MylogStar 4

MylogStar is a specialized product for client operation log management.

Client operation logs are essential in implementing detailed user trail management to enhance your IT security.
MylogStar has a superb log collection ability to obtain accurate PC operation logs, regardless of physical or thin client operating environments.Its intuitive management screen allows you to manage and utilize the acquired PC operation logs efficiently.

Feature

Log Collection Ability

Log Collection Ability

When you perform log management, you cannot save or analyze logs as trails unless you have the necessary logs.
MylogStar acquires logs at the kernel level of the OS. This enables you to grasp the operations whose logs cannot be acquired by other log management products.
The acquired logs are highly accurate and can be utilized for information leakage prevention and work improvement.

Log acquisition at the OS kernel level

MylogStar acquires file operation logs at the kernel level of the OS.
This allows it to acquire logs for all file operations performed in accordance with the file system, regardless
of whether they are initiated via the GUI or CUI (command prompt). MylogStar can log the behavior
of the OS accurately without relying on any application or environment.

 Acquire information about 15 types of client operations

MylogStar can acquire all the logs needed for trail management, including those of login, logoff, and file operations.
For e-mails and web access, MylogStar monitors communication packets, which allows you to see what is done over the network.
MylogStar collects all the necessary logs.That is the first step in log management.

Computer logs
The powering on and off of a computer (“power on”, “power off”, “suspended”, and “recovery from suspension”) are recorded.
E-mail logs
The subject, mail source and destination addresses (FROM, TO, CC, and BCC), transmission and
reception times, mail body, file attachments, mail size, file attachment names, and number of file attachments are recorded.
Clipboard logs
The name of the application used for each copy operation and the contents of the clipboard (character strings and file paths) are recorded.
User logs
The login and logoff, actual operation time, and remote connection source IP address and host are recorded.
Web logs
The URL, page title, host name, acquisition time, and action (GET or POST) are recorded.
SSL and TLS are supported.
TCP session logs
Specified ports are monitored. When a TCP session is established, the source and destination IP addresses and the communication port are recorded.
Application logs
The product name, version, start time, end time,active time, and application name are recorded.
FTP logs
The destination address, destination port,source address, source port, FTP command,FTP command data, etc. are recorded.
Event logs
Windows event logs are acquired. Login failures, folder access failures, changes to the server OS settings, etc. can be recorded.
File logs
Files operations, such as creating new files in the local drive, network drive, removable drive,etc. and copying, renaming, and deleting existing files, are recorded. The logs of operations performed at the command prompt can also be acquired. The attachment and detachment of external devices are recorded. The file sizes are acquired.
Window logs
The title of the active window is recorded. The start and end times, as well as the active time,can be acquired.
Web mail logs
Gmail and Office 365 are supported. The subject, transmission time, TO, CC, BCC, mail body, etc. are recorded.
Printer logs
The document name, printer name, acquisition time, number of pages, application name,printed file path, etc. are recorded.
Screenshot logs
Screen images are recorded according to flexibly set conditions, such as at regular intervals (60 seconds to 8 hours), when the Print key is pressed, when a specific website is viewed, and when a file is uploaded.
Inventory logs
The information about the computer hardware and software is recorded.

Image of the MylogStar configuration

Log Utilization Ability

Log Utilization Ability

No one knows when the collected logs will be used. If an information leakage is suspected, it may be necessary to check the logs spanning the past several years. These logs are meaningless unless they are readily usable. Building on years of experience in providing specialized software for client operation log management, MylogStar offers easy-to-use operation management to users.

Easy-to-use management screen

The management screen of MylogStar is designed with your usage scene in mind, so you can check logs and configure various settings with ease. The use of the web console allows you to access the management screen anytime via a web browser without installing any management software to the administrator’s terminal.

Dashboard
You can check the MylogStar status at a glance,such as “alert notification”, “log transmission/registration”, and “server disk capacity”.

Log display
You can pick and view any necessary log, just as you do on an online shopping website.

Setting screen
The setting screen is designed so that you can readily find the desired item, making it easy to configure various settings.

A rich suite of functions

MylogStar comes with various functions necessary for log management.
These functions let you perform log management with greater ease.

 Functions

Search Group management Trace System date control
Collective log
data display
Backup/
restoration
Report function CSV output
(auto/manual)
Alert
(server/real time)
Log archive Message function AD linkage
PC monitoring for
mobile devices
Automatic
agent update
Management console
usage history
Administrator
authority setting

 Trace function

The trace function lets you track the use of a file from a specific file log. For example, a trace from a file log saved in a removable disk can reveal its original file. You can also trace the copy of a file from the file server to the local disk, as well as the renaming of a file, with ease.

Operating Environment Compatibility

Operating Environment Compatibility

An enterprise system has a mix of different environments operating in it. Such a mix may include a virtualized environment, a thin client environment, and even a foreign-language OS if your company has branches and affiliates overseas. MylogStar is designed to work even under such circumstances.

Support for thin clients

Image of VDI support

A growing number of companies are introducing thin clients to enhance information security and business continuity as well as to ensure more efficient
IT asset management. MylogStar supports thin clients as well, which eliminates the need to install an additional log system for the thin client environment. It enables integrated log management even if your existing environment (fat clients) coexists with the thin client environment.
MylogStar also supports the VDI configuration and thin provisioning environment, allowing you to acquire operation logs and grasp the usage status.
MylogStar can also acquire the computer names and IP addresses of connected terminals in the thin client configuration and display them in operation logs.

Company name Solution name
Citrix Systems Citrix Virtual Apps
Citrix Virtual Desktops
VMware VMware Horizon
Microsoft Remote Desktop Service
Microsoft VDI
Ericom Ericom Connect
Parallels Remote Applocation Server

Support for a foreign-language OS

MylogStar supports the English version Windows as well and can also be used in a multilingual environment. This allows integrated management of logs not just for domestic branches, offices, and factories but for overseas locations as well.

Support of a large-scale system

Building MylogStar Relay Servers enables up to 30,000 clients to be managed per server.

Log Analysis Ability

Log Analysis Ability

Using the log data stored in the MylogStar Server, you can create detailed reports. Analyzing these reports to examine the PC usage status of users from multiple angles gives you a set of indicators for enhancing your IT security. For example, the alert report and file take-out report helps you identify security incident trends. The computer usage status report enables you to grasp the login status on a department-by-department (or user-by-user) basis. You can also identify those clients that log in outside working hours such as on holidays and during the nighttime.

Report items

Alert report
This report displays a graph showing the alert occurrence status during a specified period of time for each group or
user (or computer).

File take-out report
This report displays a graph showing the number of files taken out during a specified period of time, as well as the ratio of each method employed, for each group or user (or computer).

Computer usage status report
This report displays the day-by-day computer usage status on a per-user or per-computer basis.

Application installation status report
This report lists the installed applications, allowing the administrator to see which applications are installed.

Work efficiency improvement and assistance options

MylogStar WorkRadar provides a work efficiency improvement report function that supports a company’s work style reform.

Case study

Phiten Co., Ltd

“We installed MylogStar because we highly evaluated its ability to collect all logs generated by PCs, including e-mails sent/received by desknet’s (a groupware product); and its good history of being installed in various companies IT systems.”

In 2005 April, when enforcement of the Private Information Protection Law began, Phiten Co., Ltd. (Phiten) was apprehensive that its customers’ private information might leak out through laptop PCs and USB memory devices used in the head office and/or in about 150 retail, “Phiten Shops”, which had spread nationwide. In 2007, after the company’s Operation Department System Management Section compared a number of log collection software products, they decided to install MylogStar (at that time, called “ALLWatcher”) which was provided by RUNEXY Corporation.

After installing MylogStar, the company became able to collect all kinds of logs generated by PC operations and was able to establish the foundations of private information protection. In addition, since the software can collect logs of laptop PCs and USB memory devices, the security structure against information leakage was complete. The workforce became security conscious toward PC operations and also became well motivated.

Problems and Results

Problems

  • Need to protect the private information of “Phiten Shop” customers.
  • Need to implement countermeasures to prevent information leakage from laptop PCs and USB memory devices.
  • Need to collect and manage logs to detect contributing factors when information leakage cases occur.

Results

  • Established the foundation of private information protection by collecting all logs from the company’s 600 PCs.
  • Improved IT security by periodic inspections of laptop PCs and USB memory devices.
  • Achieved compliance and motivated company members.

Installed MylogStar in 600 PCs Aiming at Perfect Protection of Customers’ Private Information

In 2007, the Phiten Operation Department System Management Section maintained and managed 600 desktop PCs and laptop PCs in total. The section had already introduced a content filtering tool to control Internet access as a security measure and prohibited employees from visiting irrelevant websites.

Regarding e-mail, it had collected sending logs in its Simple Mail Transfer Protocol (SMTP) server and conducted regular inspections on e-mail addresses and subject lines sent from the company’s PCs.

In addition, almost all the PCs already had anti-virus software installed. It could be said that the general security measures were complete.

However, Phiten, which had developed around 150 “Phiten Shops” all around the country, was apprehensive the customers’ private information could be leaked from laptop PCs and/or USB connecting memory devices used by their sales personnel. Implementing countermeasures against such incidents was an urgent business.

Under the circumstance, the Operation Department System Management Section started to a study of several software products to find out which one could enable the company to collect all logs including those generated by laptop PCs and USB-connecting memory devices so that they could find the contributing factors immediately if private information leaked out.

After the section compared competitive software products, they chose MylogStar which can collect 16 kinds of logs* (including optional functions) and installed the software in the company’s 600 PCs.

    * English version can collect 13 kinds of logs

The Decisive Factors of MylogStar Were the Variety of Collectable Logs and the Easy Operation

MylogStar, which Phiten decided to introduce in the company’s IT system, can collect 13 kinds of ordinary logs and 3 other special logs using optional functions. The 13 types of logs normally collected include login/logoff, operations of applications, files a user accessed, filing operations, e-mails, accesses to the Internet, File Transfer Protocol (FTP), screen images at certain times, Transmission Control Protocol (TCP) sessions, and Windows events; and the 3 types of logs that optional functions collect are inventory information, e-mails sent/received by web mails, and messages sent/received by instant messaging.
Mr. Seiji Horiba of the Operation Department System Management Section said, “The reasons we chose MylogStar were that the software collects many types of logs including e-mails sent/received by desknet’s, a groupware we have used, and web mails, and the software also has a good history of installations.”

Ms. Fumiko Maki, also of the Operation Department System Management Section told us, in addition to the satisfactory kinds of collectable logs and the good history of being installed in 700 companies (200,000 clients in total), there were other reasons for choosing MylogStar;

“The Functions provided by the software are important; however, when choosing a certain product, the user interface is even more significant. If the software does not provide easy access, it is useless even though the software provides plenty of functions. On that point, MylogStar is more useful than other competitive products, and we are satisfied with the function that allows us to collect e-mail logs. Also, we can conduct log retrievals efficiently since the software can save frequently asked search criteria so that we do not need to input the same keywords again and again.”

In terms of cost effectiveness, the balance of the price of the product with the accuracy of log data the software collects made it the most competitive product, and that was one of the reasons for the installation.

Established an Secure Foundation of IT Security and Motivated the Workforce

At the beginning, Phiten set goals to be achieved with MylogStar as follows;

Purpose of the Installation

  • Collecting all logs generated by all operations on all PCs to improve the security level.
  • Detecting security threats as quickly as possible to implement countermeasures against the threats swiftly and on a top priority basis.
  • Implementing the best security measures at a low cost.
  • Focusing on sent/received e-mails, operations of applications, and filing operations, and carrying out periodic inspections.

After installation, what kind of results has MylogStar produced?

Installation Results

  • One of the issues brought up was to improve security levels of laptop PCs that were used for marketing activities mainly outside the company’s network. Since MylogStar can collect all logs generated by all PCs including laptop PCs and manage them in one network, the company could achieve the security level that allows secure handling of customers’ private information. In addition, with the optional log collecting functions the software provides, the company became able to centrally manage the logs of their standalone PCs.
  • No big problems have occurred yet. But a framework for dealing with security problems has been complete.
  • MylogStar was able to provide Phiten the ability to collect all the logs the company requires to achieve a satisfactory security level at a low cost.
  • By analyzing the e-mail logs the software collects, Phiten could get a handle on the actual number of spam mails and got rid of most of them by introducing an anti-spam program. Phiten also could learn the patterns of information sharing by staff through e-mail, and this gave the company good material for studying the more beneficial ways of information sharing.
  • Phiten regularly retrieves logs of used applications to make sure that inappropriate applications, which are excluded from the company’s standard, are not used.
  • Phiten became capable of observing the records of transfers and updates of files on shared folders by tracing the filing operation logs.
  • Personnel’s motivation toward information security and compliance were improved after installing MylogStar.
  • Windows event logs are managed centrally by MylogStar, so the company now can be aware of PC errors occurring in remote areas and utilize this information for maintenance and refinement.
  • The Operation Department System Management Section submits log records, such as records of, active windows, to other departments for periodic inspections.
    As observed above, the actual effects of installing MylogStar were even more profound than the company expected. Phiten is now planning to apply the alert functions and prevention/limitation of applications function that MylogStar can provide.

The Structure

MylogStar導入PC:600台 スタンドアロンPCの操作ログもPorter Optionを利用して回収し、MylogStar Serverに取り込んでログの一元管理を行う。

The General Information about the Customer

phiten

Phiten Co., Ltd

Phiten Co., Ltd was established in 1983 and has developed businesses for the purpose of “Supporting People’s Health”. The company exploited various materials developed by its own technology for dispersing metals such as titanium, gold, and silver; water-soluble at nano-levels. By utilizing those metals’ qualities, the company succeeded in drawing out the “natural healing ability”, which humans originally possess, and to relax human bodies. Phiten sells products which are related to sports such as: Phiten necklaces and bracelets (Rakuwa necklaces and bracelets), tapes, jells, and aqua-titanium supporters. In addition, the company provides various kinds of products and services such as: health food and goods, supplements, drinking water, cosmetics, hair care products, and medical devices. Three of them including “The Phiten titanium necklaces (Rakuwa necklaces)” are licensed by Major League Baseball (MLB) in the U.S. as official goods.

URL : http://www.phiten.com

Contact Information

Contact the following email address regarding to sales, product, partnership, etc.

Address

Head Office:
11F, Iwanami Shoten-hitotsubashi Bldg.,
2-5-5, Hitotsubashi Chiyoda-ku, Tokyo 101-0003 Japan
Phone: +81-3-6261-4711

Niigata Office:
1-7-10 Higashi Ohdohri, Chuo-ku, Niigata 950-0087 Japan

MylogStar Division
E-mail: mls_en@runexy.co.jp

MylogStar Trial and detail

Please contact us by following email address if you need detail information about MylogStar or if you want to evaluate MylogStar.

MylogStar Detail information

We will provide detail informtion of MylogStar in English.

MylogStar Evaluation Kit

We will provide informtion to evaluate MylogStar in English:
MylogStar Network Edition in English
Evaluation Guide in English

MylogStar Division
E-mail: mls_en@runexy.co.jp