SysTrack Desktop Assessment, Part 2: Drill into Data with SysTrack Visualizer
In Part 1, I explained the basics of the free SysTrack Desktop Assessment tool, from VMware and Lakeside Software. Now, let’s dive into more details on the service and what can be done with the data collected during the assessment.
(If you missed part one, read it here first for an overview of the free SysTrack Desktop Assessment service.)
From the tool’s dashboard, you can open the SysTrack Site Visualizer to drill deeper into the data collected with SysTrack. (Mozilla Firefox is recommended as it is compatible with Microsoft Silverlight, which is required to show the various dashboard and data sets.) The first thing you will see is the Site Visualizer dashboard show in the image below.
This provides you with details on the “Assessment Status” (top left), all asset systems and users (top right), the concurrent on users per week (mid left), the top software packages per user count (mid right), as well as the user resource footprint (bottom right). Hover over the graphs for more details.
The left “Observations” list also gives you more granular details.
Visualizer Main Screen
The main screen of the Visualizer helps you easily navigate the data with the basics explained in the next section.
- Hover over the question mark on the top left to get detailed info on each section. (If you are like me—“who reads the manual anyway”—you can just follow the instructions below to get the basics and start working with the Visualizer.)
- Select the area of your choice on the left to open the view (e.g. computer performance).
- With the perspective pulldown, you can charge into different perspectives.
- Customize with the tiny settings icon on the right (3a) which lets you select the data shown.
- With the export function, you can export data sets and work with them outside the Visualizer, which helps you use the data even further.
- On the right filter section, you can filter against different criteria and search in data sets.
- On the top right, you can select different device groups you want to analyze.
The new GUI is straight forward to use. Now let’s get started.
The most details are collected in the “Observations” list, which is massively important to get to the last details on application or network.
Hovering over the observation list will reveal the explanation details. This provides a variety of information, which will help you to drill down into the last detail of the collected data and provide a deep understanding of computer concerns, application latency, system mobility and software packages (to mention only four of the more important ones). Drill into all the details you require to understand your target group for virtual desktop infrastructure (VDI).
I will give you some examples on how to narrow down the candidates from VDI.
To understand which systems are good candidates for VDI, you can start with that data set and change the perspective of the data set. The basic view looks like the image below.
By manipulating the perspectives or filter against the status, you identify the low-hanging fruit right away. In my example, I changed the perspective to “Systems with No Mobility or Device Needs” and then ordered the status, which reveals all systems not in use and USB drives or local printers that are stationary. In a next step, you can then focus on the systems which have some requirements, like local printing or USB access, which can be accommodated via PCOIP protocol.
All data sets can be exported as mentioned at the beginning and further aggregated, for example with Excel, and combined with another exported data set via pivot tables in Excel.
You can also start with “Application Latency” to determine which systems are good candidates for VDI.
In my example, I manipulated the perspective to “Application Server Latency” and ordered the data with the highest latency descending. This reveals the systems with the highest latency to backend systems.
In the connection column, you can see the communication to particular IP addresses, which helps to determine if the backend system is either internet-facing, like a Software-as-a-Service (SaaS) app, or internal-facing, like Exchange servers.
The whole point of VDI is delivering business applications to end users to be able to access them from any device. This section is essential to understand what your application landscape looks like, as well as the consumption of compute resources (CPU, memory, IPOS) to be able to size the user’s desktop for best user performance. Also, you’ll understand how many applications are running on your user estate, and this is often not easy, especially if the user can install software.
In some cases, a user will tell you that they need a particular application for their daily work, but in some cases, it is more a want than a need. (“My colleague has this, so I need it, as well.”)
To check on that, I changed my perspective to “Unused Software” to see the difference between installed and used software, with the column unused for 30, 60 and 90 days.
Here are some findings. I order by number of most installed apps, and I can see the “New Turnover System” is installed on 457 systems but was only used recently on 97. Assuming this is licensed software, this is a huge waste of licenses.
To drill down into the systems that used the software, double-click on the figure. It shows you the systems that used or did not use the software in each column, and can be exported.
As you may have noticed, with recent changes to the latest version, we now also have a risk analysis, which is great. The dashboard gives you a “30-day Risk Trend” divided into the below areas.
The observation section is comprised of 1) “Security Risk,” 2) “Systems with Risky Applications” and 3) “User Security.”
The “Security Risk” data set provides you with an indication of the security risk of systems based on different risk factors, like web browsing exposure and software update status. A high-level view of security risk by group is available from the dashboard. By changing the perspectives, you can drill into details on particular risks.
If you change the perspective to “Browsing,” it shows the internet browser component and the security risk, including web browsing exposure, non-standard browsers and Internet Explorer trusted sites.
Other interesting perspectives are “Access Control,” which reveals risks including expired passwords, virus scanner status, security events and more.
User Security Risk
This is my personal favorite. This shows you all the details around user security: passwords set to never expire, admin privileges, last password changes, as well as users that never logged on to any machine.
By changing the perspectives, you get more granular details: users with admin privileges, users that haven’t changed their password for 90 days or more or accounts that do not require passwords.
In my case, I change it to “Users with Passwords More Than 90 Days Old.”
That reveals that some users did not change their password for 5,601 days, and an admin user that did not change it for 4,188 days. This is a serious security threat!
The perspective “Accounts with no Logon during Last 21 Days” shows, in my example, that I have 1,001 accounts that did not log on between 17/10/2012–18/02/2013 after I exported them into Excel. So, I have a lot of cleanup in my Active Directory to do—luckily for me it is just demo data!
Get Started with SysTrack
The free 90-day desktop assessment from VMware and Lakeside Software offers great value with the SysTrack Visualizer and, in my opinion, is a mandatory tool if you move to VDI.
The data collected and the details reported give you all you need to make informed decisions on which users to target for VDI. It also puts you into a position to assess security risk in your environment and clean up your Active Directory objects that are not in use or no longer needed.