Syncro RMM provides third-party remote monitoring and management software specifically designed for Managed Service Providers. Emsisoft’s endpoint protection software can be used in conjunction with Syncro’s Managed Antivirus component to provide ongoing malware protection for your clients. Syncro allows you to remotely create scheduled scans, configure software settings, review scan logs and keep Emsisoft endpoint protection up to date.
To learn more about how Syncro integrates with Emsisoft, please see this blog post from Syncro, or simply follow these steps to get started:
Enabling Emsisoft on your Syncro Devices
First, you will need to create a policy that has MAV (Managed Anti-Virus) enabled. We have already included two policies for you called “Monitoring + AV” and “Monitoring + AV PLUS” that will allow you to enable MAV. When you download the RMM installer, select one of these policies and you will also install your MAV with your Syncro RMM Agent.
If you would like to use your own policies, you can head over to the “Policies” section of Syncro and edit or create a new policy. Here you will be able to enable or disable MAV for the device. Enabling MAV will give you a range of customizable features at your disposal.
If you already have a device with Syncro installed and want to put on Emsisoft you can add a policy onto the device with Emsisoft enabled, and the install will queue up on the device. If the device is offline, it will install once the device turns back on and connects to the internet. If the device is already online, it will install the Emsisoft right then and there!
Enabling Emsisoft Scheduled Scans
When a policy has Emsisoft AV set to “Syncro Managed”, you can allow Syncro to control when Emsisoft will scan the device. You will have these options when setting the scan:
- The type of scan (Quick, Full, or Smart)
- The frequency of the scan (Weekly, or Daily)
- The day the scan runs (for Weekly scans)
- The time of day the scan will run
- Whether the scan quarantines any found threats
- Whether the scan should be run silently or not
Enabling Emsisoft Cloud Console
First, you’ll want to ensure that you’ve signed up for and have access to a ‘MyEmsisoft’ account already. You can sign up for a ‘MyEmsisoft’ account here.
Next, you’ll want to make sure Emsisoft is enabled on your policy, and the policy is set to “Emsisoft Managed”. This will allow Emsisoft Cloud Console control the settings and scans. Please note, Syncro will still control the license and installing/uninstalling. This just allows the Cloud Console take priority over Emsisoft AV settings.
1. Once Emsisoft is enabled on a customer’s device, an Emsisoft License will populate on the customer’s detail page here:
Now, you will need to create a Workspace for this customer in the Emsisoft Cloud Console:
You will want to select the “EmsiSoft Business Security” option as the protection type.
Once you have created the Workspace and click into it, you will be prompted with this popup message
Do NOT select the option to ‘Download’ or ‘Send Email’. Instead, select ‘Don’t show again’ and close out of the window. Selecting the ‘Download’ option will download a trial version of Emsisoft that is outside of Syncro and will not be managed.
2. Next, you will need to add the License Key from Syncro into the Emsisoft Cloud Console. Inside the Workspace head to Settings and select ‘Apply license key’. This is the same Emsisoft Key in Syncro from step 1 that you will copy and paste into Emsisoft.
Once the key has been entered and you return to the workspace, you will see the device immediately populates with a status of “Not Managed”. This means the license has not yet been authorized which will be handled in the next step.
3. In Syncro, you will need to grab the “Emsisoft-Token-Apply” script from the community library and import the script. The script will apply the Emsisoft CCC Auth Token so the machine becomes managed.
Here is a copy of the script:
start-process -filepath “$env:programfiles\Emsisoft Anti-Malware\a2start.exe” -argumentlist “/applytoken=$authToken”
runtime variable: authToken
Please note: If you are copy and pasting the script, make sure the quotations on the file path are not skipped otherwise the script will not successfully run.
4. Before the running the script, you will need to grab the Installation Token from Emsisoft Cloud Console that will be added to the script as the runtime variable. The token can be found under Protection Policies here:
The Installation Token is per Workspace in the Emsisoft Cloud Console. Meaning, you will need only one Installation Token per customer in Syncro.
5. Now the script can be run on the asset in Syncro:
Note: If your customer has multiple assets, you can select them all from the Assets & RMM page and run a bulk script. You will need to paste the Installation Token into the runtime variable as directed above and then the script will run on all assets.
6. Once the script has successfully run, the device will now show up as ‘Protected’ in the Emsisoft Cloud Console:
Now that the device shows as Protected, the license has been authorized and you are now free to make changes to the policy.
Emsisoft Cloud Console Policy Controls
Policy controls can be handled by creating a Policy Template in Emsisoft Cloud Console. These templates can then easily be applied to all Workspaces.
The template can then be added to a workspace here:
Once the template has been created, you can start applying the policy controls.
Some settings in the Emsisoft Cloud Console appear in both Syncro and Emsisoft. For these settings, Syncro will control them and override what is entered in the Cloud Console.
The images below will highlight which settings will be controlled in Syncro (red) and which settings will be controlled in the Cloud Console (green).
It rarely happens that the protection is displayed as Not Installed in the Antivirus tab in Syncro and Not Managed in the Emsisoft console, even though it’s showing as Installed in the Overview and Installed Apps for the asset in Syncro.
This could happen when the required port 61614 is closed on the endpoint. This prevents the agent from being able to communicate with the Emsisoft Console. Setting port 61614 to Open may resolve the issue.