Attention : support for WAPT 2.2 ended on March the 3rd 2023.

Please upgrade to the latest supported version

WAPT Editions and versions history

Software Lifecycle

24 Jan 2020

30 Mar 2021

30 Oct 2021

15 Mar 2022

30 Apr 2022

30 Jun 2022

10 Jan 2023

13 Jun 2023

3.0 Entreprise

Discovery

Release 3.0 (To Be Defined)

2.3 Entreprise

Discovery

Release 2.3

Security and bugfix maintenance

2.2 Entreprise

Discovery

Release 2.2

Security and bugfix maintenance

Security and bugfix maintenance

Security maintenance only

End Of Life

2.1 Entreprise

Release 2.1

Security and bugfix maintenance

Security and bugfix maintenance

Security maintenance only

End Of Life

2.0 Entreprise

Release 2.0

Security and bugfix maintenance

Security maintenance only

Security maintenance only

End Of Life

1.8 Entreprise

Release 1.8

Security and bugfix maintenance

Security maintenance only

Security maintenance only

Security maintenance only

End Of Life

1.8 Community

Release 1.8

Security and bugfix maintenance

Security maintenance only

Security maintenance only

End Of Support by Tranquil IT, Community support only after [1]

Summary of operating principles in WAPT

  • WAPT is agent based to allow no inbound open port in host’s firewalls that initiate a secured bi-directional websocket with the WAPT Server for allowing real-time reporting and actions.

  • WAPT works with Trusted Data Gateways using simple task scheduling.

  • WAPT works on the principle of smoothly pulling updates and then applying upgrades at a convenient time (works with low / intermittent bandwidth, high latency, high jitter networks).

  • WAPT does not require an Active Directory to work (works with Windows Home edition too); however, WAPT will show the host in its Active Directory tree if the host is joined to an AD.

  • Methods for deploying WAPT Agent:

    1. Using a GPO or an Ansible script.

    2. Manually after having downloaded the WAPT Agent from the WAPT Server or using SSH.

  • Methods for registering hosts with the WAPT Server:

    1. Automatically using the host’s kerberos account.

    2. Manually with the WAPT SuperAdmin login and password.

  • Upgrades may be triggered:

    1. Upon shutdown of the host, this is the standard mode.

    2. By an authorized WAPT Administrator in an emergency (ex: patching critical vulnerabilities running in the wild).

    3. By the user herself at a time she chooses (ex: 24/7 nursing cart unused during breaks with a simple click).

    4. Via a scheduled task running at a predetermined time (best for servers).

  • Security is insured with:

    1. Signing of WAPT packages using asymmetric cryptography.

    2. Authentication of hosts against the WAPT Server using symmetric cryptography on registering.

    3. Confidentiality of the WAPT Server using WAPT deployed client certificates.

    4. Using of ACL to define what an administrator is allowed to view or what actions he is allowed to perform according to his certificate.

Current feature list as of 2024-09-20

Attention

You may find on the Internet the mention of a GPLv3 Community version of WAPT that has been maintained and supported by Tranquil IT up to version 1.8.2, or up to approximately July 2021.

The Community version of WAPT has been friendly forked. Tranquil IT provides no longer any support, nor any maintenance, either free or paid on WAPT =< 1.8.2. Support and maintenance may be obtained from the operators of the fork at their rates and conditions.

Tranquil IT is the sole author and the full copyright owner of WAPT 1.8.2 and will require from maintainers of friendly forks that they refrain from using the name WAPT as the WAPT brand is trademarked and protected by the French INPI.

Comparison of features between WAPT versions as of 2024-09-20

Feature

Enterprise

Discovery

Deploy, update and remove software on hosts

feature available

feature available

Maintenance and support (check footnote for conditions)

Tranquil IT staff [5]

Tranquil IT forum [5]

Licensed under

Proprietary

Proprietary

Limits on number of devices

unlimited

300

Version of Python used in code and WAPT packages

3+ (current)

3+ (current)

Deploy and update configurations in SYSTEM context

feature available

feature available

Deploy and update configurations in USER context

feature available

feature available

Get a comprehensive inventory of hardware, software and applied WAPT packages

feature available

feature available

Benefit from the differentiated self-service (authorized users may install authorized software from authorized WAPT package stores)

feature available

feature not available

Benefit from simplified Windows Updates that work better than a standard WSUS (only the required KBs are downloaded from Microsoft)

feature available

feature not available

Simplify and structure your administrative workload by applying WAPT packages to an OU

feature available

feature not available

Configure and manage easily WAPT store relays to preserve bandwidth for Edge Computing scenarii

feature available

feature not available

Get access to ready-to-deploy WAPT packages for common free-to-use software

feature available

feature available

Work with easily verifiable python recipes for installing, updating and removing software and configuration

feature available

feature available

Benefit from hundreds of Helpers for simplifying software packaging

feature available [3]

feature available

Encrypt your sensitive data for transport (software license keys, login, password, server FQDN, API informations for registering software with the vendor, etc)

feature available

feature not available

Automate the auditing of your configurations for an easy, automated and always up-to-date compliance

feature available

feature not available

Benefit from the power of SQL integrated with the WAPT Console to make reports that you need for your daily sysadmin work or that your organization requires for budgeting decisions

feature available

feature not available

Authenticate your WAPT Administrators against Active Directory or LDAP, or their sets of certificates

feature available

feature not available

Benefit from differentiated roles between Package Developers and Package Deployers so you can delegate your WAPT powers to the most adequate people (packagers know security implications, deployers know user needs)

feature available

feature not available

Benefit from multi-tenant, multi-client mode with ACLs for MSPs or large multi-departmental or international organizations using an internal, easy to use PKI based mechanism for allowed perimeter

feature available

feature not available

Integration with Mesh Central for simple screen-sharing for user support

feature available

feature not available

Continued support for Windows XP in WAPT for factory machine tools, Hospital medical equipment, expensive and hard to replace research instruments, etc

feature available [6]

feature not available

Update packages directly within the WAPT Console with update_package function

feature available

feature not available

Integrate WAPT inventory with popular GLPI ITSM tool

feature available

feature not available

WADS : operating system image deployment tool integrated within WAPT

feature available

feature not available

Check package with www.virustotal.com

feature available

feature available [8]

Verified and approved by internationally recognized cybersecurity agency ANSSI French Security Visa, WAPT is the only deployment software in the world with this level of certification

feature available

feature not available

Remote restart and shutdown of client computers

feature available

feature not available

Features coming soon

Below is a list of features that we have identified as being really useful to WAPT and WAPT’s user community and that we have already started to work on. No time-line is promised, stay tuned, we are only promising you that we are working very hard to achieve these objectives.

Feature

Enterprise

Discovery

History of actions done via WAPT for a complete reporting of a hosts software maintenance life-cycle

feature available

feature not available

Authentication of WAPT Administrators using cryptographic tokens (ex: smartcards)

feature available

feature not available

Access to ready-to-deploy WAPT packages or recipes for licensed business software (common business software for industry, medical, office, public collectivities, cybersecurity, etc)

feature available

feature not available

Access to ready-to-deploy WAPT package extensions for simplifying desktop armoring using Applocker or equivalent

feature available

feature not available

Footnotes

Main functional benefits of the Enterprise version of WAPT

WAPT Enterprise feature only

WAPT Discovery is designed to let you try WAPT at no cost on a limited perimeter and with limited high-end features.

With WAPT Enterprise, you benefit automatically from the base functions included in WAPT to help you deploy, upgrade and remove software and configurations on your Windows, Linux and MacOS devices, from a central WAPT Console, with many more benefits.

WAPT is a freemium model. The Enterprise version shares the same code base with the Discovery version. An activated Enterprise license key turns on the following additional functionalities:

  • Active Directory authentication

    of WAPT package developers, package deployers, self-service users and for the initial registering of the WAPT Agents with the WAPT Server. In addition, the display of WAPT equipped devices in the WAPT Console follow the same structure as the hierarchical structure of the Organization’s Active Directory OU.

  • Role separation between package developers and package deployers.

    This way, central IT teams may build the software packages because they know the Organization’s security guidelines, and local IT teams may deploy the WAPT packages because they know the needs of their user base.

    Such a separation is implemented using differentiated sets of keys (i.e. Code Signing SSL certificates for package developers and Simple SSL certificates for package deployers) and with ACLs rigths.

  • ACLs.

    ACLs are managed by the SuperAdmin to authorize or restrict WAPT Administrators to viewing informations or performing actions only on a subset of the devices registered with the WAPT Server.

    The identification and the authentication processes rely either on using Active Directory, LDAP or certificates. The authorizations granted to the Administrators are managed in the WAPT Server database. The perimeter of devices on which the rights are granted is defined by the deployed Administrator’s certificate.

    This feature is particularly useful for large multi-national Organizations, central administrations with large regional offices or for MSPs wanting to centralize the management of several clients while allowing their end customers to perform some daily management tasks.

  • Differentiated self-service.

    WAPT Enterprise allows you to apply lists of allowed packages to user groups in Active Directory.

    Allowed users are free to install qualified packages from their list of approved packages without having to submit a ticket to their IT teams.

    This feature is designed to offer Users the feeling of freedom and empowerment that they fear to lose in managed environments while allowing CISO to apply strict security rules using such method as SRP, also known as Applocker.

  • WAPT WUA.

    WAPT allows to manage the Windows Updates on your Windows endpoints.

    WAPT WUA is designed to just work out of the box, be gentle on your storage and preserve your bandwidth for your productive needs.

  • Advanced reporting for corporate teams.

    This reporting completes the operational reporting already available in the WAPT Console; reports help WAPT operators demonstrate their efficacy with WAPT for insuring a greater level of security and conformity for their networks, systems, software and applications.

  • Dynamic repository configuration.

    Starting with WAPT 1.8, repository replication can be enabled using a WAPT Agent installed on an existing host, a dedicated appliance or Virtual Host.

    The replication role is deployed through a WAPT package that enables the Nginx web server and configures scheduling, packages types, packages sync, and much more.

    This feature allows WAPT Agents to find dynamically their closest available WAPT repository from a list of rules stored on the WAPT Server.

  • Integration with GLPI

    GLPI is a popular ITSM solution for ticketing, incident and asset tracking.

    WAPT can now optionally send a minimum set of useful informations to a GLPI server.

Targeted use cases of WAPT Enterprise

The Enterprise version of WAPT is particularly advisable for Organizations:

  • That manage large installed bases of devices (generally above 300 units).

  • That are spread geographically with many subsidiaries or production sites.

  • That require a strong traceability of actions performed on the installed base of devices for reasons of audit or security.

  • That value secured and proven solutions in their IT sourcing.

Description of services available with a WAPT Enterprise contract

Access to future improvements in WAPT Enterprise

By subscribing to a WAPT Enterprise contract and by maintaining your subscription valid, you benefit from the future improvements brought into the core of WAPT and you benefit automatically from all future improvements to the WAPT Enterprise version.

A lapsing of your subscription will automatically switch your WAPT instance back to its corresponding Discovery version. Advanced functions only available in the Enterprise version will no longer be accessible and no action other that deleting hosts from the WAPT Console will be allowed until the host count has passed below 300.

Direct telephone support for your daily usage of WAPT

When your subscription reaches above a certain volume, Tranquil IT, the creator of WAPT, allows you a privileged access to its core team of WAPT experts and developers.

We give you access to a dedicated telephone hot-line with a direct answer to satisfy your needs for support in English and French.

We are committed to providing you with reliable and pertinent answers on the subscribed perimeter, quickly.

By subscribing or renewing your WAPT Enterprise contract, you will receive a notification indicating the practicalities to access our support.

Attention

The support concerns only the use in your Organization of the WAPT Enterprise software, additional support for adapting, personalizing, debugging or creating WAPT custom packages may be obtained with prepaid support tickets.

Up to three individuals in your Organization may communicate with our direct support.

Note

For more information, contact Tranquil IT sales team.

Price and preferential access to WAPT training

You may choose to train your IT team on any particularity of WAPT.

Note

For more information, contact the Tranquil IT sales team.