Universal Insight for Citrix XenMobile


MDM devicesAccording to the Gartner study “Bring Your Own Device: The Facts and the Future” by the year 2017 half of all businesses will require employees to bring their own device. It saves the business money, users are more productive while on-the-go and they may even receive reimbursement for part or all of their device contract.

However, as this article in SC Magazine reveals when it comes to BYOD and MDM a vast majority of employee devices cannot pass a basic security scan or compliance review. That in and of itself poses a major threat to business continuity and user productivity. All it takes is one blacklisted program on a non-compliant device for resources to become hijacked, productivity to decline and data integrity to be compromised.

Add to that all the things that businesses need to consider such as everyday productivity, common access, separation of user and business applications, interoperability and scalability and it is easy to understand why implementing Citrix XenMobile and then maintaining continuity can be challenging.

What businesses need is a solution that helps reduce IT complexity, increases performance, tracks app adoption, offers role based reporting and grants admins “Universal Insight” across the solution stack as well as all other interdependent physical and virtual layers; and they need the ability to do it all from just a single interface instead of multiple silo-centric tools.

Within our most recent eG Enterprise solution brief for Citrix XenMobile you will discover

  • 6 key benefits of having the right solution for Citrix XenMobile
  • “Why Universal Insight Matters
  • Root-Cause in a Single Click”
  • “Enhanced capabilities for XenMobile” such as virtualization-aware technology

Whether you are Citrix customer researching XenMobile as your BYOD solution or have already embraced it and want to know more about how “Universal Insight” can turn your XenMobile deployment into a competitive advantage read the brief and then email us info@eginnovations.com or call 866.526.6700

SSL Certificates – Not Just for Web Applications


When a client and server communicate, secure socket layer (SSL) ensures that the communication is private and secure by providing authentication, encryption, and integrity checks. A general assumption is that SSL handshake and SSL data transfer only happens between a Web Browser and a Web Server, so SSL Certificates are only required for Web Servers in the overall IT Infrastructure. In reality SSL Certificates can be used for many key applications in an IT infrastructure – Web servers, Java application servers, databases (Oracle, SQL), Microsoft Active Directory servers and mail servers like Microsoft Exchange can all use SSL.

ssl_v3

 

Isn’t it Enough to Just Protect the Web Servers using SSL?

Application environments have become complex. Many infrastructure tiers are involved in supporting the service and the different tiers communicate with each other to support the service.  The servers involved could be in different geographic locations. With the increasing use of cloud computing, some of the servers involved may even be hosted on public clouds.

SSL secures all communications between any two servers. If servers are unprotected, hackers could actively eavesdrop all the communications and maybe able to inject new ones. The more security critical the application, the more important it is to protect it with SSL. This is the reason why some of the core IT servers – Web Servers, Java application servers, Database Servers, messaging servers,  Active Directory servers, and Microsoft Exchange – are often configured with SSL certificates.

 

Why protect these services with SSL?

Services Why SSL? Without SSL
Web Servers
SSL ensures secure communication between a browser and a Web Server Hackers can easily steal confidential information – credit card, PIN, Social Security numbers and other personal information of a customer.
Application Servers
SSL protects access to business logic and secures data access service from application server to other systems and database Unauthorized personal can modify critical data by accessing the database and other systems.
Microsoft Exchange
SSL enables emails exchanged between mail client and exchange server to be encrypted and secured Attackers can steal important emails and passwords of key executives.
Microsoft Active Directory
SSL secures access to user accounts, administrative groups, server accounts and resource accounts stored in Active Directory Active Directory can be compromised and the damage might be a substantial monetary loss or even a serious blow to the reputation of the organization.
Databases
SSL secures data transfer across the network between instances of databases and other systems of that application environment Hackers can steal critical data stored in the database.

 

Monitoring SSL Certificates

SSL certificates often have a validity period and if ever an SSL certificate becomes invalid, the application that uses it will stop working. So monitoring of SSL certificates is important. The key requirements for SSL certificate monitoring include:

  • The ability to proactively monitor the validity of all the SSL certificates used by an organization;
  • Multi-modal alerting capability to alert administrators about impending certificate expiry or validity issues with certificates;
  • Capability to track and alert about changes to SSL certificates;
  • The ability to check the legitimacy of a SSL certificate by verifying certificate fingerprint;

The eG Enterprise performance management system can check SSL certificates used by different applications – Active Directory, Exchange Server, Web Servers (Apache, IIS, etc.) and application servers – Tomcat, WebSphere, WebLogic and GlassFish, and databases – Oracle, SQL Server, MySQL and others. For more information on how eG Enterprise can ensure the validity and legitimacy of your SSL certificates please read the white paper SSL Certificate Expiry Monitoring and Management

Download-Whitepaper

SSL Certificate Monitoring – Avoid embarrassing outages and brand damage due to unplanned SSL certificate expiration


Graphic of browsers reporting expired SSL certificate.

Mission-critical systems can be disrupted if SSL certificates expire.

IT organizations also need to monitor erroneous or unauthorized changes to SSL certificates to prevent security attacks and system outages. Given the business criticality of SSL certificates, Download Monitoring SSL Certificates in Business Applications White Papermanual tracking is not a viable option.

For more information on the challenges involved in SSL certificate management and a holistic solution for monitoring and management, see this new technical white paper: SSL Certificate Expiry Monitoring and Management.

 

Many high-profile system outages are caused due to unplanned SSL certificate expiration

Surprisingly, despite the frequent (and quite public) security compromises due to expired SSL certificates, most IT teams are unprepared for the consequences of poorly managed SSL certificates.

Service Outages due to expired SSL certificates
Some of the most severe outages highlighted in the press have been traced to unplanned SSL certificate expiration

Many organizations still track SSL using error-prone manual methods

According to Gartner, most organizations SSL certificate renewal are tracked using reminders rely on manual processes to keep track of certificates, resulting in increased exposure to risks.

Service outages due to unplanned certificate expiration impact service availability, SLAs and brand confidence. It can also lead to noncompliance with regulatory requirements.

Gartner report findings, “X.509 Certificate Management: Avoiding Downtime and Brand Damage” (reprint source: Gradian.co.uk)

Adopt a Holistic SSL Certificate Monitoring Solution

eG Enterprise provides proactive alerting on the SSL certificate validity based on a configurable threshold (days in advance before the SSL certificates’ expiration date).

Multi-modal alerting is available out-of-the-box with eG Enterprise:

• Alerts on the eG Enterprise Web Console
• Email notifications
• Text message (SMS) notifications
• Trouble tickets directly opened in your helpdesk system

The following screenshots will give you a flavor of the type of visibility that eG Enterprise provides into SSL certificate monitoring.

Proactive alerts on the Web Console

Alerts on the eG Enterprise Web Console point out precisely which service is impacted by the soon-to-expire SSL Certificate.
Alerts on the eG Enterprise Web Console point out precisely which service is impacted by the soon-to-expire SSL Certificate.

 Email notifications

Timely email notifications help you keep track of SSL certificate expiration across systems.
Timely email notifications help you keep track of SSL certificate expiration across systems.

Visually intuitive and rich graphical dashboards

eG Enterprise comes with visually intuitive and rich graphical dashboards that help keep track of SSL certificate expiration across the organization
eG Enterprise comes with visually intuitive and rich graphical dashboards that help keep track of SSL certificate expiration across the organization

Download the SSL Certificate Monitoring White Paper

Monitoring SSL certificates is extremely critical Download Monitoring SSL Certificates in Business Applications White Paperfor business continuity. eG Enterprise provides a holistic and cost-effective security monitoring solution for tracking SSL certificates and detecting security risks. With intuitive management capabilities and deep visibility into certificates across the enterprise, eG Enterprise makes it easy to monitor and manage SSL certificates.

Check out the new SSL Certificate Expiry Monitoring and Management white paper which has comprehensive solution details about the eG Enterprise solution. Download Monitoring SSL Certificates in Business Applications White Paper