View the almost endless management capabilities
Easily deploy software applications in many formats, such as msi, msp, mst, exe, and others. Applications are deployed silently with full control over how they install, when they install, who they install as, and if they should install on that client, depending on conditions that you specify.
Computer Cloning / Imaging
Create universal images that can be deployed to different computer models, supporting both EFI and legacy bios systems.
Schedule complete inventory scans for your endpoints to capture information such as, installed applications, installed windows updates, missing windows updates, hard drives, logical drives, system info, nics, location, printers, firewall status, antivirus status, bitlocker status, uac status, and more.
Custom assets can be defined to manually keep track of anything that isn’t a PC. Such as software licenses, switches, projectors, copiers. Assets are combined with custom attributes to define each attribute you want to track. Finally, files can uploaded and attached to the asset as well and users can add comments.
Shutdown and wakeup endpoints on defined schedules, even across subnets without any changes to switch configuration.
Windows Update Management
Deploy specific Windows Updates to endpoints or force the endpoint to download and install any available updates from your SUS server or Microsoft, with options to skip Windows upgrades.
Install and remove network printers. Printers can be installed at the computer level when no user is logged in, or for the user at login. The print spooler can also be restarted if necessary.
Simple Web Interface
Manage everything from a single, easy to use, mobile friendly, web interface.
Policy schedules provide exceptional control over when or how often it should run. Policies can be executed a single time or on a reoccurring schedule such as daily, weekly, monthy, or on an interval such as every X hours or every X days. Schedules can further be refined to only run on specific days of the week and between specific times of the day. Schedules also allow setting a policy start date in the future allowing you to pre-plan deployments.
Full Open API
The entire API for Theopenem is open, allowing for integration with other applications, and secured by OAuth 2.0.
Dynamic groups are they key to automation. They provide a way to group endpoints together based upon a set of criteria set by you and take actions. The criteria can include anything from an inventory scan or a custom attribute you have defined. They are constantly being updated with the correct group members based on the criteria. Some use cases could include keeping software up to date, keeping UAC on, keeping firewalls enabled, etc.
Active Directory Integration
Integrate with AD for authentication, user group membership, and OU structure. This allows you to deploy policies based on existing OU membership, of course it’s not required, local groups can also be setup in Theopenem to target endpoints. A combination of both is typically used.
Custom messages can be sent to any endpoint with a logged in user. The message has the option to auto close after X seconds or remain until acknowledged.
Track User Logins
All user logins and logouts can be recorded to easily determine who was using what computer and when.
Track Application Usage
Application usage can be monitored to see who was using what applications and when. When this is combined with Tracking User Logins, it provides a clear picture of what a user is doing at any given moment. This also provides usage statistics to determine the most popular applications in your organization. Software can then be tailored to be available at more locations if usage statistics support the request for more licenses.
No SMB Shares Required
No SMB shares or ADMIN share required. All communication occurs between the endpoint agent and endpoint server API.
Designed with security in mind. All communications between the endpoints and server are encrypted using a combination of symmetric and asymmetric(SSL Certs) keys. In addition, all commands sent from the server are signed specifically for that endpoint. Before the endpoint executes anything, it verifies the command originated from your server and was intended for that endpoint. You may also provide you own SSL certs for an additional layer of encryption.
Custom attributes may be defined and assigned to any endpoint or asset to track any custom info for your organization, such as internal asset number.
Attachments And Comments
Endpoints and Assets can store attachments and comments providing a full picture of any services or contracts, etc, belonging to it.
Should you ever come across something Theopenem can’t handle, script modules provide an easy method to deploy powershell, batch, and vbs scripts on your endpoints.
Software deployment and script execution can be configured to run as different users. This is typically not necessary to change from the default, but is available.
Set limits on how many endpoints can download files concurrently and set a max bitrate for each endpoint download, protecting your network from becoming saturated should too many endpoints check-in at the same time with a large deployment waiting.
Theopenem can manage anywhere from 1 endpoint to more than 10,000 endpoints. Three separate web applications run Theopenem and each one can be installed on as many servers as needed to meet load requirements.
Light and dark themes available, assignable per user.
Custom conditions can be used to define conditions that must be met on the endpoint in order for the policy to run. A condition can be anything that can be scripted, such as, system architecture, os version, software version, registry value, etc. If a value can be retrieved from a powershell script, it can be used as a condition.
Load Balancing / Failover
Built-in endpoint load balancing and failover across multiple Theopenem servers. Your endpoints will automatically connect to the optimal server and failover to other servers when necessary, making sever maintenance worry free.
Policy Template Library
The Policy template library provides easy to use, premade policies to automatically download and deploy software and run custom scripts. We are currently working on expanding the library and encourage users to submit their policies.
Receive daily reports of any endpoints with a failed S.M.A.R.T. status of it’s hard drive.
Manage External Endpoints
Easily manage endpoints outside of your network as well as inside and configure policies to run conditionally based on on an internal or external network.
Role Based Access Control
Provide different administrators of Theopenem different permissions based on their role within your organization. Permissions can also be set via Active Directory Security Group membership.
Easily run custom reports on Computer Inventory, Asset Inventory, Users, Software Applications and Application Usage.
Your data belongs to you. Theopenem will never communicate with the cloud in order to provide us with details regarding your Theopenem servers, their usage, or the data on them.
We are not hiding anything. The complete source code for Theopenem is available for you to view and download. Have a fix or an improvement? Submit a pull request on Github.
All documentation is publicly available and easy to find with extensive documents on installation and usage.