ManageEngine's Emergency Mitigation Service (EMS) is an automatic update service offered by ManageEngine to secure your Endpoint Central MSP servers against critical vulnerabilities and functionality issues. It provides emergency mitigation by automatically applying emergency patches to your Endpoint Central MSP server. This new service is not a replacement for installing service packs, but it is the quickest and easiest way to prevent any exploitation in times of emergency.
In this article:
In times of emergency, ManageEngine releases 'Emergency Mitigations' which are patches to fix the root cause of critical issues. There are two types of emergency mitigations: Security fixes and functionality fixes.
We monitor all our systems to detect deviations from regular operations and see if they pose any security or performance issues. As a part of emergency mitigation, when a critical vulnerability is discovered, we release a security fix for the bug and when a showstopper performance issue arises, we release a functionality fix. Unlike a service pack, emergency mitigation is a small but critical patch update. To avert the risk before any active exploitation or loss of productivity, the Emergency Mitigation Service is designed to automatically apply this fix to your Endpoint Central MSP servers. Owing to the urgent nature of the fix, this is an active update mechanism that immediately applies the patch once it is available, instead of having to rely on the user to manually do it as done in a normal upgrade. We have updated our License Agreement to allow you to opt-in to this service.
Security fixes: In today's time, it may not take long before a vulnerability turns into a breach. Based on our customer inputs, we realized that there was a need for a simple automated solution that helped customers quickly protect their servers during times of a cyber crisis. With this service, we intend to arrest any internally discovered or externally reported critical vulnerabilities before they can cause any harm. We have introduced this service on a proactive note to keep your network safe and your experience seamless.
Functionality fixes: Though infrequent, a major performance issue may have the potential to act as a showstopper for an organization, leading to loss of productivity and downtime. In order to avoid the chances of such a setback, functionality fixes are deployed to your installations for a seamless experience with managing your endpoints. To enable this in your server, navigate to Admin tab -> Server Settings -> enable "Automatically deploy important fixes" option. If this option is enabled, functionality fixes will be automatically deployed into your server when they are released by ManageEngine. Endpoint Central MSP admin will be prompted each time the fix requires a restart.
Your Endpoint Central MSP server and our emergency service domain will be in sync to check for any available fix. Whenever ManageEngine releases an emergency mitigation, your installation will receive the patch during its periodic check for updates. The fix will be downloaded and applied to your server without any manual intervention since EMS will execute this action automatically. An emergency mitigation will be followed by a server restart if need be.
We have a dedicated module in the action log viewer for emergency mitigation. You will be able to view the applied fixes under the Action Log Viewer in the Audit module. There, you can see the time, remarks, username and reason for each emergency mitigation.
Note: The emergency mitigation will contain only critical bug fixes and are not equivalent to service pack releases. Consider EMS as a necessary stop-gap measure before applying the service packs applicable to you.