Administrative Guide Enterprise Licensing

(1)

(2)

Bomgar Administrative Interface

As a tour of /login, this guide is designed to help you administer Bomgar users and your Bomgar software. The Bomgar Appliance serves as the central point of administration and management for your Bomgar software and enables you to log in from anywhere that has internet access in order to download the representative console to virtually support your end-users.

Use this guide only after an administrator has performed the initial setup and configuration of the Bomgar Appliance as detailed in theBomgar Appliance Hardware Installation Guide. Once Bomgar is properly installed, you can begin supporting customers immediately. Should you need any assistance, please contact Bomgar support atwww.bomgar.com/support.

(5)

Login to the Administrative Interface

The user administrative interface enables administrators to create representative accounts and configure software settings. Log into the user administrative interface by going to your appliance’s public URL followed by /login.

Although your appliance’s URL can be any registered DNS, it will most likely be a subdomain of your company’s primary domain (e.g. support.example.com/login).

Default Username: admin Default Password: password

Because Bomgar is licensed by concurrent users, you can set up as many accounts as you need, each with unique

usernames and passwords.

If Kerberos has been properly configured for single sign-on, you can click the link to use integrated browser authentication, allowing you to enter directly into the web interface without requiring you to enter your credentials.

Note: For security purposes, the administrative username and password used for the /appliance interface are distinct from those used for the /login interface and must be managed separately.

(6)

Status

INFORMATION: VIEW BOMGAR SOFTWARE DETAILS

The main page of the Bomgar /login interface gives an overview of your Bomgar Appliance statistics. An administrator can select the appropriate time zone from a dropdown, setting the correct date and time of the appliance for the selected region. You also can restart the Bomgar software remotely.

Additionally, view the number and type of Bomgar clients connected.

(7)

REPRESENTATIVES: VIEW LOGGED IN REPS AND SEND MESSAGES

View a list of representatives logged into the representative console, along with their login time and whether they are running support or presentation sessions. You also can terminate a representative's connection to the representative console. Send a message to all logged-in representatives via a pop-up window in the representative console.

You also may view representatives who have extended availability mode enabled. Enabling extended availability mode does consume a license. You may disable a representative's extended availability in order to free up a license.

(8)

WHAT'S NEW: SEE SOFTWARE RELEASE DETAILS

Easily review Bomgar features and capabilities newly available with each release. Learning about new features as they become available can help you make the most of your Bomgar deployment.

The first time you log into the administrative interface after a Bomgar software upgrade, the What's New page will receive focus, alerting you that new features are available on your site.

You must be an administrator to view this tab.

(9)

My Account: Change Password and Username, Download the

Representative Console and Other Software

From the My Account page, you can download the Bomgar representative console. The file type will default to the appropriate installer for your operating system.

For system administrators who need to push out the representative console to a large number of systems, the Microsoft Installer can be used with your systems management tool of choice. In your command prompt, when composing the command to install the representative console using an MSI, change to the directory where the MSI was downloaded and enter the command included on the My Account page.

You can include optional parameters for your MSI installation.

l INSTALLDIR= accepts any valid directory path where you want the representative console to install.

l RUNATSTARTUP= accepts 0 (default) or 1. If you enter 1, the representative console will run each time the computer starts up.

l ALLUSERS= accepts “” or 1 (default). If you enter 1, the representative console will install for all users on the computer;

otherwise, it will install only for the current user. If you install for only the current user, you can choose to have the

representative console automatically update each time the site is upgraded by entering SHOULDAUTOUPDATE=1; a value of 0 (default) will not auto-update, and the representative console will need to be manually reinstalled when the site is upgraded. If you install the representative console for all users, it will not auto-update.

You can download a session recording viewer to view recorded sessions from your desktop rather than only on the web.

In unusual scenarios where video driver performance is slowing down screen refresh rates, downloading the display driver on the target system can greatly improve screen sharing speed. The display driver must be installed on the computer whose screen is to be viewed, either the remote computer for a

support session or the representative's computer for a presentation. The display driver works only on Windows XP and higher and

(10)

You can change your email settings for Extended Availability Mode, including preferred language for the emails.

You can change your password and display name, and non- administrators may change the security question and answer.

Bomgar recommends changing your password regularly.

You can choose to have a public display name, for use with customers, and a private display name, used for all internal communications between representatives, on chat transcript reports, team activity reports, and so forth. By default the two fields are in sync, so anything you type in the Private Display Name field is copied automatically to the Public field. To change your public display name type in the name you want your customers to see. To put the fields back in sync, simply make them identical again.

(11)

Configuration

OPTIONS: MANAGE THE GENERAL QUEUE, RECORD SESSIONS, MONITOR

LICENSE USAGE, SET UP TEXT MESSAGING

The option Enable the General Queue is selected by default and creates a queue in the representative console that includes all logged-in representatives. If deselected,

representatives will see only their personal and team queues, and they will be unable to communicate with any

representatives outside their teams. Disabling the general queue is helpful for companies with a large support center where representatives do not need to interact outside their teams.

Note: Disabling the general queue does not prevent representatives from transferring sessions to other teams. This permission is configured per user from the User Accounts page. See"User Accounts: Add User Permissions for a Representative or Admin" on page 34.

If you check Require Closed Sessions on Logout or Quit, then representatives will be unable to log out of the representative console until their personal queues are empty.

There are five rules for when a representative’s connection to a session is lost or terminated. (1) If the session is shared, it transfers to the representative who has been sharing the session the longest. If not shared, it transfers to (2) the last queue it was in, (3) the queue in which it entered, or (4) the general queue. This second set of rules can be turned on or off for normal sessions (attended), Jump sessions (unattended), or both. (5) Finally, if no representative is found, the session ends.

Note: If the session is in a persistent queue, the above logic will not apply. For more information about persistent queues, see

"Support: Contact Bomgar Support" on page 85.

If General Queue Routing Algorithm is set to Least Busy, Equilibrium will be enabled so that a session in the general queue will be assigned to the least busy representative who is allowed to participate in the general queue. If it is set to Skills Match, Least Busy, then if a session has needed skills marked and is transferred to the general queue, that session will be assigned to the representative with the best skills match. The

representative has as long as is set in General Queue Alert Timeout to either accept or reject the session. If the representative rejects the session or fails to respond before the timeout, the session will be reassigned to the next best matched representative

(12)

Choose if you want screen sharing sessions, Show My Screen sessions, and/or command prompts to be recorded in Flash video format (FLV). Set the resolution at which to view playback. Note that all recordings are saved in raw format; the resolution size affects playback only. You can automatically pull the remote computer’s system information to be available in the session report details. When supporting mobile platforms, choose Standard to pull a small set of data or Extended to pull all available information. You can also choose to record presentations.

You can request to be alerted should your Bomgar license usage exceed a certain number of logged-in representatives at the same time. This is helpful in monitoring your teams’ license usage in order to keep your representatives adequately supplied. If you choose to be alerted, enter the contact email address and set when and how often you wish to be alerted.

This feature requires validSMTPconfiguration for your

appliance, set up on the Email Configuration page under the Management tab.

You may enter a custom link that will appear as a button in the representative console during a support session. One example use of this link is to associate sessions with external programs such as customer relationship management systems (CRM).

The variable %EXTERNAL_KEY% inserts the session's

external key into the URL. If, for instance, the external key matches the unique identifier of a case in your CRM system, clicking the session's custom link button could pull up the associated case in this system.

You may enter a secure SMS Gateway URL from your ISP or third-party gateway provider to give reps the option to send support access keys via SMS text messages. Send support messages via SMS to a mobile device from within the

representative console. SMS messages sent in this manner to other mobile devices will still receive a session link. The SMS communication is not logged in the appliance.

(13)

ISSUES: MANAGE SUPPORT ISSUES

Create support issues to streamline your customers' experience when requesting support on the public portal.

Issues created may be configured to appear on the dropdown menu of the issue submission form and comprise a list of the support problems most likely to be experienced by your customers.

Note: Since support issues need to be routed to Support Teams (see"Support Teams: Group Representatives into Teams" on page 14), you need to create teams before you create support issues. If you wish to associate skills with that issue, you need to create them first as well (see"Skills: Route Issues to Representatives" on page 16).

Click Add New Support Issue to create a new issue. Give it a title and a code name. Then use the Route To dropdown menu to have that issue routed to a specific team. Set the issue's priority to High, Medium, or Low, depending on how you want the issue to be handled by the system. The default is Medium.

Next, check the box if you want to allow representatives to request help for this support issue while in a session. If checked, the issue is listed in the Request Help flyout window of the representative console when the Session Sharing option is selected.

Issues can be associated with the skills needed to best resolve

them. Skills can be More Preferred, Less Preferred, or Ignored, depending on the level of knowledge required to resolve a given issue. This will determine how support requests are routed and handled by the system.

(14)

SUPPORT TEAMS: GROUP REPRESENTATIVES INTO TEAMS

Grouping support representatives into teams aids efficiency by assigning leadership within groups of representatives as well as by helping to direct customers to the representative best suited to solve a given problem.

Assign the team a name and set comments to help identify the purpose of this team.

If Persistent Queue is checked, support sessions will remain in this team’s queue even if no representatives are available. A session transferred to this team’s queue will remain in the queue indefinitely until a team member or API operation handles the session. This option provides additional flexibility for custom session routing management.

When adding a team, you can reserve a minimum number of licenses for that team via the Reserved Slots field. This option guarantees that at least the specified number of licenses will be available for members of this support team. Effective license usage management helps to avoid license lockout situations wherein a license is needed but none is available, thereby ensuring that the most critical issues can be

addressed by reserving licenses for the most crucial support teams.

Note any group policies which assign members to this team.

Click the link to go to the Group Policies page to verify or assign policy members.

From the list of available representatives, select one or more users and click the arrow to move them into the team.

You can set each member’s role as a Team Member, Team Lead, or Team Manager. These roles play a significant part in the Dashboard feature of the representative console.

Team members who share membership through one or more group policies are listed for you, along with a link to the Group Policies configuration page.

Under the Equilibrium Settings section, if Routing Algorithm is set to Least Busy, a session in this team queue will be assigned to the least busy representative who is a member of this team. If it is set to Skills Match, Least Busy, then if a session has needed skills marked and is in this queue, that session will be assigned to the representative in this team with the best skills match. The representative has as long as is set in Alert Timeout to either accept or reject the session. If the representative rejects the session or fails to respond before the timeout, the session will be reassigned to the next least busy representative who is a member of this team.

(15)

If enabled in the Dashboard Settings section of the main page, a Team Lead or Manager can monitor team members from the dashboard. Choose a selection to Disable the ability to monitor, restrict monitoring to Only Representative Console, or allow a Team Lead or Manager to monitor a team member's Entire Screen. Monitoring affects Team Leads and Managers for all teams on the site. To display a monitoring icon in the

team member's representative console, select the checkbox Enable Monitor Indicator. A Team Lead can also take over or transfer a team member’s sessions if the Enable Session Transfer checkbox is selected. Similarly, a Team Manager can monitor and administer both team members and Team Leads.

Within a team, a representative can administer only others with roles lower than his or her own. Note, however, that roles apply strictly on a team-by-team basis, so a representative may be able to administer another representative in one team but not be able to administer that same representative in another team.

Once you have saved your changes, you can modify a team by clicking Edit Team or remove a team entirely by clicking Delete Team. Deleting a team does not delete those representative accounts, only the team with which they are associated.

(16)

SKILLS: ROUTE ISSUES TO REPRESENTATIVES

Skills are the areas of expertise covered by your

representatives. As an administrator, you need to create a list of these skills, which are ranked in broad categories according to their importance. These root skills can be assigned a number of sub-skills. For instance, the root skill for

"Antivirus"can contain a list of common antivirus programs, each a particular sub-skill necessary to properly address a customer support issue dealing with antivirus-related problems.

Representatives associated with a given skill are listed on the right. If no representative is associated with a skill, click on the Users page link to configure skills for each user.

CREATING SKILLS

Note: In order to be able to create and edit skills, this permission has to be set per user. Go to Users and Security > User Accounts, scroll down to the Permissions section, and make sure Allowed to Edit Skills permission is checked. Administrators are automatically granted this permission.

To begin, you need to create a list of skills. To start, add a few general categories, or root skills. On the Configuration > Skills page, click New Root Skill, then enter a display name and a code name. The code name is for internal use only.

Next add skills under the new root skill. The new root skills and their sub-categories display in the Skills tree.

You can use the orange arrows to expand or collapse each section.

(17)

Root skills are ranked sequentially from more critical to less critical. When Equilibrium is enabled, the system will try first to match all the root skills, but if that is not possible, it will begin to peel away lower ranking skills first, one at a time, until a match is found. If you need to change a root skill's rank, click on Change Ranking and you will now be able to drag and drop skills into their new positions.

Once created, skills can be assigned to representatives from the User Accounts page. See"User Accounts: Add User Permissions for a Representative or Admin" on page 34

BULK IMPORT

When dealing with a larger number of representatives and/or skill sets, it may be easier to assign skills to representatives using bulk import. Use Import User Skills to upload a CSV file with the usernames and associated skills. The CSV file should use the following format:

"username1", "skill_code_name"

"username1", "skill_code_name2"

"username2", "skill_code_name"

Please note that the skills listed for a given representative on the import file will override any skills already associated with that user.

If you need to remove all associated skills with a particular user, leave the skill code name empty (“username3”, “”).

(18)

ACCESS SPONSORS: CREATE GROUPS OF PRIVILEGED USERS

Create access sponsor groups to enable a representative with restricted permissions to request a more highly privileged representative to perform certain actions on his or her behalf, such as elevating a customer client to administrative rights or entering credentials for a remote system.

First, name the group and add a brief description. Then, add lower-privileged representatives as requesters to this group, and higher-privileged representatives as sponsors.

(19)

JUMPOINT: SET UP UNATTENDED ACCESS TO A NETWORK

Bomgar's Jump Technology enables a representative to support both attended and unattended computers on a remote network without having to pre-install software on every

machine. Simply install a single Jumpoint agent at any network location to gain unattended access to every PC within that network.

At the bottom of the Jumpoint page is the option to Enable network browsing. If checked, permitted representatives can view and select systems from the network directory tree. If unchecked, representatives can access a system through a Jumpoint only by entering the system's hostname or IP address. Either way, the representative must provide valid credentials to the remote system before gaining access.

At the top of the page, click Add New Jumpoint. Give this Jumpoint a name that will help users identify it when they need to start a session with a computer on the same network as this Jumpoint. If you want representatives to be able to connect to SSH-enabled and Telnet-enabled network devices through this Jumpoint, check Enable Shell Jump Access. Authorize at least one representative to use this Jumpoint. After the Jumpoint has been created, you can also grant access to groups of representatives from Users & Security > Group Policies.

Once you click the Add Jumpoint button, your new Jumpoint should appear in the list of configured Jumpoints, along with a link to download the 32-bit or 64-bit Jumpoint installer. Click on a link to install the Jumpoint agent on a single system in the remote network you wish to access. This system will serve as

the initiation point for Jump sessions with other computers on the remote network.

As such, it is important that the host system NOT be a system already in use as a server, such as a file server, email server, or print server. For security purposes, a Jumpoint must close any active network connections to the computer it needs to access before it can attempt a Jump to that machine. Therefore, if the host system is being used as a server, the Jumpoint may be unable to complete a Jump because some other software is actively using a critical network connection which the Jumpoint is unable to close, causing the Jump to fail.

Instead, Bomgar recommends deploying the Jumpoint agent to a virtual system as the ideal setup scenario. If a virtual system is unavailable, you can deploy the Jumpoint agent to its own dedicated server or even a normal client PC, provided that the host system has high availability.

(20)

PROXY SETTINGS

For a Jumpoint to be deployed on a remote network that is behind a proxy, appropriate proxy information may be necessary for the Jumpoint to connect back to the Bomgar Appliance.

From dropdown on the Proxy tab, select Basic or NTLM to configure proxy settings. Enter the Proxy Host, Proxy Port, Username and Password. The Jumpoint will supply this proxy information whenever Jumping to another system on the remote network, providing the credentials necessary to download and run the customer client on the target system.

You also can set up this Jumpoint to function as a proxy itself by selecting Jump Zone Proxy Server from the dropdown on the Proxy tab. With Jump Zone Proxy Server selected, this Jumpoint can be used to proxy connections for clients on the network that do not have a native internet connection, such as POS systems. Using a Jumpoint as a proxy will route traffic only to the appliance. A Jumpoint can also be used to proxy Jump Client connections.

Note: In order for a Jumpoint to function as a Jump Zone Proxy Server, its host system cannot reside behind a proxy. The Jumpoint must be able to access the Internet without having to supply proxy information for its own connection.

Enter the hostname to use at the listening interface, and set which port to use.

IMPORTANT! Host and port fields should be set carefully since any Jump Client deployed using this Jumpoint as a proxy server will use the settings available to it at the time of deployment and will not be updated should the host or port change. If the host or port must be changed, the Jump Client would need to be redeployed.

(21)

Set whether to allow all IP addresses or to limit the IPs that can connect through this proxy. If allowing or denying access, enter one IP address or CIDR subnet range per line.

Note: It is a best practice to make an exception in the Windows firewall for the port which the proxy server will listen on for the process which will be accepting connections.

INTEL^®VPRO SETTINGS

Using Intel^®Active Management Technology, privileged representatives can support fully provisioned Intel^®vPro Windows systems below the OS level, regardless of the status or power state of these remote systems. Configure this Jumpoint to enable vPro connection by going to the Intel^®vPro tab and checking Enable Intel^®vPro.

Under Authentication, designate how the Jumpoint should attempt to

authenticate to vPro-provisioned computers. Regardless of the authentication method, the provided credentials must match the authentication settings in the AMT firmware on the vPro systems.

To require representatives to provide credentials each time they connect to a vPro computer, select Basic Digest Password and then Prompt

Representative for credentials. Prompting for credentials is useful if the vPro systems on this network do not share a common username and password.

However, since the vPro AMT firmware is entirely separate from any user accounts on the computer, administrators frequently provision all vPro systems to have the same credentials. Additionally, note that there is little security risk in storing credentials in the Jumpoint. To use vPro support, a representative must have not only the vPro user account privilege but also access to the vPro-enabled Jumpoint. Therefore, prompting for credentials may be an unnecessary measure.

If the same credentials are used for all vPro systems on the network, you can select Basic Digest Password and then Use the following credentials for all connections. With this configuration, representatives are never prompted for vPro credentials; the Jumpoint automatically supplies the stored username and password for all vPro connections.

If you select Kerberos, the Jumpoint supplies the credentials for its own host system account when authenticating to vPro systems.

This configuration assumes that the account hosting the Jumpoint uses the same credentials as all vPro systems on the network.

With this configuration, representatives are never prompted for vPro credentials.

(22)

On the Encryption tab, set how the Jumpoint encrypts vPro network traffic. If the remote vPro systems are provisioned not to use TLS encryption, simply select No Encryption. Otherwise, you must define the path to the Base 64- encoded CER file which contains the certificates used during the provisioning of the remote vPro systems.

Under Disk Redirection, specify the folder location of any ISO or IMG disk images you would like to make available for mounting in a vPro session.

Representatives can use these files for IDE-R, booting the remote vPro system to a disk image rather than the hard drive.

(23)

SHELL JUMP SETTINGS

The Shell Jump tab determines how this Jumpoint can be used to connect to SSH-enabled and Telnet-enabled network devices.

Note: Shell Jump must also be enabled on the Configuration > Jumpoint page of the administrative interface. For a representative to use Shell Jump, he or she must be granted access to a Jumpoint with Shell Jump enabled and must have the user account permission Allowed to Use Shell Jump enabled.

On the Policy tab, if Open Access is selected, permitted representatives can Shell Jump to any remote device by entering its hostname or IP address or by selecting it from a list of provisioned devices.

If Limited Access is selected, representatives can Shell Jump to provisioned devices or can enter a device's hostname or IP address provided that it falls within the parameters set by the host list on the Limited tab.

If Provisioned Only is selected, representatives can Shell Jump only to provisioned devices.

If limited access is enabled on the Policy tab, the Limited list accepts IP addresses and CIDR subnet masks to which Shell Jump access will be limited.

(24)

Configure access to provisioned Shell Jump targets by going to the Provisioned tab and clicking Add.

Enter a Name that will help representatives to identify this device when starting a Shell Jump session with it. Enter the device's hostname or IP address.Choose the Protocol to use, either SSH or Telnet. Port

automatically switches to the default port for the selected protocol but can be modified to fit your network settings. Select the Terminal Type, either xterm or VT100.

If you are using SSH, you can choose to use Public Key Authentication. If you choose to do so, select a Private Key to use. Private keys are configured from the Private Keys tab.

Representatives Shell Jumping to this provisioned device may connect only with the Username you provide.

You can also select to Send null packets to keep idle sessions from ending.

Enter the number of seconds to wait between each packet send.

If you are going to be using SSH, you can upload a key file to use by going to the Private Keys tab and clicking Add. Give this key a Name and browse to the key file you wish to use. Keys must be in PuTTY format (PPK). PuTTYgen can be used to generate a PPK file if needed. If a Password is required, you can store the key file password for all representatives to use, or you can require representatives to enter the key file password each time they connect to a provisioned device using this key.

(25)

You can add SSH Host Keys prior to a representative's Jumping to that host.

If no host key is cached, the representative will receive a message alerting him or her that the server's host key is not cached and that there is no guarantee that the server is the computer he or she thinks it is. Caching a server's host key prior to connection can help prevent confusion.

Enter the hostname or IP address.

Enter the Port the device uses. The server will then return its host key, which you should verify. Clicking Update will poll the device for its host key and will let you know if it has changed.

TTL SETTINGS

A date and time can be set to specify when the Jumpoint should become active and when it should automatically uninstall. Setting these delimiters determines the duration of time for which representatives can access the remote network through this Jumpoint.

Note: Jumpoint is only available for Windows systems.

Jump Clients are needed for remote access to Mac or Linux computers. To Jump to a Windows computer without a Jump Client, that computer must have Remote Registry Service enabled (disabled by default in Vista) and must be on a domain. If you need to access remote computers via Jumpoint when no user is available, make sure your account permissions are set either to disable prompting or to default to Allow. You cannot Jump to a mobile device, though Jump Technology is available from mobile representative consoles.

(26)

JUMP CLIENTS: MANAGE SETTINGS AND INSTALL JUMP CLIENTS FOR

UNATTENDED ACCESS

The Mass Deployment Wizard enables administrators and privileged representatives to deploy Jump Clients to one or more remote computers for later unattended access. From the dropdown, select whether to pin the Jump Client to your personal queue, to a team queue, or to the general queue.

Pinning to your personal queue means that only you can access this remote computer through its Jump Client. Pinning to a team queue allows all members of that team to access this computer through its Jump Client, while pinning to the general queue allows access to all representatives.

Adding a Group Name helps to organize your Jump Clients into categories within the representative console.

Set the Connection Type to Active or Passive for the Jump Clients being deployed.

If you have one or more Jumpoints set up as proxies, you can select a Jumpoint to proxy these Jump Client connections. That way, if these Jump Clients are installed on computers without native internet connections, they can use the Jumpoint to connect back to your Bomgar Appliance. The Jump Clients must be installed on the same network as the Jumpoint selected to proxy the

connections.

Add Comments, which can be helpful in searching for and identifying remote computers. Note that all Jump Clients deployed via this installer will have the same comments set initially.

Select the Prompting Rule for control over access to the Jump Client. Selection is either Follow Rep Permission or Never, to allow reps access according to their user prompting permissions, or to access and perform all actions without prompting.

The installer will remain usable only as long as specified by the This Installer is Valid For dropdown. If someone should attempt to run the Jump Client installer after this time, installation will fail, and a new Jump Client installer will have to be created. This time can be set for anywhere from 10 minutes to 1 year. This time does NOT affect how long the Jump Client remains active.

If Attempt an Elevated Install if the Client Supports It is selected, the installer will attempt to run with administrative rights, installing the Jump Client as a system service. If the elevated installation attempt is unsuccessful, or if this option is deselected, the installer will run with user rights, installing the Jump Client as an application. This option applies only to Windows and Mac operating systems.

Note: For Windows and Mac computers, a Jump Client pinned in user mode is available only when that user is logged in. In contrast, a Jump Client pinned in service mode, with elevated rights, will allow that system to always be available, regardless of which user is logged in.

If Prompt for Elevation Credentials if Needed is selected, the installer will prompt the user to enter administrative credentials if the system requires that these credentials be independently provided; otherwise, it will install the Jump Client with user rights. This applies only if an elevated install is being attempted.

By selecting Start Customer Client Minimized When Session Is Started, the customer client will not take focus and will remain minimized in the taskbar or dock when a session is started through one of these Jump Clients.

You can also set a Password for these Jump Clients. If a password is set, this password must be provided to modify or use any one of these Jump Clients.

(27)

Once you click Deploy, you can download and install the Jump Client immediately if you are at the computer that you need to later access. You can also email the installer to one or more remote users. Multiple recipients can install the Jump Client from the same link. The Platform option will default to the appropriate installer for your operating system.

For system administrators who need to push out the Jump Client installer to a large number of system, the Windows executable, Windows MSI, or Linux executable can be used with your systems management tool of choice. You can include an optional parameter for the installation. -install-dir <install directory> (for the Windows and Linux executables) and INSTALLDIR= (for the Windows MSI) accept any valid directory path where you want the Jump Client to install. When defining a custom install directory, ensure that the directory you are creating does not already exist and is in a location that can be written.

Note that, unlike the representative console, Jump Clients installed from an MSI do auto-update.

An administrator can choose which statistics to view for all Jump Clients on a site-wide basis. These statistics are displayed in the representative console and include operating system, uptime, console user, CPU, disk usage, and a thumbnail of the remote screen.

The Active Jump Client Statistics Update Interval determines how often these statistics are updated. Managing which statistics are viewed and how often can help to regulate the amount of bandwidth used. The more active Jump Clients you have deployed, the fewer the statistics and the longer the interval may need to be.

Also set the maximum number of Jump Clients to upgrade at the same time. Note that if you have a large number of Jump Clients deployed, you may need to limit this number to regulate the amount of bandwidth consumed. You may further regulate the bandwidth used during upgrades by setting Maximum bandwidth of concurrent Jump Client upgrades.

Note: Neither of these settings affects Console upgrades or Bomgar Button deployments.

Allow simultaneous representative access to a single Jump Client provides a way for multiple representatives to gain simultaneous access to the same Jump Client without having to be invited to join an active support session by another

representative. The first representative to access the Jump Client maintains ownership of the session. Representatives in a shared Jump session will see each other and be able to chat.

Restrict Local Uninstall/Disable of Jump Clients limits the remote user’s ability to uninstall or disable Jump Clients from the right- click context menu, reducing the need to reinstall Jump Clients that should not have been uninstalled. If this option is enabled, only users with appropriate privileges on the target machine may uninstall the Jump Client via the host system's "uninstall programs"

mechanism.

(28)

BOMGAR BUTTONS: DEPLOY BOMGAR BUTTONS FOR QUICK SESSION

START

Deploying a Bomgar Button on your customer's computer installs a customer client on their machine, providing a quick, seamless method of starting support sessions. The Bomgar Button does NOT maintain a connection to the Bomgar Appliance, but rather provides a customer-initiated method of requesting support. Depending on the configuration of the Bomgar Button and the support site, clicking the Bomgar Button will connect the customer to a previously defined representative or team, allow the customer to enter a session key, or allow the customer to submit an issue submission form. Bomgar Buttons can be installed on Windows, Mac, and Linux computers, as well as BlackBerry® Smartphones.

To mass deploy a Bomgar Button, first enter a user-friendly name for the Description. This will be helpful when managing deployed Bomgar Buttons. Next, select the Public Portal through which this Bomgar Button will start support sessions.

Set the Profile to either the default Bomgar Button profile or a custom profile as created below. Select the Language which this Bomgar Button should use. Next, specify whether starting a session from this Bomgar Button should place the customer in your personal queue or a team queue.

Set the lifespan of the button. The customer can use this button to start sessions for only as long as specified here. If the customer clicks this button after it has expired, an invalid session key message will display, and the browser will refresh to your support portal. This time does NOT affect how long the installer remains active or how long a session can last.

Finally, choose whether to install the Bomgar Button for a single user or for all users on the remote system. Deploying a Bomgar Button for all users is available only for Windows platforms. Also, if you make any changes to a Bomgar Button profile, a single-user Bomgar Button will automatically incorporate those changes the next time it connects, while an all-user Bomgar Button will have to be redeployed in order to receive those changes. For the best experience, redeploy all-user Bomgar Buttons each time you

upgrade your Bomgar software. Note that all-user Bomgar Buttons may not be removed from within the representative console; they must be uninstalled from Programs and Features or Add or Remove Programs.

Once you have set the parameters, click Create and then choose to download the Bomgar Button onto the local

computer or to email it to one or more recipients. The Platform option will default to the appropriate installer for your operating system.

Select BlackBerry® MDS from the Platform dropdown to

deploy the Bomgar Button via the BlackBerry Enterprise Server. For system administrators who need to push out the Bomgar Button to a large number of systems, the MSI option can be used with your systems management tool of choice. In your command prompt, when composing the command to install the Bomgar Button using an MSI, change to the directory where the MSI was downloaded and enter the command included on the Bomgar Button page. Note that, unlike the representative console, Bomgar Buttons installed from an MSI do auto-update.

Note: Because some browsers require that the installer be saved before it can be run, there may be some confusion about when the Bomgar Button is fully installed. The downloaded bomgar-scc-{uid}.exe file is not the button itself but rather the installer for the button. This executable file must be run to complete the installation.

(29)

Customize the Bomgar Button using Bomgar Button Profiles.

Multiple Bomgar Button profiles can be added and used. Click Add New Profile to create a new profile, or edit an existing profile. While you can edit the default Bomgar Button profile, you cannot delete it.

First, enter a user-friendly name for the Bomgar Button profile.

Upload the file containing the customized button icon; the file must be a PNG file, no larger than 150KB and with a minimum height and width of 128 pixels. The height and width must be equal. Enter the Title of the profile. This title is used as the desktop title. Next, enter the Short Title, which is used when the customer’s operating system limits the title length. Select where the Bomgar Button should be deployed, whether to the desktop or the menu. The menu option is only supported on Windows, Mac, and Linux systems. Now, select if the customer can use the Bomgar Button to connect directly to a specified

queue. Click Add Bomgar Button Profile. Your new Bomgar Button profile is now available to deploy.

Use the Embedded Bomgar Button Registry File Generator to create registry files which will embed the Bomgar Button into the title bar of an application. An embedded Bomgar Button gives support providers the ability to streamline the support path for specific applications. For example, if your support team frequently handles issues with Microsoft Outlook, you can embed a Bomgar Button within Outlook. You can configure this

embedded Bomgar Button to point to a specific issue so that when a customer clicks the button, a session will immediately start with the team best suited to handle Outlook problems. Embedded Bomgar Buttons are a Windows-only feature.

To create an embedded Bomgar Button, a Bomgar Button must first be deployed on the remote system. You may wish to define the Bomgar Button profile so that neither the desktop shortcut nor the menu shortcut is created.

Select the Install Mode, either All Users or Single User. Then enter the name of the program in which you want to embed a Bomgar Button. Do not include the file path. Optionally, select an issue that will be associated with sessions started from this embedded Bomgar Button. You can alternatively select No Issue Assigned. Checking Show Front End Survey will prompt the customer to describe his or her issue before starting a session; if this option is unchecked, the session will start immediately, without any further customer input. You can add an External Key to assign to sessions started from this embedded Bomgar Button. To add multiple applications to one registry file, click Add Registry Entry and enter the information for another application.

When you have finished adding executables in which you want to embed Bomgar Buttons, click Create Registry File. This will prompt you to save a registry file to your system. Using Active Directory or a deployment tool, deploy the registry file to all remote systems which should use these embedded Bomgar Buttons. After running the registry file, the remote user will have to log off and back on for the Bomgar Button registry entry to be created.

Note: It is a best practice to save a copy of any generated registry files. Registry file information is not saved on the Bomgar

(30)

To edit an embedded Bomgar Button's functionality, you can import the registry file and modify its entries. When complete, click Create Registry File. Running the registry file will overwrite the existing registry entries.

Note: Running a Bomgar Button registry file on a system that already has Bomgar Button registry entries will overwrite the original registry entries. Therefore, if you have embedded a Bomgar Button in one application and you wish to embed it in another, the new registry file must contain both executable names. If the new registry file contains only the new executable name, then the embedded Bomgar Button will appear only in the new application and not in the previous application.

To remove an embedded Bomgar Button from a specific application without adding it to another application, you must edit the registry. Using Notepad or a similar editor, open the registry file you initially deployed and insert a hyphen in front of each registry key you wish to delete. Save the registry file and redeploy it to remove the registry entry. An example of a registry entry marked for deletion is presented below.

[-HKEY_LOCAL_MACHINE\Software\Test]

For more information about registry entries, seehttp://support.microsoft.com/kb/310516.

Note: Uninstalling the Bomgar Button will remove it from all embedded programs but will not delete the registry entries. Thus, if another Bomgar Button is installed for the same site, it will inherit the previous registry entries and will appear embedded in the same programs.

(31)

CANNED MESSAGES: CREATE MESSAGES FOR CHAT

Create canned messages to be used in chat sessions. Using canned messages can decrease response time and help to standardize

communication between representatives and customers. Filter your view of canned messages by selecting a category or team from the dropdown at the top of the page.

The first step in managing canned messages is to create categories by which to organize your messages. Click Add New Category. Then enter a name for the category, optionally selecting a parent category. Once the category has been created, editing it will show you its child categories and messages.

To create a new message, click Add New Canned Message. Enter a name for the message and the text that will display in the chat.

Although HTML tags are not allowed, you can use BBCode to do some low level formatting, such as adding bold, colors or hyperlinks. Clicking on Supported BBCode Formatting displays a list of codes and their resulting applications.

Select the category under which this message should appear, and then select which support teams should be able to use this canned message.

Note: Messages should be relatively short so they can be viewed without much scrolling in the customer client windows. This applies to both the native client and click-

(32)

CANNED SCRIPTS: CREATE SCRIPTS FOR COMMAND SHELL SESSIONS

Create custom scripts to be used in command shell sessions.

The script will be displayed in the command shell interface as it is being executed. Filter your view of canned scripts by selecting a category or team from the dropdown at the top of the page.

The first step in managing canned scripts is to create categories by which to organize your scripts. Next, add any resource files you want to access from within your scripts. You may upload up to 100 MB to your resource file directory.

When creating a script, first name the script and then add a brief description of what the script is intended to do. This description is displayed on the prompt to confirm that the representative wants to run the selected script.

Next, write the command sequence. Scripts must be written in command line format, similar to writing a batch file or shell script. Note that only the last line of the script may be interactive; you cannot prompt for input in the middle of the script.

Select which support teams should be able to run this script,

and then select the categories under which this script should appear.

Finally, you may select a resource file to be associated with this script. Within the script itself, reference the resource file using "%RESOURCE_FILE%", making sure to include the quotation marks. Please note that the command sequence is case sensitive.

You can access the resource file’s temporary directory using

%RESOURCE_DIR%. When you run a script with an associated resource file, that file will be temporarily uploaded to the customer’s computer.

(33)

SPECIAL ACTIONS: CREATE CUSTOM SPECIAL ACTIONS

Create custom special actions to speed your support processes. Custom special actions can be created for Windows, Mac, and Linux systems.

To create a special action, click Add New Custom Special Action.

Assign this action a name to help representatives identify it while in a support session.

In the Command field, enter the full path of the application you wish to run. Do not use quotation marks; they will be added as necessary. Windows systems may make use of the macros provided. If the command cannot be located on the remote system, then this custom special action will not appear in the representative's list of special actions.

If the provided command will accept command line arguments,

you may enter those arguments next. Arguments may use quotation marks if necessary, and arguments for Windows systems may use the provided macros. For help with Windows arguments, search for "command line switches" onmsdn.microsoft.com.

If you check the Confirm box, then representatives will be prompted to confirm that they want to run this special action before it will execute. Otherwise, selecting the custom special action from the menu during a session will cause that special action to run immediately.

Checking the Run Elevated box will cause this special action to appear only when the customer client is running in elevated mode.

When you run a custom action in elevated mode, you will be prompted either to run it as the system user or to provide credentials for another valid user on the remote system.

When complete, click Add Special Action.

If you want to enable the default special actions provided by Bomgar, check Show Built-In Special Actions. Otherwise, to enable only your custom special actions, deselect this option.

Note: The Windows Security (Ctrl-Alt-Del) special action cannot be disabled. Also, disabling the built-in special actions will not disable the default special actions for mobile devices.

(34)

Users and Security

USER ACCOUNTS: ADD USER PERMISSIONS FOR A REPRESENTATIVE OR

ADMIN

View information about all users who have access to your Bomgar Appliance, including local users and those who have access through security provider integration.

Search user accounts based on username and display name. Click on a column heading to sort accounts. Click Show Details to see more information or Hide Details to return to the normal view. Edit enables you to change individual account settings (see"Settings and Field Details: User Permissions" on page 43). Delete removes representatives from the system. You cannot delete your own account.

Click Create New User to add more representatives to your local system.

(35)

EMBASSY: CREATE AN EMBASSY FOR VENDOR ACCESS

Use Bomgar not only to provide support but also to receive support or extend your range of support. Create Embassy teams to grant limited access to trusted third-party vendors for the purpose of receiving remote support or using the vendor’s resources in supporting customers.

When creating an Embassy, first provide a name and then add comments about the purpose of this Embassy. Next, assign Embassy Members, described in the section below.

Configure privileges that should apply to this Embassy (see"Settings and Field Details: User Permissions" on page 43). Note that settings defined for the entire Embassy override settings defined for the individual Embassy user.

In the Equilibrium Settings section, set session assignment rules. Use the dropdown menu to select the appropriate algorithm, depending on how you want sessions to be routed. Options are:

l None: no algorithm is selected and session requests go into the queue the in order submitted.

l Least Busy: session is assigned to the least busy representative.

l Skills Match, Least Busy: session is assigned by selecting the representative with the most appropriate skill set match necessary to handle the issue, as well as being the least busy of all qualified

(36)

As you create users who will be assigned to Embassies, note that regular representative user accounts and Embassy user accounts do not overlap.

Only Embassy users may be assigned to an Embassy, and Embassy users may not be assigned to regular support teams. For local Embassy users, you may assign privileges per user, per Embassy, or a mixture of both. For users added via configured security providers, privileges are assigned per Embassy only, and users will not appear in the Embassy Users list.

For authentication, an Embassy member must be assigned to a single Embassy. Embassy permissions are defined in the Embassy. Embassy membership overrides your security provider's default group policy permissions.

Note: Take thought when assigning a default group policy to a security provider if that provider's members are to be added to an Embassy. Should that Embassy be deleted, the users added from the security provider will automatically be granted the permissions defined by the default group policy and can operate as normal, non- Embassy users. If a security provider is to be used to authenticate Embassy users, it is recommended not to assign that provider a default group policy.

(37)

To assign members to an Embassy, edit the Embassy and click the Add button to open a select box. You can select members from your local system or from configured security providers, thereby authenticating users against existing LDAP, RADIUS, or Kerberos servers. (See"Security Providers: Enable LDAP, Active Directory, RADIUS, and Kerberos Logins" on page 39.) At the top of the select box is a dropdown list of unassigned local Embassy users and all configured User and Group security providers. From the selected list, click the user or group name to add. To remove, select the user or group name in the Embassy Members list and click Remove. Click Save Changes to retain your changes.

Once the Embassy has been created, you may assign issues to this Embassy from the Configuration > Issues page. If this Embassy's issues are shown on a public site, a customer selecting one of these issues will be directed to that Embassy queue.

(38)

REP INVITE: CREATE PROFILES TO INVITE EXTERNAL REPRESENTATIVES

TO SESSIONS

With rep invite, a privileged user can invite an external representative to join a session one time only. When the user makes the invitation, he or she will select a security profile to determine what level of privileges the external representative should be granted. These security profiles are configured by administrators on this page.

You may edit the email invitation which will be sent to external

representatives when you invite them to join a session. You can include macros to dynamically add the inviting representative's name, the session key and its unique URL, and the public site URL.

When creating a security profile, you can create a new profile from scratch or can copy an existing profile. Give this profile a name and description that will help users identify it when making invitations. For reporting purposes, you can associate this profile with an Embassy. Then assign a limited set of privileges to this profile.

(39)

SECURITY PROVIDERS: ENABLE LDAP, ACTIVE DIRECTORY, RADIUS, AND

KERBEROS LOGINS

You can configure your Bomgar Appliance to authenticate users against existing LDAP, RADIUS, or Kerberos servers, as well as to assign privileges based on the pre-existing

hierarchy and group settings already specified in your servers.

Kerberos enables single sign-on, while RSA and other multi- factor authentication mechanisms via RADIUS provide an additional level of security. Click Configure New Provider to add a user or group server, and enter the appropriate information for your server connection.

Due to the technical complexity involved in properly integrating security providers with your Bomgar Appliance, the exact configuration is not discussed in this guide. For detailed

instructions, please see the complete security provider configuration guides provided atwww.bomgar.com/docs.

Once your security providers are set up, click Configure New Provider to set up clustered relationships. Clusters can operate in Failover mode for redundancy or Random Selection mode for load balancing. From the list of available providers, select which servers to cluster. Once you save your changes, the servers you have clustered will appear indented beneath their parent.

Drag and drop security providers to set their default priority. You can drag and drop servers within a cluster; clusters can be dragged and dropped as a whole. For more complex configuration, click on the Edit button of a server or cluster. For three scenarios – If the user is not found, If the provider is unreachable, or If authentication fails – you can choose to try the next server in the list, try a specific server, or deny login.

If authentication succeeds, you can choose simply to allow login or to look up the user’s group settings within a defined group server. To associate users with groups, you must first set up the user servers and group servers separately and then enable group lookup from the Edit page of the user provider.

IMPORTANT: Each user that authenticates against a security provider must be a member of at least one group policy that has at least one setting defined in order to log into Bomgar. A default group policy can be set for all users in a security provider. Pre- existing groups can also be assigned group policies from the Group Policies page. User providers and group providers must be linked in order for groups to be properly recognized and applied.

(40)

GROUP POLICIES: APPLY USER PERMISSIONS TO GROUPS OF USERS

The Group Policies page enables you to set up groups of users who will share common privileges. To create a new group policy, click Create New Policy. Alternatively, to expedite the creation of similar group policies, click Copy to create a new policy with identical members and permissions.

You can then edit this new policy to meet your specific requirements.

Assign users to the group, selecting from your local system or from configured security providers. If your security providers are properly configured, you can also add entire groups to simplify the process.

To add users, click the Add button beneath the Policy Members field, select the appropriate provider from the drop down and click on the desired users or groups. To add

users/groups from external directory and/or authentication services such as LDAP or RADIUS, configure the necessary providers as described in the "Security Provider Configuration" guides. Once these are configured, they will appear in the provider drop down when adding Policy Members as described above.

(41)

For each setting, select whether it should be defined in this policy or left available for configuration for individual users. If it is defined, you will be unable to modify that privilege for an individual user from his or her user account page.

If you have a policy that defines a permission and you do not want any policy to be able to replace that permission, then you must select that the permission cannot be overridden, and the policy must be a higher priority than other policies that additionally define that setting.

Say, for instance, that your Administrators group is allowed to edit the public template and that this policy is first in priority and prevents override. Even if users in the Representatives group are defined as unable to edit the public template and override is also prevented, users who are in both the Administrators and Representatives groups will have the privileges of the Administrators group because it is a higher priority level.

However, if the Administrators group permissions are set to allow override and the Representatives group permissions are not, then the Representatives group permissions will have precedence, even if they are a lower priority.

For management purposes, the recommended order of priority is to define policies for more specific user groups as a higher priority (preventing override) and to move your way down from there, setting broader groups as lower priority. To set priority, click Change Order on the main page and then drag and drop group policies. Click Save Order for prioritization changes to take effect.

(42)

Additionally, you can export a group policy from one site and import those permissions into a policy on another site. Edit the policy you wish to export and scroll to the bottom of the page.

Click Export Policy and save the file.

Note: When exporting a group policy, only the policy name, account settings, and permissions are exported. Policy members, support team memberships, and Jumpoint memberships are not included in the export.

You may now import those policy settings to any other Bomgar site that supports group policy import. Create a new group policy or edit an exiting policy whose permissions you wish to overwrite, and scroll to the bottom of the page. Browse to the policy file and then click Import Policy. Once the policy file is uploaded, the page will refresh, allowing you to make

modifications; click Save Policy to put the group policy into effect.

Note: Importing a policy file to an existing group policy will overwrite any previously defined permissions, with the exception of policy members, support team memberships, and Jumpoint memberships.

(43)

SETTINGS AND FIELD DETAILS: USER PERMISSIONS

Bomgar gives administrators granular control over user permissions. This table details the permission settings and fields available to Bomgar administrators.

Permission User Embassy Embassy

User Rep Invite Group Policy 1 Username

Unique identifier used to log in.

• •

2 Display Names

Representative's name as shown on the public site, in chats, etc. Representatives can use a public display name, for use with customers, and a private display name, for use in all internal communications.

• •

3 Display Number

Type a unique ID number or leave this field blank to

automatically select the next available number. This number affects the order in which representatives are listed on the public site.

• •

4 Password

Password used with the username to log in.

• •

5 Must Reset Password at Next Login

Forces a password change the next time the representative logs in.

• •

6 Password Expires On

Causes the password to expire after a given date or to never expire.

• •

7 Security Question

Enables a representative to reset a forgotten password after correctly answering the security question.

• •

8 Security Answer

Provide a secret answer to the security question.

• •

9 Email Address

Enables a representative to set an email address by which he or she will receive an email notification that another representative wishes to share a session.

• •

10 Preferred Email Language

Enables a representative to set a language format preference from the enabled languages for email

notifications sent to him or her while Extended Availability Mode is enabled.

• •

11 Embassy/Profile/Policy Name • • •

(44)

User Rep Invite Group Policy 12 Persistent Queue

Allows support sessions to remain in this embassy's queue even if no representatives are available. A session transferred to this embassy queue will remain in the queue indefinitely until a team member or API operation handles the session.

•

13 Embassy Users/Policy Members

Add users to this Embassy or group policy. Local users can be added individually, or users who authenticate against a security provider can be added individually or in groups.

• •

14 Memberships

Listing of the policies to which the user belongs, linking to the Group Policy page or the policies themselves.

•

15 Account Expires On

Causes the account to expire after a given date or to never expire.

• • • •

16 Account Disabled

Disables the account so the representative cannot log in.

Disabling does NOT delete the account.

• • • •

17 Comments/Description

Add comments about the account or policy.

• • • • •

18 Embassy Association

Associate the profile with an Embassy for reporting purposes.

•

19 Is Administrator

Grants the representative full administrative rights.

• •

20 Allowed to Edit Jumpoints

Enables the representative to create or edit Jumpoints. This option does not affect the representative's ability to access remote computers via Jumpoint, which is configured per Jumpoint or group policy.

• •

21 Allowed to Change Display Names

Enables the representative to change his or her display names.

• • • •

22 Allowed to View Reports

Enables the representative to run reports on session activity, viewing only sessions in which he or she was the primary representative, only sessions in which one of his or her teams was the primary team or one of his or her teammates was the primary representative, or all sessions.

• •

23 Allowed to View Support Session Recordings

Enables the representative to view Flash video recordings of screen sharing sessions, Show My Screen sessions, and command shell sessions.

• •

24 Allowed to Use Reporting API

Enables the representative's credentials to be used to pull XML reports via the API, following the rules set above.

• •

(45)

User Rep Invite Group Policy 25 Allowed to Use Command API

Enables the representative's credentials to be used to issue commands via the API.

• •

26 Allowed to Edit Public Site

Enables the representative to create and modify public site configurations, edit HTML templates, view the translation interface, etc.

• •

27 Allowed to Edit Customer Notices

Enables representatives to create and edit messages used to notify customers, as they are requesting support, of broadly impacting IT outages.

• •

28 Allowed to Edit File Store

Enables the representative to add or remove files from the file store.

• •

29 Allowed to Edit Canned Messages

Enables the representative to create or edit canned chat messages.

• •

30 Allowed to Edit Support Teams

Enables the representative to create or edit support teams.

• •

31 Allowed to Edit Issues

Enables the representative to create and edit issues.

• •

32 Allowed to Edit Skills

Enables the representative to create and edit skills.

• •

33 Allowed to Edit Bomgar Button Profiles

Enables the user to edit the default button or a customized Bomgar Button.

• •

34 Allowed to Edit Canned Scripts

Enables the user to create or edit canned scripts for use in command shell sessions.

• •

35 Allowed to Edit Access Sponsors

Enables the user to create or edit access sponsor teams.

• •

36 Allowed to Show on Public Site

Displays the representative's name on all public sites that have the representative list enabled.

• • • •

37 Allowed to Edit iOS Profiles

Enables the representative to create, edit and upload Bomgar Apple iOS Profile content for distribution to iOS device users.

• •

38 Allowed to Provide Remote Support • • • • •

Administrative Guide Enterprise Licensing

TABLE OF CONTENTS

Bomgar Administrative Interface

Login to the Administrative Interface

Status

INFORMATION: VIEW BOMGAR SOFTWARE DETAILS

REPRESENTATIVES: VIEW LOGGED IN REPS AND SEND MESSAGES

WHAT'S NEW: SEE SOFTWARE RELEASE DETAILS

My Account: Change Password and Username, Download the

Representative Console and Other Software

Configuration

OPTIONS: MANAGE THE GENERAL QUEUE, RECORD SESSIONS, MONITOR

LICENSE USAGE, SET UP TEXT MESSAGING

ISSUES: MANAGE SUPPORT ISSUES

SUPPORT TEAMS: GROUP REPRESENTATIVES INTO TEAMS

SKILLS: ROUTE ISSUES TO REPRESENTATIVES

ACCESS SPONSORS: CREATE GROUPS OF PRIVILEGED USERS

JUMPOINT: SET UP UNATTENDED ACCESS TO A NETWORK

JUMP CLIENTS: MANAGE SETTINGS AND INSTALL JUMP CLIENTS FOR

UNATTENDED ACCESS

BOMGAR BUTTONS: DEPLOY BOMGAR BUTTONS FOR QUICK SESSION

START

CANNED MESSAGES: CREATE MESSAGES FOR CHAT

CANNED SCRIPTS: CREATE SCRIPTS FOR COMMAND SHELL SESSIONS

SPECIAL ACTIONS: CREATE CUSTOM SPECIAL ACTIONS

Users and Security

USER ACCOUNTS: ADD USER PERMISSIONS FOR A REPRESENTATIVE OR

ADMIN

EMBASSY: CREATE AN EMBASSY FOR VENDOR ACCESS

REP INVITE: CREATE PROFILES TO INVITE EXTERNAL REPRESENTATIVES

TO SESSIONS

SECURITY PROVIDERS: ENABLE LDAP, ACTIVE DIRECTORY, RADIUS, AND

KERBEROS LOGINS

GROUP POLICIES: APPLY USER PERMISSIONS TO GROUPS OF USERS

SETTINGS AND FIELD DETAILS: USER PERMISSIONS