1. Field of the Invention
The present invention relates to command center forensics (“CCF”) that saves sessions of users who connect to servers through keyboard, video and mouse (“KVM”) switches. The reason for saving the KVM sessions is for purposes of trouble shooting, enabling failure analysis, auditing, logging, ensuring privacy, providing security surveillance, and facilitating maintenance. The KVM session includes keystrokes, mouse actions and full-motion video output of the server as well, e.g., KVMoIP (KVM over Internet Protocol) data. A viewer application is then used to view the captured files later.
2. Description of Related Art
In the event of a problem with server security, changes and/or data loss may arise. It would be desirable to have a saved KVM session that shows who and how the data was compromised.
In the event of a problem with server maintenance, a system administrator performing upgrades or other kinds of software maintenance on the server may cause a failure or error. It would be desirable to have a recorded KVM session that can easily show the exact steps taken leading to the failure of the server.
The inventors are unaware of any present commercial practice that addresses these server and maintenance problems effectively in a KVM environment. There are products sold as “PC Parent”, “Spy Capture”, etc, mostly to watch kids, students, spouses and employees, making sure they don't do anything undesired on their PCs. They are all windows applications, and do not perform continuous video recording. A type of video recording is done for television using a TiVo function.
These types of products are windows-based software that secretly records snapshots of the user's screen, records keystrokes and mouse movements. However, this is done at the operating system (OS) level, requiring Windows. It would be desirable to record sessions from the KVM switch, therefore not requiring any particular OS, and to pre-boot activity such as BIOS and POST screens.