It seems that Lakeside Software’s production schedule is tuned for launches at VMworld, because each year I visit their booth and am blown away by whatever it is they’re showing off. This year, we awarded Lakeside the Best of VMworld award in the Desktop Virtualization category (yeah, we’re supposed to remain anonymous, but it’s a rather poorly-kept secret) for Lakeside SysTrack Community. After the awards, I stopped by and recorded a video with Ben Murphy that covers both Lakeside Community and Lakeside Systrack Security Visualizer (which, frankly, would have won if it had been submitted in the desktop category).
Lakeside Community is a program that lets you compare the data Lakeside SysTrack has collected about your environment against the entirety of the SysTrack community. If you choose to opt-in to the program, your data is anonymized and sent to Lakeside, and you’ll have access to reports. Currently they have a singular report that compares you to the rest of the world (application faults, Windows OS versions, VM configurations, performance comparisons, and many, many more).
Though the deliverable today is a PDF report, I can’t help but think of all the ways you could slice up the information. Lakeside is working on this (they even built a demo for us to see in the video), and eventually you’ll be able to search and slice data based on anything. For example, you can compare your AutoCAD users performance and configuration against other companies. I’m legitimately excited about this!
The Lakeside SysTrack Security Visualizer builds upon the SysTrack offering by checking your configurations against what they call “known bad configurations.” They can use this information to build a security risk score on a per-desktop basis, then alert you to any particularly risky desktops or situations that crop up. Among other things, it checks for:
- Risky apps with open outbound ports
- Apps using elevated privileges
- Configuration issues like file shares with “Everyone” access
- Running processes that weren’t there before
For the first few days after deployment, SysTrack Security Visualizer collects information but tamps down the alerts (since every process would be considered new). Once it determines the baseline, your desktops are scored (the lower, the better) based on a comparison to the list of known-bad configurations. The interface shows you each desktop and what elements contributed to the risk score. You can drill down into each element to determine what the actual red flag is.
Imagine adding the community element to this, comparing your security risk score against others. Perhaps you’ll realize that you’re not as security conscious as you thought, or that seemingly “rogue” process is something that everybody else that just installed the most recent version of Adobe Reader also has. Lakeside can also use the information to tweak their default thresholds, so when a bunch of new Windows Updates come out, you won’t see sirens and red lights all the time.
For more information, check out the 13 minute video from VMworld 2015 up top that covers both Lakeside SysTrack Community and SysTrack Security Visualizer. I can’t wait to see how both of these products evolve.