Abstract: A booting process on a client device in a client/server network, in which a custom bootloader is installed in place of a standard bootloader for an operating system of the client device. The method includes receiving a signal instructing the client device to boot; writing UEFI variable(s) from the signal on the device; evaluating the UEFI variables. When the UEFI variables do not identify a security flag, the custom bootloader performs a direct boot to the operating system. When the UEFI variables identify a security flag, the custom bootloader executes one of a programmed bootloader process to determine whether: a correct boot sequence involves a separate bootable image present on the client device; or to connect to the server and receive a correct playbook for execution. The method also includes executing one of the separate bootable image or the correct playbook to boot the operating system.

Abstract: Embodiments include techniques for booting/rebooting a client device and a client device in a client/server network. At the client device, the techniques include detecting an unsuccessful boot of the client device and then evaluating, to identify a cause of the unsuccessful boot, one or more bootup conditions of the client device. In response to the one or more bootup conditions, embodiments can connect to a server over a computer network to communicate the one or more bootup conditions. Embodiments can also receive, from the server, a desired playbook configured to remediate the cause of the unsuccessful boot and execute the desired playbook to cause a successful boot of the client device.

Abstract: A client in a client/server network includes a processor; and storage devices storing an operating system, an operating system standard bootloader, a custom bootloader, and a reboot counter. The storage devices store a boot order in which the custom bootloader is inserted as a first entry and computer readable instructions, which, when executed by the processor cause the processor to: reboot the client device; increment the reboot counter; and determine whether a number in the reboot counter exceeds a predetermined threshold. When the number in the reboot counter is determined to exceed the predetermined threshold, the reboot counter is cleared and one of: a bootable image stored on the client device is retrieved or a secure channel to the server is established and a correct playbook is obtained from the server. Further, the processor is caused to reboot the client device to the bootable image or correct playbook.

Abstract: Fleets of mobile or desktop electronic devices are sometimes wrongly unenrolled from a security and management service. They must then be reenrolled individually, from the devices themselves. To overcome this, a calling agent in each device is only partially removed or disabled upon receipt of the unenrollment instruction. The remaining portion of the calling agent is removed after a cool-off period. During the cool-off period, a persistent component of the calling agent that remains active contacts a monitoring center to check whether there is a cancellation of the unenroll instruction. If there is, the devices can be reenrolled from the monitoring center. This persistent component is designed to survive device reimaging and reinstantiates itself in such an event. This tether provides the ability to reverse unintentional device unenrollment.

Abstract: Failure detection and reporting for a computer mail gateway is provided. In a preferred embodiment, two computer mail systems are connected by a gateway. The gateway includes an automatic gateway failure detection and reporting facility. The gateway also includes a message transfer store. The facility transmits a message from the first mail system into the message transfer store for retrieval by the second mail system. The facility then detects that the transmitted message from the first mail system has remained in the message transfer store for at least a predetermined time without being retrieved by the second mail system. In response to detecting that the transmitted message from the first mail system has remained in the message transfer store for at least a predetermined time without being retrieved by the second mail system, the facility diagnoses the failure of the gateway.