SlideShare una empresa de Scribd logo
1 de 58
Descargar para leer sin conexión
Ekran System 4.2
Contents
• About the program
• Ekran Server & Management Tool
• Database Management
• Licensing
• Client Installation
• Monitoring Parameters
• Client Protection
• Notifying Users about Being Monitored
• Viewing Sessions
• Alerts & USB
• Dashboards
• Reports
2
About the program
3
Ekran System
Smart user activity videorecording system
4
Privileged Identity
Management
•Ekran Systems allows to
create indexed video records
of all concurrent Windows,
Citrix and Linux terminal
sessions on your servers and
also record remote and local
sessions on workstations.
Employee Work
Control
•Are you interested in your
company's security?
•Do you want to know
what your employees do
during their working hours?
•Do you want to control
sensitive information use?
Cost Saver on the
Market
•Ekran System provides all
popular segment features
while offering much more
beneficial pricing than
ObserveIT or Citrix Smart
Auditor.
Ekran System
5
Ekran System is an affordable user monitoring solution for enhanced cyber security.
You can record all terminal, remote, and local user sessions and alert security personnel to suspicious events.
Ekran System components
Ekran Management
Tool
GUI part used for
system management
& session viewing
Ekran Server
Main component
used for storing data
obtained from Client
computers
Ekran Clients
Windows/Linux/Citrix
Components installed on
the target computer to
monitor user activity and
send it to the Server
Ekran System Structure
6
Ekran Server &
Management Tool
User management, permissions, Management Tool settings
7
Management Tool
You can manage the whole system via the Management Tool in your
browser
8
User & User Group Management
• Create two types of users: Internal or Active Directory (Windows domain users)
• Use groups for easier user management
• Define permissions for users
9
User & User Group Permissions
10
Customizable permissions allow you to define user access to
• selected Clients/Client Groups (Client permissions) • whole system (Administrative permissions)
Management Tool Log
11
Audit all user activities performed in the Management Tool via the Management Tool Log
with the detailed information on all changes.
Database
Management
Database configuration & cleanup
12
Database Configuration
13
Database Cleanup
14
Automatic cleanup settings One-time manual cleanup
Licensing
Types of licenses & serial key management
15
Licensing
Ekran System is licensed by the number of Ekran Clients, end-points to be monitored. All management
components, including Server and Management Tool, are provided for free with any deployment.
16
Types of Ekran Client licenses:
 Windows workstation license
 Windows server license
 Linux machine license
Serial Key & License Management
To use Ekran System permanently, license it by activating the serial keys on the computer with the
installed Ekran Server.
17
Request a trial serial key for 30 days to deploy the system and review its basic features with a
restriction of 5 workstation licenses, 1 server license, and 3 Linux licenses.
Client Installation
18
Installing Ekran Clients
19
Convenient Ekran Client installation:
• Local:
• Linux Clients (via tar.gz file)
• Windows Clients
• using installation file with default parameters
• using generated package with customized parameters
• Remote (for Windows Clients)
Remote installation
Select computers to install
Clients on
Customize installation
parameters
The Clients are successfully
installed!
Target Computers for Remote Installation
20
• Scan your local computer network
• Define a range of IP addresses to search the target computers
• Simply enter target computer names
Monitoring
Parameters
21
Client Monitoring
22
 The data the Client sends is stored in the form of deltas (differences between a newer
screen capture and an older one) to minimize storage space
 Recorded information is saved in easy-to-review and easy-to-search form:
 The name of the launched application
 The title of the active window
 Entered URL
 Text entered via user’s keyboard (keystrokes)
 Commands executed in Linux (both from user input & by running the scripts)
 The information on plugged-in USB devices
Screen Capturing
23
Ekran Client screencapture creation is event-triggered by default.
URL Monitoring
24
Ekran Client monitors URLs entered in web-browsers.
You can configure the Client to monitor full URLs or domains of top and second level only.
Keystroke Logging
25
Ekran Client captures all text entered from the user’s keyboard and adjusts it for better comprehension.
SIEM Integration
26
Ekran System integrates with your SIEM system using log files.
Application Filtering
27
Ekran System allows you to define the filtering rules for websites/applications to adjust the amount of
monitored data and exclude the areas where personal information can be observed to comply with
corporate policy rules and country regulations related to user privacy.
Privileged User Monitoring
28
Monitor the activity of users logging in under privileged user accounts.
Client Protection
29
Protected Mode
30
Ekran System allows you to protect the Client and its data by enabling the Protected Mode.
The usage of Protected Mode has the following advantages:
• Prevention of Client uninstallation.
• Prevention of stopping Client processes.
• Prevention of editing Client system files and logs.
• Prevention of editing Client settings in the registry of the Client computer.
• Prevention of modification, removal, and renaming of Client files.
Local Client Uninstallation
31
Users, including privileged ones, are not able to stop Client working on their machines, as well as
remove Client locally without the Administrator assistance.
Only Ekran System Administrator knows the uninstallation key defined prior to Client installation and
necessary for local removal.
Notifying Users
about Being
Monitored
32
Advanced User Authentication
33
Advanced user authentication allows you to achieve two goals:
• Monitor users’ activity on the computer when multiple users use the same credentials to log in.
• Improve your security by limiting the access to the specific users who know secondary
authentication credentials.
Advanced User Authentication
34
The Ekran System Client requests entering credentials before allowing a user to work with Windows
Server.
Notifying User about Being Monitored
35
To follow the security policy of your company or your country regulations, you can enable displaying:
• an additional message on user logging in to notify that user that his or her session is being
monitored.
• a Client tray icon with the notification about monitoring
Viewing Sessions
Review the monitoring results
36
Searching Data (Session List)
37
Ekran Management Tool allows searching in the recorded sessions.
Search is performed by different parameters:
• for Windows Clients: active window title, application name, user name, Client name, visited URL,
entered keystrokes, USB device information
• for Linux Clients: commands and command parameters
Viewing Live Sessions
38
Ekran System allows you to perform monitoring of user activity in real time.
You can connect to a Live session and observe the activities a user performs at the given moment.
Magnifying Glass
39
You can enlarge certain parts of the video in the Session Player by using the Magnifying glass.
Forensic Export
40
With Ekran System Forensic Export, you can:
• Export a monitored session or its part to a securely encrypted file.
• Investigate the recorded user activity in the in-built offline session viewer.
• Present evidence in forensic format to the third parties.
Alerts & USB
Alert & USB monitoring/blocking settings
41
Setting Up Alerts
42
Ekran System allows you to enable quick incident response using alert notifications:
• Set up alerts about suspicious user activity on the Client computers.
• Specify individuals to receive instant alert notifications via email or in the Tray Notifications
application.
Alerts in Session Player
43
Monitored data associated with alert events is highlighted and marked with a special icon in Session Player.
Setting Up USB Rules
44
Ekran System can detect USB devices connected to a computer, alert you on device plugging in, and block
their usage (either all devices of a certain class or all except the allowed devices) on a Client computer.
USB Rules in Session Player
45
Screencaptures created on USB devices being plugged in or blocked are highlighted and marked with a special
icon
Receiving Alerts
46
Receive alert notifications in real-time, review them in the Ekran System Tray Notifications journal, and open
the session with the alert-related data in Session Player.
Dashboards
47
Dashboards
48
The dashboards offer a convenient real-time view of the most useful data grouped in one place.
Customize the dashboards on the Management Tool Home page by adjusting their look and settings.
Dashboard Types
49
There are three main types of Ekran System dashboards:
• System State Dashboards
• Licenses
• Clients
• Database Storage Usage
• Monitoring Dashboards
• Recent Alerts
• Latest Live Sessions
• Threat Detection Dashboards
• Computers Used out of Work Hours
• Rarely Used Computers
• Rarely Used Logins
System State Dashboards
50
Clients
Licenses
Database Storage Usage
Monitoring Dashboards
51
Recent Alerts
Latest Live Sessions
Threat Detection Dashboards
52
Rarely Used Computers
Computers Used out of Work Hours
Rarely Used Logins
Reports
Report settings & generation
53
Reports & Statistics
54
Ekran System Reports provide the full overview of the time spent in applications and on websites visited
on the user’s machine.
Generate a highly customizable report ad-hoc or schedule sending reports to your email on a daily,
weekly, or monthly basis.
The reported activity can include alerts, launched applications, visited web-sites, plugged-in/blocked
USB devices, and executed Linux commands.
Scheduled Reports
Reports & Statistics
55
The reports can be generated manually at any time for any time period.
Manual report generation
Report Types
56
Alert grid report
USB grid report
Linux grid report
Report Types
57
Activity summary report
Activity chart report
Activity pie chart report
Report Types
58
URL summary report
URL chart report
URL pie chart report

Más contenido relacionado

La actualidad más candente

State of Nevada gaming control board minimal internal control standards_mics_...
State of Nevada gaming control board minimal internal control standards_mics_...State of Nevada gaming control board minimal internal control standards_mics_...
State of Nevada gaming control board minimal internal control standards_mics_...Market Engel SAS
 
Strengthen Password Security for IBM i With Multi-Factor Authentication
Strengthen Password Security for IBM i With Multi-Factor AuthenticationStrengthen Password Security for IBM i With Multi-Factor Authentication
Strengthen Password Security for IBM i With Multi-Factor AuthenticationPrecisely
 
Operating system security
Operating system securityOperating system security
Operating system securityRamesh Ogania
 
Attachment 3 measures for managing and applying for licenses
Attachment 3 measures for managing and applying for licensesAttachment 3 measures for managing and applying for licenses
Attachment 3 measures for managing and applying for licensesChristian Silva Espinoza
 
Radmin - efficient solution for business processes optimization
Radmin - efficient solution for business processes optimizationRadmin - efficient solution for business processes optimization
Radmin - efficient solution for business processes optimizationFamatech
 
Owny IT Desktop Monitoring Featurelist
Owny IT Desktop Monitoring FeaturelistOwny IT Desktop Monitoring Featurelist
Owny IT Desktop Monitoring FeaturelistNCS Computech Ltd.
 
Remote Monitoring & Management Administrator Guide - Comodo One
Remote Monitoring & Management Administrator Guide - Comodo OneRemote Monitoring & Management Administrator Guide - Comodo One
Remote Monitoring & Management Administrator Guide - Comodo Onewebsecurity
 
NIST Security Bulletin for October 2014
NIST Security Bulletin for October 2014NIST Security Bulletin for October 2014
NIST Security Bulletin for October 2014David Sweigert
 
Windows xp blue screen of death stop codes
Windows xp blue screen of death stop codesWindows xp blue screen of death stop codes
Windows xp blue screen of death stop codesSeven Branch
 

La actualidad más candente (10)

State of Nevada gaming control board minimal internal control standards_mics_...
State of Nevada gaming control board minimal internal control standards_mics_...State of Nevada gaming control board minimal internal control standards_mics_...
State of Nevada gaming control board minimal internal control standards_mics_...
 
Strengthen Password Security for IBM i With Multi-Factor Authentication
Strengthen Password Security for IBM i With Multi-Factor AuthenticationStrengthen Password Security for IBM i With Multi-Factor Authentication
Strengthen Password Security for IBM i With Multi-Factor Authentication
 
Operating system security
Operating system securityOperating system security
Operating system security
 
Attachment 3 measures for managing and applying for licenses
Attachment 3 measures for managing and applying for licensesAttachment 3 measures for managing and applying for licenses
Attachment 3 measures for managing and applying for licenses
 
Radmin - efficient solution for business processes optimization
Radmin - efficient solution for business processes optimizationRadmin - efficient solution for business processes optimization
Radmin - efficient solution for business processes optimization
 
Owny IT Desktop Monitoring Featurelist
Owny IT Desktop Monitoring FeaturelistOwny IT Desktop Monitoring Featurelist
Owny IT Desktop Monitoring Featurelist
 
SCEP 2012 inside SCCM 2012
SCEP 2012 inside SCCM 2012SCEP 2012 inside SCCM 2012
SCEP 2012 inside SCCM 2012
 
Remote Monitoring & Management Administrator Guide - Comodo One
Remote Monitoring & Management Administrator Guide - Comodo OneRemote Monitoring & Management Administrator Guide - Comodo One
Remote Monitoring & Management Administrator Guide - Comodo One
 
NIST Security Bulletin for October 2014
NIST Security Bulletin for October 2014NIST Security Bulletin for October 2014
NIST Security Bulletin for October 2014
 
Windows xp blue screen of death stop codes
Windows xp blue screen of death stop codesWindows xp blue screen of death stop codes
Windows xp blue screen of death stop codes
 

Destacado

Monitoring Server Temperature with Opsview
Monitoring Server Temperature with OpsviewMonitoring Server Temperature with Opsview
Monitoring Server Temperature with OpsviewOpsview
 
Control your deployments with Capistrano
Control your deployments with CapistranoControl your deployments with Capistrano
Control your deployments with CapistranoRamazan K
 
Connecting Field Operations and the Corporate Office - FME Server as a Near R...
Connecting Field Operations and the Corporate Office - FME Server as a Near R...Connecting Field Operations and the Corporate Office - FME Server as a Near R...
Connecting Field Operations and the Corporate Office - FME Server as a Near R...Safe Software
 
SeeTestAutomation - Mobile Test Automation Tool by Experitest
SeeTestAutomation - Mobile Test Automation Tool by ExperitestSeeTestAutomation - Mobile Test Automation Tool by Experitest
SeeTestAutomation - Mobile Test Automation Tool by ExperitestExperitest
 
Server Monitoring (Scaling while bootstrapped)
Server Monitoring  (Scaling while bootstrapped)Server Monitoring  (Scaling while bootstrapped)
Server Monitoring (Scaling while bootstrapped)Ajibola Aiyedogbon
 
Training Webinar: Detect Performance Bottlenecks of Applications
Training Webinar: Detect Performance Bottlenecks of ApplicationsTraining Webinar: Detect Performance Bottlenecks of Applications
Training Webinar: Detect Performance Bottlenecks of ApplicationsOutSystems
 
Training Webinar: Effective Platform Server Monitoring
Training Webinar: Effective Platform Server MonitoringTraining Webinar: Effective Platform Server Monitoring
Training Webinar: Effective Platform Server MonitoringOutSystems
 
Oracle WebLogic Server: Remote Monitoring and Management
Oracle WebLogic Server: Remote Monitoring and ManagementOracle WebLogic Server: Remote Monitoring and Management
Oracle WebLogic Server: Remote Monitoring and ManagementRevelation Technologies
 
Real time human health monitoring and alert automation system
Real time human health monitoring and alert automation systemReal time human health monitoring and alert automation system
Real time human health monitoring and alert automation systemVinayagam .D
 
network monitoring system ppt
network monitoring system pptnetwork monitoring system ppt
network monitoring system pptashutosh rai
 

Destacado (11)

Monitoring Server Temperature with Opsview
Monitoring Server Temperature with OpsviewMonitoring Server Temperature with Opsview
Monitoring Server Temperature with Opsview
 
Control your deployments with Capistrano
Control your deployments with CapistranoControl your deployments with Capistrano
Control your deployments with Capistrano
 
Connecting Field Operations and the Corporate Office - FME Server as a Near R...
Connecting Field Operations and the Corporate Office - FME Server as a Near R...Connecting Field Operations and the Corporate Office - FME Server as a Near R...
Connecting Field Operations and the Corporate Office - FME Server as a Near R...
 
SeeTestAutomation - Mobile Test Automation Tool by Experitest
SeeTestAutomation - Mobile Test Automation Tool by ExperitestSeeTestAutomation - Mobile Test Automation Tool by Experitest
SeeTestAutomation - Mobile Test Automation Tool by Experitest
 
Doit apac-2010-1.0
Doit apac-2010-1.0Doit apac-2010-1.0
Doit apac-2010-1.0
 
Server Monitoring (Scaling while bootstrapped)
Server Monitoring  (Scaling while bootstrapped)Server Monitoring  (Scaling while bootstrapped)
Server Monitoring (Scaling while bootstrapped)
 
Training Webinar: Detect Performance Bottlenecks of Applications
Training Webinar: Detect Performance Bottlenecks of ApplicationsTraining Webinar: Detect Performance Bottlenecks of Applications
Training Webinar: Detect Performance Bottlenecks of Applications
 
Training Webinar: Effective Platform Server Monitoring
Training Webinar: Effective Platform Server MonitoringTraining Webinar: Effective Platform Server Monitoring
Training Webinar: Effective Platform Server Monitoring
 
Oracle WebLogic Server: Remote Monitoring and Management
Oracle WebLogic Server: Remote Monitoring and ManagementOracle WebLogic Server: Remote Monitoring and Management
Oracle WebLogic Server: Remote Monitoring and Management
 
Real time human health monitoring and alert automation system
Real time human health monitoring and alert automation systemReal time human health monitoring and alert automation system
Real time human health monitoring and alert automation system
 
network monitoring system ppt
network monitoring system pptnetwork monitoring system ppt
network monitoring system ppt
 

Similar a Ekran System Forensic Monitoring Tool -BusinesstoVirtual Italy Partner

Lesson 2 - Understanding Operating System Configurations
Lesson 2 - Understanding Operating System ConfigurationsLesson 2 - Understanding Operating System Configurations
Lesson 2 - Understanding Operating System ConfigurationsGene Carboni
 
Monitoring and Reporting on IBM i Compliance and Security
Monitoring and Reporting on IBM i Compliance and SecurityMonitoring and Reporting on IBM i Compliance and Security
Monitoring and Reporting on IBM i Compliance and SecurityPrecisely
 
User Interface and Data Sources.pdf
User Interface and Data Sources.pdfUser Interface and Data Sources.pdf
User Interface and Data Sources.pdfPencilData
 
Microsoft System center Configuration manager 2012 sp1
Microsoft System center Configuration manager 2012 sp1Microsoft System center Configuration manager 2012 sp1
Microsoft System center Configuration manager 2012 sp1solarisyougood
 
Managing bitlocker with MBAM
Managing bitlocker with MBAMManaging bitlocker with MBAM
Managing bitlocker with MBAMOlav Tvedt
 
User expert forum user-id
User expert forum   user-idUser expert forum   user-id
User expert forum user-idAlberto Rivai
 
Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Sophos Benelux
 
Comment et pourquoi maîtriser les privilèges d’administrateur local sur Windo...
Comment et pourquoi maîtriser les privilèges d’administrateur local sur Windo...Comment et pourquoi maîtriser les privilèges d’administrateur local sur Windo...
Comment et pourquoi maîtriser les privilèges d’administrateur local sur Windo...Identity Days
 
RPASS - Ricoh Proactive ServiceS for Remote Monitoring & Backup
RPASS - Ricoh Proactive ServiceS for Remote Monitoring & Backup RPASS - Ricoh Proactive ServiceS for Remote Monitoring & Backup
RPASS - Ricoh Proactive ServiceS for Remote Monitoring & Backup Ricoh India Limited
 
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #5
SynerComm's Tech TV  series CIS Top 20 Critical Security Controls #5SynerComm's Tech TV  series CIS Top 20 Critical Security Controls #5
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #5Lisa Niles
 
Introduction to Operating Systems - Mary Margarat
Introduction to Operating Systems - Mary MargaratIntroduction to Operating Systems - Mary Margarat
Introduction to Operating Systems - Mary MargaratMary Margarat
 
Microsoft Offical Course 20410C_12
Microsoft Offical Course 20410C_12Microsoft Offical Course 20410C_12
Microsoft Offical Course 20410C_12gameaxt
 
Chapter 05 os dan utility program csc & tts
Chapter 05 os dan utility program csc & ttsChapter 05 os dan utility program csc & tts
Chapter 05 os dan utility program csc & ttsHisyam Rosly
 

Similar a Ekran System Forensic Monitoring Tool -BusinesstoVirtual Italy Partner (20)

SCCM 2019 Demo.pptx
SCCM 2019 Demo.pptxSCCM 2019 Demo.pptx
SCCM 2019 Demo.pptx
 
OwnYIT CSAT + SIEM
OwnYIT CSAT + SIEMOwnYIT CSAT + SIEM
OwnYIT CSAT + SIEM
 
microsoft+windows+security
microsoft+windows+securitymicrosoft+windows+security
microsoft+windows+security
 
Chromatography Data System: Expand to the Enterprise
Chromatography Data System: Expand to the Enterprise Chromatography Data System: Expand to the Enterprise
Chromatography Data System: Expand to the Enterprise
 
Lesson 2 - Understanding Operating System Configurations
Lesson 2 - Understanding Operating System ConfigurationsLesson 2 - Understanding Operating System Configurations
Lesson 2 - Understanding Operating System Configurations
 
Monitoring and Reporting on IBM i Compliance and Security
Monitoring and Reporting on IBM i Compliance and SecurityMonitoring and Reporting on IBM i Compliance and Security
Monitoring and Reporting on IBM i Compliance and Security
 
User Interface and Data Sources.pdf
User Interface and Data Sources.pdfUser Interface and Data Sources.pdf
User Interface and Data Sources.pdf
 
Microsoft System center Configuration manager 2012 sp1
Microsoft System center Configuration manager 2012 sp1Microsoft System center Configuration manager 2012 sp1
Microsoft System center Configuration manager 2012 sp1
 
Managing bitlocker with MBAM
Managing bitlocker with MBAMManaging bitlocker with MBAM
Managing bitlocker with MBAM
 
Chromatography Data System: Comply with Regulations
Chromatography Data System: Comply with RegulationsChromatography Data System: Comply with Regulations
Chromatography Data System: Comply with Regulations
 
User expert forum user-id
User expert forum   user-idUser expert forum   user-id
User expert forum user-id
 
Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014
 
Comment et pourquoi maîtriser les privilèges d’administrateur local sur Windo...
Comment et pourquoi maîtriser les privilèges d’administrateur local sur Windo...Comment et pourquoi maîtriser les privilèges d’administrateur local sur Windo...
Comment et pourquoi maîtriser les privilèges d’administrateur local sur Windo...
 
RPASS - Ricoh Proactive ServiceS for Remote Monitoring & Backup
RPASS - Ricoh Proactive ServiceS for Remote Monitoring & Backup RPASS - Ricoh Proactive ServiceS for Remote Monitoring & Backup
RPASS - Ricoh Proactive ServiceS for Remote Monitoring & Backup
 
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #5
SynerComm's Tech TV  series CIS Top 20 Critical Security Controls #5SynerComm's Tech TV  series CIS Top 20 Critical Security Controls #5
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #5
 
Introduction to Operating Systems - Mary Margarat
Introduction to Operating Systems - Mary MargaratIntroduction to Operating Systems - Mary Margarat
Introduction to Operating Systems - Mary Margarat
 
Microsoft Offical Course 20410C_12
Microsoft Offical Course 20410C_12Microsoft Offical Course 20410C_12
Microsoft Offical Course 20410C_12
 
ISACA -Threat Hunting using Native Windows tools .pdf
ISACA -Threat Hunting using Native Windows tools .pdfISACA -Threat Hunting using Native Windows tools .pdf
ISACA -Threat Hunting using Native Windows tools .pdf
 
Chapter 05 os dan utility program csc & tts
Chapter 05 os dan utility program csc & ttsChapter 05 os dan utility program csc & tts
Chapter 05 os dan utility program csc & tts
 
Arcsight explained
Arcsight explainedArcsight explained
Arcsight explained
 

Último

Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintMahmoud Rabie
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IES VE
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Adtran
 
PicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer ServicePicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer ServiceRenan Moreira de Oliveira
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...Aggregage
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesDavid Newbury
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7DianaGray10
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdfJamie (Taka) Wang
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAshyamraj55
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UbiTrack UK
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesMd Hossain Ali
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.YounusS2
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxMatsuo Lab
 
GenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation IncGenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation IncObject Automation
 
Things you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceThings you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceMartin Humpolec
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1DianaGray10
 

Último (20)

Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership Blueprint
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™
 
PicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer ServicePicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer Service
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond Ontologies
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
 
GenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation IncGenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation Inc
 
Things you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceThings you didn't know you can use in your Salesforce
Things you didn't know you can use in your Salesforce
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
 

Ekran System Forensic Monitoring Tool -BusinesstoVirtual Italy Partner

  • 2. Contents • About the program • Ekran Server & Management Tool • Database Management • Licensing • Client Installation • Monitoring Parameters • Client Protection • Notifying Users about Being Monitored • Viewing Sessions • Alerts & USB • Dashboards • Reports 2
  • 4. Ekran System Smart user activity videorecording system 4 Privileged Identity Management •Ekran Systems allows to create indexed video records of all concurrent Windows, Citrix and Linux terminal sessions on your servers and also record remote and local sessions on workstations. Employee Work Control •Are you interested in your company's security? •Do you want to know what your employees do during their working hours? •Do you want to control sensitive information use? Cost Saver on the Market •Ekran System provides all popular segment features while offering much more beneficial pricing than ObserveIT or Citrix Smart Auditor.
  • 5. Ekran System 5 Ekran System is an affordable user monitoring solution for enhanced cyber security. You can record all terminal, remote, and local user sessions and alert security personnel to suspicious events. Ekran System components Ekran Management Tool GUI part used for system management & session viewing Ekran Server Main component used for storing data obtained from Client computers Ekran Clients Windows/Linux/Citrix Components installed on the target computer to monitor user activity and send it to the Server
  • 7. Ekran Server & Management Tool User management, permissions, Management Tool settings 7
  • 8. Management Tool You can manage the whole system via the Management Tool in your browser 8
  • 9. User & User Group Management • Create two types of users: Internal or Active Directory (Windows domain users) • Use groups for easier user management • Define permissions for users 9
  • 10. User & User Group Permissions 10 Customizable permissions allow you to define user access to • selected Clients/Client Groups (Client permissions) • whole system (Administrative permissions)
  • 11. Management Tool Log 11 Audit all user activities performed in the Management Tool via the Management Tool Log with the detailed information on all changes.
  • 14. Database Cleanup 14 Automatic cleanup settings One-time manual cleanup
  • 15. Licensing Types of licenses & serial key management 15
  • 16. Licensing Ekran System is licensed by the number of Ekran Clients, end-points to be monitored. All management components, including Server and Management Tool, are provided for free with any deployment. 16 Types of Ekran Client licenses:  Windows workstation license  Windows server license  Linux machine license
  • 17. Serial Key & License Management To use Ekran System permanently, license it by activating the serial keys on the computer with the installed Ekran Server. 17 Request a trial serial key for 30 days to deploy the system and review its basic features with a restriction of 5 workstation licenses, 1 server license, and 3 Linux licenses.
  • 19. Installing Ekran Clients 19 Convenient Ekran Client installation: • Local: • Linux Clients (via tar.gz file) • Windows Clients • using installation file with default parameters • using generated package with customized parameters • Remote (for Windows Clients) Remote installation Select computers to install Clients on Customize installation parameters The Clients are successfully installed!
  • 20. Target Computers for Remote Installation 20 • Scan your local computer network • Define a range of IP addresses to search the target computers • Simply enter target computer names
  • 22. Client Monitoring 22  The data the Client sends is stored in the form of deltas (differences between a newer screen capture and an older one) to minimize storage space  Recorded information is saved in easy-to-review and easy-to-search form:  The name of the launched application  The title of the active window  Entered URL  Text entered via user’s keyboard (keystrokes)  Commands executed in Linux (both from user input & by running the scripts)  The information on plugged-in USB devices
  • 23. Screen Capturing 23 Ekran Client screencapture creation is event-triggered by default.
  • 24. URL Monitoring 24 Ekran Client monitors URLs entered in web-browsers. You can configure the Client to monitor full URLs or domains of top and second level only.
  • 25. Keystroke Logging 25 Ekran Client captures all text entered from the user’s keyboard and adjusts it for better comprehension.
  • 26. SIEM Integration 26 Ekran System integrates with your SIEM system using log files.
  • 27. Application Filtering 27 Ekran System allows you to define the filtering rules for websites/applications to adjust the amount of monitored data and exclude the areas where personal information can be observed to comply with corporate policy rules and country regulations related to user privacy.
  • 28. Privileged User Monitoring 28 Monitor the activity of users logging in under privileged user accounts.
  • 30. Protected Mode 30 Ekran System allows you to protect the Client and its data by enabling the Protected Mode. The usage of Protected Mode has the following advantages: • Prevention of Client uninstallation. • Prevention of stopping Client processes. • Prevention of editing Client system files and logs. • Prevention of editing Client settings in the registry of the Client computer. • Prevention of modification, removal, and renaming of Client files.
  • 31. Local Client Uninstallation 31 Users, including privileged ones, are not able to stop Client working on their machines, as well as remove Client locally without the Administrator assistance. Only Ekran System Administrator knows the uninstallation key defined prior to Client installation and necessary for local removal.
  • 33. Advanced User Authentication 33 Advanced user authentication allows you to achieve two goals: • Monitor users’ activity on the computer when multiple users use the same credentials to log in. • Improve your security by limiting the access to the specific users who know secondary authentication credentials.
  • 34. Advanced User Authentication 34 The Ekran System Client requests entering credentials before allowing a user to work with Windows Server.
  • 35. Notifying User about Being Monitored 35 To follow the security policy of your company or your country regulations, you can enable displaying: • an additional message on user logging in to notify that user that his or her session is being monitored. • a Client tray icon with the notification about monitoring
  • 36. Viewing Sessions Review the monitoring results 36
  • 37. Searching Data (Session List) 37 Ekran Management Tool allows searching in the recorded sessions. Search is performed by different parameters: • for Windows Clients: active window title, application name, user name, Client name, visited URL, entered keystrokes, USB device information • for Linux Clients: commands and command parameters
  • 38. Viewing Live Sessions 38 Ekran System allows you to perform monitoring of user activity in real time. You can connect to a Live session and observe the activities a user performs at the given moment.
  • 39. Magnifying Glass 39 You can enlarge certain parts of the video in the Session Player by using the Magnifying glass.
  • 40. Forensic Export 40 With Ekran System Forensic Export, you can: • Export a monitored session or its part to a securely encrypted file. • Investigate the recorded user activity in the in-built offline session viewer. • Present evidence in forensic format to the third parties.
  • 41. Alerts & USB Alert & USB monitoring/blocking settings 41
  • 42. Setting Up Alerts 42 Ekran System allows you to enable quick incident response using alert notifications: • Set up alerts about suspicious user activity on the Client computers. • Specify individuals to receive instant alert notifications via email or in the Tray Notifications application.
  • 43. Alerts in Session Player 43 Monitored data associated with alert events is highlighted and marked with a special icon in Session Player.
  • 44. Setting Up USB Rules 44 Ekran System can detect USB devices connected to a computer, alert you on device plugging in, and block their usage (either all devices of a certain class or all except the allowed devices) on a Client computer.
  • 45. USB Rules in Session Player 45 Screencaptures created on USB devices being plugged in or blocked are highlighted and marked with a special icon
  • 46. Receiving Alerts 46 Receive alert notifications in real-time, review them in the Ekran System Tray Notifications journal, and open the session with the alert-related data in Session Player.
  • 48. Dashboards 48 The dashboards offer a convenient real-time view of the most useful data grouped in one place. Customize the dashboards on the Management Tool Home page by adjusting their look and settings.
  • 49. Dashboard Types 49 There are three main types of Ekran System dashboards: • System State Dashboards • Licenses • Clients • Database Storage Usage • Monitoring Dashboards • Recent Alerts • Latest Live Sessions • Threat Detection Dashboards • Computers Used out of Work Hours • Rarely Used Computers • Rarely Used Logins
  • 52. Threat Detection Dashboards 52 Rarely Used Computers Computers Used out of Work Hours Rarely Used Logins
  • 53. Reports Report settings & generation 53
  • 54. Reports & Statistics 54 Ekran System Reports provide the full overview of the time spent in applications and on websites visited on the user’s machine. Generate a highly customizable report ad-hoc or schedule sending reports to your email on a daily, weekly, or monthly basis. The reported activity can include alerts, launched applications, visited web-sites, plugged-in/blocked USB devices, and executed Linux commands. Scheduled Reports
  • 55. Reports & Statistics 55 The reports can be generated manually at any time for any time period. Manual report generation
  • 56. Report Types 56 Alert grid report USB grid report Linux grid report
  • 57. Report Types 57 Activity summary report Activity chart report Activity pie chart report
  • 58. Report Types 58 URL summary report URL chart report URL pie chart report