introducing systemwalker desktop patrol v14g (14.2.0)virus scan executedvirus scan executed...
Post on 22-Mar-2020
0 Views
Preview:
TRANSCRIPT
Copyright 2012 FUJITSU LIMITED
IntroducingSystemwalkerDesktop Patrol V14g (14.2.0)
March 2012Fujitsu Limited
Copyright 2012 FUJITSU LIMITED
Systemwalker Desktop Series
A specialized product family designed to manage security measures on business PCs handling confidential and personal information
A specialized product family designed to manage security measureA specialized product family designed to manage security measures on s on business PCs handling confidential and personal informationbusiness PCs handling confidential and personal information
Systemwalker Desktop Series is a product family designed to achieve such security measures as clarifying assets, applying security patches in accordance with the risk caused by the contents of your business and its environment, restricting PC operations, log collection/analysis, and restriction on file operations.
1
Do
Supports the CAPD cycle for measures against information leakage
Information security management
Clarifies IT assets/risks
Clarifies IT assets/risks
Prohibits data export
Prohibits data export
Records operationsRecords
operationsVisualization of implementation
status of measures
Visualization of implementation
status of measures
Policy review and
implementation of measures
Policy review and
implementation of measures
Systemwalker Desktop Keeper
Green ICTGreen ICT
Systemwalker Desktop Patrol
Systemwalker Desktop Keeper
Systemwalker Desktop Keeper
Systemwalker Desktop Patrol
Clarifies PC usageClarifies
PC usage
Measures against vulnerability
Measures against vulnerability
Systemwalker Desktop Patrol
Action
Plan
Check
Copyright 2012 FUJITSU LIMITED
Achieves Integrated Management of your IT Assets
Hardware/Software- Collection of PCs not being used- Determination of whether assets
should be kept as idle assets or disposed of
- Updating management system information
Installation of Systemwalker Desktop Patrol will support the management cycle of your assets.
DTP: Systemwalker Desktop Patrol2
Hardware/Software- DTP client installation, inventory
collection- Software license registration- Software license assignment
DTP Corporate Server
Hardware- Consideration of utilizing idle assets
- Confirmation of additional/replacement acquisitions
- Confirmation of the specifications of the purchased PC
Software- Confirmation of number of unused licenses- Confirmation of software to be purchased
Hardware/Software- Disposals on PC management system- Equipment disposal- Collection of assigning software licenses
Management cycle
Hardware- Extraction of unused PCs- Extraction of aging PCs
Software- Clarification of the license violations- Automatic assignment of insufficient
licenses- Collection of unused licenses
- Number of staff and PCs that belong to each section
- Number of PCs unused for a long period
- Number of PCs per OS etc.
Management
PC management window
Asset review
DisposalPurchase
Installation
Copyright 2012 FUJITSU LIMITED
Feature 1: Management of IT Assets
Clarification and management of the number of machines, and actual usage and location of a large number of IT assets
Helps clarify and visualize the contract status and actual usageReduces wasteful costs by reviewing and effectively utilizing your asset management
Clarification and management of the number of machines, and actual usage and location of a large number of IT assets
Helps clarify and visualize the contract status and actual usageReduces wasteful costs by reviewing and effectively utilizing your asset management
Software/Hardware information
Corporate Server
Auto collection ofinventory information
Auto collection ofinventory information
Administrator
Dep. A
Dep. CDep. D
Idle assetReview
of operation
Dep. B Management of leasingcontract status
Management of leasingcontract status
Insufficiency
New installation(unregistered) PC
Asset informationmanagement
Asset informationmanagement
Auto allocation of equipment onto a floor plan diagram, and associates them with
equipment information
Auto allocation of equipment onto a floor plan diagram, and associates them with
equipment information
Outputasset information report
Outputasset information report
3
Auto detection ofequipment information
Auto detection ofequipment information
Asset Management
Ledger
Asset Management
Ledger
Copyright 2012 FUJITSU LIMITED
Feature 2: Taking IT Asset Inventory
Ensures accurate clarification of the presence and location of IT assetsDetects theft and loss of equipment and enables maintenance of IT assets by taking inventory
regularlyChecking the current status also enables reviews and appropriate investment of the assets
Ensures accurate clarification of the presence and location of IT assetsDetects theft and loss of equipment and enables maintenance of IT assets by taking inventory
regularlyChecking the current status also enables reviews and appropriate investment of the assets
Manual registrationManual registration
Theft & loss
Taking inventory bycollecting equipment
information
Taking inventory bycollecting equipment
information
Taking inventory bycollecting inventory
information
Taking inventory bycollecting inventory
information
Corporate Server
Inventory report
Administrator
Checking inventory status
Checking inventory status
Utilization or disposalof idle assets
Utilization or disposalof idle assets
Asset Management
Ledger
Asset Management
Ledger
Inventory check window
4
V14.2 New Features
Copyright 2012 FUJITSU LIMITED
Feature 3: Checking Security and Power Saving Settings
Raising user awareness of security and saving powerRaises user awareness by displaying the status of security and power saving settings
on each PCUsers can also configure the settings in accordance with security policies themselves,
without having to involve the administrator
Raising user awareness of security and saving powerRaises user awareness by displaying the status of security and power saving settings
on each PCUsers can also configure the settings in accordance with security policies themselves,
without having to involve the administrator
Deal with the settings as needed, according to power saving policiesDeal with the settings as needed, according to power saving policies
Administrator
User
Client audit windowAudits security and power saving settings on each PC and displays the result
Deal with the settings as needed, according to security policies
Deal with the settings as needed, according to security policies
Checks security and power saving settings on each PC
Security audit window Power saving audit window
5
V14.2 New Features
Batch configuration of all PCsAdministrator can configure the auditing conditions for security and power saving on all PCsBatch configuration in accordance with policies can be done through instructions from the
administrator
Batch configuration of all PCsAdministrator can configure the auditing conditions for security and power saving on all PCsBatch configuration in accordance with policies can be done through instructions from the
administrator
Copyright 2012 FUJITSU LIMITED
Feature 4: Settings Controlled by the Administrator
Power saving policy items- Time to turn off the power to the monitor*- Time to turn off the power to the hard disk*- Transition to system standby- Time to transition to hibernated state*- Run level of the processor
Policies can be set in accordance with jobs per department
Items with * can be configured in batch
Security policy items- With or without HDD password- With or without guest account logon
name/password- Windows Update settings*- Setting access privilege for shared folders
on a network- Windows logon name- Anti-virus settings- Personal Firewall settings- Google Desktop Search settings- Screen saver*- Prohibited software*
Setting power saving audit items
6
Setting security audit items
Copyright 2012 FUJITSU LIMITED
Feature 5: Visualization of Security Audit
Monitor and clarify the status of security measures without hassleSecurity status can be clarified and policy settings can be reviewed
by auto collection of security setting status and visualization of risks
Monitor and clarify the status of security measures without hassleSecurity status can be clarified and policy settings can be reviewed
by auto collection of security setting status and visualization of risks
Corporate Server
Collection of security information
Collection of security information
Virus pattern update audit
Security patches application audit
BIOS/ screen saver
password auto logon setting
status
IE internet zone security level
audit
Software license usage audit
Prohibited software audit
(file sharing softwareand games, etc)
Output security audit reportOutput security audit report
Administrator
- BIOS password (with or without setting)- Screen saver (with or without setting)- Windows Update program (application status)- Anti-virus software (with or without installation, and
scan settings)- Prohibited software detection
Key audit items to be output on security reportKey audit items to be output on security report Strengthen and reviewsecurity measures
Strengthen and reviewsecurity measures
7
Asset Management
Ledger
Asset Management
Ledger
V14.2 New Features
Copyright 2012 FUJITSU LIMITED
Feature 6: Visualization of Power Saving Setting Statusand Effect
Visualizes the power saving setting on each PCPower saving setting of each PC can be collected and setting status can be output as a
reportAlso the reduction effects of amount of power consumed and amount of CO2 emissions
can be visualized
Visualizes the power saving setting on each PCPower saving setting of each PC can be collected and setting status can be output as a
reportAlso the reduction effects of amount of power consumed and amount of CO2 emissions
can be visualized
Power saving setting status report Audit report on amount of power consumption
Report outputReport output
Collects power saving settingsCollects power saving settings
8
Administrator
V14.2 New Features
Copyright 2012 FUJITSU LIMITED
Feature 7: Providing a Good Balance between Security andPower Saving Effect
Execute virus scans on PCs even when in standbyEven for time slots that a computer is set to standby by a power saving policy, it is possible
to temporarily resume the computer to run virus scans, and reduce security risks
Execute virus scans on PCs even when in standbyEven for time slots that a computer is set to standby by a power saving policy, it is possible
to temporarily resume the computer to run virus scans, and reduce security risks
Power saving does not interfere with security measures
Standby state
Specified time of day
Virus scan executedVirus scan executed
Automatically changes to the standby/hibernate state when done
Maintains a secure statea secure stateBoth issues cannot be resolved
at the same time
Cannot execute virus scans while in business hours as they would slow down the PC.
Virus scans should ideally be executed outside business hours so that they do not affect normal daily business, however by doing so, extra power will be consumed because the PC cannot stay in the standby/hibernate state.
Issues with power saving:
TraditionallyIssues with security:
9
Copyright 2012 FUJITSU LIMITED
Feature 8: Display and Handling of Operational Status (1)
Linkage with Systemwalker Desktop KeeperIf Systemwalker Desktop Keeper is installed, it is now possible to display the operational
status of both products in the status window (top window) of Systemwalker Desktop Patrol, and this can be useful when dealing with risks
Linkage with Systemwalker Desktop KeeperIf Systemwalker Desktop Keeper is installed, it is now possible to display the operational
status of both products in the status window (top window) of Systemwalker Desktop Patrol, and this can be useful when dealing with risks
10
V14.2 New Features
Copyright 2012 FUJITSU LIMITED
Feature 8: Display and Handling of Operational Status (2)
Clarification of operational status at first sight, and PCs with problems like policy violations can be displayed with a click
Click on the number of PCs for the department, and a detailed list of PCs is displayed
Clarification of operational status at first sight, and PCs with problems like policy violations can be displayed with a click
Click on the number of PCs for the department, and a detailed list of PCs is displayed
11
V14.2 New Features
Click the number of PCs, and PC inventory information for the department is displayed
Press the Show Details button, and a list of the number of PCs for each department is displayed
Copyright 2012 FUJITSU LIMITED
Feature 8: Display and Handling of Operational Status (3)
PC log search can be browsed from the Inventory Information window linked with Systemwalker Desktop Keeper
Operation logs of the PCs that started prohibited software can easily be browsed
PC log search can be browsed from the Inventory Information window linked with Systemwalker Desktop Keeper
Operation logs of the PCs that started prohibited software can easily be browsed
List of PCs per department
Log search window
Systemwalker Desktop PatrolSystemwalker Desktop Keeper
PC inventory information
Cross-reference
V14.2 New Features
12
Displays the search window for Systemwalker Desktop Keeper
PC inventory information
Copyright 2012 FUJITSU LIMITED
Action and notifications to PCs with problemsReduces the load on administrators by automatically sending reminders
and action request messages to the users of PCs with no inventory informationcollected and no security patches applied
Administrators, too, can send messages to users, ensuring problems are solved quickly
Action and notifications to PCs with problemsReduces the load on administrators by automatically sending reminders
and action request messages to the users of PCs with no inventory informationcollected and no security patches applied
Administrators, too, can send messages to users, ensuring problems are solved quickly
Feature 8: Display and Handling of Operational Status (4)
User
Action results check
Administrator
ActionList of PCs that require action
(e.g. PCs that are violating the security policy)
Action results
Send pop-up messages with action requests automatically
Administrator to send the message
V14.2 New Features
13
Copyright 2012 FUJITSU LIMITED
Feature 9: Reflecting Organizational Information
Automatically reflects changes in the Active Directory OU* and user informationto the Asset Management Ledger
Cuts down management costs by reducing the burden of reflecting organizational information changes caused by personnel turnover to the Asset Management Ledger
Automatically reflects changes in the Active Directory OU* and user informationto the Asset Management Ledger
Cuts down management costs by reducing the burden of reflecting organizational information changes caused by personnel turnover to the Asset Management Ledger
Active Directory
Changes
Asset Management Ledger
Changes
*OU: Organizational Unit
Auto-reflection
Automatically reflects the organizational information changes by linking with the Active Directory
If there is no linkage with the Active Directory, the organizational information changes can be imported as CSV files.
Import information as a CSV file
Changes to user information andorganizational
information
14
Feature 10: Auto Detection of ICT Equipment/Devices (1)
Auto detection of ICT equipment/devices per segmentAn Auto Detection Terminal (ADT) is installed on each segment. The auto detected ICT equipment/devices are displayed in theList of Unregistered Device window, and device information in this window is reflected in the Asset Management Ledger.
Auto detection of ICT equipment/devices per segmentAn Auto Detection Terminal (ADT) is installed on each segment. The auto detected ICT equipment/devices are displayed in theList of Unregistered Device window, and device information in this window is reflected in the Asset Management Ledger.
Copyright 2012 FUJITSU LIMITED15
Segment B
Segment A
Segment C
Retrieved information Corporate Server
List of Unregistered Device
- Device type- OS type- IP address- MAC address- Computer name- Manufacturer name- Detection date/time
ADT
ADT
ADT
V14.2 New Features
Asset Management
Ledger
Copyright 2012 FUJITSU LIMITED
Feature 10: Auto Detection of ICT Equipment/Devices (2)
Batch Auto Detection of ICT Equipment/Devices on a NetworkThe ICT equipment/devices on a network can be batch auto detected
in a range of specified segments without having to install an Auto Detection Terminal (ADT) in each segment.
Batch Auto Detection of ICT Equipment/Devices on a NetworkThe ICT equipment/devices on a network can be batch auto detected
in a range of specified segments without having to install an Auto Detection Terminal (ADT) in each segment.
16
V14.2 New Features
Segment B
Segment A
Segment C
Retrieved information (Note)
Asset Management
Ledger
Corporate Server
- Device type- OS type- IP address- MAC address- Computer name- Manufacturer name- Detection date/time
List of Unregistered Device
AdministratorSetting a range of network segments that device information is retrieved for
Note: For devices that do not support SNMP, only IP address anddetection date and time are retrieved
No ADT required
No ADT required
No ADT required
Copyright 2012 FUJITSU LIMITED
Feature 11: Collecting Logs of Operations
Obtains logs of PC operationsAdministrator can track user operations on PCs including date and time
and what warning messages were issued, etc.
Obtains logs of PC operationsAdministrator can track user operations on PCs including date and time
and what warning messages were issued, etc.
Checks the history of user operations from
operation log files
Operation files per user are stored in the folder
by each CT.Logs for up to 4 months
can be stored. Log
Corporate Server
Administrator
Users
Warning/termination information when prohibited
software was started
Window titles displayed by the user
System startup time/shutdown time
Logon/logoff user name and time
Records of user operations and operation date/time
17
V14.2 New Features
Copyright 2012 FUJITSU LIMITED
Operating Environment (1)
Corporate Server: CS (*1)Domain Server: DS (*2)
Client Terminal: CT (*3)Auto Detection Terminal: ADT
Windows Server 2008 R2, Foundation Edition Windows Server 2008 R2, Standard Edition (Service Pack none/2)Windows Server 2008 R2, Enterprise Edition (Service Pack none/2)Windows Server 2008 Standard without Hyper-V (Service Pack none/1/2) (*4)Windows Server 2008 Enterprise without Hyper-V (Service Pack none/1/2) (*4)Windows Server 2008 Foundation (Service Pack none/2) (*4)Windows Server 2008 Standard Edition (Service Pack none/1/2) (*4)Windows Server 2008 Enterprise Edition (Service Pack none/1/2) (*4)Windows Server 2003 R2, Standard x64 Edition (Service Pack none/2)Windows Server 2003 R2, Enterprise x64 Edition (Service Pack none/2)Windows Server 2003 R2, Standard Edition (Service Pack none/2)Windows Server 2003 R2, Enterprise Edition (Service Pack none/2)Windows Server 2003, Standard x64 Edition (Service Pack 1/2)Windows Server 2003, Enterprise x64 Edition (Service Pack 1/2)Windows Server 2003, Standard Edition (Service Pack none/1/2) Windows Server 2003, Enterprise Edition (Service Pack none/1/2)
Windows Server 2008 R2, Foundation EditionWindows Server 2008 R2, Standard Edition (Service Pack none/2)Windows Server 2008 R2, Enterprise Edition (Service Pack none/2)Windows 7 Home Premium/Professional/Ultimate/Enterprise (Service Pack none/1/2) Windows Server 2008 Standard without Hyper-V (Service Pack none/1/2) (*4)Windows Server 2008 Enterprise without Hyper-V (Service Pack none/1/2) (*4)Windows Server 2008 Foundation (Service Pack none/2) (*4)Windows Server 2008 Standard (Service Pack none/1/2) (*4)Windows Server 2008 Enterprise (Service Pack none/1/2) (*4)Windows Server 2003 R2, Standard x64 Edition (Service Pack none/2)Windows Server 2003 R2, Enterprise x64 Edition (Service Pack none/2)Windows Server 2003 R2, Standard Edition (Service Pack none/2)Windows Server 2003 R2, Enterprise Edition (Service Pack none/2)Windows Server 2003, Standard x64 Edition (Service Pack 1/2)Windows Server 2003, Enterprise x64 Edition (Service Pack 1/2)Windows Server 2003, Standard Edition (Service Pack none/1/2) Windows Server 2003, Enterprise Edition (Service Pack none/1/2) Windows Vista Home Basic/Premium 64-bit (Service Pack none/1/2) Windows Vista Business/Ultimate/Enterprise 64-bit (Service Pack none/1/2) Windows Vista Home Basic/Premium (Service Pack none/1/2) Windows Vista Business/Ultimate/Enterprise (Service Pack none/1/2) Windows XP Home Edition/Professional (Service Pack none/1/1a/2/3)
*1: For Windows Server 2003 X64 Edition and Windows Server 2008 64-bit, CS runs on 32-bit mode. Also, IIS needs to be run on the 32-bit compatibility mode.
*2: For Windows Server 2003 X64 Edition and Windows Server 2008 64-bit, DS runs on the 32-bit mode.*3: Operations on the Terminal Service Client are not supported. *4: Server Core cannot to be used.
18
Copyright 2012 FUJITSU LIMITED
Operating Environment (2)
Asset Console: AC
Windows 7 Home Premium/Professional/Ultimate/Enterprise (Service Pack none/1/2) Windows Vista Home Basic/Premium (Service Pack none/1/2) Windows Vista Home Basic/Premium 64-bit (Service Pack none/1/2) Windows Vista Business/Ultimate/Enterprise (Service Pack none/1/2) Windows Vista Business/Ultimate/Enterprise 64-bit (Service Pack none/1/2) Windows XP Home Edition/Professional (Service Pack none/1/1a/2/3)
Database is shared with Systemwalker Desktop Patrol. No dedicated database is required.
19
Copyright 2012 FUJITSU LIMITED
Operating Environment (3)
Corporate Server: CSDomain Server: DS
Asset Console: ACClient Terminal: CT
Auto Detection Terminal: ADT
VMware Infrastructure 3VMware vSphere 4Microsoft Hyper-V
VMware Infrastructure 3VMware vSphere 4VMware View 3VMware View 4Citrix XenDesktop 4.0Citrix XenDesktop 5.0Microsoft Hyper-V
VM operation (software that can be used on virtual OS operations)
20
Copyright 2012 FUJITSU LIMITED
Installation Case Example: Client E (Distribution Company)
Entire system image
Client PC
Approx. 1800 pieces of equipment
Head office/Region A
Asset Management Ledger
Systemwalker Desktop PatrolCorporate Server/ Asset Console
Region C
Region D
Asset Console
System imageAsset management
consoleAsset Management Ledger
Corporate ServerAsset management
terminalAsset information (Inventory
information) collection
Asset information registration
Asset information reference Asset Terminal
Asset information registration
Clarification of IT asset/TCO reductions by visualizationIT asset management using Systemwalker Desktop Patrol ensures:
(1) Reduction in management man-hours(2) Clarification of asset information status and best placement of
assets(3) Cost reductions through secure management of contracts
(leasing and rental)
Checks equipment loss and theft by taking inventory using barcodesIT asset inventory using Systemwalker Desktop Patrol ensures:
(1) Clarification of equipment movement(2) Quick detection of equipment loss and theft(3) Improvement in depreciation credibility by taking inventory
accurately
Benefits of installation
System configuration
Management per department
Asset Console
Asset Console
Region B
Group Network
Company-wide management
21
Copyright 2012 FUJITSU LIMITED
- Systemwalker and Interstage are registered trademarks of Fujitsu Limited.- Windows is a registered trademark of Microsoft Corporation in the United States
and other countries.- UNIX is a registered trademark of The Open Group in the United States and
other countries.- Oracle and Java are registered trademarks of Oracle and/or its affiliates.- IBM is a trademark of International Business Machines Corporation.- Other company names and product names used in this document are
trademarks or registered trademarks of their respective owners.- The company names, system names, product names, and other proprietary
names that appear in this document are not always accompanied by trademark symbols (TM or ®).
22
Trademarks
Copyright 2012 FUJITSU LIMITED
top related