In my previous SmartAuditor blog post, I described how SmartAuditor works and its benefits for improving security and regulatory compliance. Well, guess what? Recently, a major healthcare company (obviously highly regulated by HIPAA) with tens of thousands of employees shared with me their thoughts, experiences, and main use cases regarding our SmartAuditor technology. In addition to providing care and services, this healthcare company partners with numerous nursing homes, hospitals and other healthcare organizations in the United States. The interesting part is that the more I talk to customers about SmartAuditor for recording ICA sessions, the more interesting the use cases get. So here's their success story.

Background

This customer offshore most of their development to India, had employees and non-employees accessing production systems remotely on a daily basis and wanted to monitor what they were doing, and needed to deliver custom applications in a faster way. They started using the SmartAuditor technology since it was released as a beta a little over two years ago.

The Challenges

The main challenges for this customer were:

• How to track and monitor IT change control?
• How to ensure employees comply with company policies?
• How to allow offshore developers to see user interaction with custom applications in QA and test environments?

Use Case #1: IT change control management

The customer had a lot of employees and non-employees logging in remotely to production systems on a daily basis and wanted to monitor them and ensure they were compliant (especially tracking the activity of users offshore). In order to improve security and compliance, they set up a secure portal using Citrix Access Gateway and turned on the SmartAuditor capabilities of Citrix XenApp. So by using SmartAuditor, any time a developer, employee or non-employee access the production system, all the ICA sessions are being recorded, making sure that they are keeping up with company policies.

Use Case #2: Rapid application delivery

Like most businesses, this customer has some fragile and complex applications and users that just don't get it. So instead of releasing an application into production and having users call the help desk trying to diagnose problems, this customer put SmartAuditor ahead of the process. The customer turned SmartAuditor on before the application was fully delivered into production. They took the application and released it only to their test users and generated a list with issues. Then, with the rapid playback and bookmarking capabilities of SmartAuditor, the developers very quickly diagnosed what was wrong with the application and made the changes. The main benefits the customer got out of this were that they were able to deliver the application to market quicker and that the application was clean. By doing this, they have minimized the number of help desk calls and problem resolution for this application.

The Benefits

The main benefits for this customer were:

• Enhanced auditing for improving compliance
  • Encouraged employees to comply with company policies. The customer is watching and recording. People log in, get out, and stick to the script.
• Improved the quality of the application development process by visually seeing problems and accelerating time-to-resolution
  • The rapid playback and bookmarking capabilities saved time. Experts were able to find the issues and solved them right away.

The Results

• Low storage requirements
  • With SmartAuditor, compression over a period of time was very good. The customer has been using SmartAuditor for over 2 years. In that period of time, they recorded 8,222 sessions which only required 43GB of storage space. On average, that's a 5.2MB file size per recorded session. Wow!
• Excellent performance when recording and reviewing sessions
• Faster application delivery and better user acceptance

How are you using SmartAuditor? What has been your experience with this feature of XenApp?

At Citrix, we know that improving security and compliance are two of the main challenges for businesses today, especially in highly regulated industries. Well, recently we released a technology in Citrix XenApp (the new name for Citrix Presentation Server) Platinum Edition that helps businesses monitor, record and play back ICA sessions as part of their ongoing risk management and regulatory compliance measures. The technology is called SmartAuditor (check out the demo to see how it works).

If you have a TiVo or a digital video recorder at home and love it (like I do), then you'll love SmartAuditor because its functionality is very similar in concept. The same way TiVo allows you to record all the shows that you want to watch, whenever you want, and play back those shows, SmartAuditor allows you to record and play back XenApp ICA sessions. 

The great value of this technology is that it enables IT to monitor and examine user activity of applications demonstrating internal control, and ensuring regulatory compliance and successful security audits. Its monitoring capabilities can aid in monitoring user activity involving sensitive data, such as in financial operations and healthcare patient information systems. Additionally, there are many other use cases where SmartAuditor can help, such as in litigation support, training and in technical support to help speed up problem identification and time-to-resolution.

How does it work?

SmartAuditor uses flexible policies to automatically trigger recordings of XenApp sessions and it works in 3 easy steps: Configure, Capture and Audit.

First, the administrator configures the tool and selects which users, applications and servers they want to monitor. Then, they capture the user activity by recording it to a video file that is digitally signed and stored in a central location. Finally, they can review the user activity by playing back the recorded ICA session in the SmartAuditor player.





Use Case Example

So now that you understand how SmartAuditor extends IT's ability to monitor and examine user activity of applications, let me give you an example. Let's say that the IT manager at a high-tech company, needs to monitor every employee planning to leave the company. Well, he can use SmartAuditor to record sessions for all employees who gave their two-week notice to leave the company. This type of user could potentially present a risk of data or intellectual property theft, but with SmartAuditor the IT manager can monitor all user sessions to capture suspicious activity. These recordings could be used as visual evidence if needed to prove criminal intent, but furthermore, with SmartAuditor he can notify the users that they are being recorded which, in itself, can help prevent theft or malicious activity in the first place.

If you are not using SmartAuditor or never heard about it before reading this blog, click here to watch the demo and learn more.

If you are already using SmartAuditor, please let me know your thoughts. Also, I encourage you to share your use cases and post any comments and/or suggestions you may have.   

What other aspect of SmartAuditor would you like to see covered in this blog?

At Summit in January I ran into an interesting Citrix partner - Xceedium.  It's a security company with an appliance product, called GateKeeper, that is complementary to XenApp.  It enforces security policy by providing compartmentalization and containment.

Say you are outsourcing development.  The GateKeeper provides capability they call "LeapFrog Prevention" to isolate and contain users to authorized applications and network devices.  So your outsourced developers can't do DNS look up, NFS mount, ICMP to LeapFrog to unauthorized areas and information.  It also provides tracking and reporting for compliance reasons. 

In a XenApp environment, their agent monitors each user process and prevents unauthorized apps from trying to leapfrog to another device.  They also provide tracking for all CLI and prevent unauthorized CLI, so it adds to the security features of XenApp at the application layer with control over the command line/infrastructure layer.

The GateKeeper is complementary to the SmartAuditor session recording feature of XenApp, adding keystroke logging and session recording for CLI.

For customers who have audit and compliance requirements, Xceedium is an extremely interesting addition to XenApp.  They're already verified Citrix Ready too.  As a bonus, Gatekeeper is Common Criteria certified to EAL3.

[www.xceedium.com]

WOW....it's almost been a year since we launched the Platinum Edition of Presentation Server!  What has made this new top-level edition of Presentation Server so popular?  Well, several reasons I think:

1.  Complete end-to-end application delivery solution all-in-one offering.  No need to buy each of the piece parts separately and hope that you can get them to work together.  Now it's all from one vendor, Citrix, and they WILL work together else "one throat to choke".

2.  All of the cool new features!  Application Performance Monitoring, SmartAuditor, SmartAccess, Single Sign-On, Application Streaming, and EasyCall.

3.  The price it right!  It only takes interest in one or two of the new features to justify the ROI.  Most of the new features are available to expand your existing Enterprise or Advanced environment, but for the cost, you are better off upgrading to Platinum.  Take a look at the math.

4.  Existing customers are using Subscription Advantage renewal budget for upgrades.  See blog on "Presentation Server Upgrade Calculator" by Sridhar Mullapudi.  By adding a few additional dollars to the already planned Subscription Advantage renewal budget, customers are upgrading to Platinum and getting all of the additional value.

5.  The anticipation of what the future might bring.  Besides all of the value that Platinum currently has, what other cool technologies might Citrix add to the Platinum edition in the future - the possiblities are endless!  Remember, it only takes an active subscription advantage to be eligilbe for anything that gets added - so stay tuned!

As the Product Manager for Presentation Server Platinum, let me know what you think.   Have you moved to Platinum?  If so, what drove you there?  If not, are you planning to?  Why or why not?  Also let me know what technologies you'd like to see in this edition in the future. 

SmartAuditor, or ICA session recording, is one of the top 2 new features in Presentation Server 4.5 Feature Pack 1. Michel Roth of ThinComputing.net has posted a 15 minute overview on the configuration and use of Citrix SmartAuditor--the first that I have seen. When installing SmartAuditor, it is very important to follow the exact steps outlined in CTX113599 and have your Citrix license server configured to use Presentation Server Platinum licenses. Why? Before SmartAuditor will run, it checks to see if Platinum licenses are available, otherwise, it will not run.

At 3:35 Michel has a good tip for configuring IIS on the SmartAuditor server.

For those of you going to iForum App Delivery Expo 2007, beginning on October 22, be sure to check out Session 203 - Citrix Presentation Server SmartAuditor - Record User Sessions for Security and Compliance. It looks like a good session with a customer presentation by Blue Cross Blue Shield of South Carolina.

Do you want to know what the 2nd top new feature is in Feature Pack 1? Watch the Citrix News section for the latest coming out of the iForum App Delivery Expo.