introduction to oesis framework
DESCRIPTION
The OESIS Framework allows software engineers and technology vendors to enable the detection, assessment and remediation of third party applications in their solutions. It is ideal for adding endpoint compliance features to any solution, and is used by leading SSL VPN and NAC vendors such as Cisco, Citrix, Juniper, F5 and many others.TRANSCRIPT
![Page 1: Introduction to OESIS Framework](https://reader035.vdocuments.net/reader035/viewer/2022081513/5575d9a2d8b42a917e8b4f95/html5/thumbnails/1.jpg)
Introduction to OESIS® Framework
April 2013
![Page 2: Introduction to OESIS Framework](https://reader035.vdocuments.net/reader035/viewer/2022081513/5575d9a2d8b42a917e8b4f95/html5/thumbnails/2.jpg)
Applications Manageability – OESIS Framework The Mission
![Page 3: Introduction to OESIS Framework](https://reader035.vdocuments.net/reader035/viewer/2022081513/5575d9a2d8b42a917e8b4f95/html5/thumbnails/3.jpg)
OESIS Framework
Enables software engineers and technology vendors to develop products that can detect, classify, and manage thousands of third-party software applications
Enables implementing a simple and easy compliance check of endpoints via embedded libraries
Supported platforms include:
Windows
Mac OS X
Linux
Android
iOS
![Page 4: Introduction to OESIS Framework](https://reader035.vdocuments.net/reader035/viewer/2022081513/5575d9a2d8b42a917e8b4f95/html5/thumbnails/4.jpg)
OESIS Framework
Support nearly any 3rd application in the market for:
Antivirus Antispyware Personal Firewall Antiphishing Backup Patch Managemen
t Hard Disk Encrypti
on Health Agents URL Filtering Data Loss Preventi
on Public File Sharing Web Browsers Desktop Sharing
VPN Clients Virtual Machines Device Access Con
trol Mobile
Applications o Androido iOS
OESIS APIs for above application-types: here
![Page 5: Introduction to OESIS Framework](https://reader035.vdocuments.net/reader035/viewer/2022081513/5575d9a2d8b42a917e8b4f95/html5/thumbnails/5.jpg)
Antivirus APIsDetection APIs Retrieve the name and version of the antivirus product Verify product authenticity: Ensure that the installed product has
been signed by the vendor to protect against spoofing that can occur when using only WMI
Assessment APIs Retrieve the count of malware signatures Retrieve the time of the last definition update Retrieve the real time protection status Retrieve the last full system scan time Retrieve the history of threat detections and actions performed
to assess the risk level of an endpoint (includes information such as threat name and severity)
Remediation APIs Launch a full system scan Enable real time protection Activate an update of the virus definitions
View Supported Apps: click here
![Page 6: Introduction to OESIS Framework](https://reader035.vdocuments.net/reader035/viewer/2022081513/5575d9a2d8b42a917e8b4f95/html5/thumbnails/6.jpg)
Web Browser APIs
Detection APIs Retrieve the name and version of the web browser Retrieve a list of installed browser extensions Check whether the browser is the default browser Determine which browsers are currently open on the machine Determine which sites are currently open in the browser
Assessment APIs Retrieve the browsing history Determine whether the browser's popup blocker is enabled
Remediation APIs Open a specific URL in the browser Close the browser Securely delete browsing history
View Supported Apps: click here
![Page 7: Introduction to OESIS Framework](https://reader035.vdocuments.net/reader035/viewer/2022081513/5575d9a2d8b42a917e8b4f95/html5/thumbnails/7.jpg)
Hard Disk Encryption APIs
Detection APIs Retrieve the name and version of the hard disk encryption
product Verify product authenticity: Ensure that the installed product has
been signed by the vendor to protect against spoofing
Assessment APIs Check the encryption state Get a list of supported encryption algorithms Retrieve encrypted locations
Remediation APIs Enable Encryption
View Supported Apps: click here
![Page 8: Introduction to OESIS Framework](https://reader035.vdocuments.net/reader035/viewer/2022081513/5575d9a2d8b42a917e8b4f95/html5/thumbnails/8.jpg)
Virtual Machine APIs
Detection APIs Retrieve the name and version of the virtual machine product Verify product authenticity: Ensure that the installed product has
been signed by the vendor to protect against spoofing
Assessment APIs Determine if the virtual machine is running Retrieve a list of all VMs Retrieve details for each VM on the system including OS and
version
Remediation APIs Stop a virtual machine Pause a virtual machine
View Supported Apps: click here
![Page 9: Introduction to OESIS Framework](https://reader035.vdocuments.net/reader035/viewer/2022081513/5575d9a2d8b42a917e8b4f95/html5/thumbnails/9.jpg)
Public File Sharing APIs
Detection APIs Retrieve the name and version of the public file sharing
application Verify product authenticity: Ensure that the installed product has
been signed by the vendor to protect against spoofing
Assessment APIs Determine if the application is running
Remediation APIs Terminate the running application
View Supported Apps: click here
![Page 10: Introduction to OESIS Framework](https://reader035.vdocuments.net/reader035/viewer/2022081513/5575d9a2d8b42a917e8b4f95/html5/thumbnails/10.jpg)
OESIS Developer Testing Harness
![Page 11: Introduction to OESIS Framework](https://reader035.vdocuments.net/reader035/viewer/2022081513/5575d9a2d8b42a917e8b4f95/html5/thumbnails/11.jpg)
OESIS Capability ChartsBy Product, by OS, by Version
![Page 12: Introduction to OESIS Framework](https://reader035.vdocuments.net/reader035/viewer/2022081513/5575d9a2d8b42a917e8b4f95/html5/thumbnails/12.jpg)
Mobile CapabilitiesProduct Categories
iOS additional category support in 2013!
Compliance
• Antivirus• Firewall• Backup
Management
• MDM• MAM
Compromising
• Monitoring Tools
• Location Services
• Geo Location
![Page 13: Introduction to OESIS Framework](https://reader035.vdocuments.net/reader035/viewer/2022081513/5575d9a2d8b42a917e8b4f95/html5/thumbnails/13.jpg)
Android: Detection
Name Vendor Version Is Authentic? Is Running?
Remediation Launch Application
Mobile APIs
iOS: Detection
Name Vendor Is Running?
Android and iOS
![Page 14: Introduction to OESIS Framework](https://reader035.vdocuments.net/reader035/viewer/2022081513/5575d9a2d8b42a917e8b4f95/html5/thumbnails/14.jpg)
Mobile Testing Harness
![Page 15: Introduction to OESIS Framework](https://reader035.vdocuments.net/reader035/viewer/2022081513/5575d9a2d8b42a917e8b4f95/html5/thumbnails/15.jpg)
OESIS User Stories
SSL VPN When granting remote network access, system
administrators need the ability to assess an endpoint to ensure that it will not compromise the security of the network. Many SSL VPN solutions provide this ability to administrators by utilizing OESIS Framework to help power endpoint compliance checking.
![Page 16: Introduction to OESIS Framework](https://reader035.vdocuments.net/reader035/viewer/2022081513/5575d9a2d8b42a917e8b4f95/html5/thumbnails/16.jpg)
OESIS User Stories
Dell SonicWall
![Page 17: Introduction to OESIS Framework](https://reader035.vdocuments.net/reader035/viewer/2022081513/5575d9a2d8b42a917e8b4f95/html5/thumbnails/17.jpg)
OESIS User Stories
Citrix
![Page 18: Introduction to OESIS Framework](https://reader035.vdocuments.net/reader035/viewer/2022081513/5575d9a2d8b42a917e8b4f95/html5/thumbnails/18.jpg)
OESIS User stories
NAC (Network Access Control) NAC solutions utilize OESIS to enable the creation and
checking of access policies. The solutions use OESIS to pull data from endpoints that can be used to determine whether users may connect. For example, the policy might require that a device connecting to the corporate network has all the latest antivirus definitions installed.
![Page 19: Introduction to OESIS Framework](https://reader035.vdocuments.net/reader035/viewer/2022081513/5575d9a2d8b42a917e8b4f95/html5/thumbnails/19.jpg)
OESIS User stories
Cisco
![Page 20: Introduction to OESIS Framework](https://reader035.vdocuments.net/reader035/viewer/2022081513/5575d9a2d8b42a917e8b4f95/html5/thumbnails/20.jpg)
OESIS User stories
Juniper Networks
![Page 21: Introduction to OESIS Framework](https://reader035.vdocuments.net/reader035/viewer/2022081513/5575d9a2d8b42a917e8b4f95/html5/thumbnails/21.jpg)
User stories
Support Tools Vendors who provide remote technology services to consumers
and businesses to fix issues or configure endpoints utilize OESIS to build in some of their standard checks.
![Page 22: Introduction to OESIS Framework](https://reader035.vdocuments.net/reader035/viewer/2022081513/5575d9a2d8b42a917e8b4f95/html5/thumbnails/22.jpg)
User stories
F-Secure
![Page 23: Introduction to OESIS Framework](https://reader035.vdocuments.net/reader035/viewer/2022081513/5575d9a2d8b42a917e8b4f95/html5/thumbnails/23.jpg)
User stories
Support.com
![Page 24: Introduction to OESIS Framework](https://reader035.vdocuments.net/reader035/viewer/2022081513/5575d9a2d8b42a917e8b4f95/html5/thumbnails/24.jpg)
User stories
Many more: Managed Services
Vendors of cloud based IT Management solutions, utilize OESIS to power features of their cloud based applications.
Compliance solutions and vulnerability assessment OESIS Framework provides extensive management capabilities that
enable applications in this market segment to meet compliance requirements or to make sure that endpoints respond to security compliance mandates.
![Page 25: Introduction to OESIS Framework](https://reader035.vdocuments.net/reader035/viewer/2022081513/5575d9a2d8b42a917e8b4f95/html5/thumbnails/25.jpg)
User stories
iPass
![Page 26: Introduction to OESIS Framework](https://reader035.vdocuments.net/reader035/viewer/2022081513/5575d9a2d8b42a917e8b4f95/html5/thumbnails/26.jpg)
User stories
LogMeIn
![Page 27: Introduction to OESIS Framework](https://reader035.vdocuments.net/reader035/viewer/2022081513/5575d9a2d8b42a917e8b4f95/html5/thumbnails/27.jpg)
OPSWAT Security ScoreFree demo of OESIS Framework
http://www.opswat.com/products/security-score