4. Ekran System
Smart user activity videorecording system
4
Privileged Identity
Management
•Ekran Systems allows to
create indexed video records
of all concurrent Windows,
Citrix and Linux terminal
sessions on your servers and
also record remote and local
sessions on workstations.
Employee Work
Control
•Are you interested in your
company's security?
•Do you want to know
what your employees do
during their working hours?
•Do you want to control
sensitive information use?
Cost Saver on the
Market
•Ekran System provides all
popular segment features
while offering much more
beneficial pricing than
ObserveIT or Citrix Smart
Auditor.
5. Ekran System
5
Ekran System is an affordable user monitoring solution for enhanced cyber security.
You can record all terminal, remote, and local user sessions and alert security personnel to suspicious events.
Ekran System components
Ekran Management
Tool
GUI part used for
system management
& session viewing
Ekran Server
Main component
used for storing data
obtained from Client
computers
Ekran Clients
Windows/Linux/Citrix
Components installed on
the target computer to
monitor user activity and
send it to the Server
9. User & User Group Management
• Create two types of users: Internal or Active Directory (Windows domain users)
• Use groups for easier user management
• Define permissions for users
9
10. User & User Group Permissions
10
Customizable permissions allow you to define user access to
• selected Clients/Client Groups (Client permissions) • whole system (Administrative permissions)
11. Management Tool Log
11
Audit all user activities performed in the Management Tool via the Management Tool Log
with the detailed information on all changes.
16. Licensing
Ekran System is licensed by the number of Ekran Clients, end-points to be monitored. All management
components, including Server and Management Tool, are provided for free with any deployment.
16
Types of Ekran Client licenses:
Windows workstation license
Windows server license
Linux machine license
17. Serial Key & License Management
To use Ekran System permanently, license it by activating the serial keys on the computer with the
installed Ekran Server.
17
Request a trial serial key for 30 days to deploy the system and review its basic features with a
restriction of 5 workstation licenses, 1 server license, and 3 Linux licenses.
19. Installing Ekran Clients
19
Convenient Ekran Client installation:
• Local:
• Linux Clients (via tar.gz file)
• Windows Clients
• using installation file with default parameters
• using generated package with customized parameters
• Remote (for Windows Clients)
Remote installation
Select computers to install
Clients on
Customize installation
parameters
The Clients are successfully
installed!
20. Target Computers for Remote Installation
20
• Scan your local computer network
• Define a range of IP addresses to search the target computers
• Simply enter target computer names
22. Client Monitoring
22
The data the Client sends is stored in the form of deltas (differences between a newer
screen capture and an older one) to minimize storage space
Recorded information is saved in easy-to-review and easy-to-search form:
The name of the launched application
The title of the active window
Entered URL
Text entered via user’s keyboard (keystrokes)
Commands executed in Linux (both from user input & by running the scripts)
The information on plugged-in USB devices
24. URL Monitoring
24
Ekran Client monitors URLs entered in web-browsers.
You can configure the Client to monitor full URLs or domains of top and second level only.
27. Application Filtering
27
Ekran System allows you to define the filtering rules for websites/applications to adjust the amount of
monitored data and exclude the areas where personal information can be observed to comply with
corporate policy rules and country regulations related to user privacy.
30. Protected Mode
30
Ekran System allows you to protect the Client and its data by enabling the Protected Mode.
The usage of Protected Mode has the following advantages:
• Prevention of Client uninstallation.
• Prevention of stopping Client processes.
• Prevention of editing Client system files and logs.
• Prevention of editing Client settings in the registry of the Client computer.
• Prevention of modification, removal, and renaming of Client files.
31. Local Client Uninstallation
31
Users, including privileged ones, are not able to stop Client working on their machines, as well as
remove Client locally without the Administrator assistance.
Only Ekran System Administrator knows the uninstallation key defined prior to Client installation and
necessary for local removal.
33. Advanced User Authentication
33
Advanced user authentication allows you to achieve two goals:
• Monitor users’ activity on the computer when multiple users use the same credentials to log in.
• Improve your security by limiting the access to the specific users who know secondary
authentication credentials.
35. Notifying User about Being Monitored
35
To follow the security policy of your company or your country regulations, you can enable displaying:
• an additional message on user logging in to notify that user that his or her session is being
monitored.
• a Client tray icon with the notification about monitoring
37. Searching Data (Session List)
37
Ekran Management Tool allows searching in the recorded sessions.
Search is performed by different parameters:
• for Windows Clients: active window title, application name, user name, Client name, visited URL,
entered keystrokes, USB device information
• for Linux Clients: commands and command parameters
38. Viewing Live Sessions
38
Ekran System allows you to perform monitoring of user activity in real time.
You can connect to a Live session and observe the activities a user performs at the given moment.
39. Magnifying Glass
39
You can enlarge certain parts of the video in the Session Player by using the Magnifying glass.
40. Forensic Export
40
With Ekran System Forensic Export, you can:
• Export a monitored session or its part to a securely encrypted file.
• Investigate the recorded user activity in the in-built offline session viewer.
• Present evidence in forensic format to the third parties.
42. Setting Up Alerts
42
Ekran System allows you to enable quick incident response using alert notifications:
• Set up alerts about suspicious user activity on the Client computers.
• Specify individuals to receive instant alert notifications via email or in the Tray Notifications
application.
43. Alerts in Session Player
43
Monitored data associated with alert events is highlighted and marked with a special icon in Session Player.
44. Setting Up USB Rules
44
Ekran System can detect USB devices connected to a computer, alert you on device plugging in, and block
their usage (either all devices of a certain class or all except the allowed devices) on a Client computer.
45. USB Rules in Session Player
45
Screencaptures created on USB devices being plugged in or blocked are highlighted and marked with a special
icon
46. Receiving Alerts
46
Receive alert notifications in real-time, review them in the Ekran System Tray Notifications journal, and open
the session with the alert-related data in Session Player.
48. Dashboards
48
The dashboards offer a convenient real-time view of the most useful data grouped in one place.
Customize the dashboards on the Management Tool Home page by adjusting their look and settings.
49. Dashboard Types
49
There are three main types of Ekran System dashboards:
• System State Dashboards
• Licenses
• Clients
• Database Storage Usage
• Monitoring Dashboards
• Recent Alerts
• Latest Live Sessions
• Threat Detection Dashboards
• Computers Used out of Work Hours
• Rarely Used Computers
• Rarely Used Logins
54. Reports & Statistics
54
Ekran System Reports provide the full overview of the time spent in applications and on websites visited
on the user’s machine.
Generate a highly customizable report ad-hoc or schedule sending reports to your email on a daily,
weekly, or monthly basis.
The reported activity can include alerts, launched applications, visited web-sites, plugged-in/blocked
USB devices, and executed Linux commands.
Scheduled Reports
55. Reports & Statistics
55
The reports can be generated manually at any time for any time period.
Manual report generation