ObserveIT Remote Access Monitoring Software - Corporate Presentation

2,381 views

Published on

ObserveIT Software acts like a "security camera" for your servers, it will allow you to watch with full video playback every step your 3rdparty contractors, developers or IT administrators takes on your servers – exactly as they happen.

Watch full video playback of Remote Desktop, Citrix and VMWare Sessions

View sessions in real time or from historical recordings

Quickly find any user action, without playing back the entire session

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
2,381
On SlideShare
0
From Embeds
0
Number of Embeds
75
Actions
Shares
0
Downloads
64
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

ObserveIT Remote Access Monitoring Software - Corporate Presentation

  1. 1. ObserveIT – Record & Replay Terminal, Citrix and Console Sessions<br />info@observeit-sys.com<br />January 2010<br />
  2. 2. Agenda<br />Quick Overview<br />Why use ObserveIT<br />Competitive Landscape<br />Product Feature Demonstrations<br />Enterprise-Ready Architecture<br />Case Studies<br />
  3. 3. The Company in a Nutshell<br />Founded in 2006<br />Focused exclusively on People-Auditing software products<br />First GA product release – 2007<br />Current product version - v5.0<br />Global Presence <br />Partners in 5 Continents<br />
  4. 4. Our Product in a Nutshell<br />Record and Replay of user sessions<br />Like a ‘security camera’ on your servers<br />Software-based solution<br />Playback Remote Desktop, Citrix, VMWare or any other remote access session<br />Fast search and navigation to find user actions, without lengthy playback<br />
  5. 5. Hundreds of Enterprise Customers<br />Financial<br />Telecommunications<br />Manufacturing<br />Healthcare/Education/Gov’t<br />IT Services<br />
  6. 6. Agenda<br />Quick Overview<br />Why use ObserveIT<br />Competitive Landscape<br />Product Feature Demonstrations<br />Enterprise-Ready Architecture<br />Case Studies<br />
  7. 7. ObserveIT Answers Critical Needs<br />Compliance and Security<br />Track every access to corporate servers and databases<br />Audit people, not just apps<br />Total application coverage that grows with your growth<br />Bulletproof evidence <br />Precise user identification<br />Remote Vendor Monitoring <br /><ul><li>Know exactly what 3rd party vendors are doing on your servers
  8. 8. Improve security, accountability and policy messaging
  9. 9. Transparent SLA and billing validation
  10. 10. No more ‘Finger pointing’</li></ul>Root-Cause Analysis<br /><ul><li>Know ‘Who did what?’: Answer the question that will really lead to problem resolution
  11. 11. Immediate root cause determination
  12. 12. Alerts from within Network Monitor Tools
  13. 13. Defeat the ‘Oops’ factor </li></li></ul><li>ObserveIT Answers Critical Needs<br />Compliance and Security<br /><ul><li>Track every access to corporate servers and databases
  14. 14. Audit people, not just apps
  15. 15. Total application coverage that grows with your growth
  16. 16. Bulletproof evidence
  17. 17. Precise user identification</li></ul>Remote Vendor Monitoring <br /><ul><li>Know exactly what 3rd party vendors are doing on your servers
  18. 18. Improve security, accountability and policy messaging
  19. 19. Transparent SLA and billing validation
  20. 20. No more ‘Finger pointing’</li></ul>Root-Cause Analysis<br /><ul><li>Know ‘Who did what?’: Answer the question that will really lead to problem resolution
  21. 21. Immediate root cause determination
  22. 22. Alerts from within Network Monitor Tools
  23. 23. Defeat the ‘Oops’ factor </li></ul>Who accessed the salaries spreadsheet in the past 24 hours?<br />And what did they do?<br />Without ObserveIT<br />With ObserveIT<br />Check the file system logs<br />Check the HR app audit<br />Check the finance dept. audit<br />Check admin support app log<br />Unified reporting of all user activity on the HR spreadsheet<br />I wonder if there are other access points?<br />Instant playback of exact user actions<br />??<br />??<br />??<br />??<br />
  24. 24. Compliance and Security<br /><ul><li>Track every access to corporate servers and databases
  25. 25. Audit people, not just apps
  26. 26. Total application coverage that grows with your growth
  27. 27. Bulletproof evidence
  28. 28. Precise user identification</li></ul>Remote Vendor Monitoring <br /><ul><li>Know exactly what 3rd party vendors are doing on your servers
  29. 29. Improve security, accountability and policy messaging
  30. 30. Transparent SLA and billing validation
  31. 31. No more ‘Finger pointing’</li></ul>Root-Cause Analysis<br /><ul><li>Know ‘Who did what?’: Answer the question that will really lead to problem resolution
  32. 32. Immediate root cause determination
  33. 33. Alerts from within Network Monitor Tools
  34. 34. Defeat the ‘Oops’ factor </li></ul>Without ObserveIT<br />With ObserveIT<br />ObserveIT Answers Critical Needs<br />What did SupportCorp do on our servers yesterday?<br />Are they responsible for the data deletion event? <br />I have no idea……<br />Finger pointing accusations<br />Lengthy SLA review<br />Find the exact user session<br />Is there anywhere we can find this information?<br />??<br />Session playback eliminates any doubt<br />??<br />??<br />
  35. 35. Compliance and Security<br /><ul><li>Track every access to corporate servers and databases
  36. 36. Audit people, not just apps
  37. 37. Total application coverage that grows with your growth
  38. 38. Bulletproof evidence
  39. 39. Precise user identification</li></ul>Remote Vendor Monitoring <br /><ul><li>Know exactly what 3rd party vendors are doing on your servers
  40. 40. Improve security, accountability and policy messaging
  41. 41. Transparent SLA and billing validation
  42. 42. No more ‘Finger pointing’</li></ul>Root-Cause Analysis<br /><ul><li>Know ‘Who did what?’: Answer the question that will really lead to problem resolution
  43. 43. Immediate root cause determination
  44. 44. Alerts from within Network Monitor Tools
  45. 45. Defeat the ‘Oops’ factor </li></ul>Why is our server broken?<br />And how can I fix it? <br />Without ObserveIT<br />With ObserveIT<br />ObserveIT Answers Critical Needs<br />Check the event log<br />Check the database log<br />Identify cause of outage immediately<br />Check the registry<br />Check the network cable<br />Attention all admins: Who touched this server?!?%!?<br />??<br />??<br />
  46. 46. Agenda<br />Quick Overview<br />Why use ObserveIT<br />Competitive Landscape<br />Product Feature Demonstrations<br />Enterprise-Ready Architecture<br />Case Studies<br />
  47. 47. ObserveIT Competition Matrix<br />= Full Feature Set<br />= Partial Feature Set Coverage<br />= Little/No Capabilities<br />
  48. 48. Key Differentiators:ObserveIT ↔ Other Software-based Monitors<br />ObserveIT captures ALL sessions <br />Other solutions are protocol specific (ex. Only ICA, Only RDP)<br />ObserveIT captures full textual metadata<br />Not a simple “Dummy Recorder”<br />ObserveIT is enterprise-ready <br />Small footprint, pervasive user permissions, robust security, SCOM /CA integration<br />ObserveIT allows fast search and navigation <br />Other solutions do not capture metadata, thus requiring tedious playback to find a specific event<br />ObserveIT audit reports are more thorough<br />Detailed metadata, full coverage, plus real-time alerting<br />
  49. 49. Key Differentiators:ObserveIT ↔ Network Appliances<br />ObserveIT captures ALL sessions <br />Appliances only record certain remote session protocols, and do not capture local console (admins and users must be routed via gateway)<br />ObserveIT captures full textual metadata<br />Appliances only capture what the network protocol gives them: Only text for CLI/text-based protocols; Only graphics for RDP/graphic-based protocols<br />ObserveIT is best-of-breed solution<br />Why use network appliance for remote login, when you can choose industry leading solutions (ex. Juniper)?<br />ObserveIT allows fast search and navigation <br />Appliances do not give chapter-based navigation, metadata searching, etc.<br />ObserveIT allows both agent-less and agent-based deployment<br />Flexible deployment scenarios can meet your specific requirements for every access point <br />
  50. 50. Agenda<br />Quick Overview<br />Why use ObserveIT<br />Competitive Landscape<br />Product Feature Demonstrations<br />Enterprise-Ready Architecture<br />Case Studies<br />Video Replay of User Sessions<br />Comprehensive Searching and Navigation <br />Policy-Based, Event-Driven Recording<br />Report Generator<br />Policy Messaging<br />User Identification<br />Real Time Playback<br />
  51. 51. Clicking on video icon launches the video replay<br />(see next slide)<br />ObserveIT lists every user session<br />Jump straight to the precise action.<br />Replay only what you’re interested in.<br />Within each session, details of every action taken<br />
  52. 52. See an exact video playback of the entire user session<br />(including mouse movements, selection of UI elements and text entry)<br />Navigate quickly within the recording<br />(including jumping between each activity, as the user launches a new app or opens a new window)<br />
  53. 53. Agenda<br />Quick Overview<br />Why use ObserveIT<br />Competitive Landscape<br />Product Feature Demonstrations<br />Enterprise-Ready Architecture<br />Case Studies<br />Video Replay of User Sessions<br />Comprehensive Searching and Navigation <br />Policy-Based, Event-Driven Recording<br />Report Generator<br />Policy Messaging<br />User Identification<br />Real Time Playback<br />
  54. 54. Search and filter according to:<br /><ul><li>User ID
  55. 55. Date of Session
  56. 56. Specific Server</li></ul>Search and filter according to:<br /><ul><li>User ID
  57. 57. Date of Session
  58. 58. Specific Server</li></ul>Search and filter according to:<br /><ul><li>User ID
  59. 59. Date of Session
  60. 60. Specific Server</li></li></ul><li>Google-like free text search: Search for any text appearing in user sessions<br /><ul><li>Application Name
  61. 61. Window Titles
  62. 62. UI Elements
  63. 63. User generated content</li></ul>Search results highlight exact location of user action within the user session timeline<br />
  64. 64. Agenda<br />Quick Overview<br />Why use ObserveIT<br />Competitive Landscape<br />Product Feature Demonstrations<br />Enterprise-Ready Architecture<br />Case Studies<br />Video Replay of User Sessions<br />Comprehensive Searching and Navigation <br />Policy-Based, Event-Driven Recording<br />Report Generator<br />Policy Messaging<br />User Identification<br />Real Time Playback<br />
  65. 65. Define policies to handle each session<br />
  66. 66. Granular policy rules to specify:<br /><ul><li>Whether to record video
  67. 67. What metadata to capture
  68. 68. If user identification is required
  69. 69. Specific users / applications / servers to include or exclude</li></ul>Granular policy rules to specify:<br /><ul><li>Whether to record video
  70. 70. What metadata to capture
  71. 71. If user identification is required
  72. 72. Specific users / applications / servers to include or exclude</li></ul>Granular policy rules to specify:<br /><ul><li>Whether to record video
  73. 73. What metadata to capture
  74. 74. If user identification is required
  75. 75. Specific users / applications / servers to include or exclude</li></li></ul><li>Agenda<br />Quick Overview<br />Why use ObserveIT<br />Competitive Landscape<br />Product Feature Demonstrations<br />Enterprise-Ready Architecture<br />Case Studies<br />Video Replay of User Sessions<br />Comprehensive Searching and Navigation <br />Policy-Based, Event-Driven Recording<br />Report Generator<br />Policy Messaging<br />User Identification<br />Real Time Playback<br />
  76. 76. Create your own custom reports<br />Schedule reports to run automatically for email delivery<br />Deliver formatted report<br />or <br />Export Excel data<br />
  77. 77. Design report according to precise requirements:<br /><ul><li>Content Inclusion
  78. 78. Data Filtering
  79. 79. Sorting and Grouping</li></ul>Design report according to precise requirements:<br /><ul><li>Content Inclusion
  80. 80. Data Filtering
  81. 81. Sorting and Grouping</li></ul>Design report according to precise requirements:<br /><ul><li>Content Inclusion
  82. 82. Data Filtering
  83. 83. Sorting and Grouping</li></ul>Design report according to precise requirements:<br /><ul><li>Content Inclusion
  84. 84. Data Filtering
  85. 85. Sorting and Grouping</li></li></ul><li>Agenda<br />Quick Overview<br />Why use ObserveIT<br />Competitive Landscape<br />Product Feature Demonstrations<br />Enterprise-Ready Architecture<br />Case Studies<br />Video Replay of User Sessions<br />Comprehensive Searching and Navigation <br />Policy-Based, Event-Driven Recording<br />Report Generator<br />Policy Messaging<br />User Identification<br />Real Time Playback<br />
  86. 86. Immediately upon logging into the server…<br />…the user receives your message<br />(ex. Network Policy, Ticket #)<br />NOTE: No database admin task may be performed between 0800 and 1800 GMT<br />Please enter your support ticket number in box below.<br />User is required to acknowledge receipt(and optionally required to enter response) <br />
  87. 87. Agenda<br />Quick Overview<br />Why use ObserveIT<br />Competitive Landscape<br />Product Feature Demonstrations<br />Enterprise-Ready Architecture<br />Case Studies<br />Video Replay of User Sessions<br />Comprehensive Searching and Navigation <br />Policy-Based, Event-Driven Recording<br />Report Generator<br />Policy Messaging<br />User Identification<br />Real Time Playback<br />
  88. 88. User logs on as generic “Administrator”<br />
  89. 89. ObserveIT requires username identification prior to granting access to system<br />Active Directory used for authentication<br />
  90. 90. Each session is now tagged with an actual name<br />Login userid: administrator<br />Actual user: daniel<br />
  91. 91. Agenda<br />Quick Overview<br />Why use ObserveIT<br />Competitive Landscape<br />Product Feature Demonstrations<br />Enterprise-Ready Architecture<br />Case Studies<br />Video Replay of User Sessions<br />Comprehensive Searching and Navigation <br />Policy-Based, Event-Driven Recording<br />Report Generator<br />Policy Messaging<br />User Identification<br />Real Time Playback<br />
  92. 92. “On Air” icon shows that a session is currently active<br />
  93. 93. Video replay of session is launched in Real-Time mode, with continuous updates until the session ends<br />Video replay of session is launched in Real-Time mode, with continuous updates until the session ends<br />
  94. 94. Agenda<br />Quick Overview<br />Why use ObserveIT<br />Competitive Landscape<br />Product Feature Demonstrations<br />Enterprise-Ready Architecture<br />Case Studies<br />
  95. 95. Complete Coverage<br />Agnostic to network protocol and client application<br />Captures all Remote Sessions and also Console Sessions<br />Terminal<br />
  96. 96. Small Footprint<br />Ultra-efficient data storage<br />Less than 250GB/year for high-usage, 1000 server environment<br />Minimal Agent CPU utilization<br />0% CPU when no console active<br />1%-2% CPU, 10 MB RAM during session<br />
  97. 97. Integration with System Monitors<br />Instant-replay from within your network management environment <br />Microsoft SCOM, CA-Unicenter, IBM Tivoli, HP OpenView<br />Real-time alerts<br />On file access/deletion, Network share, Registry edit , RDP open connection, URL access etc.<br />ObserveIT alert in CA-Unicenter<br />ObserveIT alert in MS SCOM<br />Trigger automatic email alert delivery<br />Click on alert to see ObserveIT video playback<br />
  98. 98. Robust Security Infrastructure<br />Agent ↔ Server communication <br />AES Encryption - Rijndael<br />Token exchange<br />SSL protocol (optional)<br />IPSec tunnel (optional)<br />Database storage<br />Digital signatures on captured sessions<br />Standard SQL database inherits your enterprise data security practices<br />Watchdog mechanism <br />Restarts the Agent if the process is ended<br />If watchdog process itself is stopped, Agent triggers watchdog restart<br />Email alerts sent on any watchdog/agent tampering<br />
  99. 99. Pervasive User Permissions<br />Granular permissions / access control<br />Define rules for each user<br />Specify which sessions the user may playback<br />Permission-based filtering affects all content access<br />Reports<br />Searching<br />Video playback <br />Metadata browsing<br />Access to ObserveIT Web Console is also audited<br />ObserveIT audits itself <br />Satisfies regulatory compliance requirements<br />
  100. 100. System Components<br />Agent<br />Corporate Server<br />HTTP Traffic<br />(by default -TCP 4884)<br />SQL Traffic<br />(by default -TCP 1433)<br />Agent<br />Switch<br />Application Server<br />Web Console using IIS on <br />Windows Server 2003/2008<br />Database Server<br />using MS SQL Server 2000/2005<br />on Windows Server 2003/2008<br />Corporate Server<br />How it Works<br />Each monitored desktop or server runs the ObserveIT Agent<br />The Agent encrypts information about user activity and sends it to the Application Server<br />Application Server analyzes data and stores it in the Database Server<br />Web Management Console is a web-based interface for searching and reporting on captured user activity<br />HTTP<br />Agent<br />ObserveIT Admin <br />using a Web Browser<br />Corporate Desktop<br />
  101. 101. Deployment Architecture: Enterprise network (1000’s of servers)<br />Agent<br />LDAP Server<br />LDAP Traffic<br />(TCP 389)<br />Corporate Servers<br />HTTP Traffic<br />App Server<br />Agent<br />Load Balancer<br />Switch<br />SQL Traffic<br />DB Serveron MS SQL Cluster<br />Corporate Servers<br />App Server<br />SQL Traffic<br />Agent<br />HTTP Traffic<br />Corporate Desktops<br />ObserveIT Admin<br />Web Console<br />
  102. 102. Deployment Architecture:Remote Access Gateway (Agent-less Servers)<br />Published Applications<br />Putty.exe<br />RDP Traffic<br />VPNTraffic<br />Corporate Servers<br />(No Agent installed)<br />VPN<br />ICATraffic<br />Corporate Servers<br />(No Agent installed)<br />Terminal or Citrix Server<br />with ObserveIT Agent<br />Win2008<br />TS Gateway<br />RDP over SSL Traffic<br />Telnet/SSHTraffic<br />Corporate Servers<br />(No Agent installed)<br />App Server<br />Web Console<br />DB Server<br />
  103. 103. Agenda<br />Quick Overview<br />Why use ObserveIT<br />Competitive Landscape<br />Product Feature Demonstrations<br />Enterprise-Ready Architecture<br />Case Studies<br />
  104. 104. Case Study: Reducing Errors and Improving QoS at Pelephone<br />Company: Pelephone<br />Industry:  Cellular Network OperatorFounded:  1986Headquarters:  Tel Aviv, Israel<br />Solution<br />Business Environment<br />Challenge<br /><ul><li>1200-server IT environment in 3 hosting centers
  105. 105. Business applications (Billing, CRM, etc.) and Customer-facing applications (Revenue generating mobile services)
  106. 106. Maintain QoS with multiple 3rd party apps
  107. 107. Track activities of privileged vendor access</li></ul>“ <br />Since we deployed ObserveIT, users are much more careful with their server activity. Knowing that your actions can be replayed has a remarkable effect. <br /><ul><li>Oct 2006: ObserveIT deployed on 5 internal business app servers
  108. 108. Nov 2006:ObserveIT resolves high-visibility outage
  109. 109. Minimized impact on mission-critical app
  110. 110. Identified improper actions by outsource vendor
  111. 111. Jan 2007: ObserveIT deployed on entire IT platform
  112. 112. 2007-Present:Multiple customer-facing outages solved
  113. 113. Positive ROI : Elimination of revenue losses from service outages pays for ObserveIT deployment many times over
  114. 114. 2008:ObserveIT integrated into CA-Unicenter environment</li></ul>” <br />Isaac MilshteinDirector, IT Operations, Pelephone<br />
  115. 115. Company: VocaLink<br />Industry:  Financial Services<br />Founded:  2007 (Merger)<br />Headquarters:  London, UK<br />Solution<br />Business Environment<br />Challenge<br />Case Study: Remote Access Visibility at VocaLink<br /><ul><li>Payment transaction platform distributed across Europe
  116. 116. Supporting 60,000 ATM machines
  117. 117. Clearing 90,000,000 transactions per day
  118. 118. Control access to system resources, including shared privileges between two merged corporate entities during period of merger
  119. 119. Achieve common system management and visibility
  120. 120. 2008- ObserveIT deployed to monitor and audit serve activity during merger activity
  121. 121. 2009- Successful visibility results from merger activity lead to system-wide deployment</li></li></ul><li>Case Study: Compliance Auditing at Toshiba Medical<br />Company: Toshiba Medical Systems<br />Industry:  Healthcare Equipment Founded:  1939 <br />Headquarters:  Tokyo, Japan (Corp HQ) Los Angeles, CA, USA (Division)<br />Solution<br />Business Environment<br />Challenge<br /><ul><li>Medical imaging products (MRI, CT, US, X-Ray) deployed at hospitals and medical centers worldwide
  122. 122. Customer support process requires remote session access to deployed systems
  123. 123. Strict HIPAA compliance regulations must be enforced and demonstrable
  124. 124. In addition, SLA commitments require visibility of service times and durations
  125. 125. ObserveIT deployed in a Gateway architecture
  126. 126. All access routed via agent-monitored Citrix gateway
  127. 127. Actual systems being accessed remain agent-less
  128. 128. Toshiba achieved 24x7 SLA reports, including granular incident summaries
  129. 129. Automatic generation of HIPAA regulatory documentation, led to reduced compliance costs and improved customer (hospital) satisfaction</li></li></ul><li>Thank You!<br />

×