introduction to oesis framework
DESCRIPTION
The OESIS Framework allows software engineers and technology vendors to enable the detection, assessment and remediation of third party applications in their solutions. It is ideal for adding endpoint compliance features to any solution, and is used by leading SSL VPN and NAC vendors such as Cisco, Citrix, Juniper, F5 and many others.TRANSCRIPT
Introduction to OESIS® Framework
April 2013
Applications Manageability – OESIS Framework The Mission
OESIS Framework
Enables software engineers and technology vendors to develop products that can detect, classify, and manage thousands of third-party software applications
Enables implementing a simple and easy compliance check of endpoints via embedded libraries
Supported platforms include:
Windows
Mac OS X
Linux
Android
iOS
OESIS Framework
Support nearly any 3rd application in the market for:
Antivirus Antispyware Personal Firewall Antiphishing Backup Patch Managemen
t Hard Disk Encrypti
on Health Agents URL Filtering Data Loss Preventi
on Public File Sharing Web Browsers Desktop Sharing
VPN Clients Virtual Machines Device Access Con
trol Mobile
Applications o Androido iOS
OESIS APIs for above application-types: here
Antivirus APIsDetection APIs Retrieve the name and version of the antivirus product Verify product authenticity: Ensure that the installed product has
been signed by the vendor to protect against spoofing that can occur when using only WMI
Assessment APIs Retrieve the count of malware signatures Retrieve the time of the last definition update Retrieve the real time protection status Retrieve the last full system scan time Retrieve the history of threat detections and actions performed
to assess the risk level of an endpoint (includes information such as threat name and severity)
Remediation APIs Launch a full system scan Enable real time protection Activate an update of the virus definitions
View Supported Apps: click here
Web Browser APIs
Detection APIs Retrieve the name and version of the web browser Retrieve a list of installed browser extensions Check whether the browser is the default browser Determine which browsers are currently open on the machine Determine which sites are currently open in the browser
Assessment APIs Retrieve the browsing history Determine whether the browser's popup blocker is enabled
Remediation APIs Open a specific URL in the browser Close the browser Securely delete browsing history
View Supported Apps: click here
Hard Disk Encryption APIs
Detection APIs Retrieve the name and version of the hard disk encryption
product Verify product authenticity: Ensure that the installed product has
been signed by the vendor to protect against spoofing
Assessment APIs Check the encryption state Get a list of supported encryption algorithms Retrieve encrypted locations
Remediation APIs Enable Encryption
View Supported Apps: click here
Virtual Machine APIs
Detection APIs Retrieve the name and version of the virtual machine product Verify product authenticity: Ensure that the installed product has
been signed by the vendor to protect against spoofing
Assessment APIs Determine if the virtual machine is running Retrieve a list of all VMs Retrieve details for each VM on the system including OS and
version
Remediation APIs Stop a virtual machine Pause a virtual machine
View Supported Apps: click here
Public File Sharing APIs
Detection APIs Retrieve the name and version of the public file sharing
application Verify product authenticity: Ensure that the installed product has
been signed by the vendor to protect against spoofing
Assessment APIs Determine if the application is running
Remediation APIs Terminate the running application
View Supported Apps: click here
OESIS Developer Testing Harness
OESIS Capability ChartsBy Product, by OS, by Version
Mobile CapabilitiesProduct Categories
iOS additional category support in 2013!
Compliance
• Antivirus• Firewall• Backup
Management
• MDM• MAM
Compromising
• Monitoring Tools
• Location Services
• Geo Location
Android: Detection
Name Vendor Version Is Authentic? Is Running?
Remediation Launch Application
Mobile APIs
iOS: Detection
Name Vendor Is Running?
Android and iOS
Mobile Testing Harness
OESIS User Stories
SSL VPN When granting remote network access, system
administrators need the ability to assess an endpoint to ensure that it will not compromise the security of the network. Many SSL VPN solutions provide this ability to administrators by utilizing OESIS Framework to help power endpoint compliance checking.
OESIS User Stories
Dell SonicWall
OESIS User Stories
Citrix
OESIS User stories
NAC (Network Access Control) NAC solutions utilize OESIS to enable the creation and
checking of access policies. The solutions use OESIS to pull data from endpoints that can be used to determine whether users may connect. For example, the policy might require that a device connecting to the corporate network has all the latest antivirus definitions installed.
OESIS User stories
Cisco
OESIS User stories
Juniper Networks
User stories
Support Tools Vendors who provide remote technology services to consumers
and businesses to fix issues or configure endpoints utilize OESIS to build in some of their standard checks.
User stories
F-Secure
User stories
Support.com
User stories
Many more: Managed Services
Vendors of cloud based IT Management solutions, utilize OESIS to power features of their cloud based applications.
Compliance solutions and vulnerability assessment OESIS Framework provides extensive management capabilities that
enable applications in this market segment to meet compliance requirements or to make sure that endpoints respond to security compliance mandates.
User stories
iPass
User stories
LogMeIn
OPSWAT Security ScoreFree demo of OESIS Framework
http://www.opswat.com/products/security-score