ObserveIT Architecture:
Monitor Remote Access and Local Access
Core Architecture
The ObserveIT Agent is installed on each monitored server. The Agent captures data (screenshot and metadata) for every user action. Metadata includes info on the state of the operating system and the application program being used, which allows ObserveIT to precisely identify what the user is doing. By default, the Agent communicates with the Management Server via HTTP POST (TCP port 80). All content is encrypted. The Agent architecture includes a Watchdog service to prevent it being shut off.
The ObserveIT Management Server is an ASP.NET application in IIS that collects all data delivered by the Agents, where it is analyzed and sent to the Database Server to be stored and indexed. The Management Server communicates with the Agents for configuration update. It also can integrate easily with LDAP for user validation, with SIM to link video replay from within textual log file listings, and with Network Management systems to allow for system alerts and updates based on user activity.
The ObserveIT Web Console is an ASP.NET application in IIS that serves as the primary interface for accessing information (video replay, reporting, etc.) in ObserveIT. It is also used for configuration and administration tasks. Config data is also stored in the Database Server. The Web Console includes granular policy rules for limiting access to sensitive data.
The Database Server is a Microsoft SQL Server database that stores all configuration data, metadata and screenshots captured by ObserveIT Agents. Both the Management Server and Web Console apps connect via standard TCP port 1433.
Web Console Isolation
If there is a need for separating the ObserveIT Application Server components from the ObserveIT Web Console component, you can install these components on separate servers. This is a common requirement for enterprise-size implementations, achieving Agent isolation from a management perspective.
Large Enterprise-size Deployment
For large enterprise-size implementations of ObserveIT consisting of more than one thousand monitored servers, where there are also high-availability and redundancy requirements, you can install two or more servers running the ObserveIT Application and the ObserveIT Web Management Console, using a Load Balancing solution. In addition, ObserveIT works smoothly with any cluster-based implementation of Microsoft SQL Server.
Remote vendor and remote privileged user gateway
For remote vendor and remote privileged user access, a common deployment scenario utilizes a VPN/SSL-VPN plus Citrix/Terminal Server combination. In this scenario, remote users will use a VPN remote connection. Once logged in, they connect to the Citrix / TS server. On these machines, the administrator can publish either just the applications required, or the entire desktop, based on the company's security policies. The ObserveIT Agent is thus installed on the TS / Citrix server gateway, but captures the remote session activity no matter what server is eventually accessed.