The OESIS Framework allows software engineers and technology vendors to enable the detection, assessment and remediation of third party applications in their solutions. It is ideal for adding endpoint compliance features to any solution, and is used by leading SSL VPN and NAC vendors such as Cisco, Citrix, Juniper, F5 and many others.
3. OESIS Framework
Enables software engineers and technology vendors to develop
products that can detect, classify, and manage thousands of third-
party software applications
Enables implementing a simple and easy compliance check of
endpoints via embedded libraries
Supported platforms include:
Windows
Mac OS X
Linux
Android
iOS
4. OESIS Framework
Support nearly any 3rd application in the market for:
Antivirus
Antispyware
Personal Firewall
Antiphishing
Backup
Patch Management
Hard Disk Encryption
Health Agents
URL Filtering
Data Loss Prevention
Public File Sharing
Web Browsers
Desktop Sharing
VPN Clients
Virtual Machines
Device Access
Control
Mobile Applications
o Android
o iOS
OESIS APIs for above application-types: here
5. AntivirusAPIs
Detection APIs
Retrieve the name and version of the antivirus product
Verify product authenticity: Ensure that the installed product has been
signed by the vendor to protect against spoofing that can occur when
using only WMI
Assessment APIs
Retrieve the count of malware signatures
Retrieve the time of the last definition update
Retrieve the real time protection status
Retrieve the last full system scan time
Retrieve the history of threat detections and actions performed to assess
the risk level of an endpoint (includes information such as threat name and
severity)
Remediation APIs
Launch a full system scan
Enable real time protection
Activate an update of the virus definitions
View Supported Apps: click here
6. Web Browser APIs
Detection APIs
Retrieve the name and version of the web browser
Retrieve a list of installed browser extensions
Check whether the browser is the default browser
Determine which browsers are currently open on the machine
Determine which sites are currently open in the browser
Assessment APIs
Retrieve the browsing history
Determine whether the browser's popup blocker is enabled
Remediation APIs
Open a specific URL in the browser
Close the browser
Securely delete browsing history
View Supported Apps: click here
7. Hard Disk EncryptionAPIs
Detection APIs
Retrieve the name and version of the hard disk encryption product
Verify product authenticity: Ensure that the installed product has been
signed by the vendor to protect against spoofing
Assessment APIs
Check the encryption state
Get a list of supported encryption algorithms
Retrieve encrypted locations
Remediation APIs
Enable Encryption
View Supported Apps: click here
8. Virtual Machine APIs
Detection APIs
Retrieve the name and version of the virtual machine product
Verify product authenticity: Ensure that the installed product has been
signed by the vendor to protect against spoofing
Assessment APIs
Determine if the virtual machine is running
Retrieve a list of all VMs
Retrieve details for each VM on the system including OS and version
Remediation APIs
Stop a virtual machine
Pause a virtual machine
View Supported Apps: click here
9. Public File SharingAPIs
Detection APIs
Retrieve the name and version of the public file sharing application
Verify product authenticity: Ensure that the installed product has been
signed by the vendor to protect against spoofing
Assessment APIs
Determine if the application is running
Remediation APIs
Terminate the running application
View Supported Apps: click here
12. Mobile Capabilities
Product Categories
iOS additional category support in 2013!
Compliance
• Antivirus
• Firewall
• Backup
Management
• MDM
• MAM
Compromising
• Monitoring
Tools
• Location
Services
• Geo
Location
13. Android:
Detection
Name
Vendor
Version
Is Authentic?
Is Running?
Remediation
Launch Application
MobileAPIs
iOS:
Detection
Name
Vendor
Is Running?
Android and iOS
15. OESIS User Stories
SSL VPN
When granting remote network access, system administrators need
the ability to assess an endpoint to ensure that it will not
compromise the security of the network. Many SSL VPN solutions
provide this ability to administrators by utilizing OESIS Framework
to help power endpoint compliance checking.
18. OESIS User stories
NAC (Network Access Control)
NAC solutions utilize OESIS to enable the creation and checking
of access policies. The solutions use OESIS to pull data from
endpoints that can be used to determine whether users may
connect. For example, the policy might require that a device
connecting to the corporate network has all the latest antivirus
definitions installed.
21. User stories
Support Tools
Vendors who provide remote technology services to consumers and
businesses to fix issues or configure endpoints utilize OESIS to build in
some of their standard checks.
24. User stories
Many more:
Managed Services
Vendors of cloud based IT Management solutions, utilize OESIS to power
features of their cloud based applications.
Compliance solutions and vulnerability assessment
OESIS Framework provides extensive management capabilities that enable
applications in this market segment to meet compliance requirements or to
make sure that endpoints respond to security compliance mandates.