Data Center is our focus

We help to build, access and manage your datacenter and server rooms

Structure Cabling

We help structure your cabling, Fiber Optic, UTP, STP and Electrical.

Get ready to the #Cloud

Start your Hyper Converged Infrastructure.

Monitor your infrastructures

Monitor your hardware, software, network (ITOM), maintain your ITSM service .

Our Great People

Great team to support happy customers.

Wednesday, March 27, 2013

Penggunaan SDP, dari helpdesk hingga frontdesk

Dalam tahun ke 8 kami memegang produk ini, hal menarik kami temukan. Yang pertama adalah pengguna sistem helpdesk sekarang tidak hanya lingkungan IT saja, melainkan telah meluas ke bidang lain.

Kami menemukan beberapa kenyataan penggunaan meluas dari ServiceDesk Plus yang digunakan tidak hanya untuk support user di lingkungan IT, tetapi juga di unit kerja lain. Ada beberapa yang menggunakannya untuk Call Center untuk mendukung customer. Ada yang menggunakannya untuk unit frontdesk yang berhubungan langsung dengan nasabah / customer. Bahkan ada yang menggunakannya untuk lingkungan General Affair untuk menangani request / permintaan barang. Bahkan ada yang menggunakannya untuk meminta layanan supir.

Wow. Sisi kreatifitas dari sistem telah dikembangkan sedemikian. Dengan sistem yang baku pun, tidak perlu banyak customisasi, sistem ServiceDesk Plus telah digunakan dan dieksplorasi melebihi yang kami pikirkan.

Yang kedua, Zoho dalam beberapa tahun semakin memperkuat produk. Salah satunya menghilangkan produk FacilitiesDesk yang sekarang kemampuannya digabungkan dengan ServiceDesk Plus.

CMDB Services

Inti permasalahannya adalah inventori aset. Ini yang menjadi pemikiran awal penggabungan kedua produk. Kemudian, keduanya mempunyai fungsi yang hampir mirip. Sehingga manajemen aset hingga penjadwalan maintenance dapat dilakukan dari ServiceDesk Plus.

Yang ketiga, perkembangan produk ServiceDesk Plus yang semakin powerful. Kami memonitor sekarang tidak hanya penggunaan ITIL yang semakin meluas, tetapi juga dimasukkan fungsi manajemen proyek. Tidak menutup kemungkinan banyak fitur lain yang sedang dikaji dan bisa dimasukkan dalam roadmap pengembangannya.

Intinya, kami cukup puas dengan pengembangan dan penggunaan SDP selama ini, semoga semakin baik perkembangannya untuk semua.

Mengontrol USB Devices di Desktop Central

Control USB Devices

Block/Disable USB Devices in the Network

Today, the usage of portable devices is a growing reality. It poses two main concerns to organizations: a threat of data theft and the possiblity of viruses and Spyware these devices can bring into the network.
Desktop Central's Secure USB feature would help administrators limit the scope of USB device usage, selectively based on the various roles and departments. Secure USB feature enables administrators to centrally control the usage of various USB devices in the network by blocking/disabling the USB devices to prevent unauthorized download and upload activities through these local computer devices. The restriction can be set both at the computer level and at the user level, providing more levels of security. With Desktop Central, you can now effectively reduce data theft, reduce virus threats and increase compliance to regulatory standards.

Supported USB Devices

Desktop Central currently supports enabling or disabling the following USB devices for users and computers:
  • Mouse
  • Disk Drive
  • CD-ROM
  • Portable Devices
  • Floppy Disk
  • Bluetooth
  • Image
  • Printer
  • Modem

USB Device Audit

As an IT staff you face a cumbersome task of analyzing usage of pen drives, CD’s or any other portable storage devices that might jeopardize company’s information. So, it is always better to have a record to audit. Desktop Central, an agent based software helps you to track the usage of USB devices with time duration in the network. You can access to information such as:
  • Device Name
  • User Name
  • Device Type
  • Time duration
  • Manufacturer, etc. for a complete understanding.
You can choose either summary or a detailed view that enables to fetch rich information and can be exported to CSV file or PDF report immediately for further analysis.

Update terbaru dari Desktop Central 8 Build 80226

 We are happy to announce the latest hotfix to Desktop Central 8 - Build 80226.
Here's the complete list of enhancements & bug fixes over previous hotfix:


  1. USB Audit, a new feature, has been added to audit the usage of USB devices in the network.
  2. A new profile to configure the Access Point has been added for iOS devices.
  3. Ability to restrict the access of data based on its ratings has been included for iOS devices.
  4. Patch Scanning has been optimized to reduce the CPU/memory usage and scanning time.
  5. Patch Deployment has been optimized
  6. System Manager, a new feature, is added to view the currently running process and services of remote computers.
  7. SoM policy is enhanced with options to sync only the modified data and sync all data.
  8. You will now be able to query the Postgres database used by Desktop Central programatically.
  9. Query Report has been enhanced to fetch reports for the current month.
  10. You will now be able to customize the email content for Enrollment and App Distribution notifications.
  11. ServiceDesk Plus can now share the warranty information from Desktop Central inventory in integrated mode.
  12. Now, software configurations can be installed/uninstalled using logged on user's privilege.

Bug Fixes

  1. Issue in deploying patches to a "dynamic custom group" has been fixed
  2. Issue in showing a long number for the "Next Inventory Scan" in Desktop Central Tray icon has been fixed
  3. Issue in sending truncated content in a help desk ticket when the content has a colon (':') has been fixed
  4. Issue in showing duplicate computers in SoM page has been fixed.
  5. Issue in fetching scheduled report for computers with/without a specific software has been fixed.
  6. When a configuration is modified and redeployed, the configuration was saved as a draft instead of getting deployed. This has been fixed
  7. When a custom group is chosen as one of the targets to a configuration, issue in retaining the target when the configuration is modified has been fixed.
  8. Issue in saving a configuration with failed targets from an existing configuration has been fixed
  9. Issue while installing the hotfix has been fixed.
  10. When you have integrated Desktop Central with ServiceDesk Plus, issue in displaying the Software Packages under the Software Deployment tab has been fixed
  11. While executing batch file in Software Deployment, "incorrect function" issue has been fixed.
  12. Issue in displaying duplicate printers in Inventory has been fixed.
  13. Issue in wrongly detecting computers in "Global Exclusion list" under Prohibited Software has been fixed.
  14. Issue in logging into Desktop Central using Active Directory credentials in specific cases has been fixed.
  15. Invalid entries found in Desktop Central event message under "Windows Event Viewer" has been fixed.
  16. Issue in removing an Email or Exchange Active Sync profiles from a device has been fixed.
  17. Issue in fetching machine type for Lenovo computers to verify the warranty details has been fixed.
  18. Issue in distributing paid Apps to more than one device has been fixed.
  19. Issue in removing one of the domains from the target by modifying a deployed patch configuration has been fixed.
  20. While using Windows XP operating system, issue in not displaying chat window and configuration in progress window has been fixed.
  21. When a user has logged on to multiple computers, issue in fetching the list of computers has been fixed. Ability to search computers from the list is also added.
  22. Issue in loading SoM policy page has been fixed.
  23. Issue in applying cookie settings for Safari browser has been fixed.
You can download the Hotfix and install as per the instructions provided there.
To download complete product , which includes these enhancements, visit our website.

Auditing USB Device Usage Capability Added

Now, Desktop Central is equipped with USB device auditing feature that helps you to retrieve information about the usage of pen drives, CD’s or any other portable storage devices that might jeopardize company’s information. Learn More >>

Mobile Device Management for iOS Enhanced

Mobile Device Management for iOS devices has been enhanced to configure the access point that a device should use for Wifi connections and to restrict viewing data based on its region-wise ratings.

Hot Topics

Here are some useful discussions from our user forums and blogs:

Related Products

What's Cooking

The features in our roadmap that are currently under development include:
  • Patch Management for Mac OS
  • Advanced User Access Control

Quick Links

Monday, March 25, 2013

Apa yang diproteksi, di monitor dan di test ??

Business priorities: what to protect, monitor and test

Peter Wood

Information security and IT professionals are being swamped with new challenges that appear to have no easy answers. 
Cloudsocial networking and bring your own device (BYOD) are obvious concerns, and there are many more equally complex scenarios. Yet budgets and resources are limited. 
How do you decide what to focus on? Which systems need additional protection or monitoring? What should we test and how?
The business wants to take advantage of the cost savings and convenience of cloud, the flexibility and productivity of BYOD and the sales and marketing benefits of social networking. 
Security staff want to ensure the business is safe from data breaches, secure against attack and compliant with relevant legislation
If we are not careful, the divide between the business and IT and security will get wider and the organisation will find itself at even greater risk.
All too often, there is also a lack of commitment from senior management. Information security people are told they need to communicate in terms that the board and C-level executives can identify with, yet they are unsure how to do this without losing the critical messages.
There is an approach that will help you identify those areas that urgently need attention, and what the real threats may be and why. As a very attractive by-product, this plan will also help the business understand the risks and encourage them to be part of the solution, not the problem.
Anyone who has worked in security for even a short time will be familiar with threat and risk analysis. Yet how often do information security professionals involve the business in this process, or even follow a formal process at all? 
Figure 1: Workshop flow

Run a roundtable workshop to identify threats

Here is an alternative that is simple to implement, yet highly effective: by organising a roundtable workshop to identify real threats and real impacts, we can demonstrate the risk and educate our audience in one hit. 
You will need a strong facilitator with good security skills to steer the workshop, and representatives from the relevant business departments to participate.
Figure 1 shows the flow of activities for the workshop – this is not rocket science to a security professional. This is your planning tool to make sure the workshop is relevant and produces the desired results. Let’s imagine the business wants to implement a cloud-based HR management system. This is the scope and focus of the workshop.
Next we need to assign the proposed system a business impact level. In this case it will be the human resources representatives, guided by you, who decide how significant an exploit resulting in compromise would be. 
Using a simple scale of one to five for each of confidentiality, integrity and availability means that you can give a value to help determine the severity of a potential breach:
  • Level 1: Negligible impact
  • Level 2: Limited consequences
  • Level 3: Significant impact
  • Level 4: Very high impact, requiring external assistance and possible financial support
  • Level 5: Major risk which seriously endangers business processes and prevents continuity
Figure 2: Threat levels

Threat actors

The next stage is to identify "threat actors" for this system (Figure 2). Working from a standard list, you can produce a table of potential threat sources, including users, administrators, service providers, developers, etc. 
For each actor, assign a capability rating from 1 (very little) to 5 (formidable), and a motivation level from 1 (indifferent) to 5 (focused). This permits you to assign a threat level to each actor, as shown in Figure 3
Combine the business impact level with the threat level and you can determine the overall risk for each type of threat (Figure 4).
Figure 3: Example threat actor analysis
Now you discuss the types of compromise that each threat actor might attempt which could result in a compromise of confidentiality, integrity and availability and give each a risk ID number. This is the step that needs a strong facilitator to ensure that the group does not spend too long discussing each potential attack. 
It is essential that the most common types of compromise are considered and ranked. Figure 5 shows an example for one type of threat actor (note that FoI means focus of interest – in other words, the system under consideration).
Figure 4: Risk levels
Taking the results of the workshop you can now prioritise the risks for this system and group together similar types of compromise (Figure 6). 
Your workshop participants have been part of the journey, helping identify the threats and risks and taking ownership of the potential effects. This means that they will allow you to focus on the most significant threats and even help to decide how to manage them.
Figure 5: Example risks for one threat actor
This process will identify which threats may need to be simulated in a penetration test and why. It will highlight the systems that require closer monitoring and provide the justification for additional controls where appropriate. 
By working through real examples, debating the likelihood of compromises and agreeing the potential consequences to the business, you have created a story which the workshop participants understand and can identify with. You are no longer presenting hypothetical scenarios with little or no resonance to the enterprise.
Figure 6: Example partial prioritised risk list
Once you have run this type of workshop a few times, you will not only find it easier to identify which risks are worthy of your attention, you will also have more business people educated on why security is so important. 
The result will be a more risk-aware organisation and much less resistance to the controls and tests that we know are so critical to keep the business safe.

Peter Wood is chief executive officer of First Base Technologies LLP

Open source network monitoring: SLAs push network pros to new tools

Open source network monitoring: SLAs push network pros to new tools

By Heather Clancy, Contributor
As virtualized infrastructure and cloud computing force businesses to reevaluate the broader issue of acceptable network service levels, open source network monitoring tools are attracting heightened interest.
Both network administrators and open source advocates say the flexibility these tools promise at a relatively reasonable cost has made them a viable alternative to software offered by some of the largest enterprise technology companies.
"When I first needed a network monitoring tool, I had no funding for a commercial alternative," said David Nalley, a Unix administrator for document management solution provider KeyMark in Liberty, S.C., who uses the Zenoss open source management tool.
Zenoss, which recorded a 150% increase in revenue during 2009, counts 300 enterprise customers and more than 1 million downloads of its Zenoss Core open source project code. Another well-known player is Nagios, which has inspired a community of more than 1,700 add-ons that IT departments can use to assemble an application specific to all the unique nuances of their particular network.
Everyone's infrastructure is just a little bit different; and with open source, I can usually find ways to make templates and replicate changes in ways that aren't complicated.
Philip Martin,
director of client servicesSymbio Systems
Actually, there are literally dozens of different open source projects focused on the problem of network monitoring. Snort, developed by Sourcefire, boasts 270,000 registered users and millions of downloads. Cacti works with MySQL to provide network graphing. The Stanford Linear Accelerator Center provides a list of open source network monitoring tool projects that is updated relatively frequently.
Open source network monitoring tools enable monitoring fine tuning
Beyond price, users are as attracted to the ability to tailor these tools to their specific networks and applications and bounce those ideas off others in the open source community.
"The software offers a level of customization that doesn't exist in more traditional commercial products," Nalley said. "The other thing is that unlike most of the proprietary products, there is an incredible community. There is always someone there to help."
Customization capabilities could come in the form of supporting devices and technologies particular to the KeyMark network, he said, or in the ability to create scripts that test the performance of certain applications.
Ethan Galstad, president of open source monitoring provider Nagios Enterprises in Minneapolis, said the traditional motivation for Nagios users and customers is flexibility -- their ability to monitor not only more common infrastructures such as the gamut of Windows servers but also devices and equipment that aren't supported by some of the well-known prepackaged systems management tools. Nagios is well known among the education, financial and healthcare industries, Galstad said.
More on open source network monitoring tools
Open source network monitoring reaches for the enterprise

Open source networking monitoring: Benefits and a few challenges

Open source network monitoring and management tools

Open source network tools guide
Philip Martin, director of client services for Symbio Systems, an outsourcing company in San Jose, Calif., works with Groundwork Open Source, which has built an open source network and infrastructure product called Groundwork Monitor by combining features of various tools from the open source community.
"Everyone's infrastructure is just a little bit different; and with open source, I can usually find ways to make templates and replicate changes in ways that aren't complicated," Martin said. "I can be confident that I can change something as my network changes."
So, for example, as new equipment is added or new applications are deployed, this shouldn't get in the way of effective monitoring.
Answering the SLA call with open source network monitoring tools
Another driving motivator for companies to invest in open source network monitoring tools is the emerging need to prove a higher level of accountability and monitor against service-level agreements (SLAs). Networking teams find themselves monitoring SLAs that are part of contracts for software as a service (SaaS), such as, and even living up to internally created SLAs as they build out their own clouds.
"Application monitoring and reporting has become crucial," Nalley said. "I care about [whether] the machines went down and why; my boss wants to know if we achieved certain uptime requirements."
Open source tools can communicate with everything from environmental monitoring devices that keep tabs on the load being supported by HVAC to e-commerce and Web applications that cannot tolerate a moment of downtime.
"The cloud is really pushing people to consider open source. Application monitoring becomes really important during this transition. So many more applications are obviously both inward-facing and outward-facing," said Peter Jackson, CEO of San Francisco-based GroundWork.
Prepackaged tools weren't necessarily designed to deal with environments that are constantly changing, noted Mark Hinkle, vice president of community for Zenoss. There are more than 175 extensions for the Zenoss tool, he said. "We're flexible enough to monitor whatever you want."
Less cost, more work in open source network monitoring tools
Open source vendors and users also say cost has become a much bigger factor over the past six months, as IT departments look to streamline operating budgets. Community editions of open source are technically free, of course, but commercial versions carry a price tag pinned to receiving upgrades and some level of support. The commercial editions of Nagios, for example, typically run from $600 to $1,300. Pricing for software from the big-name network management software vendors is a more complicated proposition, one that varies with the assets being managed. Costs can easily mushroom into thousands of dollars per organization, according to network managers.
Customization would carry another fee, which is one potential drawback of open source network monitoring tools. "With a traditional monitoring or alarming vendor, I would expect what I get to be really, really easy to use," Martin said. "I would expect support, because I am paying for it. And I would expect there to be more stringent developer controls on the products. Sometimes you get divergent coding standards."
Nagios' Galstad cautions that organizations may need a highly technical person on staff to extend his commercial platform, which he believes "hits about 90% of what they need out of the box."
"There's more onus on you to make things work when you are dealing with true open source," Nalley added. "You have to invest the time to do things yourself. On the other hand, you end up knowing your environment a lot better."
02 Mar 2010

7 tantangan dalam network traffic monitoring

Top seven network traffic monitoring challenges

Richard Bejtlich

Network traffic monitoring is often touted as a way for enterprises to meet performance, security and compliance goals. But implementing network traffic monitoring tools can also pose a series of challenges that range from difficulty in creating network baselines to trouble finding the right tools and strategies for monitoring content in a proxied environment.
Here are the top seven networking traffic monitoring challenges:
Challenge 1: Network baselines. Frequently network and security practitioners hear that the start of any network-centric project is to baseline the network. Just what is this supposed to mean? Simplistic approaches concentrate on bandwidth utilization over time, typically focusing on spikes and troughs. Some try to describe traffic in terms of protocols and port numbers. More advanced approaches try to classify traffic according to flows or even content. Regardless, there is no single accepted taxonomy for creating a network traffic baseline.

Challenge 2: Topology, locating the problem. If the network baseline challenge is related to traffic passing a single monitoring point, this involves multiple locations. By placing instruments in enough locations, it should be possible to visualize the network based on observed traffic patterns. Doing this in an automated way would prove extremely useful to network administrators and defenders.
Challenge 3: Visualization at scale. Trying to meet the two previous challenges is likely to be possible when the networks involved are small to midsized. In truly large networks, analysts are likely to begin reaching the limits of some tools to digest and render network data. Tools which comfortably depict dozens or hundreds of nodes face severe limitations when working with thousands or millions of nodes.
Challenge 4: Knowledge management. As techniques and tools derive information from network data, it's often the analyst's responsibility to derive knowledge from the information. But how should the analyst capture that knowledge? Consider the "simple" problem of applying tags to network flows. Depending on the data set and the classification involved, tagging individual items in a packet or flow record can be difficult. Still, analysts should have a way to annotate network information for their benefit and the benefit of their teams.
Challenge 5: Privacy. Too many network tools assume the user is fully privileged. In other words, rarely do tools recognize that analysts might have to limit their activities in order to meet privacy or other regulations. Historically, lawful intercept tools have tried to honor these restrictions by applying filters to include or exclude certain traffic. That approach is too crude to handle modern protocols, especially when a large percentage of traffic is carried using HTTP. Entire methods for meeting privacy concerns are needed.
Challenge 6: Mixing and matching record types. IP addresses are an important element of network traffic but, increasingly, content is becoming more significant. Anyone working in a heavily proxied enterprise will appreciate this problem. Network flows between proxies are almost useless. With the rise of proxy-in-the-cloud solutions, network tools will need to spend more time looking at HTTP requests in traffic to the proxy. Associating these "level 7" records with the mixed "level 3" records from the original host can complicate analysis.
Challenge 7: Not another platform. The final obstacle involves how to extract value from network traffic. Countless vendors are likely to read this article and reply: "Drop my box on your network!" Unfortunately, this response reflects a lack of appreciation of the limits imposed by many IT organizations on deploying new equipment. Often, IT staff must cajole and plead to deploy the hardware currently watching network links. Some of those same deployments also required signing elaborate agreements concerning the nature of the work done at those sites. Ultimately, it can be unrealistic simply to add yet another appliance to a link of interest. Rather, networking teams should be willing to consider deploying their tools and techniques to open platforms so they can devise and deploy their own network appliances. In fact, they should be unwilling to spend any effort installing closed vendor platforms.