Skip to main content

NightWatchman Enterprise 7.3

Enabling Online Status using Tachyon integration

NightWatchman's online status feature requires a Tachyon Platform system. With a Tachyon Platform server and 1E Clients installed, you can integrate Tachyon with NightWatchman to show the online status of NightWatchman clients.

Note

In this version of NightWatchman, the only Tachyon integration feature is Online Status, which allows NightWatchman to contact Tachyon to obtain online status of clients.

Nomad - Integrating Nomad with WakeUp is a separate feature, that integrates Nomad Content Distribution with WakeUp. Nomad Content Distribution is a Tachyon Platform app, and WakeUp requires NightWatchman Enterprise. Content Distribution contacts NightWatchman, to request device wakeups.

Note

Macintosh clients will not display online status using this feature, even if the 1E Client is installed on them.

Understanding Tachyon...

Tachyon uses a very secure, highly scalable, and extensible client-server architecture supporting a wide variety of operating systems and device types. A web interface allows authorized users to query all clients in your organization and get responses almost immediately. Users can also make immediate changes. Tachyon is especially valuable for addressing immediate concerns, such as newly discovered security vulnerabilities or to correct accidental misconfigurations. Despite its power and responsiveness, it is engineered to not overwhelm your network, clients or servers.

Questions and actions are collectively known as instructions. Instructions are grouped together into product packs that can be imported individually to extend the Tachyon features as these are made available. Tachyon comes with a host of pre-framed questions and actions in the form of product packs, providing extensive out-of-the-box capabilities that can be extended as new and updated product packs are made available. You can also readily create your own instructions.

Instructions are also organized into tasks that you will find related to the kinds of activities you and your peers typically do. Where appropriate, instructions can be managed through an approval workflow so that changes are only made as authorized. Data collected in response to Tachyon instructions are not intended to be stored long term but they can be exported. Audit logging provides longer-term accountability.

Please refer to Tachyon Platform - Introducing Tachyon Platform for an overview of Tachyon; what it does and how it can benefit your organization.

Integrating Tachyon with NightWatchman Enterprise
In Tachyon

You need a Tachyon user with Full Administrator role permissions.

Your Tachyon license must have NightWatchman registered as a consumer. The steps below confirm the license details, and manually registers and enables NightWatchman as a consumer in Tachyon.

The process below assumes you have already created the service account for your NightWatchman Management Center Console service in your AD.

  1. Login to the Tachyon Portal.

  2. Navigate to Settings → License Information.

  3. Scroll down to Products.

    Confirm that NightWatchman is listed as a Consumer under one of the Feature items.

    If it is not, then please contact your 1E Account Team to have it added to your Tachyon license, and then follow the steps on Tachyon Platform - License information page: Reactivating licenses.

    233279358.png

  4. Navigate to Settings → Consumers.

  5. Confirm that NightWatchman is listed as a Consumer, and it is Licensed and Enabled.

    • If it is not listed, then click Add to add a new consumer

    • If it is listed but not enabled, select and click Edit and check Enabled

    • If it is listed but not licensed, then review your License Information as described above.

  6. In the Add / Edit consumer dialog, enter:

    • NightWatchman as the Name

    • 100 as the Maximum simultaneous instructions

    • Check Use Windows Authentication

    • Check Enabled.

  7. Click Add (or Save if editing).

    233279357.png
    233279356.png

  8. Navigate to Settings → Permissions → Users and Groups.

  9. Click Add to add a new user.

  10. Uncheck Security group.

  11. Enter the name of the NightWatchman Management Center Console service account, and click the search icon.

  12. Select the service account, and click Add.

  13. In the list of users, ensure the service account is listed as Activated.

    233279360.png

  14. Navigate to Settings → Permissions → Assignments.

  15. In the Assignments page, click on the All Instructions Viewer role.

  16. Click the + button to add a new assignment.

  17. In the Users and Groups column, search for the NightWatchman Management Center Console service account that you added earlier, and select it.

  18. In the Management Groups column, select All Devices.

  19. Click Save.

    Note

    The Online Status feature does not run any instructions or read responses, it simply requires a Tachyon user that has permissions on at least one Instruction Set, and must be assigned to the All Devices management group.

    233279359.png
In NightWatchman

You need Administrator rights on the server that hosts the NightWatchman Management Center Console service.

  1. Using Notepad or a similar text editor:

    1. Browse to the C:\Program Files (x86)\1E\NightWatchman Management Center\ConsoleService folder (This is the default path, yours may vary based on the install location of the Nightwatchman Management Center.)

    2. Open NWM.ServiceHost.exe.config

    3. Search for TachyonIntegrationEnabled and update its value to true:

      <add key= "TachyonIntegrationEnabled" value= "true" />

    4. Change the TachyonAPI value to the Tachyon server URL that you defined earlier:

      <add key= "TachyonApiRoot" value= "https://tachyon.acme.local/consumer" />

  2. Using Services control panel (services.msc), restart the NightWatchman service.

  3. Open the NightWatchman console:

    1. Select the Clients node.

    2. Drill down to one of the lowest clients group.

    3. The traffic light for each client should be red, yellow, gray, or green.

If you have any difficulties with the above, see the Tachyon integration troubleshooting page or the Tachyon documentation.

Verification

The NightWatchman console uses Tachyon to display traffic lights live status of its clients – indicating whether they are currently online or offline (or unknown). You can also check the status of groups within the NightWatchman client hierarchy.

230733428.png
230733427.png

The statuses are:

  • Green – online

  • Red – offline

  • Yellow – computer is not a Tachyon client

  • Gray – Tachyon integration is not enabled.

Thanks to Tachyon's ability to deliver near real-time client data, it can be particularly valuable to you when you are using WakeUp to wake clients for urgent maintenance, such as deploying a solution to a zero-day vulnerability.

You can also use Tachyon to optimize NightWatchman by using Tachyon Explorer to return live status on clients to check for:

  • NightWatchman or WakeUp client logs which might indicate an issue

  • Clients with pending reboots that have become pending in just the last few hours

  • Clients that don't have appropriate wake-on-LAN settings.

Troubleshooting permissions

View the NWM.ServiceHost.exe.log on the NightWatchman server.

Customizing the integration

NightWatchman's Tachyon integration is designed to be highly reactive and scalable. However, depending on the size or your organization and the capabilities of your server, you might like to increase or decrease Tachyon's responsiveness. In particular:

  • GroupHierarchyMaxComputersInList – the number of clients (default 1,000) listed in the console when you click a lowest-level group in the client location or organizational hierarchies

  • GroupHierarchyMaxComputersInProperties – the number of clients (default 1,000) Tachyon online/offline status is returned for when you check the properties of a group in the client location or organizational hierarchies. A larger value is appropriate if the groups are large but more queries will be done on the Tachyon database

  • MaxClientsForGetDevicesMatchingScopeTachyonCall – the number of clients (default 250) NightWatchman passes to Tachyon on each call to check online/offline status. Calls are made as quickly as Tachyon can respond.

  • TachyonIntegrationClientStatusCacheExpirySeconds – how long NightWatchman will retain Tachyon client status before it returns to Tachyon for updated status (default 30). A larger value reduces the SQL queries to Tachyon but a smaller value ensures the NightWatchman console reflects the current status sooner. A small value is especially desirable for demonstrations

You can review and change those values using SQL Server Management Studio:

  1. Connect Object Explorer to the server.

  2. Open Databases → AgilityFrameworkReporting → Tables.

  3. Right-click the tbNWM_Dimension_GlobalSettings table.

  4. Click Edit Top 200 Rows.

  5. Modify the values as necessary.

  6. Using the Services control panel icon (services.msc), restart the NightWatchman Console service.

By default, the Tachyon client will wait up to 15 seconds after a computer resumes from standby. During that period, Tachyon will indicate the computer is offline although it's actually online. This delay ensures that Windows has time to reestablish network connectivity. If this is a concern and you find that your computers reestablish network connectivity faster, you can reduce this delay:

  1. Edit the 1EClient.conf file on the client(s) in C:\Program Files\1E\Client

  2. Add a line such as "FastReconnectTimeInSeconds=10" (supported values are 5 to 60 seconds)

  3. Restart the 1E Client service

In this section: