System Overview – How It Works
The AutoElevate system allows technicians to evaluate the privilege use and base security, monitor privilege activity, and take action on UAC and privilege requests of machines under their management. The AutoElevate system consists of 4 main components: System Agent, Notification Server, Notification App (or Mobile app), and Admin Portal.
The System Agent monitors for UAC events (i.e., Username and password prompts in Windows) on Windows computers. When a UAC is detected, it examines the cause of the request for elevated privileges, closes out the UAC dialog, and displays a custom AutoElevate dialog box asking if the user wants to proceed with what they are doing. If the user selects “Yes,” the System Agent sends a notification to the Notification Server, which sends the information to the technician's Notification App so that the technician can examine the request and then decide to either allow or deny the requested action.
The Notification Server handles communications between workstations that are running agents, the web admin portal, and the Notification Apps.
When users request an action requiring elevated privileges a notification is sent to the Notification App. Information about the machine and application security disposition is sent to the Notification App so technicians can evaluate whether the request should be allowed or denied. Once selecting Allow or Deny, the technician is presented with options to automatically build a rule associated with the request that would apply to the same request on machines in the future. Once a rule has been selected to allow or deny the request ‘this time’, ‘this computer’, ‘this location’, ‘this company’, or ‘all computers’, the rule is built, and instructions on how to handle the request are returned to the notification server which then notifies and implements the rule on the computer.
The Admin Portal allows technicians to see and manage the security disposition of each machine under management, UAC events, rules, and requests.