Ekran System® FAQ

System requirements

Ekran System supports recording up to 10 000 concurrent sessions per site. Please contact our support team for more specific information on Ekran configuration for large-scale deployments.

Yes. After the installation, you need to remove the unique Client GUID from the Windows Registry (HKEY_LOCAL_MACHINE\SOFTWARE\EkranSystem\Client\AgentGUID). After the first connection, each new machine receives a unique ID and is monitored as a separate instance.

According to our experience, 2 TB HDD is enough to store records of 100 workstations for up to six months without having to perform the database cleanup and archiving.


Typically, the reason is the incorrect settings of the Ekran Server IP or its domain name provided during the Client installation. You can check the applied settings in the HKEY_LOCAL_MACHINE\SOFTWARE\EkranSystem\Client\RemoteHost registry key. To make sure that host name is correct, you should ping the server from the Client computer.

90% of such issues are caused by the lack of database storage space. In such a case, archive or clean up your database. You can also enable database auto-cleanup by scheduler.

First, check if a license is assigned to the Ekran System Client. Also, note that in the IDLE state (there is no user activity on the endpoint) the Ekran System Client does not send any data to the Ekran System Server.

Ekran System functioning

Ekran System Windows Clients capture screenshots and monitor metadata: user name, host name, keystrokes, clipboard text data, application names, active window titles, and activity time. Optionally, you can capture information about visited URLs information and plugged-in USB devices. By viewing metadata, you can quickly find the information needed.

Ekran System Linux Clients capture entered exec* and sudo commands with all their parameters.

Ekran System macOS Clients capture screenshots and monitor metadata: user name, host name, application names, active window titles, activity time, and visited URLs.

The Ekran System Client average CPU usage is less than 1%. When there is no activity, the Ekran System Client does not use CPU at all.

The Ekran System Client uses up to 20 MB of memory. In case of multiple sessions monitoring, Ekran System allocates 12MB per each new session.

Since the Ekran System is not a spyware application, it does not support process hiding. At the same time, Ekran System has a protected mode that prevents the Client from being stopped even by privileged users.

If there is no connection to the Ekran System Server, the Ekran System Client stores the monitored data locally and automatically sends it to the Server as soon as the connection is restored. You can configure the local cache file size.

We recommend using our Full Feature technical presentation. The latest version can be found in the Technical Documentation section.

Yes. It is possible to export a session or its fragment in the encrypted form for viewing on any computer, even without access to the Management Tool. A session is exported into a signed executable file with the embedded player for displaying graphical information and metadata.

You should install a Client on each virtual machine on the hypervisor. Ekran System records all connections to virtual machines including the ones via VMware remote console, Hyper-V console, etc.

Ekran System installation & licensing

Ekran System currently does not provide SaaS deployment out-of-the-box. Please contact your MSP partner to learn about the additional options they can provide.

You can monitor subcontractor access via Jump Box Server when subcontractors do not have access to production servers but have to connect to a Jump Box Server (Windows Terminal Server) to manage critical infrastructure. See more licensing details here: Licensing Models

A new version of Ekran System Server is installed manually over the previous version. All configurations remain the same. After you update the Ekran System Server, Ekran System Clients will be updated automatically. You will receive a reminder about Ekran System update and support subscription expiration beforehand so you can renew your subscription in time and continue having access to the new releases.

Neither. The license is assigned to a physical computer. A Client with the Terminal Server license monitors an unlimited number of sessions on the computer. More license types and details here: Licensing Models

One license allows monitoring one PC. You can easily unassign a license from and assign it to a Client. No limitations.

You can download the trial version from the main page of our site and install it following the installation instructions: Installation Check List

Ekran system configuration & privacy settings

Here is the list of the port numbers that need to be opened to guarantee a stable Ekran System work:

  • 9447, 9449 - for Clients connection
  • 22712 - for the Tray Notification Application connection
  • 22713, 22714 - for the Management Tool to connect to the Ekran System Server (if the Management Tool and the Server are installed on different machines)
  • 443 - for access to the Management Tool (if the Management Tool and the Server are installed on the same machine)

Yes. You can back up monitored data via Ekran System database archiving and cleanup. Archived data can be viewed any time. You can also back up a full database file via native MS SQL or PostgreSQL tools.

It is recommended to use Ekran System primarily to monitor subcontractors that maintain your servers. If you are going to monitor the activities of your employees at the workplace, it is possible to configure Ekran System according to the Article 29 Working Party recommendations and your corporate policy. For more information on this matter, go to our Resources page.

You can enable displaying of the additional message on user login to inform the user that their actions are being monitored and notify them about corporate policies or the country law. You can also enable displaying the tray notification and Ekran Client icon in the tray.

Ekran System allows you to enable the protected mode on Clients, which makes it impossible for the user to edit Client log files, monitored data, Client settings in the Windows Registry, or delete Client files and the Client itself.