Citrix recently released XenApp/XenDesktop 7.6 Feature Pack 1, and one of the release’s key items is a new Platinum-only feature, Session Recording. Session Recording is akin to the old SmartAuditor, which records mouse and keyboard activities within user sessions.
Like SmartAuditor, the Session Recording feature is touted for its value in troubleshooting, training, and auditing/compliance within XenApp user sessions, not XenDesktop sessions. Ironically, Session Recording is a feature of XenDesktop Platinum, not XenApp Platinum, so enterprises will need to purchase XenDesktop Platinum for this XenApp-only feature. Strange, but true.
The key features of XenDesktop Platinum are now Director and Session Recording. While Director has steadily improved with each release and has extensive monitoring capabilities, does it, combined with the new Session Recording functionality, provide sufficient value-add to command the Platinum price tag? Or will companies forgo these Platinum-only features and instead purchase Enterprise licensing together with a third-party monitoring product?
The implementation rate for the previous SmartAuditor offering was quite low. The new Session Recording offering has some improvements, especially ones related to the storage requirements for the recordings. However, is this enough to serve as the Platinum glitter that entices organizations to let themselves be upsold when purchasing Citrix licensing?
Many companies purchase Platinum licensing just because it’s the most robust edition and provides everything. Salespeople lead with the Platinum discussion, and some customers never fully review the feature sets provided with the various editions. As a result, it has become the standard in many organizations.
In the past, features such as AppDNA and SmartAuditor were the Platinum glitter, but AppDNA became integrated with XenApp/XenDesktop, and SmartAuditor fell into a black hole for a few years in the early XenDesktop 7.x releases. Actual use of these Platinum-only features was not widespread.
Last year, I posted an article entitled Recording User Session Activities — Or Not?, wherein I discussed the pros and cons of recording user session activities. At a minimum, one or more servers are required, as well as database licensing and IT resources to configure and maintain this functionality. While there are benefits to recording user sessions from a troubleshooting and training perspective, it is nearly impossible to find an organization using Session Recording for these purposes.
In the real world, the use case for Session Recording is compliance and auditing. But is this a wise use case? Let’s say that you are applying for a loan at a bank. The loan representative asks you for some confidential information, such as your social security number, mother’s maiden name, salary, and more. In addition, you provide tax returns, check stubs, and several other documents that are scanned into the loan application. All of this confidential data appears in full view for the loan representative. If any type of session recording is in use, all of this confidential data also appears in full view to anyone who accesses the recordings.
In addition to improprieties that can occur in conjunction with directly viewing the session recordings, the stored recordings are becoming a confidentially liability for IT organizations. In this age of security breaches’ occurring within financial and healthcare organizations in particular, is recording user session data worth it? Probably not.
Thus Director, with its in-depth monitoring capabilities, remains the Platinum glitter and the tipping point between Enterprise and Platinum licensing.