The ThirdWall Resource center is set up to help you find information quickly with downloadable PDF guides, videos, and several other items. You can review blogs or company news or just see what is in the library. If you don’t find what you are looking for, just send us a note via our contact page.
THIRD WALL™ OPERATIONAL CYBERSECURITY– AN ESSENTIAL TOOL FOR YOUR CONNECTWISE AUTOMATE® SOFTWARE
There is a ton of software out there that is “nice to have.” ThirdWall™ is not one of those. As a critical plug-in for your Automate Software, it adds an element of protection that absolutely must be there. Without it, you and your clients are far too exposed to the enormous array of cyber threats fighting to get into your systems every day. You know that they are out there, you cannot ignore them. Third Wall has a broad array of features to block those threats, dramatically reducing your exposure and vulnerability.
What is the ThirdWall™?
The First Wall is your firewall. We often take this for granted anymore, but you know how critical this wall is. Make sure it is working – and monitored by LabTech, of course.
The Second Wall is your antivirus / antimalware. Hackers and sophisticated agents are working round the clock to infect your computers. A top-shelf antivirus / antimalware suite is a fundamental requirement of CyberSecurity. Use LabTech to make sure yours are always installed, running and current.
Lockdown Operational CyberSecurity is the ThirdWall!
We know you have two powerful and necessary “walls” against cyberthreats: your firewall and your antivirus / antimalware. But that is not enough. Without the Third Wall™ enforcing Operational CyberSecurity, you still are extremely vulnerable. There are gaps in your security, and the statistics today tell that story plainly. You must enforce policy; you must slam shut unused, vulnerable protocols; you must rapidly react to security breaches. For this, we have created Third Wall™ – to give you the next set of tools to manage your environment to a much more CyberSecure space. Without it, threats can – and will – walk right in as if there were a missing wall in your fortress. Add the ThirdWall plugin to your Automate™ Software today!
Need help on how to use Third Wall? Click HERE
Need documentation on Third Wall? Click HERE
Need help on how to install Third Wall? Click HERE
Need help on how to decide how to use Third Wall? Click HERE
Need to update your credit card? Click HERE
And don’t forget our FAQ!
Third Wall™ FAQ
If I am in a trial of Third Wall™ and decide to purchase, will I be billed for the remainder of my trial period?
No, we will give you the full trial free of charge, regardless of when you decide to purchase, and will only start billing once that trial period has ended. You do not need to wait until the end of the trial period to purchase – we will keep track of that for you!
Is Third Wall™ difficult to use?
No, Third Wall™ is very easy to use, right from your Automate® Control Center. As a plug-in, it will work seamlessly within your ConnectWise Automate® environment. However, Third Wall™ is a very powerful tool, and we strongly recommend that any user be very proficient at Automate operation and with Windows® itself. Like any powerful tool, improper use by an unqualified person can be dangerous. We also strongly recommend that you test Third Wall™ functionality within a test environment prior to full deployment, so that you fully understand what it can do for you and how to properly use it.
Will Third Wall™ work on virtual machines?
Yes, as long as they are running on a supported Windows version and are being managed by Automate.
Will Third Wall™ work on a cloud version of Automate?
Yes, Third Wall™ will work on either a cloud version or an on-premise version of Automate.
Can I add more computers to Third Wall™ protection?
Yes, simply by activating any Third Wall™ function within a Automate location, you will add all of those computers to Third Wall™ protection. We will automatically detect that via our license server; you will not need to notify us of your action.
Will Third Wall™ work with RMM solutions other than Automate?
No, it is specifically designed for Automate as a direct plug-in, and extends the functionality of Automate in critical ways.
Will Third Wall™ work on my Mac or Linux computers?
No, Third Wall™ only works on Windows-based machines running Windows 7 or later versions (PCs, laptops and tablets) or Windows Server 2008 or later (servers).
Will Third Wall™ charge for all of my Automate Agents?
No, Third Wall™ only charges you for the Automate Locations where you are actively using Third Wall™ protection. Until you actually use a function on any given Location, you will never be charged for it. Once you do use Third Wall™ functionality on any given Location, you will be charged for the number of Windows endpoints within that Location.
What is the pricing for Third Wall™?
There is a monthly minimum per Third Wall™ client, see our pricing page for details. If your per-computer-protected charges exceed this number, then that charge will increase appropriately.
Can I cancel my Third Wall™ subscription at any time?
Yes, you can cancel by sending an email to email@example.com requesting cancellation. This requires 30 days’ notice to remove from billing.
How does Third Wall™ calculate my number of active endpoints for billing purposes in a month?
Third Wall™ software has a built-in counter to determine, within a given month, the maximum number of Windows endpoints your operation has under Third Wall™ protection. This is counted by Automate Location – once you use Third Wall™ protection within a given Location, that entire Location is counted until cancelled. We only charge you for the actual number of Windows endpoints within an active Third Wall™ protected Location.
What happens to my license if I deactivate all of the policies for Third Wall™ within a given Location?
Since you still have powerful Third Wall™ protection within that Automate Location available to you, including the extremely powerful “Isolate,” “Lockdown” and “Annihilate” buttons, should you ever need them, we continue billing you for any activated Location even if you are no longer using any policies. If you would like to fully deactivate a Location and remove it from billing, please send an email identifying which Location(s) you wish to remove to firstname.lastname@example.org, and we will remove it from your charges for the following month.
Will Third Wall™ work with my antivirus package?
Most likely. We have structured Third Wall to ensure it will not conflict with antivirus systems. However, we still recommend that you make sure your antivirus has exceptions made for Automate, per their normal instructions.
Will Third Wall™ work with Group Policy?
Yes. But it is possible to set conflicting policies on Third Wall™ versus Group Policy. If that happens, then you will see them changing values on your endpoints at the cycle time of their respective monitors – Third Wall™ will alert you via Automate tickets every time this happens, so watch for repetitive changes as an indicator of this conflict. You should rectify the conflict, by either changing Group Policy or Third Wall™, to ensure that you have consistent policies in both.
Can I pay via check or PayPal?
No, we only accept credit cards or debit cards with automatic payments set up. If you would like to pay annually, please contact us at email@example.com.
How do I update my credit card?
Just go to our Update Credit Card page.
What happens to all of my Third Wall™ settings should I cancel?
Once you cancel, we will help you return all settings on all computers where Third Wall™ made a change back to Windows® default.
How can I reach tech support for Third Wall™?
We currently support Third Wall™ via email tech support. Send your email to firstname.lastname@example.org.
Will you add additional features to Third Wall™? Do you take input for added features?
Yes, we plan to add new features every few months. And we welcome your input on new features – please send your requests to email@example.com. We want to make your environment as safe as possible!
A quick overview of ThirdWall – see what it can do for you!
Third Webinar – a recorded version of our live webinar
Third Wall V2 – Deep Dive into our Policies and Features
Third Wall V2 – How to use our powerful plugin
Third Wall V2 – How to get access to Protected Functions – Third Wall Admin permission
How to use the Third Wall Profile function
USB Wall on Third Wall V2.2 or higher
Third Wall Blogs and News
Third Wall™ for LabTech® – Operational Considerations to Enhance Endpoint Security
Dr. Kenneth Knapp, CEO, Cyber Secure Advising
CISSP, Certified Ethical Hacker
Although most companies these days have good firewalls and strong antivirus, the area of cybersecurity at the endpoint has become the battlefield of choice for malware and hackers. End users are, innocently or not, clicking on unsafe links and opening dangerous attachments. Employees are stealing data. And even IT professionals are leaving open protocols and services that are vulnerable – and often not even being used. The concepts of “least privilege” and “least access” are becoming ever more critical – and Third Wall is helping to address that with a technology-assisted approach.
Applying Least Privilege to Achieve Endpoint Security
This paper describes why a product like Third Wall™ for LabTech® is a critical element of an organization’s cybersecurity strategy. Third Wall significantly increases endpoint security in Windows-based environments by implementing the principle of least privilege. This strategy not only enhances endpoint security at the point of attack for malicious hackers today, but Third Wall also promotes good risk management and regulatory compliance. This paper outlines five key ways that Third Wall implements least privilege at the endpoint. It also provides a summary on how Third Wall can help with the compliance of specific standards
Operational Considerations to Enhance Endpoint Security
This paper discusses several key vulnerabilities that are addressed by Third Wall™, and how you should view them in your environment. If possible, you should address these vulnerabilities, whether through Third Wall™ or through other means. Implementing Third Wall™ Policies significantly strengthens Operational Cybersecurity across an organization.
Third Wall Policy Screen – apply protection across one or more Locations
Third Wall Exception Screen – allow a computer to be excluded from a Policy
Third Wall Audit Report – prove how long a Policy has been protecting ALL computers in a Location – for HIPAA, PCI, SOC, NIST, FINRA audits and more
Third Wall Logon Dataview – answer your client immediately when they ask “who was on a computer after hours last night?”
USB Wall Registration Screen – manage which Data Sticks will work wherever you have USB Wall enabled
Use these documents to Onboard your clients
- What is the best starting point? Assume ALL policies will be enabled for a client, and then work backward from there, eliminating those that won’t work for a given client.
- Read our BLOG on the 17 “no-brainer” policies we think you should deploy to every computer you manage.
- You’re the instant expert on Operational Cybersecurity.
- Choose which Third Wall policies work for each client.
- Click Here to download our policy matrix, which will help you understand how best to deploy Third Wall policies by showing you which ones end users will notice, and how each policy will help you.
Brochures and Print Material
How to complete an Update of Third Wall:
To install the new update if you are running Automate 2019, simply go to any Automate > Location > Third Wall screen and click the Update Available button. Or just go to the Automate Solutions Center and update from there in Properties, and run it. Only takes a few minutes to complete. We do recommend you run it off-hours – since it will deploy an updated agent to all of your managed computers.
If you have already updated to Automate 2020, here’s how to install until ConnectWise gets this latest version on the Solutions Center:
- Download two plugin files:
- Right-click and UNBLOCK the files (if currently blocked)
- From Automate, open the Plugin Manager. From here, we will update two plugins: the Third Wall Remote plugin and the Third Wall Server plugin.
- Start by selecting Third Wall Server on the Plugin Manager. This will highlight the Third Wall Server plugin on the interface. Then use the ‘Advanced’ button on the top-right to select: Manage Plugins -> Update Plugin. This will call a file dialogue window. Use it to select the newly downloaded ThirdWallServer.dll file.
- Upon updating the ThirdWallServer.dll file, you will be prompted to restart the Automate database agent. Click ‘No’ to this prompt.
- Now do the same for ThirdWall.dll. Select the Third Wall Remote option on the Plugin Manager and click to Update Plugins. When prompted for a file path, select the newly downloaded ThirdWall.dll file.
- This will again prompt Automate to request restarting the Automate database agent. Again, choose ‘No’ to this prompt.
- Both plugins are now displaying version ‘126.96.36.199’. Confirm this and then use the ‘Advanced’ button on the top right to: Reload Plugins -> Update Remote Agent Plugins.
- Restart your Control Center and any others running when the update occurred.
V188.8.131.52 Release Notes
- Big improvements to Monitor for Ransomware Attacks
- Fully supports redirected path to \Documents. Lots of you have been waiting for this one, it’s here!
- You can specify a subfolder for the bait files, instead of the root of the \Documents folder.
- You can now also specify a custom filename for bait files.
- You can create additional bait files in a custom (static) path that you specify – perfect for protecting servers!
- We added a double-check to reduce false alarms.
- More major improvements to Disable EXE from %AppData% (essential for protection from ransomware!)
- Added new options to policy to block %LocalAppData%; to block all 30 executable types; and to generate a ticket on file block.
- Created new Client Screen to auto-scan your remote AppData environments for executable files across ALL computers within a given Client, and then easily whitelist those you wish to not block in that Client.
- Monitor Event Log ClearingAdded option to only alert on the three primary logs, minimizing false alarms.
- Detection tickets will describe who cleared what, when.
- Alert on Excessive Logon Failures
- The alert ticket now includes the failed logon usernames.
- USB Wall
- Added “Assigned to” value to the Dataview.
- Added support for BitLocked USB keys.
- Isolate Button
- On the Integration screen, you can specify an “Auto Restore” time, which automatically reconnects the computer to the network if the connection to Automate is broken.
V184.108.40.206 Release Notes
- Security Patch – important update to close a potential vulnerability.
- We reduced the size of our remote agent by 70%, so it will have a much smaller footprint and will have much lower impact on your Automate server during update deployment.
- In anticipation of our next release, which will include Redirected Folders as part of our Monitor for Ransomware Attacks policy, we have made a change in architecture to allow the smooth introduction of this critical upcoming feature.
- Improved the efficiency of our capture of User Logon data.
- Installed a version monitor to prevent mismatches between your Automate Control center(s) and your Automate Server.
- In the “Shutdown” option for our Monitor for Ransomware Attacks and our Alert on Excessive Logon Failures policies, we added Isolate to the actions taken.
- Added “Computer Name” to tickets generated by the self-exception rule and the Monitor for Ransomware Attacks policy.
- For the Alert on Unencrypted Disk policy, added a condition that will trigger a ticket: if “Protection Off” is seen in the Bitlocker discovery, you will get a ticket.
V220.127.116.11 Release Notes
- Updated the User Logon Report in the Report Center to correct an error. If you use this report, please update to v18.104.22.168 now.
- Improved the “Alert on Excessive Logon Failures” policy to even better capture and stop brute force logon attempts.
- Improved the utiliity of tickets generated by the “Monitor for Ransomware Attacks” policy.
- Added an important contingency on the Isolate reversal function. to better handle certain environments.
- Improved performance of logon data capture on the Automate server.
- Several important internal improvements for the plugin itself, to enhance performance and utility.
V22.214.171.124 Release Notes
- We’ve added both of our Reports (the User Logon Report and the Client Audit Report) to the new Automate Report Center. You no longer need to go to the Legacy section to run Third Wall reports; you can just right-click the target client and run your report from there.. We will still maintain them in Legacy for a while longer, to ensure everyone has time to migrate. To get the new reports, you must be on v2.0.1200 or better of the Reports.
- Changed ticketing for both Alert on Excessive Logon Failures policy and the Alert on Event Log Clearing policy. They will no longer “auto-close” after 5 minutes; they will remain open until you address them and close them manually. These both need your attention, and thus we do not wish to auto-close them any longer. Additionally, if subsequent tickets for a particular situation continue to come in before the original ticket is closed, they are added into the original ticket.
- Updated our logic behind the Emergency Action buttons to avoid duplicate situations.
- Added checkbox to allow Type 3 (network) Logon failures in our Logon Monitoring function.
- Removed Logon failures from the User Logon Report; you can still see those in the Dataview. We also added the specific decription of the Logon failure.event.
- The Monitor for Event Log Clearing policy will now ignore certain Dell events that were causing false positives.
- Removed WMI from being used for the Alert on Excessive Logon Failures policy, substituting a more reliable method.
V126.96.36.199 Release Notes
Here are the key improvements and fixes you’ll benefit from:
- Added an Assigned Alert Category selector to help ConnectWise Manage users better manage alerts / tickets.
- Added an Assigned Alert Template selector to the Monitor for Ransomware Attacks policy, to allow you to improve notification of a ransomware attack.
- Added a capability for you to change Third Wall permissions to “read only,” allowing you to restrict access to most Third Wall command functions for individual technicians on your staff.
- Fixed a condition that could product excessive tickets for ransomware alerts.
- Added a horizontal scroll bar to the AppData whitelist screen.
- Improvements and fixes to social media policies, USB policies, Screensaver policy, Windows Store policy and Unencrypted Disk monitoring, plus improvements to the UNDO function.
Click HERE for a “how to use” video on V2
How-To: Install Third Wall V2
Installing Third Wall v2
Installing Third Wall is simple – just go to the Automate Solutions Center, find our plugin and follow the instructions. We’ll deploy the agents for you, so it only takes a couple of minutes to get started protecting your environment. Once you’ve downloaded from the Solutions Center.
Update your Credit Card on file
To update your credit card, you’ll need to have your Subscription ID / Serial Key from Third Wall. You can find it on any Automate > Location > Third Wall screen by clicking the information (“i”) icon on the bottom left. Copy and paste it into below form, enter your new information (all fields are REQUIRED) and you’re all set.