Your SlideShare is downloading. ×
  • Like
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Now you can save presentations on your phone or tablet

Available for both IPhone and Android

Text the download link to your phone

Standard text messaging rates apply

ObserveIT Remote Access Monitoring Software - Corporate Presentation

  • 1,597 views
Published

ObserveIT Software acts like a "security camera" for your servers, it will allow you to watch with full video playback every step your 3rdparty contractors, developers or IT administrators takes on …

ObserveIT Software acts like a "security camera" for your servers, it will allow you to watch with full video playback every step your 3rdparty contractors, developers or IT administrators takes on your servers – exactly as they happen.

Watch full video playback of Remote Desktop, Citrix and VMWare Sessions

View sessions in real time or from historical recordings

Quickly find any user action, without playing back the entire session

Published in Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
1,597
On SlideShare
0
From Embeds
0
Number of Embeds
1

Actions

Shares
Downloads
42
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. ObserveIT – Record & Replay Terminal, Citrix and Console Sessions
    info@observeit-sys.com
    January 2010
  • 2. Agenda
    Quick Overview
    Why use ObserveIT
    Competitive Landscape
    Product Feature Demonstrations
    Enterprise-Ready Architecture
    Case Studies
  • 3. The Company in a Nutshell
    Founded in 2006
    Focused exclusively on People-Auditing software products
    First GA product release – 2007
    Current product version - v5.0
    Global Presence
    Partners in 5 Continents
  • 4. Our Product in a Nutshell
    Record and Replay of user sessions
    Like a ‘security camera’ on your servers
    Software-based solution
    Playback Remote Desktop, Citrix, VMWare or any other remote access session
    Fast search and navigation to find user actions, without lengthy playback
  • 5. Hundreds of Enterprise Customers
    Financial
    Telecommunications
    Manufacturing
    Healthcare/Education/Gov’t
    IT Services
  • 6. Agenda
    Quick Overview
    Why use ObserveIT
    Competitive Landscape
    Product Feature Demonstrations
    Enterprise-Ready Architecture
    Case Studies
  • 7. ObserveIT Answers Critical Needs
    Compliance and Security
    Track every access to corporate servers and databases
    Audit people, not just apps
    Total application coverage that grows with your growth
    Bulletproof evidence
    Precise user identification
    Remote Vendor Monitoring
    • Know exactly what 3rd party vendors are doing on your servers
    • 8. Improve security, accountability and policy messaging
    • 9. Transparent SLA and billing validation
    • 10. No more ‘Finger pointing’
    Root-Cause Analysis
    • Know ‘Who did what?’: Answer the question that will really lead to problem resolution
    • 11. Immediate root cause determination
    • 12. Alerts from within Network Monitor Tools
    • 13. Defeat the ‘Oops’ factor
  • ObserveIT Answers Critical Needs
    Compliance and Security
    • Track every access to corporate servers and databases
    • 14. Audit people, not just apps
    • 15. Total application coverage that grows with your growth
    • 16. Bulletproof evidence
    • 17. Precise user identification
    Remote Vendor Monitoring
    • Know exactly what 3rd party vendors are doing on your servers
    • 18. Improve security, accountability and policy messaging
    • 19. Transparent SLA and billing validation
    • 20. No more ‘Finger pointing’
    Root-Cause Analysis
    • Know ‘Who did what?’: Answer the question that will really lead to problem resolution
    • 21. Immediate root cause determination
    • 22. Alerts from within Network Monitor Tools
    • 23. Defeat the ‘Oops’ factor
    Who accessed the salaries spreadsheet in the past 24 hours?
    And what did they do?
    Without ObserveIT
    With ObserveIT
    Check the file system logs
    Check the HR app audit
    Check the finance dept. audit
    Check admin support app log
    Unified reporting of all user activity on the HR spreadsheet
    I wonder if there are other access points?
    Instant playback of exact user actions
    ??
    ??
    ??
    ??
  • 24. Compliance and Security
    • Track every access to corporate servers and databases
    • 25. Audit people, not just apps
    • 26. Total application coverage that grows with your growth
    • 27. Bulletproof evidence
    • 28. Precise user identification
    Remote Vendor Monitoring
    • Know exactly what 3rd party vendors are doing on your servers
    • 29. Improve security, accountability and policy messaging
    • 30. Transparent SLA and billing validation
    • 31. No more ‘Finger pointing’
    Root-Cause Analysis
    • Know ‘Who did what?’: Answer the question that will really lead to problem resolution
    • 32. Immediate root cause determination
    • 33. Alerts from within Network Monitor Tools
    • 34. Defeat the ‘Oops’ factor
    Without ObserveIT
    With ObserveIT
    ObserveIT Answers Critical Needs
    What did SupportCorp do on our servers yesterday?
    Are they responsible for the data deletion event?
    I have no idea……
    Finger pointing accusations
    Lengthy SLA review
    Find the exact user session
    Is there anywhere we can find this information?
    ??
    Session playback eliminates any doubt
    ??
    ??
  • 35. Compliance and Security
    • Track every access to corporate servers and databases
    • 36. Audit people, not just apps
    • 37. Total application coverage that grows with your growth
    • 38. Bulletproof evidence
    • 39. Precise user identification
    Remote Vendor Monitoring
    • Know exactly what 3rd party vendors are doing on your servers
    • 40. Improve security, accountability and policy messaging
    • 41. Transparent SLA and billing validation
    • 42. No more ‘Finger pointing’
    Root-Cause Analysis
    • Know ‘Who did what?’: Answer the question that will really lead to problem resolution
    • 43. Immediate root cause determination
    • 44. Alerts from within Network Monitor Tools
    • 45. Defeat the ‘Oops’ factor
    Why is our server broken?
    And how can I fix it?
    Without ObserveIT
    With ObserveIT
    ObserveIT Answers Critical Needs
    Check the event log
    Check the database log
    Identify cause of outage immediately
    Check the registry
    Check the network cable
    Attention all admins: Who touched this server?!?%!?
    ??
    ??
  • 46. Agenda
    Quick Overview
    Why use ObserveIT
    Competitive Landscape
    Product Feature Demonstrations
    Enterprise-Ready Architecture
    Case Studies
  • 47. ObserveIT Competition Matrix
    = Full Feature Set
    = Partial Feature Set Coverage
    = Little/No Capabilities
  • 48. Key Differentiators:ObserveIT ↔ Other Software-based Monitors
    ObserveIT captures ALL sessions
    Other solutions are protocol specific (ex. Only ICA, Only RDP)
    ObserveIT captures full textual metadata
    Not a simple “Dummy Recorder”
    ObserveIT is enterprise-ready
    Small footprint, pervasive user permissions, robust security, SCOM /CA integration
    ObserveIT allows fast search and navigation
    Other solutions do not capture metadata, thus requiring tedious playback to find a specific event
    ObserveIT audit reports are more thorough
    Detailed metadata, full coverage, plus real-time alerting
  • 49. Key Differentiators:ObserveIT ↔ Network Appliances
    ObserveIT captures ALL sessions
    Appliances only record certain remote session protocols, and do not capture local console (admins and users must be routed via gateway)
    ObserveIT captures full textual metadata
    Appliances only capture what the network protocol gives them: Only text for CLI/text-based protocols; Only graphics for RDP/graphic-based protocols
    ObserveIT is best-of-breed solution
    Why use network appliance for remote login, when you can choose industry leading solutions (ex. Juniper)?
    ObserveIT allows fast search and navigation
    Appliances do not give chapter-based navigation, metadata searching, etc.
    ObserveIT allows both agent-less and agent-based deployment
    Flexible deployment scenarios can meet your specific requirements for every access point
  • 50. Agenda
    Quick Overview
    Why use ObserveIT
    Competitive Landscape
    Product Feature Demonstrations
    Enterprise-Ready Architecture
    Case Studies
    Video Replay of User Sessions
    Comprehensive Searching and Navigation
    Policy-Based, Event-Driven Recording
    Report Generator
    Policy Messaging
    User Identification
    Real Time Playback
  • 51. Clicking on video icon launches the video replay
    (see next slide)
    ObserveIT lists every user session
    Jump straight to the precise action.
    Replay only what you’re interested in.
    Within each session, details of every action taken
  • 52. See an exact video playback of the entire user session
    (including mouse movements, selection of UI elements and text entry)
    Navigate quickly within the recording
    (including jumping between each activity, as the user launches a new app or opens a new window)
  • 53. Agenda
    Quick Overview
    Why use ObserveIT
    Competitive Landscape
    Product Feature Demonstrations
    Enterprise-Ready Architecture
    Case Studies
    Video Replay of User Sessions
    Comprehensive Searching and Navigation
    Policy-Based, Event-Driven Recording
    Report Generator
    Policy Messaging
    User Identification
    Real Time Playback
  • 54. Search and filter according to:
    Search and filter according to:
    Search and filter according to:
  • Google-like free text search: Search for any text appearing in user sessions
    • Application Name
    • 61. Window Titles
    • 62. UI Elements
    • 63. User generated content
    Search results highlight exact location of user action within the user session timeline
  • 64. Agenda
    Quick Overview
    Why use ObserveIT
    Competitive Landscape
    Product Feature Demonstrations
    Enterprise-Ready Architecture
    Case Studies
    Video Replay of User Sessions
    Comprehensive Searching and Navigation
    Policy-Based, Event-Driven Recording
    Report Generator
    Policy Messaging
    User Identification
    Real Time Playback
  • 65. Define policies to handle each session
  • 66. Granular policy rules to specify:
    • Whether to record video
    • 67. What metadata to capture
    • 68. If user identification is required
    • 69. Specific users / applications / servers to include or exclude
    Granular policy rules to specify:
    • Whether to record video
    • 70. What metadata to capture
    • 71. If user identification is required
    • 72. Specific users / applications / servers to include or exclude
    Granular policy rules to specify:
    • Whether to record video
    • 73. What metadata to capture
    • 74. If user identification is required
    • 75. Specific users / applications / servers to include or exclude
  • Agenda
    Quick Overview
    Why use ObserveIT
    Competitive Landscape
    Product Feature Demonstrations
    Enterprise-Ready Architecture
    Case Studies
    Video Replay of User Sessions
    Comprehensive Searching and Navigation
    Policy-Based, Event-Driven Recording
    Report Generator
    Policy Messaging
    User Identification
    Real Time Playback
  • 76. Create your own custom reports
    Schedule reports to run automatically for email delivery
    Deliver formatted report
    or
    Export Excel data
  • 77. Design report according to precise requirements:
    • Content Inclusion
    • 78. Data Filtering
    • 79. Sorting and Grouping
    Design report according to precise requirements:
    • Content Inclusion
    • 80. Data Filtering
    • 81. Sorting and Grouping
    Design report according to precise requirements:
    • Content Inclusion
    • 82. Data Filtering
    • 83. Sorting and Grouping
    Design report according to precise requirements:
    • Content Inclusion
    • 84. Data Filtering
    • 85. Sorting and Grouping
  • Agenda
    Quick Overview
    Why use ObserveIT
    Competitive Landscape
    Product Feature Demonstrations
    Enterprise-Ready Architecture
    Case Studies
    Video Replay of User Sessions
    Comprehensive Searching and Navigation
    Policy-Based, Event-Driven Recording
    Report Generator
    Policy Messaging
    User Identification
    Real Time Playback
  • 86. Immediately upon logging into the server…
    …the user receives your message
    (ex. Network Policy, Ticket #)
    NOTE: No database admin task may be performed between 0800 and 1800 GMT
    Please enter your support ticket number in box below.
    User is required to acknowledge receipt(and optionally required to enter response)
  • 87. Agenda
    Quick Overview
    Why use ObserveIT
    Competitive Landscape
    Product Feature Demonstrations
    Enterprise-Ready Architecture
    Case Studies
    Video Replay of User Sessions
    Comprehensive Searching and Navigation
    Policy-Based, Event-Driven Recording
    Report Generator
    Policy Messaging
    User Identification
    Real Time Playback
  • 88. User logs on as generic “Administrator”
  • 89. ObserveIT requires username identification prior to granting access to system
    Active Directory used for authentication
  • 90. Each session is now tagged with an actual name
    Login userid: administrator
    Actual user: daniel
  • 91. Agenda
    Quick Overview
    Why use ObserveIT
    Competitive Landscape
    Product Feature Demonstrations
    Enterprise-Ready Architecture
    Case Studies
    Video Replay of User Sessions
    Comprehensive Searching and Navigation
    Policy-Based, Event-Driven Recording
    Report Generator
    Policy Messaging
    User Identification
    Real Time Playback
  • 92. “On Air” icon shows that a session is currently active
  • 93. Video replay of session is launched in Real-Time mode, with continuous updates until the session ends
    Video replay of session is launched in Real-Time mode, with continuous updates until the session ends
  • 94. Agenda
    Quick Overview
    Why use ObserveIT
    Competitive Landscape
    Product Feature Demonstrations
    Enterprise-Ready Architecture
    Case Studies
  • 95. Complete Coverage
    Agnostic to network protocol and client application
    Captures all Remote Sessions and also Console Sessions
    Terminal
  • 96. Small Footprint
    Ultra-efficient data storage
    Less than 250GB/year for high-usage, 1000 server environment
    Minimal Agent CPU utilization
    0% CPU when no console active
    1%-2% CPU, 10 MB RAM during session
  • 97. Integration with System Monitors
    Instant-replay from within your network management environment
    Microsoft SCOM, CA-Unicenter, IBM Tivoli, HP OpenView
    Real-time alerts
    On file access/deletion, Network share, Registry edit , RDP open connection, URL access etc.
    ObserveIT alert in CA-Unicenter
    ObserveIT alert in MS SCOM
    Trigger automatic email alert delivery
    Click on alert to see ObserveIT video playback
  • 98. Robust Security Infrastructure
    Agent ↔ Server communication
    AES Encryption - Rijndael
    Token exchange
    SSL protocol (optional)
    IPSec tunnel (optional)
    Database storage
    Digital signatures on captured sessions
    Standard SQL database inherits your enterprise data security practices
    Watchdog mechanism
    Restarts the Agent if the process is ended
    If watchdog process itself is stopped, Agent triggers watchdog restart
    Email alerts sent on any watchdog/agent tampering
  • 99. Pervasive User Permissions
    Granular permissions / access control
    Define rules for each user
    Specify which sessions the user may playback
    Permission-based filtering affects all content access
    Reports
    Searching
    Video playback
    Metadata browsing
    Access to ObserveIT Web Console is also audited
    ObserveIT audits itself
    Satisfies regulatory compliance requirements
  • 100. System Components
    Agent
    Corporate Server
    HTTP Traffic
    (by default -TCP 4884)
    SQL Traffic
    (by default -TCP 1433)
    Agent
    Switch
    Application Server
    Web Console using IIS on
    Windows Server 2003/2008
    Database Server
    using MS SQL Server 2000/2005
    on Windows Server 2003/2008
    Corporate Server
    How it Works
    Each monitored desktop or server runs the ObserveIT Agent
    The Agent encrypts information about user activity and sends it to the Application Server
    Application Server analyzes data and stores it in the Database Server
    Web Management Console is a web-based interface for searching and reporting on captured user activity
    HTTP
    Agent
    ObserveIT Admin
    using a Web Browser
    Corporate Desktop
  • 101. Deployment Architecture: Enterprise network (1000’s of servers)
    Agent
    LDAP Server
    LDAP Traffic
    (TCP 389)
    Corporate Servers
    HTTP Traffic
    App Server
    Agent
    Load Balancer
    Switch
    SQL Traffic
    DB Serveron MS SQL Cluster
    Corporate Servers
    App Server
    SQL Traffic
    Agent
    HTTP Traffic
    Corporate Desktops
    ObserveIT Admin
    Web Console
  • 102. Deployment Architecture:Remote Access Gateway (Agent-less Servers)
    Published Applications
    Putty.exe
    RDP Traffic
    VPNTraffic
    Corporate Servers
    (No Agent installed)
    VPN
    ICATraffic
    Corporate Servers
    (No Agent installed)
    Terminal or Citrix Server
    with ObserveIT Agent
    Win2008
    TS Gateway
    RDP over SSL Traffic
    Telnet/SSHTraffic
    Corporate Servers
    (No Agent installed)
    App Server
    Web Console
    DB Server
  • 103. Agenda
    Quick Overview
    Why use ObserveIT
    Competitive Landscape
    Product Feature Demonstrations
    Enterprise-Ready Architecture
    Case Studies
  • 104. Case Study: Reducing Errors and Improving QoS at Pelephone
    Company: Pelephone
    Industry:  Cellular Network OperatorFounded:  1986Headquarters:  Tel Aviv, Israel
    Solution
    Business Environment
    Challenge
    • 1200-server IT environment in 3 hosting centers
    • 105. Business applications (Billing, CRM, etc.) and Customer-facing applications (Revenue generating mobile services)
    • 106. Maintain QoS with multiple 3rd party apps
    • 107. Track activities of privileged vendor access

    Since we deployed ObserveIT, users are much more careful with their server activity. Knowing that your actions can be replayed has a remarkable effect.
    • Oct 2006: ObserveIT deployed on 5 internal business app servers
    • 108. Nov 2006:ObserveIT resolves high-visibility outage
    • 109. Minimized impact on mission-critical app
    • 110. Identified improper actions by outsource vendor
    • 111. Jan 2007: ObserveIT deployed on entire IT platform
    • 112. 2007-Present:Multiple customer-facing outages solved
    • 113. Positive ROI : Elimination of revenue losses from service outages pays for ObserveIT deployment many times over
    • 114. 2008:ObserveIT integrated into CA-Unicenter environment

    Isaac MilshteinDirector, IT Operations, Pelephone
  • 115. Company: VocaLink
    Industry:  Financial Services
    Founded:  2007 (Merger)
    Headquarters:  London, UK
    Solution
    Business Environment
    Challenge
    Case Study: Remote Access Visibility at VocaLink
    • Payment transaction platform distributed across Europe
    • 116. Supporting 60,000 ATM machines
    • 117. Clearing 90,000,000 transactions per day
    • 118. Control access to system resources, including shared privileges between two merged corporate entities during period of merger
    • 119. Achieve common system management and visibility
    • 120. 2008- ObserveIT deployed to monitor and audit serve activity during merger activity
    • 121. 2009- Successful visibility results from merger activity lead to system-wide deployment
  • Case Study: Compliance Auditing at Toshiba Medical
    Company: Toshiba Medical Systems
    Industry:  Healthcare Equipment Founded:  1939
    Headquarters:  Tokyo, Japan (Corp HQ) Los Angeles, CA, USA (Division)
    Solution
    Business Environment
    Challenge
    • Medical imaging products (MRI, CT, US, X-Ray) deployed at hospitals and medical centers worldwide
    • 122. Customer support process requires remote session access to deployed systems
    • 123. Strict HIPAA compliance regulations must be enforced and demonstrable
    • 124. In addition, SLA commitments require visibility of service times and durations
    • 125. ObserveIT deployed in a Gateway architecture
    • 126. All access routed via agent-monitored Citrix gateway
    • 127. Actual systems being accessed remain agent-less
    • 128. Toshiba achieved 24x7 SLA reports, including granular incident summaries
    • 129. Automatic generation of HIPAA regulatory documentation, led to reduced compliance costs and improved customer (hospital) satisfaction
  • Thank You!