User behavior auditing in desktop virtualization

Desktop virtualization uses a unified remote access protocol (such as PCoIP, RDP) for remote access to the desktop. The benefits are obvious. Because only one way to provide access, so IT staff as long as the protection of a line of defense, user action and behavior can be panoramic view. This is like an ancient castle, to enter the castle, the people can only come in from the gate, the soldiers can be very focused on the user thoroughly inventory.

And these advantages are not available to ordinary PCs. The reason is very simple, one PC machine distribution is too wide, it is difficult to efficiently and centralized management; the second is a lot of connections, such as direct display view, or through various types of remote access (such as SSH, TELNET, RDP, VNC, etc.). There are so many ways to manage, the difficulty is indeed very large.

In the past year, the virtual desktop market has been booming, many enterprise users began to deploy virtual desktop, and some units built virtual desktop platform has begun to put into production using the online. Managers are also starting to think in the existing platform, and how to make employees more efficient and secure in the process of use is one of the most considered issues for administrators.

In the current desktop virtualization product, the user log or event is generally provided and stored in the database, which is provided to IT staff for viewing in the form of a report. But if a business administrator wants to know what the employees are doing, these are not going to be recorded, so how can they meet the requirements of these managers?

See more highlights of this column: http://www.bianceng.cnhttp://www.bianceng.cn/Servers/virtualization/

In fact, there are already some such products in the market, specifically for the virtual desktop such customers to provide behavioral audit program. In these scenarios, the audit software presented in the video format is the most popular. This article introduces two mainstream software, for your reference.

The first recommended product is called Observeit, which can simultaneously audit user actions including PCoIP, RDP, and SSH protocols.

You can do an online demo on the Http://www.observeit-sys.com/Products/Demo_Center. Unlike other products, anything you do on a virtual desktop, PC, can be logged, not limited to whether you're working through a remote desktop.

The second recommended product is called Recordts, which can record the operation of the Rdp/ica protocol. If you're using one of these two protocols on a virtual desktop, the product is also a good choice. However, it does not record the actions on the console session (typically administrator, use remote control software, and also use the console session), so there will be a partial operation of the omission of the phenomenon. Their URL is http://www.tsfactory.com/.

User behavior audit can help enterprise users understand the employee's operation behavior, can also be used to do the post supervision to prevent the improper operation of the employees (or the subcontractor, etc.) to bring the safety incidents and risks to the enterprise. With virtual desktops, administrators can promote and run user behavior auditing programs more quickly.