Inventory and Analytics for Browser-based Applications in the Enterprise



Similar documents
MICROSOFT DYNAMICS CRM Vision. Statement of Direction. Update: May, 2011

The DIY Guide to Dazzling Data. It s never been easier to delight colleagues, dazzle bosses, and boost your value in the workplace.

Deploy. Friction-free self-service BI solutions for everyone Scalable analytics on a modern architecture

The Sumo Logic Solution: Security and Compliance

Cloudy with 100% Visibility: Monitoring Application Performance in Hybrid Clouds

How To Monitor Hybrid It From A Hybrid Environment

Six Steps to Improved SharePoint Performance & Operations

What Do You Mean My Cloud Data Isn t Secure?

Monitoring Best Practices for

Solutions for Software Companies. Powered by

Complete Patch Management

This white paper from Stylusinc describes how enterprises benefits by migrating to Microsoft Office 365 and how it is bringing about a sea change in

Cisco Advanced Malware Protection

BUSINESS IMPACT OF POOR WEB PERFORMANCE

Vulnerability Management

Advanced Multichannel Order Management Solutions That Optimize Sales Performance

Three Ways to Secure Virtual Applications

TOP 10 REASONS TO UPGRADE TO EXACT MACOLA 10

BUSINESS INTELLIGENCE. Keywords: business intelligence, architecture, concepts, dashboards, ETL, data mining

Track-It! 8.5. The World s Most Widely Installed Help Desk and Asset Management Solution

WHITE PAPER. CRM Evolved. Introducing the Era of Intelligent Engagement

IBM Tivoli Composite Application Manager for WebSphere

Prevent cyber attacks. SEE. what you are missing. Netw rk Infrastructure Security Management

Now Leverage Big Data for Successful Customer Engagements

Your Location Instant NOC using Kaseya. Administrator at Remote Location Secure access to Management Console from anywhere using only a browser

Embracing Microsoft Vista for Enhanced Network Security

Desktop Management for the Small Enterprise

How Secure Is Your Salesforce Org?

Simplify Your Windows Server Migration

Becoming a Cloud Services Broker. Neelam Chakrabarty Sr. Product Marketing Manager, HP SW Cloud Products, HP April 17, 2013

Simplifying the Challenges of Mobile Device Security Three Steps to Reduce Mobile Device Security Risks

BUYER S GUIDE: PC INVENTORY AND SOFTWARE USAGE METERING TOOLS

SQL Server 2016 BI Any Data, Anytime, Anywhere. Phua Chiu Kiang PCK CONSULTING MVP (Data Platform)

IBM Cloud Security Draft for Discussion September 12, IBM Corporation

tibbr Now, the Information Finds You.

Modern IT Operations Management. Why a New Approach is Required, and How Boundary Delivers

IBM Endpoint Manager Product Introduction and Overview

Lumension Endpoint Management and Security Suite (LEMSS): Patch and Remediation

Healthcare IT Compliance Service. Services > Overview MaaS360 Healthcare IT Compliance Service

Interactive Application Security Testing (IAST)

Rocket AS v6.3. Benefits of upgrading

Enterprise IT is complex. Today, IT infrastructure spans the physical, the virtual and applications, and crosses public, private and hybrid clouds.

Boost your VDI Confidence with Monitoring and Load Testing

Test Run Analysis Interpretation (AI) Made Easy with OpenLoad

Executive Dashboards

Vistara Lifecycle Management

STEELCENTRAL APPINTERNALS

Cisco Advanced Malware Protection for Endpoints

SaaS or On-Premise? How to Select the Right Paths for Your Enterprise. David Linthicum

When your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work.

Aternity Desktop and Application Virtualization Monitoring. Complete Visibility Ensures Successful Outcomes

Bring your data to life with Microsoft Power BI. Peter Myers Bitwise Solutions

Monitoring Best Practices for

Aternity Virtual Desktop Monitoring. Complete Visibility Ensures Successful VDI Outcomes

Selecting the Right Active Directory Security Reports for Your Business

PCI Data Security Standards (DSS)

How To Manage A Privileged Account Management

Cenzic Product Guide. Cloud, Mobile and Web Application Security

Monitoring Best Practices for COMMERCE

2015 Vulnerability Statistics Report

Fueling ISV Success with Sharepoint Integration

Integrated business intelligence solutions for your organization

Security, Reliability & Control with Hosted Exchange

WHITEPAPER. Why Dependency Mapping is Critical for the Modern Data Center

Thomas Röthlisberger IT Security Analyst

TRUE PERFORMANCE ENGINEERING

WompMobile Technical FAQ

Symantec Client Management Suite 7.6 powered by Altiris technology

Mitel Professional Services Catalog for Contact Center JULY 2015 SWEDEN, DENMARK, FINLAND AND BALTICS RELEASE 1.0

How to Prepare for the Upgrade to Microsoft Dynamics CRM 2013 (On-premises)

EXECUTIVE SUMMARY THE STATE OF BEHAVIORAL ANALYSIS

Lumension Endpoint Management and Security Suite

Top 10 Reasons Enterprises are Moving Security to the Cloud

Tier3 Remote Monitoring System. Peace of Mind for Less Than a Cup of Coffee a Day

How To Manage A Network Security Risk

What s new in Access 2013

MAX Anywhere. Take MAX anywhere the action is.

Agent vs. Agent-less auditing

Pervasive Software + NetSuite = Seamless Cloud Business Processes

Capitalize on Big Data for Competitive Advantage with Bedrock TM, an integrated Management Platform for Hadoop Data Lakes

Cisco Advanced Malware Protection for Endpoints

Cloud Computing: What IT Professionals Need to Know

Reporting Services. White Paper. Published: August 2007 Updated: July 2008

Drawbacks to Traditional Approaches When Securing Cloud Environments

Managing Privileged Identities in the Cloud. How Privileged Identity Management Evolved to a Service Platform

Secunia Corporate Software Inspector (Secunia CSI) ver.5.0

SAP Solution Brief SAP HANA. Transform Your Future with Better Business Insight Using Predictive Analytics

Sage CRM What s New with Sage CRM Standalone. Sage CRM What s New with Sage CRM 7.2 -Standalone

AVeS Cloud Security powered by SYMANTEC TM

effective performance monitoring in SAP environments

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief

Web Intrusion Detection with ModSecurity. Ivan Ristic

xassets Hosted Services Microsoft SAM Assist Audits with xassets

EXTENSIVE FEATURE DESCRIPTION SECUNIA CORPORATE SOFTWARE INSPECTOR. Non-intrusive, authenticated scanning for OT & IT environments. secunia.

Microsoft SQL Server 2008 R2 Enterprise Edition and Microsoft SharePoint Server 2010

How Cloud Computing Will Change The Aviation Maintenance Operation

Enterprise Solutions IT Services 4132 Heartleaf Ln Naperville, IL 60564

Migrate, Manage, Monitor SQL Server 2005: How Idera s Tools for SQL Server Can Help

YOUR DATA UNDER SIEGE: GUARD THE GAPS WITH PATCH MANAGEMENT. With Kaspersky, now you can. kaspersky.com/business Be Ready for What s Next

Transcription:

Inventory and Analytics for Browser-based Applications in the Enterprise Introduction Times are changing. Desktop and client/server business applications (collectively referred to as native applications in this paper) that dominated enterprise computing in the 90s have been rapidly overtaken by a wave of browser-based web applications which run today s business workloads. Workloads such as ERP, CRM, document management, and time reporting are all experienced in a web browser, making the browser the epicenter of business user activity and critical workplace application use. In fact, web applications have supplanted native applications in both number and importance with 14 web applications for each desktop application in the typical enterprise, according to Microsoft. Native application management tools have no knowledge of what goes on inside the browser. This massive blind spot creates security risk, blocks migrations, hampers efforts to increase employee productivity, and inhibits software license optimization and compliance. This web application transformation brings with it a variety of opportunities and challenges for enterprise IT. The value of this new platform to enterprise is as boundless as the Internet. Anything a developer can dream up can be implemented quickly on a web server and deployed instantly to tens or hundreds of thousands of users simply by having them pull up a website in a browser. But with this awesome power comes a tremendous IT management challenge. The browser is largely opaque to enterprise IT. The management tools that tell IT what desktop and client/server applications are installed and used throughout the enterprise have no knowledge of what goes on inside the browser. This massive blind spot creates security risk, blocks migrations, hampers efforts to increase employee productivity, and inhibits software license optimization and compliance. Today, IT needs tools designed for browser-based applications and the unique complexities of the Internet-centric world in which we all now live tools which can uncover the critical correlations between browsers and web applications so IT can make informed decisions that positively impact the bottom line. This document provides an overview of the unique nature of browser-based applications, the challenges IT organizations face managing these applications, and the inventory and analytics solutions now available to help them manage this new paradigm. Browsium whitepaper: Page: 1

Browser-based applications become the standard Most existing Windows application inventory and management tools were designed only for desktop or client/server applications. They are mature and play an integral role in daily enterprise native application management. Enterprise IT organizations use these tools to easily identify which native applications are deployed to which users, what versions are in use, and gather application performance and usage data. This information is then used to evaluate migration compatibility issues, deploy updates, track license compliance, and deprecate unused or insecure software versions. No organization can envision managing IT operations without these tools. But can these tools work in a browser-based application environment? Gathering an inventory of web applications is no easy task and traditional management tools do not have the ability to track applications that run solely in a browser. In addition, the scope of application management has changed drastically due to the complexities of a browser environment. The challenge can appear insurmountable when combined with the need to understand dependencies between web applications (including where independent applications are connected at run time) and identify component requirements and compatibility issues. To solve this challenge, enterprise IT needs a solution that is optimized to deliver a deep understanding of enterprise web applications. To better understand what is needed to manage browser-based applications, it is important to understand the difference between desktop and browser application environments. Native Applications Native applications, and their required components, are contained to the boundaries of the desktop operating system environment. It can be helpful to think of native applications as a defined set of selfcontained executables and DLLs, with installers laying down only what is needed. Native applications can be analyzed with Process Monitor, and similar tools, to see the linking and dependencies. Applications run on Microsoft Windows and can load whatever resources are needed, or provide their own custom version via unique DLL. Settings for one application are contained to that application and don t impact others running at the same time, providing a healthy level of isolation between native applications. Browser-based Applications Browser-based applications operate in a much more complex environment. Therefore, they are significantly less isolated and are, in many ways, the opposite of native applications. Unlike native applications which are designed around single-use scenarios and requirements on the desktop operating system, browsers are designed to deliver a virtually endless number of application experiences using a combination of programing languages, APIs, and extensibility interfaces. Delivering this capability requires the browser to be more like an operating system than an application. As a result, traditional application management tools are unable to meet the needs of modern PC environments with more and more business applications running in the browser. Resources to support these applications can come from any combination of local or remote systems. The locations of these systems are not well-defined, often beyond the control of IT, and they utilize a Browsium whitepaper: Page: 2

broad mix of security contexts. Browser-based applications can load script libraries from anywhere and, as a result, dependencies can t be determined with a single tool. Browser-based applications utilize a compiler (for script) and renderer (for layout). The browser itself runs inside a security container context within the operating system. There are more vulnerabilities with browser-based applications due to the distributed resources they call upon. Browser-based applications have more management challenges One of the primary challenges facing browser-based applications is the continual evolution of technology, and, in many cases, technologies that are interdependent. As new capabilities are unlocked, older approaches often need to be eliminated or modified to adjust to the new definition. Those changes can cause breakage in terms of functionality, compatibility, and security. In addition, the need for browser add-ons, such as Java and ActiveX, is here to stay regardless of the introduction of HTML5 or other evolving standards. Browser extensions will most likely evolve to settle on JavaScript as the underlying platform (as Chrome has supported for some time), but ultimately extensions are all still bolt-ons to the browser that expand the attack surface and increase the complexities of browser management. Add to this the challenge of running multiple browsers in the enterprise, typically Internet Explorer plus either Chrome or Firefox, and it becomes clear why browser management is becoming an even more vital part of every organization s IT strategy. Next, consider the sheer size of an enterprise IT environment with hundreds or thousands of browserbased applications in need of management. This is a daunting task when IT lacks a complete picture of application usage and owners due to insufficient tools to track and report this data. In addition, new SaaS applications are deployed continually, making the inventory of applications alone a moving target. Dependency tracking adds even more of a challenge. It is important for IT teams to know which applications work in which browser version, what Java versions are being invoked to balance security and compatibility, and what configuration is needed for users to reliably run their most critical applications. To meet these browser-based application management challenges, enterprise IT first needs to know what applications they have and how those applications work. That requires data which is not available today. Due to a lack of accurate web application usage statistics, enterprise IT can see their migration projects stall while trying to understand what applications are running within the organization, the dependencies which may exist between applications, or even what applications are running outside of their organization and beyond their control. In addition, IT staffs often make incorrect usage assumptions based on license counts and purchase history when there is a lack of accurate web application data. However, there are tools designed to help. Browsium whitepaper: Page: 3

Tools for web application inventory and analytics New web application inventory and analytics tools can provide rich information to help enterprise IT better understand application needs, dependencies, and usage. That information is extremely valuable in making quality, real-time IT decisions. The following is an overview of two different tools used for web application inventory and analytics. Enterprise Site Discovery Toolkit Microsoft Enterprise Site Discovery Toolkit enables enterprises to collect information from Internet Explorer about sites visited by users. With this toolkit, certain Internet Explorer usage data is tracked and stored on each PC in log files. Once the endpoint data collection issue is addressed, IT is left with an array of log files they need to parse, index, and categorize. Once that is done, IT must to build a custom reporting solution to query and view the data. Site Discovery Toolkit is a building block to address web application inventory and analysis needs, but enterprises need more. Browsium Proton Browsium Proton is a comprehensive web application inventory and analytics solution for today s modern enterprise. It goes beyond simply providing raw usage data, to instead deliver easy to understand tables and charts that help IT teams discover the critical correlations between browsers and web applications and in turn make better decisions. Proton was designed to meet the challenges of the new web application delivery paradigm. It delivers robust end-point discovery for enterprise IT staff who need to know what line-of-business web applications users are accessing, how often they use those applications, how many active users access each application, usage trends over time, what browser is being used to access which application, and what browser add-ons and extensions are used by those sites. Proton is a multi-tiered solution, starting with the lightweight Proton Client installed throughout the enterprise, invisible to end users. The Proton Client periodically pushes activity and inventory data to the Proton Server which is a Windows Server running IIS and Microsoft SQL Server. The Proton Manager, the reporting and analytics web application, enables any IT manager with a user account to see and interact with the data from any device running a modern web browser. Browsium whitepaper: Page: 4

The Proton Server can be run on-premises, in a private cloud, or in a hybrid configuration with the Proton Service and Database on-premises and the Proton Manager, the reporting and analytics web application, running as a SaaS application hosted by Browsium. This is the default configuration which enables continuous rapid improvements to the Manager with no deployment overhead for customers, while all activity and inventory data remains safely stored on the customer s on-premises server. The following screenshot of the Proton Manager web application provides a snapshot of the rich, visual reporting provided by Proton. Delving deeper into the Proton Manager, you ll find reports on browsers, Java, and ActiveX inventory for every user in the enterprise, along with all browsing activity tracking (e.g., browser history) correlated to browser version, Java version, and the entire scope of operating system and browser components that make up the web application platform. Browsium whitepaper: Page: 5

Browsium Proton is essential to the enterprise It is common to find IT organizations that lack a comprehensive web application inventory and have no process to compile a reliable list. Those organizations that are aware of the web applications in use, often lack insights into dependencies and other operational requirements. For example, an organization may have a variety of web applications which require Java. These applications may each require a different version of Java and some of these versions have known security vulnerabilities. With Proton, applications which require a vulnerable version of Java can be identified by department and user, including identification of those Java versions that are invoked by an untrusted site on the Internet. IT can then work to evaluate and implement alternative solutions (such as Browsium Ion) to better manage Java in the enteprise, removing the vulnerability and improving the organization s overall security profile. The absence of this information causes critical migration projects to be delayed and creates a major obstacle in the deployment of new line-of-business applications. Proton provides these critical insights to enterprise IT, giving them the data they need to move high-priority projects forward and continue to manage their increasingly complex web application environment securely into the future. For this reason, Proton should not be viewed as a one-time inventory solution; Proton should be an essential component of every IT organization s ongoing IT asset management, resource and capacity planning, and application inventory processes. IT challenges Proton addresses Proton s robust design, rich data collection, and comprehensive reporting and analytics enables enterprises IT to function more productively and improve their services. The following are some example scenarios where Proton delivers tangible business value: Browser Migration Always have a complete picture of your browser-based application environment. Proton inventories all web applications, along with client browser environment data and then presents it in a graphical dashboard of tables and charts. The data is granularlevel, with line-item detail and helps identify and unblock the web application compatibility issues which most often stall a browser migration. Proton supports multi-browser environments, including Internet Explorer, Chrome, and Firefox today, with more browsers to be added over time. Maintaining and Optimizing Client Systems Provides an up-to-date, comprehensive inventory and analysis of data to help IT teams assess their current status and better understand their web applications and browser infrastructure. This is critical for prioritizing regression testing as new operating system, browser, and Java patches are released. With all data and correlations available, IT teams can be confident everyone has the right configurations and unused applications and add-ons can be removed without breaking other systems. Identifies SaaS applications in use by functional department which helps IT determine performance levels, usage, and software license optimization. IT teams drive better business Browsium whitepaper: Page: 6

decisions because they have a near real-time view of their web application environment, helping them ensure their mission critical web applications run smoothly. Proactively Head Off Security Risks Helps reduce attack surfaces by enabling IT to see which applications need which add-ons and browser settings, correlating that information with which add-ons or settings are in use, and helping identify gaps between the two. This enables IT security managers to identify unused applications, browser add-ons, or extensions, such as older versions of Java, reducing the potential for unwanted or unknown security exposure. Provides IT security managers with the information they need to ensure lock-down or bypass configurations are set up properly, along with reports to prove unwanted sites are unable to bypass these configurations. This can be used for compliance with regulations such as HIPAA, SOX, and others. Proton acts as an on-going, targeted, and accurate end-point for data security, making it an essential audit and reporting tool. Improve Employee Productivity The web is a constant distraction for end users who may spend an inordinate amount of their workday shopping online, using social media, or watching streaming entertainment videos when they should be working. Proton provides business management with the knowledge and insights to drive productive behavior among employees and identify and correct hotspots before they affect the company s bottom line. Drive Transformational IT Projects Provides comprehensive, rich data that delivers valuable analysis which result in IT leaders better understanding their increasingly complex web application environment garnering valuable insights they can act on immediately. Proton also provides rich planning data by showing what line of business web applications users are accessing, how those applications are used, how many active users access them, usage trends over time, and what extensions and settings are being used to access the application. This realtime inventory data and analysis enables accurate and successful planning of future technology initiatives. Summary: Browsium Proton delivers browser-based application management for better IT decisions Clearly, IT needs the right solution to manage this complex world of browser-based business applications. Browsium Proton delivers an accurate and rich data set, presented in an easy-to-use dashboard of tables and charts. This invaluable information enables every modern IT department to proactively mitigate risks and ultimately drive better business decisions. To learn more about Browsium Proton and its web application inventory, analytics, and management capabilities, visit www.browsium.com/proton/ where you can download the Browsium Proton Evaluation Kit. Browsium, Inc. 8201 164 th Ave. NE, Suite 200 Redmond, WA 98052 +1.425.285.4424 sales@browsium.com Browsium whitepaper: Page: 7

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information