Insider Technologies
Insider Technologies

Technical Information

You can access a range of technical information on our products in this section of our website, simply click on the page you’d like to visit. If you would like to talk to one of our experts or arrange a demonstration please contact us. In addition to the technical information available here we have more detailed, specialised fact sheets and documentation. If you would like to access this then we need to know more about you.

Sentra/RTLX

Sentra Overview & Features

Overview

Sentra (Service ENgineering, TRacking and Accounting) is a client-server software application for centralised management of multi-vendor, converged infrastructure and multi-platform payment, transaction and messaging systems. It provides extensive benefits that enable optimal availability, functionality and performance of messaging service provision. Sentra achieves this by providing centralised alerting, escalation, intervention, tracking and reporting tools from a single console view. Furthermore, Sentra collects data from many sources (payment logs (see Sentra – RTLX Reactor payments module), system components, application events, log files) and interprets them in terms of how they affect overall service provision. Real-time views mean that service levels can be proactively maintained. Historical data mining and reporting capability enables efficient resource allocation and capacity planning. The precise nature of the deployment of Sentra is variable from one customer to another, but most will utilise a combination of the following features:

  • Choice of Win32 GUI and Web browser consoles.
  • Centralised, rules-based system, payment platform, application and service level monitoring.
  • Automated alerting to service threats (payment platform, system and application) and SLA violations through e-mail, SMS, SNMP trap, script files, batch files.
  • Intelligent escalation of alerts to TIVOLI™, HP Operations Center™ (formerly OpenView™), HP ServiceDesk™, BMC Performance Manager™ (formerly Patrol™) and Reflex, e.g. payment switch / interchange reduced transaction traffic.
  • Automated problem resolution, e.g. restarting of failed applications and processes.
  • Platform and application availability monitoring, e.g. payment switches, transaction throughput.
  • Monitoring of the availability and response of key internet services, such as HTTP, FTP, SMTP, POP3, IMAP4.
  • XML monitoring including UNIFI payment formats – http://www.iso20022.org
  • HP NonStop monitoring of the Event Management Subsystem (EMS) with complete dynamic filtering of events from any configured collector(s).
  • BASE24 and BASE24-eps™ (using ACI’s EE-SE415 product) and BASE24™ POS, ATM and Interchange monitoring of both TLF and PTLF transaction log files. See also RTLX Reactor for HP NonStop EMS, payment and transaction monitoring of ATM and POS (TLF and PTLF) transaction log files and RTLX FAQs in right-hand margin.
  • Simplified Service Level Agreement (SLA) management.
  • Graphical, End-to-End message tracking.
  • Monitoring of a wide variety of e-mail messaging systems and gateways such as MS Exchange 5.5/2000/2003, SendMail, Isode, Nexor, Critical Path, NetTel (Clearswift), Infonet, ISOCOR and OSI/MHS. Both X400 and SMTP e-mail protocols are supported.
  • Full auditing of mailbox activity – Indentify when mail is read, forwarded, deleted and moved. Monitor when delegate users and unauthorised users access a mailbox.  Ideal for high security messaging environments.
  • Queue Monitoring, Management and Control – Monitor the size and activity of a queue, delete messages and force non-delivery reports.
  • Monitoring of middleware systems such as IBM WebSphere MQ (formerly known as MQ Series).
  • Mailbox auditing on Exchange 2003, including read/moved/deleted status of a message.
  • Mail traffic pattern assessment.
  • Capacity planning.

Features

By using ‘Sentra Agents’ to capture information, Sentra has been designed to be feature rich and offers cross-platform solutions. The features listed here are available as a single entity or as a package designed for your environment and requirements. Payment and Transaction Log Log Monitoring Sentra is able to monitor both payment and transaction logs from payment platforms using optimised extraction clients deployed and controlled from the Sentra application. An example of this extraction can be seen with the ACI BASE24 CLassic product for monitoring ATM and POS transactions and also the Logica LAPS product. For a more detailed description of PCI DSS compliant payments monitoring, querying and reporting, view Sentra’s RTLX Reactor module web page XML Data Collection Agent. A general purpose XML agent can be configured to parse any xml data into a hierarchical structure of SQL tables and fields. This makes the information much easier to process and report on, whilst maintaining the relationships between the XML elements. The agent can be configured by specifying an XSD schema or (where a schema is not available) by loading examples of the xml structure to be captured. The agent can collect XML data from files, MQ queues or from TCP/IP socket-based messages sent directly to it. XML agents can be configured to monitor any ISO20022-compatible payment or transaction.

 

PDF image012 Sentra White Paper

Permalink.

Sentra Agents

Sentra Agent Overview

Sentra uses data collection agents that can be remotely installed on computers in the network in order to gather data from a variety of different sources. This section provides a brief overview of the various Sentra data collection agents that are available.

The data collected by the agents can be forwarded to a central Sentra database for reporting and analysis purposes. Captured data can also be evaluated against multiple rules. If the captured data meets the rules criteria, alerts are generated. A library of pre-configured rules is shipped with the Sentra product and additional rules can be configured by users.

A separate agent is deployed for each type of data collection required from a computer. This approach is much more efficient than deploying a single monolithic collection agent. The extensive list of data types that can be collected by the agents is described below.

Payment and Transaction Log Log Monitoring

Sentra is able to monitor both payment and transaction logs from payment platforms using optimised extraction clients deployed and controlled from the Sentra application. An example of this extraction can be seen with the ACI BASE24 CLassic product for monitoring ATM and POS transactions and also the Logica LAPS product. For a more detailed description of PCI DSS compliant payments monitoring, querying and reporting, view Sentra’s RTLX Reactor module web page.

BASE24 Monitoring

Capture of BASE24 ATM and POS (TLF and PTLF) transactions is available. This agent is able to capture the complete contents of the TLF and PTLF logs from the HP NonStop platform to a SQL Server database. This provides real time alerting capabilities as well as the ability to do ad-hoc queries across the entire record content, which are otherwise not possible. Even with high data processing volumes ~1200+ transactions/sec the impact on the host HP NonStop platform is minimal as all rules processing is carried out off-line.

To capture BASE24-eps transactions, use the Sentra XML monitoring module together with ACI’s Online Extract Interface (EE-SE415) which generates near real-time XML feeds of customized or TLFX / PTLFX extract formatted messages.

XML Data Collection Agent

A general purpose XML agent can be configured to parse any xml data into a hierarchical structure of SQL tables and fields. This makes the information much easier to process and report on, whilst maintaining the relationships between the XML elements. The agent can be configured by specifying an XSD schema or (where a schema is not available) by loading examples of the xml structure to be captured. The agent can collect XML data from files, MQ queues or from TCP/IP socket-based messages sent directly to it. XML agents can be configured to monitor any ISO20022-compatible payment or transaction.

A series of these XML agents can be deployed to key monitoring points (waypoints) within a payment processing infrastructure to monitor transaction volumes and trends, payment volumes and trends and end-to-end processing times. Rules can be configured to monitor service level compliance and abnormal processing volumes.

Server and Internet Service Monitoring Agent

The server-monitoring agent uses standard Internet protocols to check the availability of computers and services. The agent can check whether a computer is available on the network. Alternatively, a more specific check of the availability and response time of a service that uses an Internet protocol can be performed. The agent can monitor using FTP, HTTP, IMAP4, POP3 and SMTP protocols. Daily percentage availability and transfer rate statistics (e.g. for FTP and HTTP) are recorded for inclusion in reports. Several agents can be deployed to different geographical locations in a corporate network to gain a full picture of service performance and availability across an entire organisation. This can help in pinpointing infrastructure bottlenecks and weaknesses.

Service and Process Monitoring

In order to manage the data collection agents, Sentra provides a service manager process that allows agents to be installed, un-installed, started and stopped from a single console. Sentra agents can easily be deployed and configured to many machines simultaneously, from a single point. Once deployed, the service manager monitors the agents and can automatically restart or even re-install them should a problem occur. The service manager can also monitor third party processes or services and generate alerts if they fail or even attempt to re-start them. Reports can be produced to show historical outages of service or programs.

Directory Monitoring Agent

The directory monitoring agent monitors files and directories on multiple computers. The agent monitors directories for changes in the number of files, the largest file size and the overall directory size. The agent also monitors the size, age and attributes of files, as well as the changes in the overall status of a file (i.e. if it is a newly created file or if a file is deleted).

Windows Event Log Agent
This agent monitors the Windows event log on 32 bit and 64 bit Windows computers. The standard mode of operation is to evaluate captured data against pre-configured rules and forward those events that meet the rules criteria to the Sentra database. The agents can also be configured to forward specific event log entries to the Sentra database even if rules criteria is not met, e.g. application events that confirm the start and end of a daily backup. Events such as these are usually stored in the database for further report analysis.

Unix/Linux System Log Agent

This agent monitors the system log (commonly known as the syslog) on Unix or Linux (32 bit and 64 bit) computers. The standard mode of operation is to evaluate captured data against pre-configured rules and forward those events that meet the rules criteria to the Sentra database. The agents can also be configured to forward specific syslog entries to the Sentra database even if rules criteria is not met, e.g. application events that confirm the start and end of a daily backup. Events such as these are usually stored in the database for further report analysis.

HP NonStop EMS Event Message Agent

The HP NSK operating system and its applications are richly instrumented through EMS events. This agent monitors EMS event logs. The standard mode of operation is to evaluate captured data against pre-configured rules and forward those events that meet the rules criteria to the Sentra database. The agents can also be configured to forward specific EMS event entries to the Sentra database even if rules criteria is not met, e.g. EMS events that confirm the start and end of a daily backup. Events such as these are usually stored in the database for further report analysis.

Windows Performance Counter Agent

This agent can capture data from any Windows performance counter. An extensive library of pre-configured rules is shipped with Sentra, e.g. to monitor issues such as high CPU usage and low virtual memory availability. ‘Data-thinning’ techniques are used to average the performance counter data in the database into summaries as the data becomes older. This allows recent data to retain its detail whilst long term trends can be still be seen without filling the database.

Non-Windows Performance Counter Agent

On non-Windows platforms key performance indicators such as CPU usage and disk space can be collected into performance counter format. Sentra is therefore able to monitor performance metrics across multiple platforms and operating system types.

JMX MBean Monitoring Agent

Many Java-based programs instrument their performance metrics using JMX. Java-based applications such as BEA WebLogic and IBM Websphere provide a whole series of performance monitoring metrics via JMX. The Sentra JMX agent can monitor JMX counters and treat the captured data in the same way as Windows performance counters. Rules can be configured to evaluate captured JMX data and generate alerts if the rules criteria are met.

Generic Log File Agent

Sentra uses a general purposes ‘Generic’ log file agent that can collect data from any structured text log files. The Sentra Windows console enables a user to configure a new agent and specify the format of the data that the agent is required to capture. For example, a new agent can rapidly be configured to capture the contents of any CSV file. Sentra ships with some pre-configured setups for some common structured log files, e.g. the Microsoft ISA Firewall log file, the Microsoft ISA Packet Filter log file, the BEA Weblogic log file and Tuxedo log file.

As with all Sentra agents, rules can be configured to evaluate captured data. Alerts will be generated if the rules criteria are met.

SQL Query Monitoring

The Sentra SQL agent can be configured to schedule execution of queries of the Sentra database or any other ODBC-compliant database, including SQL Server, ORACLE, DB2 and MySQL. This agent is typically used to store summary information from a number of database sources so that long term trends can be summarised and alerts generated if any rules are broken. For example this could be used to produce an escalation of a problem if the number of alerts for a server broke a nominated limit. This agent has been used to monitor a high-performance payment system that used an ORACLE database. The agent issued scheduled queries to monitor payment volumes; if the payment volume fell below a preset threshold, an alert was generated.

X500 Enterprise Directory and /Active Directory Monitoring Agent

The enterprise directory monitoring agent monitors the availability and performance of X500 or Windows Active Directory based enterprise directories. Statistics such as percentage availability and directory query response time can be recorded. Agents can be deployed to multiple locations around a network to determine the availability and responsiveness of the enterprise directory from across the whole organisation.

Application Response Monitoring Agent

This agent can be configured to invoke a program or script file and measure the time taken for execution to complete. Statistics for the average response time and last response time are collected. For example, the agent could be configured to perform an SQL query to monitor a trend of long-term degradation of database performance. The agent has in the past been used to monitor the performance of SAP transactions in a corporate environment, by launching a program that issues a SAP transaction and waits for a confirmation reply.

WebSphere MQ Agent (formerly MQ Series)

This agent collects information on the state of MQ managers, queues and channels. The MQ message header is also captured. Rules can be configured e.g. to monitor the change in run status of queues and channels or to monitor the size or number of entries on a particular queue. Sentra also provides management of MQ queues such as starting and stopping queue managers, queues and channels.
SNMP Monitoring Agent

The Sentra SNMP agent can listen for and report the occurrence of SNMP traps. The agent can also be configured to perform periodic SNMP read requests to query particular values on remote SNMP-enabled devices such as routers or switches.

SysLog Protocol Monitoring

Sentra can be configured to monitor devices that support the SysLog protocol. A syslogd service can be configured to forward SysLog protocol events to the Windows event log, which is monitored by another Sentra agent, as discussed earlier in this document. This technique enables the status of devices such as printers to be monitored.

Email Agents

Sentra collects email message events from a wide range of e-mail system vendors and transforms them into a unified format in the Sentra database. Agents are provided for capture of both SMTP and X400 mail system tracking log files. This allows messages to be tracked across multiple vendors and between X400 and SMTP environments and through mail gateways.

Typical mail systems supported on a variety of different operating systems include:

• Microsoft Exchange 5.5, 2000, 2003, 2007
• Boldon James X400 Bridgehead Connector for Microsoft Exchange 2007
• Lotus Notes / Domino
• Sendmail
• Clearswift
• Nexor
• Isode MSwitch
• InfoNet

In many cases mail queues can also be monitored for messages that have been stuck for a specified period of time, providing an early warning of potential performance issues or connectivity problems.

For Microsoft Exchange 2003 and 2007, mailboxes activity can be monitored for events such as messages being deleted before they are read, copying of messages to another folder, and delegate user logins.

Permalink.

Enhancements in SENTRA Release v7.2

  • The configuration of dashboard data sources has been simplified by the creation of dynamic data sources.
  • Support has been added for parsing ISO8583 (Financial transaction card originated) messages and displaying data in charts using JPOS, enabling capture of Postillion, Base24 and Base24 EPS transaction data.
  • Added support for parsing and displaying of Measure Performance Monitoring Data from HP NonStopTM Systems
  • Incorporated RabbitMQ to perform message queuing. Users can continue to use TCP/IP or can move to RabbitMQ
  • The Sentra Application Response Monitoring agent has been updated to enable the results of executed commands to be stored in the Sentra database and displayed in hypervisor charts.
  • Sentra now allows textual ‘Scoreboard’ views to be created to show data in textual format (rather than as a graph). These views have the capability to display individual cells (as opposed to whole rows) in a table chart as being in a warning state.
  • Implement some periodic TCP/IP traffic between ITLServiceMinder and ITLServiceManager to prevent NAT devices from marking the connections as idle.
  • The password complexity expression has been modified to include the special characters “.”, “-“ and “_”.
  • The CD image has been updated to include a copy of SQL2008 Express Edition instead of SQL2005 Express Edition.
  • The Sentra web console now supports Windows Authentication, to allows users to logon to Sentra using a Windows Account.
  • Grid improvements. These include: correct alignment of cell contents when a cell contains an image, disabling the main Apply and Cancel buttons whilst editing a row in the grid.
  • Double-clicking has been implemented on screens containing grids, where there is an enabled edit button, so that users can more easily edit grid contents.
  • The Standard Query Lookup Tables branch has been moved from the Security screen to the Data Sources screen.
  • Improved Linux monitoring: added the ‘free -m’ method and improve the memory monitoring capabilities by supporting the analysing the contents of the /proc/meminfo file
  • ATM/POS Query Results – The results screen has the option to find EMS events that match a user-defined criteria.
  • Saved Queries cannot be deleted if in they are in use by a Hypervisor.

 

Rules Screen

  •  Cause Effect Recovery text boxes now support rich text.
  • When clicking New, the default behaviour gives a drop down list giving the user the choice of creating a new rule or a new category.
  • In the Rule Editor, the subsystems tabs now has a consistent look and feel to other subsystem pickers within Sentra.

 

Rule Symbols Screen

  • Screen supports editing of general threshold values.

 

Standard Query Screen

  • Double clicking a row on the results screen will show the additional details in a second panel. A right click gives the option of showing additional details or token data. The additional details has been updated to include buttons to display the additional details of the next and previous records from the results obtained.
  •  When a user picks from the Stored Queries combo, the filters change to those that were stored under that name.
  •  Simplify save, delete and copy query operations
  •  Support for export of query results to CSV file and/or PDF.
  •  The timespan used by the Query Results can now be expanded to match earlier and/or later results.
  •  Auto-complete has been added to drop-down lists.
  •  The default filters of Start Time = 1 hour before now and End Time = 0 hours before now can be modified if required.

 

Security Screen Enhancements

  • Permissions: it should not be possible to enable or disable a whole section if a screen is selected.
  •  Modified the permission names in the security screens from ‘Undefined’ to ‘Deny’ and ‘Enabled’ to ‘Grant’
  •  In the right mouse-click menu, menu items are only shown for operations that can be performed. Originally, there were instances where there were 10 greyed-out items when only 1 item could be selected
  •  MaskAll and CardNumberMask strings are now localised in the field picker.
  •  Permissions cannot be modified in the Administrators group.
  •  A ‘Copy Group’ feature has been added.
  • An option has been added to clear the user settings for a particular user, similar to reset password.

 

Chart Screen Enhancements

  • Stacked bar charts have been implemented.
  • Chart Details and Chart Parameters have been moved to separate tabs.
  • Line Charts support multiple zoom levels.
  • The chart editor allows a sort order to be selected for all chart types except line and table. The results are now ordered by name or value based on this setting. This setting was previously ignored.
  • When overriding parameters the edit dialog defaults to the parameters tab.
  • ‘View chart alerts’ link was not visible after Override Parameters
  • A Hide Toolbar option has been added to the right click menu for table charts.
  • A ‘View Chart Dependencies’ option has been added to display all Hypervisors using the selected chart.
  • Filtering has been added to allow specific entries to be found faster.
  • A menu option has been added to show and hide series when the legend is hidden. 

 

Alerts Screen Enhancements including:

  • The default alert sort order has been modified. Unacknowledged alerts are now displayed before acknowledged alerts, irrespective of sort order.
  • The format of alert email notifications has been enhanced.
  • Alert Muting: alerts can be muted, to prevent similar alerts from re-firing for a specific period of time. The default period is one hour.
  • Users can now add a comment to an alert. This can be useful to highlight alerts that may be being generated due to some ongoing maintenance activity

 

JMX web application improvements

  • When configuring the ITLJMXExtractSvc agent, if a user adds a second enumeration filter via the Extraction Details tab, the initial context factory value now has a valid default value of com.sun.jndi.rmi.registry.RegistryContextFactory
  • The test button now supports multiple filters specified for the same domain.
  • When clicking the Test button, the user gets a list of enumerated attributes for the parameters that they provided. However, the user can now also click the Query Attribute button in the results dialog to query individual attribute values.

 

Status Screens

  • Support save and restore of status screen filters
  • Hypervisors Screen Enhancements including:
  • Hypervisor panel properties support gradient, shadow, and rounded panels.
  • Hypervisor properties now displayed as a dialog box.
  • New panels and items are created in a two-step process, first click the ‘new item/panel’ then click where the item should be placed.
  • Duplicated images removed from Hypervisor icons screen.
  • Filtering has been added to allow specific entries to be found faster.
  • Hypervisor object dependencies can be viewed in a hierarchy tree view.
  • Mini Line Chart entities no longer disappear when other entities flash.
  • Sample Hypervisor Diagram for RTLX now included as part of an install.
  • The Process Control screen now shows the correct values for the ‘last event time’ and ‘last connected time’ for aliased subsystems.

 

Data Sources

  • Start/end time ranges have been standardised so that data sources that accept or use a time parameter and use the convention >=Start Date and
  •  Performance counter trend and snapshot data sources have been rationalised into one data source for performance counter trend data (e.g. for line charts) and one data source for performance counter snapshot data (e.g. for bar charts).
  • RTLX
  • Data processing positions (known as Control Records) are now written to the database instead of the Windows registry, so that they can be reset via the Process Control screen.
  • The primary key on the RTLX database tables has been modified to prevent certain records with the same event time from being marked as duplicates and therefore ignored.
  • TLF and PTLF Token data is now stored in compressed format to reduce the quantity of disk space required.
  • RTLX agent configuration has been simplified by increased pre-configuration of agent settings.
  • The TLF client is more responsive to a stop request.
  • A TLF client setting has been added to enable the configuration of the maximum number of POS/ATM log files to be simultaneously held open by the agent.
  • Windows Event Log Agent
  • The agent uses a newer API, to enable improved monitoring of custom Windows event logs, e.g. those created by applications such as Hyper-V.

 

Agent Deployment Wizard

  • Navigating backwards through the dialogs no longer causes the Remote Agent checkbox to be selected.

 

XML Status Screen

  • Additional filters can now be specified. Previously, only time and subsystem were supported.

 

Windows Performance Counter Agent

  • By default, the Windows “Process” and “Object” performance counters are no captured, to help reduce the quantity of transient counter and instance names that are stored in the database. These can be re-enabled if required, via the agent configuration screen, accessible from Process Control.

 

 Additional features

  • ITLServiceMinder, and the GenericLogExtract and DirMonAgentSvc agents have been ported to work on Integrity OSS.
  • Database Comparison utility now included as part of an installation to aid fault finding.
  • ITL Service Minder
  • ITLService Minder can now be successfully deployed on an ESX 5.1, so that processes can be auto discovered.

 

Permalink.

Product Installation, Training and Customisation

Product Installation, Training and Customisation

Our Windows / Unix / Linux Management specialists can provide advice and training on:

Planning a deployment of Sentra (our Windows / Unix / Linux Management Console)
Hardware Configuration
Designing Hypervisor diagrams that represent your network
Configuration of dashboards for performance monitoring
Customisation of alerting methods
Training can be delivered at our Salford offices or at your site
All training material is prepared and delivered by Sentra Consultants who have at least ten years of IT industry experience
Hands on labs are included in all our training courses
All courses offered can be tailored for your specific requirements

Operations Automation

All of our Sentra specialists have expertise in automating operational tasks:

Automated log archiving to local and centralised storage areas
Automated scripting to fix problems when specific alert criteria are met
Customised operator initiated tasks to speed up common administration jobs
Scheduled reports can be published via your intranet, sent by mail in PDF format, and many other formats

Permalink.

Sentra Reports

Payment and Message Reporting:

Sentra allows the production of reports and management information in two ways.  Payment, transaction and message traffic analysis can be performed as an extension of the built-in general query tool. Substantially increased reporting flexibility is also provided by the capability to launch Microsoft Reporting Services within Sentra.

Payment, Transaction and Message Traffic Analysis

Payment, message traffic reports can be generated using the graphical and textual reporting facilities of the general query tool. This can be used for monitoring and analysing message traffic and trends. Examples could be analysing messages routed across different mail servers within a specified period of time or slow response times on payment, transaction switches / interchanges. The (General) Sentra Query function provides graphical and textual reporting facilities, which can be used to generate reports based upon data contained in the database. The following are general features applicable to all queries:

  • Queries can be generated between a start and end time.
  • Trend queries possible, e.g. totals displayed hourly, daily, weekly, to be specified via a time window.
  • Results displayed in numerous 2D and 3D graph formats.
  • Reports can be saved as csv  (comma separated field) files and can be easily exported to an Excel (or similar) spreadsheet.
  • Sentra allows you to E-mail the results of a query, both textual and graphical, to one or more recipients.

Reporting Capability

Sentra comes with a number of predefined management reports based on both the industry-standard Microsoft Reporting Services package. These reports allow the Sentra data to be displayed as meaningful management information. SLA analysis, capacity planning chargeback and billing are just some of the many uses that can be made of this.

User-defined reports can be written and then launched from the Sentra GUI. This enables users to write reports based on virtually any data captured by the Sentra server. Furthermore, automatic scheduling along with publishing capabilities allow the reporting process to be automated, e.g. monthly SLA reports can be published on an intranet web site or e-mailed to a business manager without any need for user intervention. Example reports include:

  • Payment, Messaging Service Availability
  • Interchange, Switch, Process, Mail Server Availability
  • Payment, Mail Server Traffic Analysis
  • Mail Server Queue Analysis
  • Non-Delivery Reports
  • Payment, Application, System Availability
  • Web Availability
  • Alert Detail Per Server

Permalink.

Sentra Business Activity Monitor (BAM)

Sentra Business Activity Monitor (BAM)

Capturing and consolidating the essence of business processes is crucial, especially when these may be distributed across a range of applications as is typical of SOA-based solutions.

The Sentra BAM allows users to condense complex processes into a single comprehensive operational dashboard.

The BAM allows business users to define and extract crucial data which is then used to visualise the end-to-end payment process and alert users of exception conditions such as processing bottlenecks and problem payments.

Key features include:

  • Monitoring facilities from both the business and technical viewpoint
  • Early detection and resolution of processing bottlenecks
  • Configuration and generation of alerts for user-defined exception conditions
  • Automated alert escalation and delivery via multiple channels (e.g. SMS, SNMP, e-mail)
  • Ability to monitor multiple data sources (e.g. IBM WebSphere MQ Series queues, Oracle views, JMX queues) via dedicated agents
  • Support for drill down to specific problem area to support resolution
  • Easy extension to provide enterprise-wide monitoring
  • Integration with other system management packages such as Tivoli™ and HP Operations Center™

“Insider Technologies have partnered with Logica to provide a fully integrated business activity monitoring (BAM) solution for the Logica All Payments Solution (LAPS) product. This was developed by tailoring the Sentra product to provide seamless integration with LAPS.”

Permalink.

Sentra Payment & Transaction Applications

Payment and Transaction Applications

ITL have created a Sentra module, RTLX Reactor, to provide real-time monitoring of the transaction flow information created by payments applications (LUSIS Tango, S1 Postilion, FIS / eFUNDS Connex Advantage, Alaric Authentic, electraSWITCH from ElectraCard Services, ISO 8583 card messages), the ACI BASE24™ and BASE24-eps™ (including Faster Payments) ATM/POS application and the NonStop EMS subsystem. RTLX Reactor does not inflict a fixed look-and-feel for monitoring live payment applications. RTLX provides a completely secure, tailorable graphical canvas to enable you to view your transaction processing real-estate at a system level, e.g. PATHWAYs, Middleware, XPNET and Logical Networks, or at a business level, e.g. top 20 retailers with drill-down to card type broken down by transaction volumes, approvals, denials etc. There is no programmed limit to the number of views that can be constructed and so each department can have their own customised monitoring screen(s) and management reports. With RTLX, it’s easy to plug-in another file, payment, transaction or message feed by deploying a new lean, optimised extraction client. The result is a standard approach to monitoring and querying live payment environments. Data can be masked, encrypted or omitted for PCI DSS directives and the live application and platform is secure as all transaction queries and rules analysis takes place on the Sentra server against a local relational database(eg MS SQL , Oracle). This Sentra module will maintain a centralised database of transaction data from one or more payment platforms and analyse the information in real-time. The outcome of the analysis will be service level alerts, charts depicting the behaviour of nominated metrics and management reports to help set and achieve business objectives for the payment and transaction subsystems being monitored. RTLX Reactor – Payments, ATM and POS Transaction Reactor is a Windows based solution for Payments, ATM / POS and EMS alert monitoring providing you with the visual tools you need to help ;

  • Optimize your transaction SLAs
  • Reduce Payment, ATM / POS / Switch network downtime
  • Maximize your resource utilization
  • Track all transactions and associated data values
  • Record all activity for auditing, archiving and repudiation

After automatically deploying lean extraction clients for specified Payment, EMS, ATM and POS transaction sources, RTLX then provides four primary browser views and a number of sub-views for monitoring that financial data and reporting on it in real-time. RTLX delivers a single, integrated graphical Hypervisor view (accessible via a Windows Browser) into your payment application and environments, ACI BASE24™ (and EPS) environments as well as Real-Time Dashboards, Complete Transaction Query Screens and Management Information Reporting (forget ENFORMs and green screens). By giving you real-time visibility of your entire network, RTLX provides the ability to identify and respond to customer and system level issues before they become widespread. This way, performance and outage problems are not experienced by your retailers (merchants) and domestic customers minimizing complaint calls and also calls from attached financial bodies relating to your live service availability. The tailorable hypervisors, dashboards / charts delivered in RTLX Reactor for Payment, ATM and POS transaction tracking offer an immediate (and time comparative) analysis of transactions at the lowest granular level, allowing you to drill-down to uncover the root cause of issues. All Payment, log file, TLF and PTLF data can be analysed in a way not previously available. Historical reporting on metrics including transactions per second, approval / denial rates, timeouts and response times gives you deep insight into device usage trends. Not only that but you can compare a current Bank Holiday to a past Bank Holiday or even the same Bank Holiday last year. You can view your current transactions broken down by retailer (merchant) and card type as well as give your key retailers their own secured customised view of their current transaction flow broken down in a way they choose. The RTLX transaction and payment analyser product also helps to ensure reliability and reduce the costs of transaction component downtime, e.g. interchange, ATM. RTLX simplifies problem / incident management and resolution and allows you to ensure your service level agreements are being met (and what’s more documented for auditing) which could save you money and also help to ensure your reputation in the market is maintained. Suspicious transactions and transaction patterns can be identified, with real-time graphical exception alerts generated when problem transactions occur and pre-defined ‘rules’ are triggered. All alerts can be relayed to Enterprise Managers using certified code libraries, Mobile SMS and E-mail. RTLX Reactor is based on the proven and successful Sentra architecture which also includes optimised XML monitoring for the ACI Real-Time Feed Interface (Online Extract Interface – EE-SE415) for monitoring EPS environments.

pdf Sentra / RTLX White Paper

Permalink.

Sentra SWIFT

Sentra for SI’s SWIFT and TELEX Automated Routing product – STAR

Based on the proven and successful Sentra architecture, this module lets you probe and analyse the real-time flow of business and performance data generated by the Software Integrator’s STAR application.

Sentra gives you STAR service diagrams, charts, management reports and alerts executing against four separate SI data feeds.

  • XML format data generated by the STAR Text Checker module. This file contains information about queues and their depths and is organised by country and Message Type (MT).
  • HP NonStop EMS event log file data generated by the STAR application.
  • Payment flow information.
  • Sanctions filtering data.

Software Integrators designs and develops integrated message and payment solutions for banks and other financial institutions, with major clients in Europe, the USA and South Africa.

Software Integrators primary platform is the HP NonStop server and two of their key products are COPE (Complete On-line Payments Environment) and STAR (SWIFT and TELEX Automated Routing).

Permalink.

Sentra PCI DSS

PCI DSS (Payment Card Industry Data Security Standard)

Compliance is provided by the native facilities of the Microsoft SQL Server product (Master key, Certificates, Symmetric key, EncryptByKey, DecryptByKey using AES_256, Triple DES etc.) which is the database manager for the Sentra and RTLX environments as well as encryption (including column level encryption), masking and/or blanking of field values by Sentra, e.g. PAN numbers.

Data can be encrypted and compressed if required, as it is relayed from the HP NonStop platform.

The real-time POS visuals and data presented to the user are based on the authorisation level of that user as set-up in Sentra. Further modifications can be automatically applied to data stored in the SQL database such as X’ing out (or blanking out) card numbers, e.g. XXXX-XXXX-XXXX-2207.

Sentra includes a multi-tier security model for users whereby groups are configured to access one or more functions within the product and then users are allocated to one or more Sentra groups. So for example, a user might only gain access to the MI reports group or the POS querying group or both. If they are allocated to a group, they may still be restricted from using certain functions such as restricted query access on the POS querying screen.

Though users may gain a secured level of access to the Sentra product, they of course will not be able to access the backend relational database server (eg MS SQL, Oracle) directly.

In order for ITL to install Sentra at one of the UK’s largest banks, strict security directives needed to be adhered to and a separate document relating to security considerations is part of the Sentra product evaluation delivery.

Permalink.

Sentra Message Tracking

Sentra for Message Tracking

Summary of Message Tracking component

  • Enables significantly faster message tracking than provided by alternative methods.
  • Messages can be tracked across multiple messaging systems on multiple platforms from a single console.

The Sentra Message Tracking application can track individual and multiple messages across multiple messaging domains using the same console, subject to the appropriate data fields being made available. Sentra can track e-mail messages, which use the X.400 and SMTP (Internet) protocols. Middleware messaging systems such as WebSphere MQ are also supported. Message Tracking user queries are performed against the central data store using a graphical query builder.

Queries can be as detailed or simple as a user requires. For an e-mail message, typical search details might be Sending Time, Message Identifier, Originator or Recipient address. As searches are performed against a single database, results from many Message Transfer Agents (MTAs) can be displayed in a single view. Furthermore, this is a much quicker process than manually examining message logs, which may be the only viable alternative.

The message results view provides details of all originated messages that meet the search criteria. Drill-down facilities provide recipient and diagnostic information, including all events generated to facilitate delivery of message.

The history pane displays the full life-cycle of a message, including information pertaining to the MTAs through which the message has passed, the reports that it has generated, (i.e. Non Deliveries, Deliveries etc.), and the message IDs that it has had as it has passed through any e-mail gateways, such as an X400, SMTP gateway.

Permalink.

Sentra for HP NonStop

Sentra for HP NonStop Tandem Monitoring

The Sentra product can deploy a comprehensive EMS lean extraction client to the HP NonStop platform(s) for the relay of dynamically filtered event messages to a nominated Windows server.

This relay of events can be used to monitor HP NonStop Guardian, Open System Services (OSS) and application EMS events, e.g. Pathway, WebSphere MQ, Aleri Atlas, COPE and STAR, XPNET and BASE24™.

Relayed EMS events are stored in a Microsoft SQL database and can be used to drive graphical, web-based hypervisors and near real-time dashboard charts, e.g. failed event totals received for XPNET stations, processes, lines, links.

Simple or compound rules can be constructed to spot vulnerable or failing subsystems on the HP NonStop platform or compromised areas of a live application, e.g. VISA interchange process down.

The software allows for 2 levels of event filtering. Two EMS collectors can be attached and a single event filter object (a second filter table also exists for tighter control of incoming events). A timestamp can be configured for re-start purposes in the event of failure. This can also be used to go back in time.

A comprehensive EMS event query screen exists in the Sentra Web client. This can be used to query on all mandatory EMS event tokens (wildcards are also allowed) currently held in the Sentra database. Commonly used queries can be saved for later access and results can be output to a CSV file for importing into a spreadsheet.

Microsoft SQL Reporting Services are securely integrated into the Sentra Web client to enable timely management reports to be constructed for EMS event ranges whether by event number, SSID or any other mandatory token. These EMS reports can be manually or automatically relayed to configured email addresses.

Customer specific tailored EMS tokens can be integrated following a short software development.

Permalink.

Sentra for MQ

Sentra for MQ Monitoring

Provides a collaborative, team-based approach to infrastructure management: middleware specialists, database administrators and applications developers can each be provided with tailored views of their respective areas of interest, and can work together to resolve issues and maximize business process performance. Complete life-cycle management that speeds up development and deployment of your integration and implementation.

  • IBM MQ WebSphere (MQ Series) monitoring and management for version 6 and version 7 and also HP NonStop WebSphere MQ version 5 and 5.3 (5.3.1.4).
  • View real-time information on your WebSphere MQ Workflow processes with Sentra Hypervisor.
  • Granular control – Provides the ability to drill down into the application and messaging layers to determine cause and problem resolution issues.
  • Gives you the information you need to optimize process performance. Evaluate productivity of key business processes trends against your benchmarks.
  • Sentra Dashboard enables you to see real-time performance and availability information from your desired vantage points – from the top level to the underlying causes.
  • The highly configurable nature of Sentra enables you to respond rapidly to changing business requirements and market conditions. A management and monitoring strategy for new business services can be developed rapidly.
  • Create custom views and dashboards based on user roles, such as Line-of-Business Managers, Integration Specialists and Technology Administrators, to deliver the information they require.
  • Certified integration with enterprise management tools such as Tivoli and HP OpenView; easily integrate into other systems management frameworks.
  • Historical reporting and analysis tools help you identify short-term trends to avoid problems and also perform long-term capacity planning.
  • Set customized alerts based on business conditions; real-time notification via dashboard, email, pager or mobile phone.
  • Easy to install and deploy for both development and production environments.

Gives the most extensive support for transaction-centric applications by monitoring transactions that are both message-based and non-message based.

Permalink.

Sentra for XML

Sentra for XML message monitoring

An optimised and comprehensive Sentra XML agent can be configured to parse any XML data feed into a hierarchical structure of SQL tables and fields. This makes the information much easier to process and report on, whilst maintaining the relationships between the XML elements.

SQL tables are automatically created based on the XSD data structure and the required field elements for monitoring. This approach enables more efficient, rationalised data storage.

The Sentra XML agent can be configured by specifying an XSD schema for import or (where a schema is not available) by loading examples of the XML structure to be captured. Once loaded, an XML topology structure view is displayed where individual field elements can be configured for near real-time charts and/or used as input to the Sentra rules engine.

The agent can collect XML data from files, WebSphere MQ queues or from TCP/IP socket-based messages sent directly to it.

XML agents can be configured to monitor any ISO20022-compatible payment or transaction.

A series of these XML agents can be deployed to key monitoring points (waypoints) within a payment processing infrastructure to monitor transaction volumes and trends, payment volumes and trends and end-to-end processing times.

Rules can be configured to monitor service level compliance and abnormal processing volumes.

To monitor BASE24-eps transaction metrics, configure an XML feed using the ACI Real-Time Feed Interface (more specifically the Online Extract Interface – product code EE-SE415) that enables XML feeds against the EPS Journal Log files.

Permalink.

Sentra for SafeSign

Sentra for SafeSign (SSAS)

The Sentra for SafeSign module will allow users to create a centralised database of performance data from one or more e-Security SafeSign Authentication Server or cryptographic environments and analyse the information in real time.

Using standard SQL reporting tools, such as Microsoft SQL Reporting Services™, an analysis of the performance data will provide a set of Service Management facilities and Management Information views. These will be displayed as a collection of web views that represent the environments being monitored and show real-time performance information, service level alerts with graphs representing the behaviour of nominated metrics, and management reports to monitor the Business objectives of the SafeSign Authentication Server service.

The Sentra for SafeSign module can:

  • Read the contents of any e-Security SSAS log
  • Read log file and table information directly from the SSAS SQL Database
  • Read JMX performance counters and attributes from the Daemon process
  • Read hardware performance data, subsystem performance data such as SQL performance metrics, and event log information
  • Poll the cryptographic, HSM devices at a user defined interval and retrieve performance data relating to device memory status and certificate storage
  • Display web view analysis of the environments being monitored and show real-time performance information.

The Benefits of Implementing the Sentra for SafeSign module:

  • Single Point of Contact for Monitoring & Alerting
  • Restricted Access to Sentra Functions
  • Simple Access to Disparate Data
  • Real Time Alerting to Potential Issues
  • Automated Issue Resolution
  • No Access to Sensitive Information
  • Minimal processing overhead on the SafeSign Authentication Server e-security environment

Permalink.

Sentra for Tivoli

Sentra and RTLX / TIVOLI integration

Windows log file approach:

With this, TIVOLI can be configured to monitor a Windows log file. This log file is set-up and written to by Sentra in a defined record format anytime a configured Sentra rule is broken.

The log file resides on a Windows platform (typically the same Windows server as Sentra). The defined format for each record written to the log file has already been imported into Tivoli (by Tivoli administrators using Tivoli BAROC files) prior to start-up. This is done so that Tivoli is aware of the Sentra log file message/record format before it starts to monitor the log file.

Sentra can be configured to monitor either the Unix syslog or Windows event log for all events. Any event can then be used to invoke a Sentra rule which will alert to Tivoli in this manner.

 

Command line tool (HP Service Desk):

If a command line tool exists on-site for writing events to TIVOLI, Sentra can make use of this command line executable or Macro to escalate events by stringing the appropriate parameters to it and then executing it. ITL used this approach to alert to HP Service Desk currently. This approach is also used by ITL’s Reflex product to alert to BMC Performance Manager.
In both cases above, Sentra sits on a Windows server and deploys agents to monitored platforms (Unix, Linux, HP NonStop, Windows) to monitor the Syslog or event log. All escalation is then carried out by Sentra on the Windows server.

Permalink.

Sentra Requirements

Minimum Windows Hardware Requirements

For optimum performance, it is recommended that the minimum specification of your hardware and software is as follows :

  • Windows Server 2003 / 2008 / 2008 R2 / 2012 (also 64-bit) with the latest service packs
  • Microsoft SQL Server 2005 / 2008 / 2012 (also 64-bit) with the latest service packs
  • Either; Tomcat, IBM WebSphere,  JBoss (formerly BEA WebLogic) web application servers (ask ITL about MS Internet Information Services- IIS) – also requires Java SE version 6+ (1.6)
  • Browsers; Internet Explorer (IE) ver. 7+, Google Chrome, Safari, Firefox
  • Intel Mid to High-End, Multi Core processor
  • 16+ GB RAM recommended
  • SCSI interface (SCSI2 Ultra-Wide recommended)
  • 50 GB Single Drive for operating system and SQL Server software
  • 100 GB Single Drive for the SQL server database (RAID 0+1 recommended)
  • 20 GB Single Drive for the SQL server log file (RAID 0+1 recommended)
  • Graphics resolution 1024 x 768 recommended
  • 17″ or larger colour monitor is also recommended

The above specification is for guidance only. The specification of your Windows server will be dependent on your individual needs. Please contact the Insider Technologies Helpdesk for assistance in establishing the specification of your server.

SQL Server Versions Supported by Sentra (also install Microsoft SQL Reporting Services)

The Sentra database is compatible with the following variants of SQL Server:

2005 / 2008 / 2012 Standard Edition

Permalink.

Sentra Compatibility

The Sentra product is now “Works With Windows 2008″ accredited.

The “Works With Windows Server 2008 R2″ MS program is intended to help developers and customers ensure that applications meet the baseline technical bar for compatibility with Windows Server 2008.

The application was tested on Windows 2008 R2 and found to function correctly after extensive testing.


Conduct tests on both x64 Windows Server 2008 and x64 Vista Ultimate or Enterprise edition operating systems

To ensure compatibility, a server application as well as all its client components must meet Works with Windows Server 2008 requirements.

To maintain consistency in testing and validation, all Works with Windows Server 2008 testing is conducted on:

– x64 Windows Server 2008

– x64 Windows Vista Ultimate or Enterprise edition


Support 64-Bit version of Windows running on multiple processors

Applications must support x64 versions of Windows Server 2008 and all testing must be conducted on a 64bit version of Windows Server 2008.

To maintain compatibility with 64-bit versions of Windows, it is necessary that:

  • Applications install and run properly on at least a dual-core system.
  • Applications and their installers must not contain any 16-bit code or rely on any 16-bit component, since 16-bit code will not run on 64-bit versions of Windows Vista and Windows Server 2008.
  • All drivers and executables must be signed to install on a 64-bit Windows OS.
  • If an application is dependent on kernel-mode drivers for operation, 64-bit versions of these drivers must be available.  The application setup must detect and install the proper drivers and components for the 64-bit Windows OS.
  • If an application is natively 32-bit, it may rely on WOW64 instead of running natively on 64-bit. 32-bit applications must also provide 64-bit versions of kernel mode drivers.


Follow best practices in Security and Reliability

  • The application must not disable Windows Error Reporting service at any time.
  • IPv6 network layer IP protocol must not be disabled by the application.

Firewall

  • The application cannot disable the Microsoft Firewall and must work properly with Microsoft’s or any third party certified firewall.

User Account Control 

  • The application must work properly with User Account Control (UAC)  enabled.  The application must not disable UAC or require UAC to be disabled.

Maintain compatibility with Antivirus software

  • Applications must install and operate correctly when a certified antivirus application is running.
  • The antivirus engine must not be disrupted by the application.


Do not cause services to unexpectedly become unavailable

  • The issue of services remaining available is critical. The goal of this requirement is to ensure that applications do not cause failures in other applications by making services unavailable.
  • Applications must maintain stability in general, and violating that is a failure of this requirement and primary functionality
  • To pass this requirement, applications must notify the administrator at any time any service needs to be shut down.
  • Services shutting down unexpectedly or shutting down without allowing the administrator to control the timing of the shutdown is a failure.


All drivers must be WHQL signed

  • Poorly written kernel-mode drivers can crash a system.
  • Applications that include kernel-mode drivers, such as backup, copy protection, and antivirus products, must be thoroughly tested to minimize this risk.
  • All application drivers must have a Microsoft signature.
  • All application drivers must pass Windows Hardware Quality Labs (WHQL) testing.
  • Driver signing is a pivotal to receiving the Works with Windows Server 2008 designation.  No application will pass if drivers are unsigned or if WHQL Submission ID is missing from the submission package.

Permalink.

MultiBatch

NonStop Batch Job Scheduler for Guardian and Open System Services

NonStop Batch Job Scheduler for Guardian and Open System Services

MultiBatch is a powerful and maintainable batch processing environment designed to exploit the HP NonStop server architecture for the Guardian and OSS operating systems. All job status data can be relayed to a Windows server for graphical & tabular charts, management reports & Real-Time tracking.

Overview

MultiBatch is a powerful, maintainable Batch Processing environment specifically designed to exploit the HP NonStop server platform architecture both for the Guardian and Open System Services (OSS) operating systems. It allows parallel batch processing with calendar and conditional logic to occur in a single processor or multi-processors concurrently. Batch processing can be invoked locally or across an entire NSK network.

Features

Integrated monitoring, reporting and management of batch schedules are available, including the following features:

  • Pathway and / or GUI interfaces
  • Batch tracking
  • Run Guardian and Open System Services (OSS) applications within the same batch schedule
  • NetBatch conversion utility available
  • Automated Calendaring and Scheduling
  • High performance parallel batch
  • Network control transparent
  • Simultaneous job execution
  • Supports object parameters to ease maintenance in global schedule updates for multiple jobs
  • A migration tool can be used to convert batch schedules between nodes for easy replication in a multi-node environment
  • Optional checkpoint / restart
  • Dynamically amend the start time of job(s) e.g. /- one hour
  • SNMP gateways available
  • Three levels of job hierarchy, two levels of dependency
  • Secure execution shell
  • Fully EMS compatible

Advantages

Maintenance and Development NetBatch is a mature product and will not be subject to further development. New facilities and functionality are still being developed for MultiBatch, driven by customer requirements. Interface NetBatch has either a command line or Pathway interface. MultiBatch has both of these and a GUI. Scheduler NetBatch controls the execution of a batch schedule and relies heavily on a JCL to control the actual jobs within a schedule. MultiBatch controls the execution of each element of a batch schedule. Individual jobs and their elements are more visible within MultiBatch. The attributes of each job within the schedule can be viewed and altered using MultiBatch application screens and all changes are subject to the appropriate security clearance and are recorded in an audit log. NetBatch jobs can be amended using an editor and are thus not subject to any security vetting or auditing. Failures NetBatch again relies on a complex JCL to detect failures in the elements of a schedule. Because MultiBatch controls each element of a batch schedule the detection of failures and the restarting of a schedule at the correct point is a simple matter. Parallel Processing Once again, NetBatch relies on the JCL for parallel processing and monitoring whilst it is an easy task to configure a MultiBatch schedule to handle this. Reporting NetBatch status information is written to a log file or spooler, making it difficult to integrate with a third party enterprise manager. MultiBatch writes status information in the form of EMS events, allowing monitoring by third party tools. Additionally, it is closely integrated with other products from Insider Technologies for more in-depth monitoring. In addition to the above, a migration tool is available that will allow a NetBatch schedule to be converted to a MultiBatch schedule.

pdfMultiBatch White Paper

Permalink.

Reflex

Reflex 80:20 Overview

Reflex 80:20 Overview

A dynamic HP NonStop Management tool, provides real-time, proactive and historical monitoring for all HP NonStop Subsystems, Applications and Services including OSS and XPNET, whether they run on NSK K Series, ServerNet, or the latest Integrity / Itanium, Blade platforms.

Reflex – Operations and Service Management Facility

Reflex is in use at many of the worlds most demanding Financial and Telecommunications sites and is the ideal, single replacement for OMF™, VIEWPOINT™, VHS™ and other HP NonStop monitoring products. Since the product is not reliant on the MEASURE subsystem or heavy polling software, CPU usage is extremely low. Reflex provides a concurrently accessible view of your entire HP NonStop estate (both network and supporting Guardian and OSS subsystems) from an integrated, graphical interface. EMS event alerts are mapped directly to the appropriate NonStop object component, e.g. XPNET station, line, batch job, CPU, disk, process, TCP/IP listner, MQ queue, Enscribe or SQL file providing both clear and audited troubleshooting capability to the Operations Bridge. Reflex 80:20 is a technical as well as a business tool because of its ability to:

  • Provide early warning of business process vulnerability – applications and hardware
  • Automatically escalate faults and restart critical business processes
  • Provide a tool that can be used by non-technical staff
  • Cover a heterogeneous environment to deal with connected devices and networks
  • Provide comprehensive HP NonStop component information and health for supporting subsystems from a single graphical view without requiring TACL command prompt syntax
  • Provide a wide range of reactions to alerts via SNMP, mobile SMS, pager and email
  • Route key events to enterprise managers (e.g. HP Operations Center™ using Smart Plug-In, Tivoli™ using TEC Adapter and logfile approaches and BMC Performance Manager™ using the PatrolCLI utility)
  • Convert 512 text events and application text messages to fully tokenised EMS for Open System Services (OSS), WebSphere MQ and Guardian processes
  • Provide auto-detection of and monitoring provision for the BASE24™ XPNET management layer, i.e. stations, lines, links, processes, devices and XPNET nodes
  • Provide the industry’s lowest overhead on CPU utilisation – just 1%
  • Provide system performance measurement of CPUs, Disks, TCP/IP, X25 and Processes including missing, looping, busy and suspect processes
  • Install quickly with self-checking installation macro and then autodetect major HP NonStop subsystems for fast implementation, e.g. PATHWAYs
  • Reduce maintenance and investment required
  • Efficient production and presentation of Management Information Reports without affecting the performance of the HP NonStop server
  • Reflex ships with several utilities that cater for bulk configuration of process / file monitoring, import / export of reaction / task configuration to allow easy replication of configuration across multiple HP NonStop nodes

pdfReflex White Paper

Permalink.

Reflex 80:20 Benefits

Benefits compared to Competitor Products

• The Reflex product is less intrusive than third-party products when comparing the relative CPU usage. The Reflex model is based on collecting data once and publishing it to interested parties whereas the third-party products collection model can be based on a ‘one collection per user’ basis.

• Reflex is installed on each NonStop node and each copy is used to manage an individual node autonomously. The only exchange of information with other NonStop nodes is a regular status heartbeat with other NonStop systems. If this heartbeat signifies an issue, then the user is invited to drill into a node from a central GUI to investigate any issues. There is no concept of forwarding management information in bulk to a central repository and this minimises the impact on the Expand network.

• The EMS event handling is more sophisticated. Nominated events can be filtered from EMS and mapped to specific icons using the values of tokens held within the event. E.g. subject token = $SYSTEM, map to an icon called $SYSTEM.

• The graphical display can be customised so that icons representing faults can be grouped into technical views (all discs, all spoolers), service views (all events for a specific application) or Business views (all events that say no traffic from Bank x for five minutes).  Different views can be provided for different groups of users from the same source of data.

• The Reflex product has a broader range of features; this includes a dedicated event console that links to the cause, effect, recovery template database and the ability to search for events containing similar attributes.

• In addition, the product has an automation module that allows a nominated series of programs to be executed automatically on the occurrence of an event to attempt to fix an issue.

• It is possible to accept incorrectly formatted EMS events or log messages written as pure text and to reformat them as new EMS events to help improve the quality of any monitoring.

• The product can be used to accept and convert SNMP traps to EMS events so that the NonStop system can be used to manage and monitor non NonStop devices.

• Reflex has accreditation for escalation to HP OpenView and Tivoli. Alternatively, the product can generate SNMP traps that can be routed to other Enterprise Management systems for filtering and display.

• It is possible to route management information relating to the NonStop performance counters and EMS logs in real time to off board storage for long term retention. This will allow the execution of complex queries against NonStop management data without any impact on the core NonStop node.

• This facility is particularly useful when researching EMS log data using our SQL tools, as reading and parsing the EMS data from its original log file is a CPU intensive and time consuming process.

• There is a commitment to evolve the Reflex product over the coming years and a Product road map is in place for the coming 12 months. This document is reviewed and updated constantly.

Permalink.

Reflex 80:20 Features

Reflex HP NonStop Monitoring and Management includes:

  • All HP NonStop files (including object, edit, ENSCRIBE and NonStop SQL) and comprehensive file attribute checking (including; if licensed, %full, number of records, broken, corrupt, timestamp change etc.) – includes a **status agent. Entire subvolumes can also be checked at a nominated poll period.
  • (** a status agent provides comprehensive information about the requested object / component including current status. This is obtained from the appropriate subsystem typically using a SPI or PATHSEND call.)
  • File arrival monitoring from remote systems based on calendar periods. This module allows users to monitor for the remote delivery of a file(s) to a nominated HP NonStop subvolume and that it has the correct attributes set, e.g. timestamp, EOF, RWEP security and owner and so on.
  • All Event Management Service (EMS) events for both system and application.
  • Aleri ATLAS™ global banking technology.
  • HP NonStop hardware component monitoring using generic AUTODISC utility, e.g. tapes.
  • ASYNC lines with automatic detection and status agent.
  • BASE24™ XPNET including autodetection and status agent for stations, lines, links, processes, devices and XPNET nodes. This module does not constantly poll the XPNET layer and provides quiet, CPU friendly monitoring using advised approaches from BASE24 technicians. Also, since BASE24 XPNET does not have an audit log, Reflex is able to monitor the EMS logs for XPNET security violations and escalate potential security threats in line with PCI DSS compliance.
  • CPUs performance including a status agent for viewing configuration information (e.g. TLEs configured, high / low pin PCB counts etc.)
  • Disks Status Agent (also Storage Management Foundation (SMF) virtual disks), monitoring of individual %full, cache hits and so on for both virtual and physical HP NonStop disks.
    Also a comprehensive status agent for viewing disk configuration, e.g. disk paths. Individual Disk I/O can be monitored and each Disk can be monitored against specific values.
  • EXPAND line monitoring. Monitor EXPAND events for Expand lines & paths and also Expand processes such as $NCP, $ZEXP (via Heartbeat).
  • HP NonStop network clustering.
  • MultiBatch batch scheduler (PowerPoint – 1.6MB) including alerting, autodetection and status agent (both Guardian and OSS compliant).
  • NetBatch™ job scheduler including alerting, automatic detection and status agent.
  • Open System Services (OSS) monitoring for UNIX image of HP NonStop.
  • Open System Management (OSM) monitoring.
  • PATHWAY monitoring including autodetection and two status agents. These modules provide an array of monitoring functions for checking TERMINALS, OBJECTS, SERVERS, TCPs, PROGRAMS as well as complete configuration checking (using SPI) including DEBUG ON/OFF, number of supporting processes defined, HOMETERM / program not present, server running from a ZZBI file, server FROZEN and so on.
  • Processes including status agent (also monitors missing, looping, suspect (e.g. in INSPECT) and busy processes). All process types supported (TNS, TNS/R and TNS/E running in Guardian or OSS). Detailed Status Agent included that can help in determining the cause of problems by showing information such as files opened, procedure call trace etc. Also provides the ability to start a Measurement.
  • Remote Data Facility (RDF) monitoring. DRNET can be catered for by parsing DRCOM output.
  • SPOOLCOM component monitoring including autodetection and status agent (also includes monitoring of the number of jobs in the spooler, via JOBSLOTS).
  • TCP/IP including autodetection and status agent (version four and isx) for monitoring TCP/IP process, subnet, route, listner and telserv components.
  • Transaction Management Facility (TMF) monitoring including status agent (hung, long running transactions, datavols, tape media, auditdump, audittrials).
  • TAPE mount requests.
  • WebSphere MQ™ (IBM MQ series) including autodetection and status agent (version 5.1, 5.3 and 5.3.1.4 on OSS).
  • X25 including autodetection and status agent.
  • OSI/MHS status agent and autodetection. Users having OSI/MHS subsystems can utilise the Reflex 80:20 OSI/MHS Autodiscovery module to populate the OSI/MHS stack programmatically for MTAs, APPLs, CUGs, DLISTs, DLISTMEMBERs and ROUTEs and subsequently request status and configuration information for each object.

Also includes:

  • Graphical (and audio monitoring) high-level HP NonStop system node display  (network monitor) and status monitor display (per node). All graphical displays are secured and concurrently accessible.
  • Dashboard for HP NonStop performance monitoring.
  • Comprehensive EMS event viewer using object filters, filter tables and nominated collectors. Full search and EMS token breakdown and cause / effect / recovery included.
  • Text to EMS conversion (Gateway) including 512 text events generated to EMS.
  • Text to EMS conversion also for WebSphere MQ and OSS (MQ EMS Gateway).
  • EMS event statistical analysis and graphing by event number, SSID and version tokens (Discovery).
  • Enterprise manager delivery of EMS exception alerts (TIVOLI™ TEC Adapter and logfile, HP OpenView Operations™ Smart Plug-In (SPI) (now HP Operations Center™), BMC Performance Manager™ (formerly Patrol™) using the PatrolCLI utility.
  • MEASURE on demand for processes and files (within Dashboard). Measure is not used by Reflex, in day-to-day monitoring of the HP NonStop systems. This ensures that CPU utilisation is kept to a minimum. Only authorised users can invoke a Measure request on demand.
  • Simple Network Management Protocol (SNMP) traps can be generated and received.
  • Object Monitoring Facility (OMF) conversion to Reflex.
  • Mobile SMS paging.
  • Email alerting.
  • Task Automation (TaskMaster). Tasks can be manually invoked by authorised users from the Reflex Status Monitor screen or invoked automatically on component failure.
  • Component rules analysis for SLA service monitoring (Service Monitor).
  • Comprehensive EMS console event viewing and filtering (Console). This module also provides an EMSA type breakdown of user selected EMS events to show all message tokens.
  • Includes lean communications software, ITL’s FastPipe for quick and efficient Windows to HP NonStop data relay.
  • Security classes and profiles to prevent unauthorised access.
  • Includes a business-level, read-only logon.
  • Reflex configuration reports.
  • Audible as well as visual alerts are catered for in Reflex Status Monitor. Sound files can be swapped on-site as required.

Reflex 80:20 is a NonStop, Fault Tolerant application

Permalink.

Reflex 80:20 Requirements

Hardware and software pre-requisites for the Reflex product:

• HP NonStop (ServerNet or Integrity platforms)

• Guardian D38 Operating System (or above)

• TMF

• SQL runtime system (SQL/MP runtime), or alternatively, NonStop SQL product

• Pathway (TS/MP)

• TCP/IP

• Non-RDF/DRNET Audited Volume *
* It is recommended that Reflex be installed on a Non-RDF/DRNET Audited Volume. If this is a cause for concern, please contact Insider Technologies Ltd to discuss further.
Reflex is installed using a menu driven TACL macro for easy deployment. The macro will perform checks and output the results of each stage of the Reflex product install so that if problems are encountered they can be resolved easily.
Windows Platform for GUI Install:

• Modern Pentium PC Specification

• 32Mb on-board RAM

• 20Mb free hard disk space

• Minimum 17” monitor recommended

• Graphics Resolution: 1027 x 768 x 16 minimum

• Windows XP, Vista, 7
* For escalation of HP NonStop issues to enterprise management solutions, email or mobile SMS, a dedicated Windows box is required.

Permalink.

Reflex 80:20 Compatibility

Update

Reflex 4.7M released

H06.20 accredited

Extensions summary:

  • Disk Monitoring – (I/O Times)
  • TCP/IP (Subnet M-State monitoring)
  • File Monitoring (Increased limits to numbers of files)

Insider Technologies has successfully completed a HP NonStop Blade accreditation test exercise at the HP offices at Wood Street, London. The testing took place between April 21st and 24th 2009.

The Insider Technologies Limited product successfully accredited was:

Reflex

The mainframe class monitoring and management software suite for the HP NonStop environment.

The HP NonStop ‘Blade Ready’ version of the software is:

Reflex, version 4.7L2

The version of the Blade operating system that the product was verified against was:

J06.04.02 on a HP Integrity NonStop NB50000C Blade System

For further information about the Insider Technologies Blade accreditation program, please contact the Insider Technologies Help Desk on +44 161 876 6606.

Reflex 80:20 Version 4.7M

Individual Disk Monitoring (I/O Times):

Individual Disk I/O monitoring is now available, where this facility can obtain the count of timings that I/O took on each Disk (Primary, Backup, Mirror and Mirror Backup Paths), polling each Disk at regular intervals.

If a specified monitoring value is exceeded then an EMS event is issued to alert HP NonStop personnel of the problem. When the Disk Paths return to specified I/O levels, then a subsequent EMS event is raised to clear the alert. All events can be forwarded to matching Disk Objects in Reflex Status Monitor, or escalated as with other types of Reflex monitoring and alerting.

Disk I/O monitoring continues to take place for all Disk Paths, even if half of a mirrored volume is down and there is no need to run Measure Counters to obtain this information; you just need to specify the I/O values and polling period and let Reflex alert you to any issues with Disk I/O.
TCP/IP extensions for 4.7M:

Reflex 80:20 provides an auto-detection utility and status agent for comprehensive, real-time monitoring of the HP NonStop TCP/IP subsystem (both TCP/IP v4 and TCP/IP v6), where Process, Telserv, Route, Listner and Subnet components can all be monitored.

If a TCP/IP subsystem component fails, then an EMS event will be issued with the option to forward it to a variety of escalation tools, e.g:

• Reflex Status Monitor
• Mobile SMS
• Email
• Enterprise Managers: Tivoli, HP Operations Center, BMC Performance Manager
• Restore the failed TCP/IP component via a Reflex TASK (automatically, or by Operator intervention)
Graphical TCP/IP object trees can be generated automatically for instant monitoring or can be constructed and tailored by the user, grouping appropriate components together.

EMS alerts can be mapped directly against each graphical TCP/IP object and users can also request object detail where the equivalent SCF data is graphically represented.
From release 4.7M, TCP/IP Subnet M-State Monitoring has been included, where Reflex can monitor the M-State flag for autodiscovered Subnets, which can assist in identifying a problem with TCP/IP v6 Failover.

If a Subnet M-State flag is identified as DOWN, then an EMS event is issued to alert HP NonStop personnel of the problem. When the M-State flag returns to normal, then a subsequent EMS event is raised to clear the alert. All events can be forwarded to matching Subnet Objects in Reflex Status Monitor, or escalated as with other types of Reflex monitoring and alerting

File-Metrics extensions for 4.7M:

The Reflex File Metrics monitoring facility can track a list of nominated files or subvolumes (including SQL, ENSCRIBE and Edit files) where numerous file attributes can be monitored and rules configured, so that if the monitored file / subvolume is not in a ‘healthy’ state, then a Reflex EMS event will be raised. As with TCP/IP monitoring, these alerts can be forwarded to a variety of destinations.

Some examples where users can benefit from Reflex File Metrics monitoring are:

• File is Corrupt, Broken or Crashed Open

• File has lost its Audit flag

• Timestamp of file has changed since last poll

• Saveabend files found in monitored subvolume

• File has lost its SQL Compiled status

• File no longer exists

• File upon arrival does not meet certain criteria, e.g. timestamp or security attributes are incorrect
From release 4.7M, several enhancements have been made to allow for increased flexibility, improved memory management and increased limits to the number of files that can be monitored.

Permalink.

Fraud Detection

Overview & Key Features

Everyone in the payments chain needs an agile, flexible cost effective solution for fraud and the challenges it presents – Sentra Fraud Detection is that solution.

Sentra Fraud Detection

Sentra is a proven platform for the alerting, monitoring and information management of systems, applications and transactions from Insider Technologies. Its GUI driven architecture has been used to monitor fraud by our global blue chip customers for more than 25 years. In the latest release of Sentra, Insider Technologies has significantly added to the flexibility and functionality, using new and innovative technology to allow an enhanced, user friendly, focused toolset to prevent, detect and manage fraud as the transaction occurs.

Key Features

Key features include:

  • Sophisticated Alerting engine to easily manage alerts and rules in a non-technical business focused environment
  • Simple to create Dashboards to manage fraud and transaction activity at any management level
  • Ability to manage the customer service impact as well as the fraud risk with targeted rules
  • Visually based tools to ensure alerts are managed efficiently and effectively
  • Multiple Machine Learning algorithms including Bayesian options, Random Forest and decision trees to provide easy and transparent on-going statistical analysis to reduce false positives
  • Easy to edit and test rules to react to strategic and tactical threats
  • Easy access to EMV data to determine fraud patterns
  • Integrated Big Data technology to manage user defined velocity and volume with instant statistical analysis to highlight unusual activity
  • Capable of accessing detailed transaction information with minimal mouse clicks
  • New channels are added with minimal cost and effort
  • Powerful targeted rules and alerts to efficiently and effectively protect revenue
  • Low infrastructure costs, thousands of transactions per second on an entry level server.

Response to threats

The agents of fraud will inevitably always be one step ahead, with new and inventive methods of creating fraudulent transactions – that’s the nature of the war against fraud. However, when a new method is discovered it is important that the tools are available to identify and respond to the threat, closing it down quickly.
Sentra Fraud Detection has the facility to update rules immediately to respond to tactical threats. The ability to provide test environments ensures that transactions can be easily replayed, in order to model how they perform in the live environment and to ensure that new rules do not create a flood of false positives.

Dashboards

Sentra Fraud Detection creates dashboards to monitor and manage the fraud environment as an integrated part of the wider system, without the need for any add-on components. These can include transaction volumes, fraud alert volumes or any business indicator required. Data can be drilled down with a single mouse click. A senior manager can have a different set of indicators to that of a supervisor. These charts can be instantly created by users from a large range of options from our continuously expanding library.

Rule Creation

The powerhouse of Sentra Fraud Detection is the rule creation capability: rules have been the engine of Sentra since its inception. This is a proven, robust, scalable architecture. Rules can be instantly created easily using plain business logic, simple drop-down menus – no requirement to understand complex data structures.
All rules are immediately available and programmed through the Graphical User Interface. As part of the rule definition, ‘flags’ are available to signal the method used to capture the data and the EMV field 55 codes. This ensures simple business rules can be created to determine if EMV functions have been used, without complex hex codes or programming type logic. No knowledge of SQL or any programming technology is required to create rules.
Complex analysis of Card Not Present (CNP) transactions is available if required as well as the typical fields to be used such as country and Merchant Category Code (MCC). The ability to provide easy to understand and granular fields ensures the ability to manage false positive rates.

User Named Lists

In order to make this even easier to interpret and create, User named lists can be created – say to represent ‘high risk’ countries or ‘suspicious’ Merchant Category Codes.
This means a rule can simply be ‘Is this transaction from a high risk country and a suspicious MCC type?’. If a new threat is discovered from a new country, this can simply be added to the list and all rules referencing high-risk countries will instantly use this as part of the rule determination. A simple example of the efficiencies to be gained through the architecture of Sentra Fraud Detection

Rules on Rules

Sentra Fraud Detection has the ability to determine if other rules have been triggered in a particular time period and can be used as part of a rule. This ensures highly flexible rules and an ability to manage false positives within rules. So an alert could be created for ‘tester’ transactions on the internet. A rule could then maintain vigilance for an internet transaction of a larger amount that has followed a tester transaction in a specified time period.

Instant Statistical Analysis

In addition to transaction-based rules, Sentra Fraud Detection uses big data techniques that provide multiple and high performance user defined summaries that can provide instant statistical analysis to determine out of pattern activity. These totals can be at any level, the individual merchant or terminal level or merchant category level.
Rules can be created such as ‘if a rolling total exceeds a threshold of 3.3 time standard deviation’ this would be an atypical event (less than 2.5% for a normal distribution) and should be flagged and investigated. The key attribute of this is that ‘atypical’ is a rolling definition. Local transactions in the middle of the night in a merchant type that is not typically open – would flag an exception – however, the same transaction count would not be unusual during the day. This can be taken into account as part of any rule.

Machine Learning

In a reference architecture for fraud, most experts agree that some form of statistical model is required, if only to filter the number of alerts being provided by the system. Sentra Fraud Detection can support multiple machine learning algorithms.

Alerting

Sentra Fraud Detection takes advantage of the proven and robust architecture of Sentra to manage alerts. Once alerts are generated they can be graphically illustrated by the hypervisor in Sentra Fraud Detection. In addition, alerts can be automatically forwarded to external systems to manage. Emails can be sent to senior management automatically. For example if a threshold has been reached where senior management should be alerted – e.g. the denial rate has risen to 10% for gold cards. This is an indicator that something is seriously wrong.
Sentra Fraud Detection is designed to be ergonomic and efficient, providing data with alerting, to maximise efficiency in investigating fraud. Within Sentra Fraud Detection, data is displayed for each alert and with a single mouse click all the information pertaining to that alert is instantly displayed. This includes other alerts generated by the same transaction. A score can also be allocated to alerts
to determine priorities, and these can be aggregated to determine an account or card priority.

Transaction Queries

Transaction queries can be launched with a simple mouse click to give detailed information about the transaction and highlight similar transactions that have happened recently.
The flexibility of the transaction query allows forensic analysis of transactions, simply and easily, should other views of the data be required. Data can be stored for long periods – one Sentra customer has 10 years available online. So data trends can be explored historically.
Data can also be exported to allow the use of other tools to manage the data – e.g. Excel. Ad hoc graphs and data analysis can also be created to visually manage and investigate trends.

Data Access

The system has the ability to manage the alerts and provide drill down detail of the transactions based on an alert. Instantly all transactions from an account can be viewed and the details displayed providing easy to manage alerts.

Data Mining

Based on the storage of transaction data and also, given the wide range of data available, Sentra Fraud Detection can also be used as the foundation for big data analysis. Tools such as Splunk, Pentaho, Hadoop, R and Tableau can be used together with standard BI tools such as BIRT to provide insights into the data. This can be for the evaluation of fraud, or to other business benefits such as marketing, customer retention or strategic planning.

Data Input

Sentra is designed with a wealth of tools to allow access to data. The system is designed to take a feed of transactions from any source, be it log files, external files or transactions intercepted via IP or MQ. New data streams can be configured using XML tools to allow easy access to new data sources. Importantly the open architecture allows easy access to any data requirements and new fields as they become available.

Summary

Sentra Fraud Detection provides an industrial strength proven architecture, using state of the art big data and machine learning tools to allow a comprehensive, flexible, cost effective solution to fraud – ensuring maximum effectiveness with minimum ongoing costs. This provides any element of the payments chain with a robust tool to meet the challenges of the ever-changing fraud ecosystem.

Click here to read full details about Sentra Fraud Detection: Overview & Key Features; Machine Learning & Statistical Analysis; Cost Effective Solution

Excel, Splunk, Pentaho, Hadoop, R and Tableau and BIRT trademarks acknowledged.

Permalink.

Machine Learning & Statistical Analysis

Machine Learning and statistical analysis


Machine Learning is an area of computer science that is rapidly growing to take advantage of advances in the cost performance ratio of data processing; many of the initiatives are related to big data process and advances.

Most of us use Machine Learning in some form already, the search engine you use is based on Machine Learning, the recommendations generated on the web site based on your previous purchases and the spam filter on your email are all examples of Machine Learning.

Machine Learning is useful in fraud detection as it can be used to provide supervised learning – that is when a known state e.g. fraud is presented to the algorithm, it can classify this based on elements of the data and estimate if a new transaction presented is likely to be fraudulent and provide the user with a prediction.

Reference architecture for fraud detection systems

The card associations recommend using statistical techniques to filter transactions provided for rules. This reference architecture provides the best levels of detection of fraud. Machine Learning algorithms provide an excellent basis for those statistical techniques.

Which is the best technique?

There are many different algorithms for Machine Learning. Traditional fraud detection systems provide Machine Learning, Neural Networks where the system emulates a brain with using statistical probabilities, and Bayesian Analysis, which is based on the combined probabilities of discrete data within the analysis.

Vendors will go to great lengths to tell you which one is better.

Our investigations for Sentra Fraud Detection showed that both Neural Networks and Bayesian analysis could provide excellent results. Also combining these techniques with newer techniques such as Random Forest and Gradient boosted trees and Deep Learning techniques (combining various options) we found we could incrementally improve the scores. With a wide array of data, Sentra Fraud Detection has multi dimensional data available to provide to the models, improving accuracy.

The reality is there is no one size fits all, at Insider Technologies we have created the ability to use multiple models and techniques in parallel. This allows the best method for your profile of fraud to be implemented. These can easily be trained using freely available software – ensuring there is a low maintenance cost and models can quickly be updated and retrained. This can be performed by Insider Technologies – or by customers to reduce ongoing maintenance.

Sentra utilises a combination of big data tools to provide the Machine Learning, these include Weka, MOA, R and H20.

Machine Learning – the highest possible probability of catching fraud

Machine Learning can be a useful productivity tool to add to Sentra Fraud Detection – providing a statistical analysis layer on top of the existing user defined ones available in Sentra Fraud Detection rules. It can reduce false positives and increase the probability of catching fraud at the first transaction. Additionally, with low maintenance timeframes and costs, new fraud trends can be easily and quickly modeled to ensure maximum detection rates.

Click here to read full details about Sentra Fraud Detection: Overview & Key Features; Machine Learning & Statistical Analysis; Cost Effective Solution

Permalink.

Cost Effective Solution

The new, cost effective solution to the threat of fraud.

In today’s world, a bank heist is no longer masked men with shotguns shouting and making getaways in fast cars.
The robbery today is much more likely to involve a worldwide network of laptops, mobile phones and couriers.
In the same way bank robberies were headline news, payments fraud is now front page news. Like robberies, insurance may cover the financial cost but the cost to reputations from fraud is potentially far greater; customers do not distinguish on the basis of liability. Many well documented instances exist of major retailers having share price and profits eroded, all attributable to a fraud breach.

Tools available

Tools available in Sentra Fraud Detection to combat and monitor the threat of fraud include:

  • User friendly rules, with testing and control facilities, to facilitate the rapid deployment of tactical rules
  • Inbuilt multi-dimensional statistical analysis, to easily detect trends that are anomalous, within rules in simple instructions
  • User defined dashboards which can be tailored for any level of the organisation
  • Operational alerting – senior management can be alerted by email if there is a sudden spike in fraud alerts or transaction types
  • Multiple statistical prediction techniques including multiple techniques such as Bayesian, Neural Network and Random Forest.

Sentra Fraud Detection is a new solution designed to provide a cost effective approach to the containment of fraud using the Sentra Monitoring core, proven with some of the world’s largest banks, integrated with new technologies added to the Sentra framework such as instant multidimensional statistical analysis, big data and multiple machine learning algorithms. As the cost of CPU, storage and memory continues to reduce, these new techniques now become an option for real-time analysis of data, which cannot be easily or cost effectively integrated into the rigid architectures of today’s existing solutions.

All of these are available for instant analysis as soon as the transaction is presented to Sentra Fraud Detection. New channels are constantly being created, Sentra Fraud Detection allows additions to new channels to be made simply, without programming intervention.
The use of statistical models often require costly and time consuming services from the vendors, Insider Technologies uses a strategy that allows the use of open source tools to model machine learning statistical tools – this allows for the update of models easily and cheaply by trained staff within the organisation to constantly improve accuracy. All can easily be modeled using nothing more than a laptop without intervention from Insider Technologies.

The reality is that no fraud prevention system can predict a new fraud pattern, organised crime networks, amonst others, will always be seeking new weaknesses to exploit. When this occurs the weaknesses need to be overcome straightaway. Using a combination of statistical analysis and detective work Sentra Fraud Detection provides the tools to monitor and track historical trends and patterns to manage new frauds as they emerge and rapidly block the new exploitation by the criminal gangs.

Managing Risk vs Revenue


Every organisation has to struggle with the need to allow the customer to use the product in a revenue gaining manner vs the risk of fraud.
Sentra Fraud Detection allows the use of lists to create VIP lists to ensure that specified cards/accounts are not flagged automatically for high spending clients who wish to spend. Indeed, the rules can be used as an automatic way to monitor spending for VIP customers allowing proactive customer service – e.g. updating credit or spending limits as soon as they are approached – making it seamless for the customer yet remaining in control of the risk.

Summary

Sentra Fraud Detection provides a low cost, effective and agile solution, not only for the initial deployment, but also for ongoing maintenance – ensuring you have optimal management of fraud and control of your costs.

Click here to read full details about Sentra Fraud Detection: Overview & Key Features; Machine Learning & Statistical Analysis; Cost Effective Solution

Permalink.