleshooting to identify the reason why the client is not redirecting traffic.
Administrators have the privilege to access each appliance and monitor the SCP status directly from the ePO console.
Administrators can also generate a report with the redirection status of the entire client infrastructure present in the customer’s environment & based on that can creare help desk tickets for further troubleshooting.