Your SlideShare is downloading. ×
0
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

ObserveIT Remote Access Monitoring Software - Corporate Presentation

1,698

Published on

ObserveIT Software acts like a "security camera" for your servers, it will allow you to watch with full video playback every step your 3rdparty contractors, developers or IT administrators takes on …

ObserveIT Software acts like a "security camera" for your servers, it will allow you to watch with full video playback every step your 3rdparty contractors, developers or IT administrators takes on your servers – exactly as they happen.

Watch full video playback of Remote Desktop, Citrix and VMWare Sessions

View sessions in real time or from historical recordings

Quickly find any user action, without playing back the entire session

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,698
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
52
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. ObserveIT – Record & Replay Terminal, Citrix and Console Sessions<br />info@observeit-sys.com<br />January 2010<br />
  • 2. Agenda<br />Quick Overview<br />Why use ObserveIT<br />Competitive Landscape<br />Product Feature Demonstrations<br />Enterprise-Ready Architecture<br />Case Studies<br />
  • 3. The Company in a Nutshell<br />Founded in 2006<br />Focused exclusively on People-Auditing software products<br />First GA product release – 2007<br />Current product version - v5.0<br />Global Presence <br />Partners in 5 Continents<br />
  • 4. Our Product in a Nutshell<br />Record and Replay of user sessions<br />Like a ‘security camera’ on your servers<br />Software-based solution<br />Playback Remote Desktop, Citrix, VMWare or any other remote access session<br />Fast search and navigation to find user actions, without lengthy playback<br />
  • 5. Hundreds of Enterprise Customers<br />Financial<br />Telecommunications<br />Manufacturing<br />Healthcare/Education/Gov’t<br />IT Services<br />
  • 6. Agenda<br />Quick Overview<br />Why use ObserveIT<br />Competitive Landscape<br />Product Feature Demonstrations<br />Enterprise-Ready Architecture<br />Case Studies<br />
  • 7. ObserveIT Answers Critical Needs<br />Compliance and Security<br />Track every access to corporate servers and databases<br />Audit people, not just apps<br />Total application coverage that grows with your growth<br />Bulletproof evidence <br />Precise user identification<br />Remote Vendor Monitoring <br /><ul><li>Know exactly what 3rd party vendors are doing on your servers
  • 8. Improve security, accountability and policy messaging
  • 9. Transparent SLA and billing validation
  • 10. No more ‘Finger pointing’</li></ul>Root-Cause Analysis<br /><ul><li>Know ‘Who did what?’: Answer the question that will really lead to problem resolution
  • 11. Immediate root cause determination
  • 12. Alerts from within Network Monitor Tools
  • 13. Defeat the ‘Oops’ factor </li></li></ul><li>ObserveIT Answers Critical Needs<br />Compliance and Security<br /><ul><li>Track every access to corporate servers and databases
  • 14. Audit people, not just apps
  • 15. Total application coverage that grows with your growth
  • 16. Bulletproof evidence
  • 17. Precise user identification</li></ul>Remote Vendor Monitoring <br /><ul><li>Know exactly what 3rd party vendors are doing on your servers
  • 18. Improve security, accountability and policy messaging
  • 19. Transparent SLA and billing validation
  • 20. No more ‘Finger pointing’</li></ul>Root-Cause Analysis<br /><ul><li>Know ‘Who did what?’: Answer the question that will really lead to problem resolution
  • 21. Immediate root cause determination
  • 22. Alerts from within Network Monitor Tools
  • 23. Defeat the ‘Oops’ factor </li></ul>Who accessed the salaries spreadsheet in the past 24 hours?<br />And what did they do?<br />Without ObserveIT<br />With ObserveIT<br />Check the file system logs<br />Check the HR app audit<br />Check the finance dept. audit<br />Check admin support app log<br />Unified reporting of all user activity on the HR spreadsheet<br />I wonder if there are other access points?<br />Instant playback of exact user actions<br />??<br />??<br />??<br />??<br />
  • 24. Compliance and Security<br /><ul><li>Track every access to corporate servers and databases
  • 25. Audit people, not just apps
  • 26. Total application coverage that grows with your growth
  • 27. Bulletproof evidence
  • 28. Precise user identification</li></ul>Remote Vendor Monitoring <br /><ul><li>Know exactly what 3rd party vendors are doing on your servers
  • 29. Improve security, accountability and policy messaging
  • 30. Transparent SLA and billing validation
  • 31. No more ‘Finger pointing’</li></ul>Root-Cause Analysis<br /><ul><li>Know ‘Who did what?’: Answer the question that will really lead to problem resolution
  • 32. Immediate root cause determination
  • 33. Alerts from within Network Monitor Tools
  • 34. Defeat the ‘Oops’ factor </li></ul>Without ObserveIT<br />With ObserveIT<br />ObserveIT Answers Critical Needs<br />What did SupportCorp do on our servers yesterday?<br />Are they responsible for the data deletion event? <br />I have no idea……<br />Finger pointing accusations<br />Lengthy SLA review<br />Find the exact user session<br />Is there anywhere we can find this information?<br />??<br />Session playback eliminates any doubt<br />??<br />??<br />
  • 35. Compliance and Security<br /><ul><li>Track every access to corporate servers and databases
  • 36. Audit people, not just apps
  • 37. Total application coverage that grows with your growth
  • 38. Bulletproof evidence
  • 39. Precise user identification</li></ul>Remote Vendor Monitoring <br /><ul><li>Know exactly what 3rd party vendors are doing on your servers
  • 40. Improve security, accountability and policy messaging
  • 41. Transparent SLA and billing validation
  • 42. No more ‘Finger pointing’</li></ul>Root-Cause Analysis<br /><ul><li>Know ‘Who did what?’: Answer the question that will really lead to problem resolution
  • 43. Immediate root cause determination
  • 44. Alerts from within Network Monitor Tools
  • 45. Defeat the ‘Oops’ factor </li></ul>Why is our server broken?<br />And how can I fix it? <br />Without ObserveIT<br />With ObserveIT<br />ObserveIT Answers Critical Needs<br />Check the event log<br />Check the database log<br />Identify cause of outage immediately<br />Check the registry<br />Check the network cable<br />Attention all admins: Who touched this server?!?%!?<br />??<br />??<br />
  • 46. Agenda<br />Quick Overview<br />Why use ObserveIT<br />Competitive Landscape<br />Product Feature Demonstrations<br />Enterprise-Ready Architecture<br />Case Studies<br />
  • 47. ObserveIT Competition Matrix<br />= Full Feature Set<br />= Partial Feature Set Coverage<br />= Little/No Capabilities<br />
  • 48. Key Differentiators:ObserveIT ↔ Other Software-based Monitors<br />ObserveIT captures ALL sessions <br />Other solutions are protocol specific (ex. Only ICA, Only RDP)<br />ObserveIT captures full textual metadata<br />Not a simple “Dummy Recorder”<br />ObserveIT is enterprise-ready <br />Small footprint, pervasive user permissions, robust security, SCOM /CA integration<br />ObserveIT allows fast search and navigation <br />Other solutions do not capture metadata, thus requiring tedious playback to find a specific event<br />ObserveIT audit reports are more thorough<br />Detailed metadata, full coverage, plus real-time alerting<br />
  • 49. Key Differentiators:ObserveIT ↔ Network Appliances<br />ObserveIT captures ALL sessions <br />Appliances only record certain remote session protocols, and do not capture local console (admins and users must be routed via gateway)<br />ObserveIT captures full textual metadata<br />Appliances only capture what the network protocol gives them: Only text for CLI/text-based protocols; Only graphics for RDP/graphic-based protocols<br />ObserveIT is best-of-breed solution<br />Why use network appliance for remote login, when you can choose industry leading solutions (ex. Juniper)?<br />ObserveIT allows fast search and navigation <br />Appliances do not give chapter-based navigation, metadata searching, etc.<br />ObserveIT allows both agent-less and agent-based deployment<br />Flexible deployment scenarios can meet your specific requirements for every access point <br />
  • 50. Agenda<br />Quick Overview<br />Why use ObserveIT<br />Competitive Landscape<br />Product Feature Demonstrations<br />Enterprise-Ready Architecture<br />Case Studies<br />Video Replay of User Sessions<br />Comprehensive Searching and Navigation <br />Policy-Based, Event-Driven Recording<br />Report Generator<br />Policy Messaging<br />User Identification<br />Real Time Playback<br />
  • 51. Clicking on video icon launches the video replay<br />(see next slide)<br />ObserveIT lists every user session<br />Jump straight to the precise action.<br />Replay only what you’re interested in.<br />Within each session, details of every action taken<br />
  • 52. See an exact video playback of the entire user session<br />(including mouse movements, selection of UI elements and text entry)<br />Navigate quickly within the recording<br />(including jumping between each activity, as the user launches a new app or opens a new window)<br />
  • 53. Agenda<br />Quick Overview<br />Why use ObserveIT<br />Competitive Landscape<br />Product Feature Demonstrations<br />Enterprise-Ready Architecture<br />Case Studies<br />Video Replay of User Sessions<br />Comprehensive Searching and Navigation <br />Policy-Based, Event-Driven Recording<br />Report Generator<br />Policy Messaging<br />User Identification<br />Real Time Playback<br />
  • 54. Search and filter according to:<br /><ul><li>User ID
  • 55. Date of Session
  • 56. Specific Server</li></ul>Search and filter according to:<br /><ul><li>User ID
  • 57. Date of Session
  • 58. Specific Server</li></ul>Search and filter according to:<br /><ul><li>User ID
  • 59. Date of Session
  • 60. Specific Server</li></li></ul><li>Google-like free text search: Search for any text appearing in user sessions<br /><ul><li>Application Name
  • 61. Window Titles
  • 62. UI Elements
  • 63. User generated content</li></ul>Search results highlight exact location of user action within the user session timeline<br />
  • 64. Agenda<br />Quick Overview<br />Why use ObserveIT<br />Competitive Landscape<br />Product Feature Demonstrations<br />Enterprise-Ready Architecture<br />Case Studies<br />Video Replay of User Sessions<br />Comprehensive Searching and Navigation <br />Policy-Based, Event-Driven Recording<br />Report Generator<br />Policy Messaging<br />User Identification<br />Real Time Playback<br />
  • 65. Define policies to handle each session<br />
  • 66. Granular policy rules to specify:<br /><ul><li>Whether to record video
  • 67. What metadata to capture
  • 68. If user identification is required
  • 69. Specific users / applications / servers to include or exclude</li></ul>Granular policy rules to specify:<br /><ul><li>Whether to record video
  • 70. What metadata to capture
  • 71. If user identification is required
  • 72. Specific users / applications / servers to include or exclude</li></ul>Granular policy rules to specify:<br /><ul><li>Whether to record video
  • 73. What metadata to capture
  • 74. If user identification is required
  • 75. Specific users / applications / servers to include or exclude</li></li></ul><li>Agenda<br />Quick Overview<br />Why use ObserveIT<br />Competitive Landscape<br />Product Feature Demonstrations<br />Enterprise-Ready Architecture<br />Case Studies<br />Video Replay of User Sessions<br />Comprehensive Searching and Navigation <br />Policy-Based, Event-Driven Recording<br />Report Generator<br />Policy Messaging<br />User Identification<br />Real Time Playback<br />
  • 76. Create your own custom reports<br />Schedule reports to run automatically for email delivery<br />Deliver formatted report<br />or <br />Export Excel data<br />
  • 77. Design report according to precise requirements:<br /><ul><li>Content Inclusion
  • 78. Data Filtering
  • 79. Sorting and Grouping</li></ul>Design report according to precise requirements:<br /><ul><li>Content Inclusion
  • 80. Data Filtering
  • 81. Sorting and Grouping</li></ul>Design report according to precise requirements:<br /><ul><li>Content Inclusion
  • 82. Data Filtering
  • 83. Sorting and Grouping</li></ul>Design report according to precise requirements:<br /><ul><li>Content Inclusion
  • 84. Data Filtering
  • 85. Sorting and Grouping</li></li></ul><li>Agenda<br />Quick Overview<br />Why use ObserveIT<br />Competitive Landscape<br />Product Feature Demonstrations<br />Enterprise-Ready Architecture<br />Case Studies<br />Video Replay of User Sessions<br />Comprehensive Searching and Navigation <br />Policy-Based, Event-Driven Recording<br />Report Generator<br />Policy Messaging<br />User Identification<br />Real Time Playback<br />
  • 86. Immediately upon logging into the server…<br />…the user receives your message<br />(ex. Network Policy, Ticket #)<br />NOTE: No database admin task may be performed between 0800 and 1800 GMT<br />Please enter your support ticket number in box below.<br />User is required to acknowledge receipt(and optionally required to enter response) <br />
  • 87. Agenda<br />Quick Overview<br />Why use ObserveIT<br />Competitive Landscape<br />Product Feature Demonstrations<br />Enterprise-Ready Architecture<br />Case Studies<br />Video Replay of User Sessions<br />Comprehensive Searching and Navigation <br />Policy-Based, Event-Driven Recording<br />Report Generator<br />Policy Messaging<br />User Identification<br />Real Time Playback<br />
  • 88. User logs on as generic “Administrator”<br />
  • 89. ObserveIT requires username identification prior to granting access to system<br />Active Directory used for authentication<br />
  • 90. Each session is now tagged with an actual name<br />Login userid: administrator<br />Actual user: daniel<br />
  • 91. Agenda<br />Quick Overview<br />Why use ObserveIT<br />Competitive Landscape<br />Product Feature Demonstrations<br />Enterprise-Ready Architecture<br />Case Studies<br />Video Replay of User Sessions<br />Comprehensive Searching and Navigation <br />Policy-Based, Event-Driven Recording<br />Report Generator<br />Policy Messaging<br />User Identification<br />Real Time Playback<br />
  • 92. “On Air” icon shows that a session is currently active<br />
  • 93. Video replay of session is launched in Real-Time mode, with continuous updates until the session ends<br />Video replay of session is launched in Real-Time mode, with continuous updates until the session ends<br />
  • 94. Agenda<br />Quick Overview<br />Why use ObserveIT<br />Competitive Landscape<br />Product Feature Demonstrations<br />Enterprise-Ready Architecture<br />Case Studies<br />
  • 95. Complete Coverage<br />Agnostic to network protocol and client application<br />Captures all Remote Sessions and also Console Sessions<br />Terminal<br />
  • 96. Small Footprint<br />Ultra-efficient data storage<br />Less than 250GB/year for high-usage, 1000 server environment<br />Minimal Agent CPU utilization<br />0% CPU when no console active<br />1%-2% CPU, 10 MB RAM during session<br />
  • 97. Integration with System Monitors<br />Instant-replay from within your network management environment <br />Microsoft SCOM, CA-Unicenter, IBM Tivoli, HP OpenView<br />Real-time alerts<br />On file access/deletion, Network share, Registry edit , RDP open connection, URL access etc.<br />ObserveIT alert in CA-Unicenter<br />ObserveIT alert in MS SCOM<br />Trigger automatic email alert delivery<br />Click on alert to see ObserveIT video playback<br />
  • 98. Robust Security Infrastructure<br />Agent ↔ Server communication <br />AES Encryption - Rijndael<br />Token exchange<br />SSL protocol (optional)<br />IPSec tunnel (optional)<br />Database storage<br />Digital signatures on captured sessions<br />Standard SQL database inherits your enterprise data security practices<br />Watchdog mechanism <br />Restarts the Agent if the process is ended<br />If watchdog process itself is stopped, Agent triggers watchdog restart<br />Email alerts sent on any watchdog/agent tampering<br />
  • 99. Pervasive User Permissions<br />Granular permissions / access control<br />Define rules for each user<br />Specify which sessions the user may playback<br />Permission-based filtering affects all content access<br />Reports<br />Searching<br />Video playback <br />Metadata browsing<br />Access to ObserveIT Web Console is also audited<br />ObserveIT audits itself <br />Satisfies regulatory compliance requirements<br />
  • 100. System Components<br />Agent<br />Corporate Server<br />HTTP Traffic<br />(by default -TCP 4884)<br />SQL Traffic<br />(by default -TCP 1433)<br />Agent<br />Switch<br />Application Server<br />Web Console using IIS on <br />Windows Server 2003/2008<br />Database Server<br />using MS SQL Server 2000/2005<br />on Windows Server 2003/2008<br />Corporate Server<br />How it Works<br />Each monitored desktop or server runs the ObserveIT Agent<br />The Agent encrypts information about user activity and sends it to the Application Server<br />Application Server analyzes data and stores it in the Database Server<br />Web Management Console is a web-based interface for searching and reporting on captured user activity<br />HTTP<br />Agent<br />ObserveIT Admin <br />using a Web Browser<br />Corporate Desktop<br />
  • 101. Deployment Architecture: Enterprise network (1000’s of servers)<br />Agent<br />LDAP Server<br />LDAP Traffic<br />(TCP 389)<br />Corporate Servers<br />HTTP Traffic<br />App Server<br />Agent<br />Load Balancer<br />Switch<br />SQL Traffic<br />DB Serveron MS SQL Cluster<br />Corporate Servers<br />App Server<br />SQL Traffic<br />Agent<br />HTTP Traffic<br />Corporate Desktops<br />ObserveIT Admin<br />Web Console<br />
  • 102. Deployment Architecture:Remote Access Gateway (Agent-less Servers)<br />Published Applications<br />Putty.exe<br />RDP Traffic<br />VPNTraffic<br />Corporate Servers<br />(No Agent installed)<br />VPN<br />ICATraffic<br />Corporate Servers<br />(No Agent installed)<br />Terminal or Citrix Server<br />with ObserveIT Agent<br />Win2008<br />TS Gateway<br />RDP over SSL Traffic<br />Telnet/SSHTraffic<br />Corporate Servers<br />(No Agent installed)<br />App Server<br />Web Console<br />DB Server<br />
  • 103. Agenda<br />Quick Overview<br />Why use ObserveIT<br />Competitive Landscape<br />Product Feature Demonstrations<br />Enterprise-Ready Architecture<br />Case Studies<br />
  • 104. Case Study: Reducing Errors and Improving QoS at Pelephone<br />Company: Pelephone<br />Industry:  Cellular Network OperatorFounded:  1986Headquarters:  Tel Aviv, Israel<br />Solution<br />Business Environment<br />Challenge<br /><ul><li>1200-server IT environment in 3 hosting centers
  • 105. Business applications (Billing, CRM, etc.) and Customer-facing applications (Revenue generating mobile services)
  • 106. Maintain QoS with multiple 3rd party apps
  • 107. Track activities of privileged vendor access</li></ul>“ <br />Since we deployed ObserveIT, users are much more careful with their server activity. Knowing that your actions can be replayed has a remarkable effect. <br /><ul><li>Oct 2006: ObserveIT deployed on 5 internal business app servers
  • 108. Nov 2006:ObserveIT resolves high-visibility outage
  • 109. Minimized impact on mission-critical app
  • 110. Identified improper actions by outsource vendor
  • 111. Jan 2007: ObserveIT deployed on entire IT platform
  • 112. 2007-Present:Multiple customer-facing outages solved
  • 113. Positive ROI : Elimination of revenue losses from service outages pays for ObserveIT deployment many times over
  • 114. 2008:ObserveIT integrated into CA-Unicenter environment</li></ul>” <br />Isaac MilshteinDirector, IT Operations, Pelephone<br />
  • 115. Company: VocaLink<br />Industry:  Financial Services<br />Founded:  2007 (Merger)<br />Headquarters:  London, UK<br />Solution<br />Business Environment<br />Challenge<br />Case Study: Remote Access Visibility at VocaLink<br /><ul><li>Payment transaction platform distributed across Europe
  • 116. Supporting 60,000 ATM machines
  • 117. Clearing 90,000,000 transactions per day
  • 118. Control access to system resources, including shared privileges between two merged corporate entities during period of merger
  • 119. Achieve common system management and visibility
  • 120. 2008- ObserveIT deployed to monitor and audit serve activity during merger activity
  • 121. 2009- Successful visibility results from merger activity lead to system-wide deployment</li></li></ul><li>Case Study: Compliance Auditing at Toshiba Medical<br />Company: Toshiba Medical Systems<br />Industry:  Healthcare Equipment Founded:  1939 <br />Headquarters:  Tokyo, Japan (Corp HQ) Los Angeles, CA, USA (Division)<br />Solution<br />Business Environment<br />Challenge<br /><ul><li>Medical imaging products (MRI, CT, US, X-Ray) deployed at hospitals and medical centers worldwide
  • 122. Customer support process requires remote session access to deployed systems
  • 123. Strict HIPAA compliance regulations must be enforced and demonstrable
  • 124. In addition, SLA commitments require visibility of service times and durations
  • 125. ObserveIT deployed in a Gateway architecture
  • 126. All access routed via agent-monitored Citrix gateway
  • 127. Actual systems being accessed remain agent-less
  • 128. Toshiba achieved 24x7 SLA reports, including granular incident summaries
  • 129. Automatic generation of HIPAA regulatory documentation, led to reduced compliance costs and improved customer (hospital) satisfaction</li></li></ul><li>Thank You!<br />

×