AppSense Management Suite v.8.0

1

• AppSense Management Suite v.8.0

2
Introducing AppSense

• Software Company delivering User Environment
  Management Solutions
• Over 10 years Citrix and Terminal Server
  Management experience
• Founded in 1999
• Head quartered in the UK with offices in US,
  Germany, Netherlands Australia
• Growing channel network of over 300 Certified
  Solution Partners
• Industry-leading alliances

3
International infrastructure in place
United Kingdom Greater Manchester 135
employees Headquarters Product development
Netherlands Arnhem 5 employees
United States New York 14 employees
Australia - Melbourne 4 employees
Germany Munich 12 employees
4
AppSense Alliances
5
Customer Selection
6

• User Environment Management

7
Introducing user environment management
8
AppSense Solution Set
9

• Personalization and Policy Management
• Set up user environment at multiple trigger
  levels
• Enable users to personalize their environment
• Apply policy and personalization on demand across
  all delivery mechanisms
• Dramatically improve user logon times
• Enable rapid migration of user environment
• settings between operating system
• Enforce tailored policy across thousands of users

10
The User Personality
e.g. Drive mapping Printer mapping Desktop
icons Start menu Application access
e.g. Desktop wallpaper Excel add-ins Email
signature block Spell checker language Application
toolbars
11
Environment Manager Policy

• Apply actions under different circumstances

12

• Personalization StreamingReduce logon times by
  streaming in user settings throughout their
  session as they are needed in response to user
  actions
• Application-Level Personalization
• Personalization settings are managed and streamed
  on a per application basis. Applications can now
  be upgraded or swapped out with no impact to the
  user.
• Personalization Analysis
• An interactive set of reports and graphs provides
  visibility into personalization activity across
  the enterprise. Personalization analysis
  identifies trends in profile use, showing how
  often applications are personalized, allowing IT
  to optimize user profiles.
• Personalization Rollback
• Reduce support costs, time to repair damaged
  profiles and preserve user personalization
  settings by rolling back to a previous known
  good profile on a per application or user basis.
• User Profile Migration
• Enable rapid desktop migrations by moving users
  to new delivery mechanisms without having to
  recreate personalization settings.

13

• Offline Mode
• Personalization data is stored in a virtual cache
  within the users desktop and remains available
  to disconnected users. The user now has a fully
  portable personality, which is re-synchronized
  with the latest, centralized settings when the
  user comes back online.
• Conditions and Actions
• Define events that are used to implement business
  policies. Rule examples include when user X logs
  on to the desktop with an IP address of Y, when
  a user opens an application named Y or for
  complete flexible control, any combination of
  multiple conditions. Actions resulting from
  these rules include file, folder, registry, ADM,
  drive and printer mappings.
• Quick Setup Wizard
• Set up new configurations by using a wizard to
  pre-populate most commonly used actions such as
  configuring internet explorer settings, self
  healing critical operating system and application
  components, locking down common application and
  operating system features and improving quality
  of service by disabling resource intensive
  processes and services
• Registry File Import Wizard
• Registry settings can be exported from a desired
  state target machine and imported into the
  AppSense Environment Manager console to instantly
  create configurations.

14
Profile extraction and migration
15
Personalization Streaming

• A mandatory profile is loaded

• The user launches an application and makes some
  changes

• These settings are synchronized via a
  personality server to a SQL database

• The personalized application settings are
  requested from the SQL database via the
  Personality Server and streamed to the end-point
  on demand

• The application is closed

• Personalized application settings are saved to a
  local, virtual personality cache

• The user launches the same application from
  another concurrent session

• A user logs on (for example) to a Virtual Desktop

Personality Server
SQL Database
16
Personality Analysis Rollback

• View the contents of a users personality cache
• View the size of a users personality cache
• Manage personality settings directly from the
  database
• Rollback to a personality restore point

Monday
Tuesday
Wednesday
Thursday
Friday
17
Operating System Migration
18

• Demo Time EM

19

• Application Entitlement
• Enforce application access policy
• Ensure that the users environment cannot be
  compromised due to the users own actions, or
  actions outside the users control
• Prevent unauthorized execution of code
• Prevent unauthorized or unexpected changes in
• environment configuration
• Ensure compliance with Microsoft licensing

20

• Trusted Ownership
• Protect the system without complex lists and
  constant management. Only code installed and
  owned by trusted owners is allowed to execute.
  The trusted owners list can be extended to suit
  any environment or content directory
  infrastructure.
•  
• End Point Analysis
• Identify all executable files on a target device
  and quickly group the files into authorized and
  unauthorized. Configurations can be deployed to
  a user, group of users, machine, group of
  machines.
• Application Usage ScanScan a device to identify
  how many times individual applications have been
  executed on a per user basis. By understanding
  which application usage, unlicensed software can
  be identified and restricted and unused licensed
  software can be removed.
•  
• Application Network Access Control
• Control network access without complex controls
  such as routers, switches and firewalls.
  Connections include access to UNC paths
  (including all files folders on that drive),
  servers, IP addresses, URLs, devices FTP
  locations. Policy can be tailored to
  dynamically change based on user or device
  properties.

21

• Passive Monitoring
• Monitor application usage without preventing
  users from running applications. Passive
  monitoring can be managed on a per user, device
  or group basis, providing an extremely useful
  tool to accurately track user behavior prior to
  implementation or to understand application usage
  for software license management.
• Digital Signatures
• Assign SHA-1 digital signatures to applications
  and files to ensure application integrity.
  Modified or spoofed applications are prevented
  from executing.
• White Black List Configurations
• Lists can be used in conjunction with Trusted
  Ownership to control known applications which
  pass the NTFS owner check such as administrator
  owned tools like cmd.exe or ftp.exe. Or, create
  white lists to guarantee only known and trusted
  applications can execute on a system.
• Trusted Vendors
• Allow software based on vendor certificates
  (signed software)

22

• Self Authorizing UsersUsers can authorize their
  own applications without relying on IT. An audit
  details information such as application name,
  time and date of execution and device. A copy of
  the application can be taken and stored centrally
  for examination.
• Application Limits Time Restrictions
• Control the number of application instances and
  at what times it can be run. Also enforce
  licensing models by controlling application
  access on a per device basis.
• Extensive File Support
• In addition to controlling .exe files, scripts,
  batch and registry files are also controlled.
  Digital signatures can also be applied to scripts
  to ensure content remains unaltered.
•  
• AppSense Configuration TemplateTake full
  advantage of pre-built corporate policy best
  practice by importing AppSense Configuration
  Templates.  AppSense Application Manager is able
  to import an unlimited number of configuration
  files and use these policies in combination.  A
  selection of Templates such as common prohibited
  items or End Point Analysis is available from
  www.myappsense.com.  This Template Library is
  maintained and updated frequently.

23
Trusted Ownership
24
Trusted Ownership
25

• Demo Time AM

26

• System Resource Entitlement
• Ensures a consistent and predictable quality of
  service to end users
• Application response times are optimized
  according to business policy
• Optimizes use of hardware resources such as CPU,
  Memory and Disk
• Dynamically manages resources in reaction to
  environment
• changes

27

• Disk I/O Resource Management
• Prevent I/O Request Packet (IRP) bottlenecks
  from impacting mission critical applications by
  dynamically prioritizing IRPs. Named
  applications have priority disk access,
  preventing them being held in a queue behind less
  important application IRPs.
• CPU Smart SchedulerAllocate CPU resource to
  applications by assigning a relative share to the
  user or application. For instance, an application
  assigned a share factor higher than another
  application will receive higher priority access
  to the CPU when there is contention.
• Thread ThrottlingCPU thread throttling
  policies will automatically trigger when the
  system is heavily loaded and apply gradual
  throttling to any runaway threads within each
  process.
• Physical Memory ControlAutomatically trim
  physical memory consumption based on application
  events and states, such as application startup,
  idle, minimized and in the background. Releasing
  RAM back to the operating system enables a
  significant increase in user density or
  application instances.

28

• Virtual Memory OptimizationOptimizing the way
  Dynamic Link Libraries (DLLs) are loaded reduces
  virtual memory overheads and system paging is
  significantly reduced. Optimized DLLs are stored
  in a separate cache and loaded dynamically,
  leaving the original applications intact.
• Virtual Memory LimitsUser memory limits
  restrict the amount of virtual memory utilized.
  Users can be warned, or prevented from launching
  additional applications. Application memory
  limits can also be applied to individual
  applications giving greater control over virtual
  memory consumption.
• CPU Application Limits
• Define hard processor limits to control an
  applications access to the CPU. For example, an
  application limit of 70 ensures it cannot use
  more than 70 of the CPU.
• CPU Reservations
• Ensure applications are guaranteed CPU resource.
  For example, an application allocated 20 of CPU
  will get priority access to the CPU while it is
  using 20 or less of the CPU.

29

• Processor Affinity Assignment
• On multiprocessor systems policies can bind
  specific users and applications to processors
  allowing mission critical applications to run
  exclusively on a dedicated CPU.
• Statistical Analysis and Reporting
• Report on CPU, Memory and Disk usage at the
  process level on a per user or application basis.
  Tabular reports and graphs are used to report on
  defined events to show resource consumption and
  optimization.
• AppSense Configuration Templates
• Take full advantage of pre-built corporate
  policy best practice by importing AppSense
  Configuration Templates. AppSense Performance
  Manager is able to import an unlimited number of
  resource policy configuration policies and use
  these policies in combination. A selection of
  Policy Templates, such as BoostOffice to
  prioritize resources to the MS Office application
  set, is available from www.myappsense.com. This
  Template Library is maintained and updated
  frequently.

30

• Demo Time PM

31

• Any Questions?

32

• Thanks!