uberAgent 6.1: Citrix Cloud, DNS Query & WiFi Connection Monitoring, Authenticode Verification
We are happy to announce the newest version of our user experience monitoring & endpoint security analytics product. uberAgent 6.1 introduces new and exciting features for UXM as well as ESA.
For a full list of changes, please consult the release notes. As always, upgrading is highly recommended (instructions).
Citrix Cloud monitoring is uberAgent’s new capability to monitor the Citrix Virtual Apps and Desktops (CVAD) control plane in Citrix Cloud. This is an interesting feature for customers who are not hosting delivery controllers on-premises but leveraging Citrix Cloud instead. See this blog post for details on Citrix Cloud monitoring.
WiFi Connection Monitoring
uberAgent’s WiFi connection monitoring keeps track of the relevant quality and security parameters of the WiFi network through which a user’s endpoint is connected to the internet and/or the corporate network.
Why Monitor WiFi Connections?
With more and more users working from home or other locations outside the office, the WiFi connection becomes a critical part of the network. When a home office user is suffering from application performance problems, the root cause may well be a badly placed access point. Businesses need to be able to identify connectivity issues not only in the corporate network but also in the home office.
See this blog post for details on WiFi connection monitoring.
Authenticode Signature Verification
Authenticode signature verification is uberAgent’s new capability to check if executables have valid code signatures. It helps answering the following questions:
- Is an executable digitally signed?
- Is the signature valid?
- Is an executable signed by Microsoft?
- What is the publisher name of the executable?
See this blog post for details on Authenticode signature verification.
DNS Query Monitoring
DNS query monitoring is a useful technique in any IT security professional’s arsenal. This is because DNS is a base technology nearly all network communications rely on. uberAgent now tracks all outgoing DNS requests on the endpoints. That enables security professionals to detect unusual or malicious domains and DNS data exfiltration. See this blog post for details on DNS query monitoring.
uberAgent 6.1 comes with dozens of additional improvements and fixes, e.g.:
- Process startup and network monitoring metrics as well as information about SSH sessions for macOS (details).
- Event data filtering on the endpoint (details).
- More metrics for Citrix ADCs like ICA and VPN usage, better SSL vServer and session monitoring as well as hardware counters like CPU temperature for MPX models.
- Filter capabilities and support for multi-tenancy for the Experience Score dashboard.
- Many many more enhancements and bugfixes.
The uberAgent product family offers innovative digital employee experience monitoring and endpoint security analytics for Windows and macOS.
uberAgent UXM highlights include detailed information about boot and logon duration, application unresponsiveness detection, network reliability drill-downs, process startup duration, application usage metering, browser performance, web app metrics, and Citrix insights. All these varied aspects of system performance and reliability are smartly brought together in the Experience Score dashboard.
uberAgent ESA excels with a sophisticated activity monitoring engine, endpoint security rating, the uAQL query language, detection of risky activity, DNS query monitoring, hash calculation, registry monitoring, and Authenticode signature verification. uberAgent ESA comes with Sysmon and Sigma rule converters, a graphical rule editor, and uses a simple yet powerful query language instead of XML.
About vast limits
vast limits GmbH is the company behind uberAgent, the innovative digital employee experience monitoring and endpoint security analytics product. vast limits’ customer list includes organizations from industries like finance, healthcare, professional services, and education, ranging from medium-sized businesses to global enterprises. vast limits’ network of qualified solution partners ensures best-in-class service and support anywhere in the world.
Your email address will not be published. Required fields are marked *