Bitdefender Central Issues. Any Help?

UserZero

Hey all, I was hoping to get some help with some issues I'm having with BD Central. I'm currently running "protection for windows" on 5 boxes and was planning on dropping it onto a few more, but I'm finding myself frustrated with the software right now and want to throw in the towel.

Can anyone guide me through improving my experience regarding some of these issues?

1. Dashboard: I can't tell what type of scan (if any) is running on a given machine, without selecting the machine and clicking through the different scan options.
2. Dashboard: the dashboard doesn't show you when the last scans or db updates occurred
3. Dashboard: each computer has an 'update' button, but nothing in the BD Central GUI shows you the current software build version or av database version installed on the machine.
4. Dashboard: there's no client state indicator. (IE: there's no way to tell if a machine (or more accurately, the bd client) is online or offline)
5. Dashboard: it seems like sometimes a scan doesn't run (maybe the pc was off?) but there's no event or flag to indicate that there was a problem running the scan.
6. Scans (vulnerability): I ran a vulnerability scan on one of my machines. The scan shows a vulnerable app, but doesn't explain the vulnerability or suggest steps to take for remediation.
7. Scans (Malware): A scan on one of the machines returned a few malware hits in a few files. Instead of giving me the option to remediate the issue though, the software indicated that someone needed to re-run the malware scan locally and take the recommended remediation steps. This is frustrating as I went this route on account of the remote management aspect of BD Central.

Am I just using this software incorrectly??

Thanks in advance.

Alexandru_BD

Hello @UserZero and welcome to the Community!

Thank you for joining us here and I will do my best to address each point, as follows:

1. Yes, you can only see information about the scans if you select a particular device and press on Malware scan. This is how the tabs were designed to function.
2. Yes, indeed the Central dashboard doesn't show this. However, this type of information is available in the product locally.
3. Yes, indeed it doesn't. The use case for the Update button from Central is to use it when a issue popups up in Central that the product is out of date. Other than that it shouldn't be necessary to manually update, either from Central or directly from the endpoint.
4. Yes, indeed there isn't an online/offline indicator. But I'm not sure how this information would be helpful for the user? This feature was previously requested by some of our members in the past, however, we haven't received any news from the development teams regarding its fate. But you can vote on this idea here.
5. If it says "Your command was sent and will be processed soon, make sure the device is online and you'll receive the results once the scan is done", then it's indeed probably offline. It doesn't say that it failed, because it didn't. It will run when the device is online.
6. The steps to take for remediation is to update the app. Check notifications in the product, the vulnerabilities will be listed there with the option to take action, or just run a scan from the device.
7. I don't think I have what's necessary to reproduce this. I think this happens if the default action doesn't work, and the user would need to be prompted what to do. Indeed, Central doesn't do that part. For other situations where the infection can be remediated with the default option, it should just do it without asking you to do anything else.

I hope my answers are helpful.

Regards,

Alex

UserZero

Alexander - Thanks for the input, and apologies for taking so long to reply!

I guess for my environment, I was really looking forward to the remote feature set... I manage all the PCs for two households, the second household is far enough away that I can't physically check the devices regularly and all of the users at that second household are, let's call them, high risk users. I was looking for software to help ease the headache of keeping their network protected and give me some peace of mind. This software definitely helps in those areas, but it's not quite the magic bullet i was hoping for (note, i do realize that there may not actually be a piece of security software that does what I'm looking for).

With respect to bullet 4 specifically (I did upvote the link) - In my environment, with more than half my 'users' being remote to me, a little green dot signifying that the remote client was operational would give me peace of mind; i'd know that the software was online and actually protecting the machine and that the client was able to accept a remote scan command if i needed to send one; I would know remotely, that everything on that machine was OK (insofar as the software could detect).

Note the portal calls a machine protected, simply because the software is installed, but I would posit that "installed" isn't an accurate metric of 'protected'; 'protected' would be a state where the software was installed AND running (and to go down the rabbit hole, that the software was also up-to-date and that scans had been recently preformed).

A very real example of this is an issue I encountered with the software, prior to signing up and rolling it out: I ran some initial tests before deploying. In my tests, I noticed that the parental control software service kept crashing (I posted about it in the forum and also opened a support ticket, the issue was eventually corrected). But the crux is that I only knew that there was an issue because i specifically tested the service by going to blocked sites. A health status on BD Central could (should) have reported that parental controls were installed but not running. I had no indication, either locally on the machine or remotely in the portal, that there was a problem with the software. In fact, the portal had the PC classified as "Protected". I've had similar issues with different products too. These experiences leave constant worries... "is the malware engine actually running?" "what about the web filter?" etc...

Seeing more stats (protection online, cfs online, vpn online, client build status, last malware scan, etc...) and being able to do more from the remote console would be infinitely helpful. This is especially true in a remote environment, but is also equally applicable for local machines too. Call me lazy, but at home, i don't want to have to physically check everyone's computer (and specifically test to ensure cfs is running or that the malware service is running); it'd be nice to use that nifty app to check everything while i have a spare moment during some downtime.

Out of curiosity, does the enterprise edition offer some of this?

UserZero

Here's another example: I just built a computer a couple days ago. It's sitting on my bench, connected to the network and powered on. I clicked the vulnerability scan and 45 minutes later, BD Central was still reporting that the task was pending. I checked on the PC the next day and BD Central shows that there's "no scan history" under vulnerability scans.

There's no warning or alert that the scan didn't run. I wouldn't know that it hadn't run if i didn't come back specifically to check.

What I do get alerts for, however, is that my subscription is going to expire in 6 months. :/