The Ziften Technical Approach For Client Management – Chuck Leaver

Written By Dr Al Hartmann And Presented By Chuck Leaver Ziften CEO

 

There has traditionally been a lack of visibility on Windows clients of the applications that are running and the resources that are being utilized. There are good tools around to monitor the server infrastructure and the network, however the client has actually always been the weakest element. This is why vendors such as Ziften have actually originated a new class of solutions that are focused on the management of security and the performance of clients in the enterprise, and this is referred to as enterprise client management. Speaking from a technical standpoint, in order to collect the substantial amount of info that is offered within Windows that is needed to supply visibility of the client, there were 2 alternative methods that required consideration. We might have created custom driver code or utilized the basic API’s in Windows.

The development of driver code is considered as a last option because there are some well known concerns:

An in depth understanding of the Windows kernel data structures and coding conventions is required for driver development

Driver incompatibilities can exist even with the smallest of system changes, for example with the month-to-month patch updates from Microsoft

A devastating system crash can occur if there is a driver code issue

3rd party driver code triggers the majority of the instabilities in Windows

Any solution that uses low level drivers in their agents don’t use basic Windows interfaces and they will “take control” from Windows. This can produce havoc with the os of the desktops that are under management. If a driver stops working then it can crash the system and there is likewise a heightened security danger as these drivers perform at kernel level. “Anything a user can do that causes a driver to breakdown in such a way that it causes the system to crash or become unusable is a security defect. When most developers are working on their driver, their focus is on getting the driver to work properly and not whether a destructive hacker will attempt to make use of holes within the system” stated Microsoft about driver security.

So Ziften took the approach of developing our solution around standard Windows user interfaces, which has the following advantages:

Greater resilience to Windows updates and modifications that are likely to need driver changes

Driver conflict susceptibility that can result in system crashes eradicated (Blue Screen of Death).

The probability of coding issues that affects system performance through the kernel user interface is decreased.

 

~leaverchuck1


No Responses Yet to “The Ziften Technical Approach For Client Management – Chuck Leaver”

Leave a Reply