landesk endpoint security audit 2.5 danny huang landesk jan 2014
TRANSCRIPT
LANDesk Endpoint Security Audit 2.5
Danny HuangLANDesk
Jan 2014
LANDesk Software Confidential2
IT Security Audit for enterprises
User Behavior Checking
Unrelated to work things• Game• Surf web• IM chatting• Stock trading
Monitoring & ControllingEnforce Security Policy:• USB Block• Unsafe APP• …
Data Loss TrackingCritical file leak:• Copy• Print• Email• IM• …
Reduce Risks
Increase Productivity
Enforce Policy
What Endpoint Security Audit can do for you?
LANDesk Software Confidential3
Before Happening After
Manage Security Audit
LANDeskManagement
Suite
LANDeskSecurity
Suite
LANDeskSecurity
Audit
LANDesk Desktop Management / Security / Audit Solutions
LANDesk Software Confidential4
Turn ONUser login
DocumentCreate, Edit,
Delete…
Print, Copy…
Game, Surf web, IM…
User logoutTurn Off
Logging user all operation
Lifecycle Security Audit
LANDesk Software Confidential5
360 Security Audit
Security Audit
App Audit- App usage- Active Window Title- Screenshots
Network Audit- Surf web- Email- IM chatting
Doc Audit- File operation- Print
Operation Audit- On/Off Login/Logout- USB Usage- Copy/ Paste
ESA Pro 3.0
Docum
ent Application
Operation Network
LANDesk Software Confidential6
Product roadmap
Marketing TrialFile Opt, Screenshot, Print Log
Web Access LogMail Log
Critical File Read Log
Application, Active Title LogClipboard, USB Disk Log
Logon/logoff, System Change LogWeb Access Log (Trail)
BYOD / Cloud ClientsMobile Device Audit Log
LANDesk Software Confidential7
Software usage logging
Get better understand how end user are using software.
LANDesk Software Confidential8
Turn ON/OFF, Login/Logoff logging
Get better understand how end user are using their computers.
Work at weekends
LANDesk Software Confidential9
Surf web logging
Surf web logging, even not in Corp network
Web title, URL, Port, time…
Get better understand how end user are using network.
LANDesk Software Confidential10
File operation logging
File name, folder, operation, time, user…
LANDesk Software Confidential11
Print logging
Doc name, printer name
User, IP, Pages
Get better understand how end user are using printer.
LANDesk Software Confidential12
Active window title logging
Windows title, process name, time, user…
LANDesk Software Confidential13
Application usage logging
App name, time, version…
LANDesk Software Confidential14
Screenshot logging
LANDesk Software Confidential15
Screenshot logging
Screenshot can be triggered by time, specified application. For example: only when end user use Skype will do screenshot.
Can search picture content, high compressed picture save storage space.
Picture can be showed as video, and can be exported.
Web eMail IM Word
LANDesk Software Confidential16
Screenshot logging
Replay IM (Skype / QQ / MSN) chatting.
LANDesk Software Confidential17
Screenshot logging
Online video
LANDesk Software Confidential18
Turn ON/OFF Login/Logout Logging
Turn On, Login
Lock screen, Login
LANDesk Software Confidential19
System information change logging
Change: Hostname, IP, Time zone…
In another networkBusiness trip…
In different time zone,
abroad…
LANDesk Software Confidential20
USB device usage logging
USB storage plug in/out
Name and Type
Get better understand how end user are using USB device.
LANDesk Software Confidential21
File name, Content
Clipboard logging
Copy Content
Copy files from local and network
drives
LANDesk Software Confidential22
IM chatting logging
Chatting contentUser: From, To,
Group
File transfer
LANDesk Software Confidential23
User abnormity behavior logging
High light User abnormity behavior
LANDesk Software Confidential24
User abnormity behavior logging
All behavior relate to the
keyword“QQ”
Search by user, IP, keyword and export to
CSV files
LANDesk Software Confidential25
Log query
Create queries by different
parameters
LANDesk Software Confidential26
User abnormity behavior alert
Alert admin by email
Alert rule、 email template,
LANDesk Software Confidential27
User abnormity behavior alert email
Watching movie in work time
IM Chatting in work time
LANDesk Software Confidential28
Multiple logging rule for different BU/User
Individual enable/disable logging
Move to different groups
LANDesk Software Confidential29
Up to 10000 nodes, low net work usage
Support multiple file servers
Use different logging rule to lower net work
usage
LANDesk Software Confidential30
ESA consoleLDMS console
Core Server
ESA File Servers
PC / NCNotebook
Client
Desktop
managementDes
ktop
man
agem
ent
loggingAu
dit lo
g
LANDesk ESA topologic
① All log keep in DB/file server
② Support up to 10000 clients
LANDesk Software Confidential31
Server:• Windows Server 2008 R2 or higher• SQL Server 2005SP3 / 2008 R2 or higher• .NET Framework 4.0 or higher
Client:• Windows XP / Vista / Windows 7 / 8
Support language :• Server : English / Japanese / Chinese• Client : English / Japanese / Chinese
Supported platforms
LANDesk Software Confidential
Profile:› Founded: 2011› CAGR: 25%› Shanghai: 25+ people,› Shenzhen Branch: 10+ people› Tokyo Office: 2+ people
Target:› To be a top 10 professional solution provider in Cloud Computer
area in China.› To be listed in OTC SH within 3-5 years
Products & Solutions:› SharePoint / Office 365 Consulting Services & Apps› BPM Consulting Services› ESA & ITAM & ITSM Solutions (LANDesk)
Clients & Partners:› 100+ Clients› Customer Satisfaction: 99%› Microsoft, LANDesk, Kingsoft (China), FlowPotal BPM (China),
Clover-Sun (Japan)
Medalsoft Consulting Services
LANDesk Software Confidential
Our Products & Solutions
Medalsoft
Enterprise Information Portal(SharePoint & SharePoint Online)
IT Asset ManagementIT Service Management
Endpoint Security Audit
- PC Operation Logs
EIP
BPM ITIL
Business Process Management
LANDesk Software Confidential
Work with LANDesk
Endpoint Security Audit:› Released ESA 2.x version.› Won more than 10+ clients (20000 nodes+) in China.› More than RMB2,000,000 revenue contributed indirectly.› Technical Support to Japan team & South Asia team.
Asset Lifecycle Management:› More than 10+ ALM projects delivered.› More than RMB3,000,000 revenue contributed indirectly.› Delivered Almost 80% ALM projects in China.
Management Suite:› More than 50+ LDMS projects’ support provided.› More than 10+ projects delivered (Customization Development). › More than RMB3,000,000 revenue contributed indirectly.› Technical support to South China & East China teams
Service Desk:› Started LDSD Consulting Services from 2013› Started one LDSD project in 2013
LANDesk Software Confidential