SlideShare a Scribd company logo

Обзор и практическое применение Dell Change Auditor

Download as PPTX, PDF
BAKOTECH
BAKOTECH

Презентация Владислава Самойленко, senior sales engineer BAKOTECH. Вебинар Обзор и практическое применение Dell Change Auditor (26/02/2015).

Technology
1 of 60
Change Auditor Vlad Samoylenko | BAKOTECH GROUP| vs@bakotech.com
Dell - Restricted - Confidential2 Modules covered in this presentation • Change Auditor for Active Directory • Change Auditor for AD Queries • Change Auditor for Exchange • Change Auditor for SharePoint • Change Auditor for Windows File Servers • Change Auditor for NetApp • Change Auditor for EMC • Change Auditor for SQL Server
Dell - Restricted - Confidential3 The Challenges Microsoft Active Directory, Exchange, SharePoint, Windows File Servers, VMware, NetApp, EMC and SQL Server are part of your mission-critical infrastructure • Event logging and change reporting are required to satisfy auditor requests and prove compliance • No comprehensive view of all changes and event logs, they scattered in various locations and formats • Searching for a specific event is time consuming and frustrating • Native event details contain limited information which is difficult to decipher without application expertise • No protection exists to prevent sensitive objects from being deleted or logs from rolling over. Administrators aren’t usually made aware of problems until it is too late causing potential compliance violations and system downtime • Reporting is a time consuming process • Event context is lost when viewing any single event across the Microsoft eco-system
Dell - Restricted - Confidential4 Enables enterprise-wide change management from an intuitive client. Sort, group, filter and graph on the fly. Ensures a secure and compliant infrastructure by tracking changes in real time, while logging the origin as well as before and after values. Strengthens internal controls through object protection and insight into both authorized and unauthorized changes. The Solution: Change Auditor • Real-time, consolidated change auditing for: AD, AD Queries, Exchange, SharePoint, SQL, Windows file servers, VMware, NetApp, EMC, Lync, User logon Activity, SonicWALL NGFW devices, cloud storage auditing, Registry, Services, Local Users & Groups
Dell - Restricted - Confidential5 What is Change Auditor? Change Auditor provides complete, real-time change auditing, in-depth forensics and comprehensive reporting on all key configuration, user and administrator changes for Active Directory, ADLDS, AD Queries, Exchange, SharePoint, Lync, VMware, NetApp, Windows File Servers, EMC, and SQL Server. Change Auditor also tracks detailed user activity for web storage and services, logon and authentication activity and other key services across enterprises. Who made the change? When the change was made? Why the change was made? (Comment) Where the change was made from? What object was changed (before and after)? Smart Alerts Workstation where the request originated?
Dell - Restricted - Confidential6 Change Auditor - Key Features • In-depth auditing for: • Active Directory & ADLDS • Exchange • SharePoint • Windows File Servers • EMC • NetApp • Microsoft Lync • Detailed who, what, when, where, why and workstation, plus original and current values for all changes – presented in simple terms • Event Context – provides change information in relationship to other things happening in your environment • Optionally log events to a Windows event log • Protect against undesirable changes to AD objects, mailboxes, Windows files and folders • Restore unwanted changes to AD with a single click • User Logon Activity • SonicWALL NGFW devices • Cloud storage providers • SQL Server • VMware vCenter /ESX Hosts • AD queries against Active Directory (Applications and scripts) • Registry, Local Users & Groups, and Services
Dell - Restricted - Confidential7 Change Auditor 6.6 Architectural diagram InTrust
Change Auditor for Active Directory
Dell - Restricted - Confidential9 Change Auditor for Active Directory AtAGlance EasyRead EventFilter Context & Restore
Dell - Restricted - Confidential10 Change Auditor for Active Directory: GPO Settings
Dell - Restricted - Confidential11 Change Auditor for Active Directory: Locked Out
Dell - Restricted - Confidential12 Change Auditor for Active Directory ObjectProtect
Dell - Restricted - Confidential13 Change Auditor for Active Directory Role-Based Access
Change Auditor For Exchange
Dell - Restricted - Confidential15 The Challenges of Managing Exchange • Impossible to natively track changes to Exchange Store settings • Event log and audit data that is distributed throughout the enterprise • Volume of audit data is difficult to archive • Audit data is takes time to analyze, trend, report on and distribute • Native auditing does not provide detailed information on: – Non-owner mailbox access and specific activity related to this access – Changes to permissions at the client level – Changes to permissions to the Configuration Store • Native auditing does not provide detailed change tracking of permission changes made to a mailbox within AD
Dell - Restricted - Confidential16 • No visibility into administrator or user activity in the cloud • Remote logs must be subscribed and downloaded • No alerting based on activity • Events are only in Excel 2010 format • Requires programming skills to turn on and collect audit data Managing Exchange Online / Office 365
Dell - Restricted - Confidential17 What to consider if your going to audit Exchange • Access to Key Mailboxes – Executives, Board members, HR, … – Ignore Non-Owner auditing messages from Departmental Mailboxes • Changes to membership to Key Distribution Lists – Senior Leadership Team – discuss company strategies • Changes to administrative security groups • Exchange Server configuration changes
Dell - Restricted - Confidential18 Change Auditor for Exchange Role-Based Access MailboxProtect
Dell - Restricted - Confidential19 Change Auditor for Exchange ConfigTracker
Dell - Restricted - Confidential20 Change Auditor for Exchange
Dell - Restricted - Confidential21 Change Auditor for Exchange
Change Auditor for Windows File Servers Change Auditor for NetApp Change Auditor for EMC
Dell - Restricted - Confidential23 Managing Files and Access can be difficult • Providing timely information to help compliance/security teams meet requirements around file/object access is critical: – What are users doing with their access? – When potential violations occur to permission changes? – When ownership changes take place? • Critical documents may be at risk without reporting/alerting on permission and ownership changes. • File/Folder access auditing has always been a big hole in regards to compliance and security initiatives. • The collecting and reporting on file access audit data is difficult and takes many man hours. • Archiving and consolidating event logs takes up a large amount of network bandwidth and disk space. • Native file access auditing degrades server performance. • Permission changes made to files and folders is difficult to capture and interpret.
Dell - Restricted - Confidential24 With Change Auditor for Windows File Servers, NetApp & EMC you can… • Centralize File System and NAS auditing into a single task – Normalized events across differing file infrastructure – Simplify and centralize alerting & configuration • Reduce cost & complexity and meet security objectives – Easily determine what permission changed – Easily determine what action was performed • Improve IT Operational Management and Efficiency – Critical system resources are saved & security is improved • Block users from destructive and dangerous actions – Prevent deletion and changes to permissions – Windows File System only
Dell - Restricted - Confidential25 Change Auditor for Windows File Servers, NetApp & EMC
Dell - Restricted - Confidential26 Change Auditor for Windows File Servers
Dell - Restricted - Confidential27 Change Auditor for Windows File Servers ShareAudit Real-Time Alert RapidReport
Dell - Restricted - Confidential28 Change Auditor for Windows File Servers ShareAudit
Change Auditor for SQL Server
Dell - Restricted - Confidential30 Change Auditor for SQL Server • Organizations face increased demands to improve security to meet regulatory requirements surrounding sensitive and financial data. • Reduce the risks of operational outages from accidental or malicious actions by privileged users. • Report on DBA and other privileged users activity on your SQL Servers across the enterprise and answer questions such as: – How do you monitor access to confidential information? – How do you log SQL Server security events such as startups, shutdowns, and logins and do you review exceptional events? – How do you report on direct access to production data that is outside of normal application controls? – How do you monitor database configuration and parameter setting changes?
Dell - Restricted - Confidential31 Change Auditor for SQL Server (2) • Automates the process of collecting data about both privileged and non-privileged access. • Centralizes the collected events • Normalizes SQL and other Windows events into a single platform in simple to understand terms • Allows privileged users to perform their important and required job duties by unobtrusively monitoring and auditing behaviors • Allows you to answer your auditors’ and regulators’ questions about how you manage activity of users on SQL Servers across the enterprise
Dell - Restricted - Confidential32 Change Auditor for SQL Server Auditing Templates • Enable SQL Server auditing by adding a SQL Auditing template to an agent configuration. – Which can then be assigned to a Change Auditor agent (SQL Server) • Change Auditor ships with a pre-defined SQL Auditing template – Best Practice SQL Auditing Template
Dell - Restricted - Confidential33 Common SQL Configuration Examples Only audit events for databases named “Accounting”: Audit any activity that is not from this service account: Audit any activity that is not from my application server:
Dell - Restricted - Confidential34 Change Auditor for SQL Server Supports: SQL 2005, 2008+R2, & 2012
Dell - Restricted - Confidential35 Change Auditor for SQL Server
Dell - Restricted - Confidential36 Change Auditor for SQL Server: Captures the Actual Query Used
Dell - Restricted - Confidential37 Native SQL Auditing
Dell - Restricted - Confidential38 SQL Server Audit Events in the Best Practices Template • Add DB User • Add Login • Add Login to server role • Add Member to DB role • Add Role • Change Database Owner • Change Member in DB Role • Create database • Delete database • Delete DB user • Delete Login • Delete Login from Server role • Delete member from DB role • Delete Role • Grant database access to DB user • Revoke database access from DB user In Total Almost 400 SQL events can be captured
Change Auditor for SharePoint
Dell - Restricted - Confidential56 Change Auditor for SharePoint • Audit SharePoint 2010 & 2013 – Includes Foundation Servers – Doc libraries, Lists, Permissions, etc. • Powerful tool when combined with CA UI grouping/sorting/filtering – See historical changes to sites and documents – Track users activity on a site by site basis • Track changes to farm/site configuration – Audits changes to Central administration – Additions of Sites and Site Libraries
Dell - Restricted - Confidential57 Change Auditor for SharePoint
Change Auditor Reporting
Dell - Restricted - Confidential59 Reporting Capabilities in Change Auditor
Dell - Restricted - Confidential60 Built-in Searches for Historical Reporting
Dell - Restricted - Confidential61 Recommended Best Practice Reporting
Dell - Restricted - Confidential62 Regulatory Compliance Reporting
InTrust
Dell - Restricted - Confidential64 Make sense of your IT data with on-the-fly investigations • InTrust: consolidate, store, search and analyze massive amounts of IT data in one place with real-time insights into user activity for security, compliance and operational visibility. – Reduce the complexity of searching, analyzing and maintaining critical IT data scattered across information silos – Speed security investigations and compliance audits with complete real- time visibility of your privileged users and machine data in one searchable place – troubleshoot widespread issues should an incident occur – Save on storage costs and adhere to compliance event log requirements (HIPAA, SOX, PCI, FISMA, etc.) with a highly compressed and indexed online long-term event log repository
Dell - Restricted - Confidential65 InTrust as a big data solution with IT Search “Make sense of your IT data” • IT Search lets your organization make sense of the “big IT data” including log events, changes, file permissions, users entitlements and more to streamline regulatory compliance, conduct security incident investigations and improve day to day operations
Dell - Restricted - Confidential66 Search all IT assets in one place
Dell - Restricted - Confidential67 Exploit relationships between events and state based data
Dell - Restricted - Confidential68 See what resources users had accessed
Dell - Restricted - Confidential69 See where users have access
Dell - Restricted - Confidential70 See how access was obtained
Dell - Restricted - Confidential71 Other Enhancements Task The old way The new way Gathering of Windows logs Schedule based, have to wait hours until data becomes available Real-time, data is available seconds after it is generated Support of network devices (syslog data) Separate set up, unnecessary Windows event log overhead, poor performance Built into the main InTrust components, no overhead, great performance Running reports Slow import to the SQL database, clunky SSRS infrastructure, hard to create custom reports Reports directly from the repository, RV as the reporting client, every search easily converts into a report Integration with CA and ER Clunky and limited integration through QKP Unified and fast access to data from multiple products through web based search engine Integration with SIEM Schedule based querying of the audit DB Real-time forwarding of all logs that are collected Incidents investigation Slow, static and raw analysis of events from the audit DB Fast, customizable and free form searches against the indexed repository with rich results visualization
Change Auditor Integration
Change Auditor and InTrust
Dell - Restricted - Confidential74 InTrust (Short Term Storage) Reports (Knowledge Portal) InTrust - Scheduled (Long Term Storage) Exchange Active Directory/ LDAP Windows File Server Change Auditor Real Time Change Auditor Client) SQL Server EMC NetApp Change Auditor Long Term Storage & InTrust Architecture 40Xcompression ratio
Dell - Restricted - Confidential75 • •
To learn more about Change Auditor • http://www.software.dell.com/products/change-auditor • Write an e-mail to vs@bakotech.com

Recommended

Security that works with, not against, your SaaS business
Security that works with, not against, your SaaS businessSecurity that works with, not against, your SaaS business
Security that works with, not against, your SaaS businessCloudPassage
 
Resume_Ram Dass
Resume_Ram DassResume_Ram Dass
Resume_Ram DassRam Dass
 
Dell Solutions Tour 2015 - Chromebook - Dell og Google viser vei, Ross Mahon ...
Dell Solutions Tour 2015 - Chromebook - Dell og Google viser vei, Ross Mahon ...Dell Solutions Tour 2015 - Chromebook - Dell og Google viser vei, Ross Mahon ...
Dell Solutions Tour 2015 - Chromebook - Dell og Google viser vei, Ross Mahon ...Kenneth de Brucq
 
Introduction to Service Manager
Introduction to Service ManagerIntroduction to Service Manager
Introduction to Service ManagerCireson
 
VMworld 2013: How to Identify if Your vSphere Environment is Configured to Me...
VMworld 2013: How to Identify if Your vSphere Environment is Configured to Me...VMworld 2013: How to Identify if Your vSphere Environment is Configured to Me...
VMworld 2013: How to Identify if Your vSphere Environment is Configured to Me...VMworld
 
Security Challenges in Cloud Integration - Cloud Security Alliance, Austin Ch...
Security Challenges in Cloud Integration - Cloud Security Alliance, Austin Ch...Security Challenges in Cloud Integration - Cloud Security Alliance, Austin Ch...
Security Challenges in Cloud Integration - Cloud Security Alliance, Austin Ch...Glen Roberts, CISSP
 
So you’ve successfully installed SCOM… Now what.
So you’ve successfully installed SCOM… Now what.So you’ve successfully installed SCOM… Now what.
So you’ve successfully installed SCOM… Now what.Microsoft TechNet - Belgium and Luxembourg
 
The Top Eight Best Practices for Deploying XenApp and XenDesktop 7.6
The Top Eight Best Practices for Deploying XenApp and XenDesktop 7.6The Top Eight Best Practices for Deploying XenApp and XenDesktop 7.6
The Top Eight Best Practices for Deploying XenApp and XenDesktop 7.6eG Innovations
 

Recommended

Security that works with, not against, your SaaS business
Security that works with, not against, your SaaS businessSecurity that works with, not against, your SaaS business
Security that works with, not against, your SaaS businessCloudPassage
 
Resume_Ram Dass
Resume_Ram DassResume_Ram Dass
Resume_Ram DassRam Dass
 
Dell Solutions Tour 2015 - Chromebook - Dell og Google viser vei, Ross Mahon ...
Dell Solutions Tour 2015 - Chromebook - Dell og Google viser vei, Ross Mahon ...Dell Solutions Tour 2015 - Chromebook - Dell og Google viser vei, Ross Mahon ...
Dell Solutions Tour 2015 - Chromebook - Dell og Google viser vei, Ross Mahon ...Kenneth de Brucq
 
Introduction to Service Manager
Introduction to Service ManagerIntroduction to Service Manager
Introduction to Service ManagerCireson
 
VMworld 2013: How to Identify if Your vSphere Environment is Configured to Me...
VMworld 2013: How to Identify if Your vSphere Environment is Configured to Me...VMworld 2013: How to Identify if Your vSphere Environment is Configured to Me...
VMworld 2013: How to Identify if Your vSphere Environment is Configured to Me...VMworld
 
Security Challenges in Cloud Integration - Cloud Security Alliance, Austin Ch...
Security Challenges in Cloud Integration - Cloud Security Alliance, Austin Ch...Security Challenges in Cloud Integration - Cloud Security Alliance, Austin Ch...
Security Challenges in Cloud Integration - Cloud Security Alliance, Austin Ch...Glen Roberts, CISSP
 
So you’ve successfully installed SCOM… Now what.
So you’ve successfully installed SCOM… Now what.So you’ve successfully installed SCOM… Now what.
So you’ve successfully installed SCOM… Now what.Microsoft TechNet - Belgium and Luxembourg
 
The Top Eight Best Practices for Deploying XenApp and XenDesktop 7.6
The Top Eight Best Practices for Deploying XenApp and XenDesktop 7.6The Top Eight Best Practices for Deploying XenApp and XenDesktop 7.6
The Top Eight Best Practices for Deploying XenApp and XenDesktop 7.6eG Innovations
 
Le soluzioni tecnologiche per il Copy Data Management
Le soluzioni tecnologiche per il Copy Data ManagementLe soluzioni tecnologiche per il Copy Data Management
Le soluzioni tecnologiche per il Copy Data ManagementJürgen Ambrosi
 
Predicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile WorldPredicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile WorldQuest
 
Ensuring Rock-Solid Unified Endpoint Management
Ensuring Rock-Solid Unified Endpoint ManagementEnsuring Rock-Solid Unified Endpoint Management
Ensuring Rock-Solid Unified Endpoint ManagementQuest
 
RES Software Online Seminar 10 mei 2011
RES Software Online Seminar 10 mei 2011RES Software Online Seminar 10 mei 2011
RES Software Online Seminar 10 mei 2011RES Software Nederland
 
VMware: my jsme “software defined”
VMware: my jsme “software defined”VMware: my jsme “software defined”
VMware: my jsme “software defined”MarketingArrowECS_CZ
 
Unidesk and VMware Customer Webinar: Ohio Department of Developmental Disabil...
Unidesk and VMware Customer Webinar: Ohio Department of Developmental Disabil...Unidesk and VMware Customer Webinar: Ohio Department of Developmental Disabil...
Unidesk and VMware Customer Webinar: Ohio Department of Developmental Disabil...Unidesk Corporation
 
VTScada Instantly Intuitive SCADA Software
VTScada Instantly Intuitive SCADA SoftwareVTScada Instantly Intuitive SCADA Software
VTScada Instantly Intuitive SCADA SoftwareTrihedral
 
Your Biggest Systems Management Challenges – and How to Overcome Them
Your Biggest Systems Management Challenges – and How to Overcome ThemYour Biggest Systems Management Challenges – and How to Overcome Them
Your Biggest Systems Management Challenges – and How to Overcome ThemQuest
 
System Center Configuration Manager 2012 Sneak Peek
System Center Configuration Manager 2012 Sneak PeekSystem Center Configuration Manager 2012 Sneak Peek
System Center Configuration Manager 2012 Sneak PeekC/D/H Technology Consultants
 
Downtime is Not an Option: Integrating IBM Z into ServiceNow and Splunk
Downtime is Not an Option: Integrating IBM Z into ServiceNow and SplunkDowntime is Not an Option: Integrating IBM Z into ServiceNow and Splunk
Downtime is Not an Option: Integrating IBM Z into ServiceNow and SplunkPrecisely
 
Automated Operating System Deployment Using SCCM 2012
Automated Operating System Deployment Using SCCM 2012Automated Operating System Deployment Using SCCM 2012
Automated Operating System Deployment Using SCCM 2012Abdelslam Elsobky
 
Le soluzioni tecnologiche per il disaster recovery e business continuity
Le soluzioni tecnologiche per il disaster recovery e business continuityLe soluzioni tecnologiche per il disaster recovery e business continuity
Le soluzioni tecnologiche per il disaster recovery e business continuityJürgen Ambrosi
 
The Business Value of System Center 2012
The Business Value of System Center 2012The Business Value of System Center 2012
The Business Value of System Center 2012jmustac
 
Bright talk mapping the right aut solution for you 2014 final (1)
Bright talk mapping the right aut solution for you 2014 final (1)Bright talk mapping the right aut solution for you 2014 final (1)
Bright talk mapping the right aut solution for you 2014 final (1)Sectricity
 
AutomateandsimAutomate and Simplify Your IT Management Operations
AutomateandsimAutomate and Simplify Your IT Management OperationsAutomateandsimAutomate and Simplify Your IT Management Operations
AutomateandsimAutomate and Simplify Your IT Management OperationsDell World
 
Citrix xenapp training
Citrix xenapp training Citrix xenapp training
Citrix xenapp training Yuvaraj1986
 
Troubleshooting Tools – How to isolate and resolve issues in your XenApp & Xe...
Troubleshooting Tools – How to isolate and resolve issues in your XenApp & Xe...Troubleshooting Tools – How to isolate and resolve issues in your XenApp & Xe...
Troubleshooting Tools – How to isolate and resolve issues in your XenApp & Xe...David McGeough
 
VMware hyperkonvergovaná infrastruktura (HCI)
VMware hyperkonvergovaná infrastruktura (HCI)VMware hyperkonvergovaná infrastruktura (HCI)
VMware hyperkonvergovaná infrastruktura (HCI)MarketingArrowECS_CZ
 
1° Sessione - Tecnologie hyperconvergenti e di virtualizzazione storage: VMwa...
1° Sessione - Tecnologie hyperconvergenti e di virtualizzazione storage: VMwa...1° Sessione - Tecnologie hyperconvergenti e di virtualizzazione storage: VMwa...
1° Sessione - Tecnologie hyperconvergenti e di virtualizzazione storage: VMwa...Jürgen Ambrosi
 
Oracle Enterprise Manager 12c: updates and upgrades.
Oracle Enterprise Manager 12c: updates and upgrades.Oracle Enterprise Manager 12c: updates and upgrades.
Oracle Enterprise Manager 12c: updates and upgrades.Rolta
 
Active Directory security and compliance: Comprehensive reporting for key sec...
Active Directory security and compliance: Comprehensive reporting for key sec...Active Directory security and compliance: Comprehensive reporting for key sec...
Active Directory security and compliance: Comprehensive reporting for key sec...Zoho Corporation
 
Change Monitoring of Active Directory
Change Monitoring of Active DirectoryChange Monitoring of Active Directory
Change Monitoring of Active DirectoryZoho Corporation
 

More Related Content

What's hot

Le soluzioni tecnologiche per il Copy Data Management
Le soluzioni tecnologiche per il Copy Data ManagementLe soluzioni tecnologiche per il Copy Data Management
Le soluzioni tecnologiche per il Copy Data ManagementJürgen Ambrosi
 
Predicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile WorldPredicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile WorldQuest
 
Ensuring Rock-Solid Unified Endpoint Management
Ensuring Rock-Solid Unified Endpoint ManagementEnsuring Rock-Solid Unified Endpoint Management
Ensuring Rock-Solid Unified Endpoint ManagementQuest
 
RES Software Online Seminar 10 mei 2011
RES Software Online Seminar 10 mei 2011RES Software Online Seminar 10 mei 2011
RES Software Online Seminar 10 mei 2011RES Software Nederland
 
VMware: my jsme “software defined”
VMware: my jsme “software defined”VMware: my jsme “software defined”
VMware: my jsme “software defined”MarketingArrowECS_CZ
 
Unidesk and VMware Customer Webinar: Ohio Department of Developmental Disabil...
Unidesk and VMware Customer Webinar: Ohio Department of Developmental Disabil...Unidesk and VMware Customer Webinar: Ohio Department of Developmental Disabil...
Unidesk and VMware Customer Webinar: Ohio Department of Developmental Disabil...Unidesk Corporation
 
VTScada Instantly Intuitive SCADA Software
VTScada Instantly Intuitive SCADA SoftwareVTScada Instantly Intuitive SCADA Software
VTScada Instantly Intuitive SCADA SoftwareTrihedral
 
Your Biggest Systems Management Challenges – and How to Overcome Them
Your Biggest Systems Management Challenges – and How to Overcome ThemYour Biggest Systems Management Challenges – and How to Overcome Them
Your Biggest Systems Management Challenges – and How to Overcome ThemQuest
 
System Center Configuration Manager 2012 Sneak Peek
System Center Configuration Manager 2012 Sneak PeekSystem Center Configuration Manager 2012 Sneak Peek
System Center Configuration Manager 2012 Sneak PeekC/D/H Technology Consultants
 
Downtime is Not an Option: Integrating IBM Z into ServiceNow and Splunk
Downtime is Not an Option: Integrating IBM Z into ServiceNow and SplunkDowntime is Not an Option: Integrating IBM Z into ServiceNow and Splunk
Downtime is Not an Option: Integrating IBM Z into ServiceNow and SplunkPrecisely
 
Automated Operating System Deployment Using SCCM 2012
Automated Operating System Deployment Using SCCM 2012Automated Operating System Deployment Using SCCM 2012
Automated Operating System Deployment Using SCCM 2012Abdelslam Elsobky
 
Le soluzioni tecnologiche per il disaster recovery e business continuity
Le soluzioni tecnologiche per il disaster recovery e business continuityLe soluzioni tecnologiche per il disaster recovery e business continuity
Le soluzioni tecnologiche per il disaster recovery e business continuityJürgen Ambrosi
 
The Business Value of System Center 2012
The Business Value of System Center 2012The Business Value of System Center 2012
The Business Value of System Center 2012jmustac
 
Bright talk mapping the right aut solution for you 2014 final (1)
Bright talk mapping the right aut solution for you 2014 final (1)Bright talk mapping the right aut solution for you 2014 final (1)
Bright talk mapping the right aut solution for you 2014 final (1)Sectricity
 
AutomateandsimAutomate and Simplify Your IT Management Operations
AutomateandsimAutomate and Simplify Your IT Management OperationsAutomateandsimAutomate and Simplify Your IT Management Operations
AutomateandsimAutomate and Simplify Your IT Management OperationsDell World
 
Citrix xenapp training
Citrix xenapp training Citrix xenapp training
Citrix xenapp training Yuvaraj1986
 
Troubleshooting Tools – How to isolate and resolve issues in your XenApp & Xe...
Troubleshooting Tools – How to isolate and resolve issues in your XenApp & Xe...Troubleshooting Tools – How to isolate and resolve issues in your XenApp & Xe...
Troubleshooting Tools – How to isolate and resolve issues in your XenApp & Xe...David McGeough
 
VMware hyperkonvergovaná infrastruktura (HCI)
VMware hyperkonvergovaná infrastruktura (HCI)VMware hyperkonvergovaná infrastruktura (HCI)
VMware hyperkonvergovaná infrastruktura (HCI)MarketingArrowECS_CZ
 
1° Sessione - Tecnologie hyperconvergenti e di virtualizzazione storage: VMwa...
1° Sessione - Tecnologie hyperconvergenti e di virtualizzazione storage: VMwa...1° Sessione - Tecnologie hyperconvergenti e di virtualizzazione storage: VMwa...
1° Sessione - Tecnologie hyperconvergenti e di virtualizzazione storage: VMwa...Jürgen Ambrosi
 

What's hot (19)

Le soluzioni tecnologiche per il Copy Data Management
Le soluzioni tecnologiche per il Copy Data ManagementLe soluzioni tecnologiche per il Copy Data Management
Le soluzioni tecnologiche per il Copy Data Management
 
Predicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile WorldPredicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile World
 
Ensuring Rock-Solid Unified Endpoint Management
Ensuring Rock-Solid Unified Endpoint ManagementEnsuring Rock-Solid Unified Endpoint Management
Ensuring Rock-Solid Unified Endpoint Management
 
RES Software Online Seminar 10 mei 2011
RES Software Online Seminar 10 mei 2011RES Software Online Seminar 10 mei 2011
RES Software Online Seminar 10 mei 2011
 
VMware: my jsme “software defined”
VMware: my jsme “software defined”VMware: my jsme “software defined”
VMware: my jsme “software defined”
 
Unidesk and VMware Customer Webinar: Ohio Department of Developmental Disabil...
Unidesk and VMware Customer Webinar: Ohio Department of Developmental Disabil...Unidesk and VMware Customer Webinar: Ohio Department of Developmental Disabil...
Unidesk and VMware Customer Webinar: Ohio Department of Developmental Disabil...
 
VTScada Instantly Intuitive SCADA Software
VTScada Instantly Intuitive SCADA SoftwareVTScada Instantly Intuitive SCADA Software
VTScada Instantly Intuitive SCADA Software
 
Your Biggest Systems Management Challenges – and How to Overcome Them
Your Biggest Systems Management Challenges – and How to Overcome ThemYour Biggest Systems Management Challenges – and How to Overcome Them
Your Biggest Systems Management Challenges – and How to Overcome Them
 
System Center Configuration Manager 2012 Sneak Peek
System Center Configuration Manager 2012 Sneak PeekSystem Center Configuration Manager 2012 Sneak Peek
System Center Configuration Manager 2012 Sneak Peek
 
Downtime is Not an Option: Integrating IBM Z into ServiceNow and Splunk
Downtime is Not an Option: Integrating IBM Z into ServiceNow and SplunkDowntime is Not an Option: Integrating IBM Z into ServiceNow and Splunk
Downtime is Not an Option: Integrating IBM Z into ServiceNow and Splunk
 
Automated Operating System Deployment Using SCCM 2012
Automated Operating System Deployment Using SCCM 2012Automated Operating System Deployment Using SCCM 2012
Automated Operating System Deployment Using SCCM 2012
 
Le soluzioni tecnologiche per il disaster recovery e business continuity
Le soluzioni tecnologiche per il disaster recovery e business continuityLe soluzioni tecnologiche per il disaster recovery e business continuity
Le soluzioni tecnologiche per il disaster recovery e business continuity
 
The Business Value of System Center 2012
The Business Value of System Center 2012The Business Value of System Center 2012
The Business Value of System Center 2012
 
Bright talk mapping the right aut solution for you 2014 final (1)
Bright talk mapping the right aut solution for you 2014 final (1)Bright talk mapping the right aut solution for you 2014 final (1)
Bright talk mapping the right aut solution for you 2014 final (1)
 
AutomateandsimAutomate and Simplify Your IT Management Operations
AutomateandsimAutomate and Simplify Your IT Management OperationsAutomateandsimAutomate and Simplify Your IT Management Operations
AutomateandsimAutomate and Simplify Your IT Management Operations
 
Citrix xenapp training
Citrix xenapp training Citrix xenapp training
Citrix xenapp training
 
Troubleshooting Tools – How to isolate and resolve issues in your XenApp & Xe...
Troubleshooting Tools – How to isolate and resolve issues in your XenApp & Xe...Troubleshooting Tools – How to isolate and resolve issues in your XenApp & Xe...
Troubleshooting Tools – How to isolate and resolve issues in your XenApp & Xe...
 
VMware hyperkonvergovaná infrastruktura (HCI)
VMware hyperkonvergovaná infrastruktura (HCI)VMware hyperkonvergovaná infrastruktura (HCI)
VMware hyperkonvergovaná infrastruktura (HCI)
 
1° Sessione - Tecnologie hyperconvergenti e di virtualizzazione storage: VMwa...
1° Sessione - Tecnologie hyperconvergenti e di virtualizzazione storage: VMwa...1° Sessione - Tecnologie hyperconvergenti e di virtualizzazione storage: VMwa...
1° Sessione - Tecnologie hyperconvergenti e di virtualizzazione storage: VMwa...
 

Similar to Обзор и практическое применение Dell Change Auditor

Oracle Enterprise Manager 12c: updates and upgrades.
Oracle Enterprise Manager 12c: updates and upgrades.Oracle Enterprise Manager 12c: updates and upgrades.
Oracle Enterprise Manager 12c: updates and upgrades.Rolta
 
Active Directory security and compliance: Comprehensive reporting for key sec...
Active Directory security and compliance: Comprehensive reporting for key sec...Active Directory security and compliance: Comprehensive reporting for key sec...
Active Directory security and compliance: Comprehensive reporting for key sec...Zoho Corporation
 
Change Monitoring of Active Directory
Change Monitoring of Active DirectoryChange Monitoring of Active Directory
Change Monitoring of Active DirectoryZoho Corporation
 
Windows Server 2003 EOS : l'opportunité de repenser votre IT et mettre en pla...
Windows Server 2003 EOS : l'opportunité de repenser votre IT et mettre en pla...Windows Server 2003 EOS : l'opportunité de repenser votre IT et mettre en pla...
Windows Server 2003 EOS : l'opportunité de repenser votre IT et mettre en pla...Microsoft Décideurs IT
 
Windows Server 2003 EOS : l'opportunité de repenser votre IT et mettre en pla...
Windows Server 2003 EOS : l'opportunité de repenser votre IT et mettre en pla...Windows Server 2003 EOS : l'opportunité de repenser votre IT et mettre en pla...
Windows Server 2003 EOS : l'opportunité de repenser votre IT et mettre en pla...Microsoft Technet France
 
Windows Server 2003 EOS : l'opportunité de repenser votre IT et mettre en pla...
Windows Server 2003 EOS : l'opportunité de repenser votre IT et mettre en pla...Windows Server 2003 EOS : l'opportunité de repenser votre IT et mettre en pla...
Windows Server 2003 EOS : l'opportunité de repenser votre IT et mettre en pla...Microsoft Décideurs IT
 
Why use trace cloud to manage your requirements (includes audio)
Why use trace cloud to manage your requirements (includes audio)Why use trace cloud to manage your requirements (includes audio)
Why use trace cloud to manage your requirements (includes audio)Shambhavi Roy
 
Government and Education Webinar: There's More Than One Way to Monitor SQL Da...
Government and Education Webinar: There's More Than One Way to Monitor SQL Da...Government and Education Webinar: There's More Than One Way to Monitor SQL Da...
Government and Education Webinar: There's More Than One Way to Monitor SQL Da...SolarWinds
 
Cause 2013: A Flexible Approach to Creating an Enterprise Directory
Cause 2013: A Flexible Approach to Creating an Enterprise DirectoryCause 2013: A Flexible Approach to Creating an Enterprise Directory
Cause 2013: A Flexible Approach to Creating an Enterprise Directoryrwgorrel
 
gkkCloudtechnologyassociate(cta)day 2
gkkCloudtechnologyassociate(cta)day 2gkkCloudtechnologyassociate(cta)day 2
gkkCloudtechnologyassociate(cta)day 2Anne Starr
 
VMworld 2013: Vapp6124 automating v mware cloud and virtualization deployment...
VMworld 2013: Vapp6124 automating v mware cloud and virtualization deployment...VMworld 2013: Vapp6124 automating v mware cloud and virtualization deployment...
VMworld 2013: Vapp6124 automating v mware cloud and virtualization deployment...gpadmanabh
 
Presentation database security audit vault & database firewall
Presentation database security audit vault & database firewallPresentation database security audit vault & database firewall
Presentation database security audit vault & database firewallxKinAnx
 
Building block development in managed hosting - Angelo Rossi, Manager, Comple...
Building block development in managed hosting - Angelo Rossi, Manager, Comple...Building block development in managed hosting - Angelo Rossi, Manager, Comple...
Building block development in managed hosting - Angelo Rossi, Manager, Comple...Blackboard APAC
 
Centrify Access Manager Presentation.pptx
Centrify Access Manager Presentation.pptxCentrify Access Manager Presentation.pptx
Centrify Access Manager Presentation.pptxjohncenafls
 
Data Warehouse Optimization
Data Warehouse OptimizationData Warehouse Optimization
Data Warehouse OptimizationCloudera, Inc.
 
Fishbowl's Packaged Tools for WebCenter Automation
Fishbowl's Packaged Tools for WebCenter AutomationFishbowl's Packaged Tools for WebCenter Automation
Fishbowl's Packaged Tools for WebCenter AutomationFishbowl Solutions
 

Similar to Обзор и практическое применение Dell Change Auditor (20)

Oracle Enterprise Manager 12c: updates and upgrades.
Oracle Enterprise Manager 12c: updates and upgrades.Oracle Enterprise Manager 12c: updates and upgrades.
Oracle Enterprise Manager 12c: updates and upgrades.
 
Active Directory security and compliance: Comprehensive reporting for key sec...
Active Directory security and compliance: Comprehensive reporting for key sec...Active Directory security and compliance: Comprehensive reporting for key sec...
Active Directory security and compliance: Comprehensive reporting for key sec...
 
Change Monitoring of Active Directory
Change Monitoring of Active DirectoryChange Monitoring of Active Directory
Change Monitoring of Active Directory
 
Windows Server 2003 EOS : l'opportunité de repenser votre IT et mettre en pla...
Windows Server 2003 EOS : l'opportunité de repenser votre IT et mettre en pla...Windows Server 2003 EOS : l'opportunité de repenser votre IT et mettre en pla...
Windows Server 2003 EOS : l'opportunité de repenser votre IT et mettre en pla...
 
Windows Server 2003 EOS : l'opportunité de repenser votre IT et mettre en pla...
Windows Server 2003 EOS : l'opportunité de repenser votre IT et mettre en pla...Windows Server 2003 EOS : l'opportunité de repenser votre IT et mettre en pla...
Windows Server 2003 EOS : l'opportunité de repenser votre IT et mettre en pla...
 
Windows Server 2003 EOS : l'opportunité de repenser votre IT et mettre en pla...
Windows Server 2003 EOS : l'opportunité de repenser votre IT et mettre en pla...Windows Server 2003 EOS : l'opportunité de repenser votre IT et mettre en pla...
Windows Server 2003 EOS : l'opportunité de repenser votre IT et mettre en pla...
 
Why use trace cloud to manage your requirements (includes audio)
Why use trace cloud to manage your requirements (includes audio)Why use trace cloud to manage your requirements (includes audio)
Why use trace cloud to manage your requirements (includes audio)
 
Government and Education Webinar: There's More Than One Way to Monitor SQL Da...
Government and Education Webinar: There's More Than One Way to Monitor SQL Da...Government and Education Webinar: There's More Than One Way to Monitor SQL Da...
Government and Education Webinar: There's More Than One Way to Monitor SQL Da...
 
Cause 2013: A Flexible Approach to Creating an Enterprise Directory
Cause 2013: A Flexible Approach to Creating an Enterprise DirectoryCause 2013: A Flexible Approach to Creating an Enterprise Directory
Cause 2013: A Flexible Approach to Creating an Enterprise Directory
 
gkkCloudtechnologyassociate(cta)day 2
gkkCloudtechnologyassociate(cta)day 2gkkCloudtechnologyassociate(cta)day 2
gkkCloudtechnologyassociate(cta)day 2
 
VMworld 2013: Vapp6124 automating v mware cloud and virtualization deployment...
VMworld 2013: Vapp6124 automating v mware cloud and virtualization deployment...VMworld 2013: Vapp6124 automating v mware cloud and virtualization deployment...
VMworld 2013: Vapp6124 automating v mware cloud and virtualization deployment...
 
Manageability Enhancements of SQL Server 2012
Manageability Enhancements of SQL Server 2012Manageability Enhancements of SQL Server 2012
Manageability Enhancements of SQL Server 2012
 
Presentation database security audit vault & database firewall
Presentation database security audit vault & database firewallPresentation database security audit vault & database firewall
Presentation database security audit vault & database firewall
 
Building block development in managed hosting - Angelo Rossi, Manager, Comple...
Building block development in managed hosting - Angelo Rossi, Manager, Comple...Building block development in managed hosting - Angelo Rossi, Manager, Comple...
Building block development in managed hosting - Angelo Rossi, Manager, Comple...
 
System center seminar presentation
System center seminar presentationSystem center seminar presentation
System center seminar presentation
 
Centrify Access Manager Presentation.pptx
Centrify Access Manager Presentation.pptxCentrify Access Manager Presentation.pptx
Centrify Access Manager Presentation.pptx
 
Data Warehouse Optimization
Data Warehouse OptimizationData Warehouse Optimization
Data Warehouse Optimization
 
Developer want change Ops want control - devops
Developer want change Ops want control - devopsDeveloper want change Ops want control - devops
Developer want change Ops want control - devops
 
Fishbowl's Packaged Tools for WebCenter Automation
Fishbowl's Packaged Tools for WebCenter AutomationFishbowl's Packaged Tools for WebCenter Automation
Fishbowl's Packaged Tools for WebCenter Automation
 
Chetan.Kumar-SQL_DBA 9115
Chetan.Kumar-SQL_DBA 9115Chetan.Kumar-SQL_DBA 9115
Chetan.Kumar-SQL_DBA 9115
 

More from BAKOTECH

Upd pci compliance
Upd pci compliance Upd pci compliance
Upd pci compliance BAKOTECH
 
Threat Detection & Response
Threat Detection & ResponseThreat Detection & Response
Threat Detection & ResponseBAKOTECH
 
WatchGuard SD-WAN
WatchGuard SD-WAN WatchGuard SD-WAN
WatchGuard SD-WAN BAKOTECH
 
WatchGuard WIPS
WatchGuard WIPSWatchGuard WIPS
WatchGuard WIPSBAKOTECH
 
WatchGuard Authpoint
WatchGuard Authpoint WatchGuard Authpoint
WatchGuard Authpoint BAKOTECH
 
McAfee Labs Threats Report, August 2019
McAfee Labs Threats Report, August 2019 McAfee Labs Threats Report, August 2019
McAfee Labs Threats Report, August 2019 BAKOTECH
 
F5 labs 2018. Отчет по защите веб-приложений
F5 labs 2018. Отчет по защите веб-приложенийF5 labs 2018. Отчет по защите веб-приложений
F5 labs 2018. Отчет по защите веб-приложенийBAKOTECH
 
Miercom Unified Threat Management Report - WatchGuard M270
Miercom Unified Threat Management Report - WatchGuard M270Miercom Unified Threat Management Report - WatchGuard M270
Miercom Unified Threat Management Report - WatchGuard M270BAKOTECH
 
WatchGuard Internet Security Report
WatchGuard Internet Security ReportWatchGuard Internet Security Report
WatchGuard Internet Security ReportBAKOTECH
 
BreakingPoint от Ixia
BreakingPoint от IxiaBreakingPoint от Ixia
BreakingPoint от IxiaBAKOTECH
 
Cloud Visibility for Dummies от IXIA
Cloud Visibility for Dummies от IXIACloud Visibility for Dummies от IXIA
Cloud Visibility for Dummies от IXIABAKOTECH
 
Network Visibility for Dummies
Network Visibility for DummiesNetwork Visibility for Dummies
Network Visibility for DummiesBAKOTECH
 
SIEM for Beginners
SIEM for BeginnersSIEM for Beginners
SIEM for BeginnersBAKOTECH
 
SIEM для чайников
SIEM для чайниковSIEM для чайников
SIEM для чайниковBAKOTECH
 
Обеспечение безопасности активов современного бизнеса с помощью криптографии
Обеспечение безопасности активов современного бизнеса с помощью криптографии Обеспечение безопасности активов современного бизнеса с помощью криптографии
Обеспечение безопасности активов современного бизнеса с помощью криптографии BAKOTECH
 
Надежная защита от утечек информации в условиях современных тенденций ИТ
Надежная защита от утечек информации в условиях современных тенденций ИТНадежная защита от утечек информации в условиях современных тенденций ИТ
Надежная защита от утечек информации в условиях современных тенденций ИТBAKOTECH
 
Проблематика безопасности баз данных. Выявление уязвимостей, контроль транзак...
Проблематика безопасности баз данных. Выявление уязвимостей, контроль транзак...Проблематика безопасности баз данных. Выявление уязвимостей, контроль транзак...
Проблематика безопасности баз данных. Выявление уязвимостей, контроль транзак...BAKOTECH
 
Внутренняя угроза: выявление и защита с помощью ObserveIT
Внутренняя угроза: выявление и защита с помощью ObserveITВнутренняя угроза: выявление и защита с помощью ObserveIT
Внутренняя угроза: выявление и защита с помощью ObserveITBAKOTECH
 
Обзор инструментов Toad для администраторов Oracle
Обзор инструментов Toad для администраторов OracleОбзор инструментов Toad для администраторов Oracle
Обзор инструментов Toad для администраторов OracleBAKOTECH
 

More from BAKOTECH (20)

SOAR
SOARSOAR
SOAR
 
Upd pci compliance
Upd pci compliance Upd pci compliance
Upd pci compliance
 
Threat Detection & Response
Threat Detection & ResponseThreat Detection & Response
Threat Detection & Response
 
WatchGuard SD-WAN
WatchGuard SD-WAN WatchGuard SD-WAN
WatchGuard SD-WAN
 
WatchGuard WIPS
WatchGuard WIPSWatchGuard WIPS
WatchGuard WIPS
 
WatchGuard Authpoint
WatchGuard Authpoint WatchGuard Authpoint
WatchGuard Authpoint
 
McAfee Labs Threats Report, August 2019
McAfee Labs Threats Report, August 2019 McAfee Labs Threats Report, August 2019
McAfee Labs Threats Report, August 2019
 
F5 labs 2018. Отчет по защите веб-приложений
F5 labs 2018. Отчет по защите веб-приложенийF5 labs 2018. Отчет по защите веб-приложений
F5 labs 2018. Отчет по защите веб-приложений
 
Miercom Unified Threat Management Report - WatchGuard M270
Miercom Unified Threat Management Report - WatchGuard M270Miercom Unified Threat Management Report - WatchGuard M270
Miercom Unified Threat Management Report - WatchGuard M270
 
WatchGuard Internet Security Report
WatchGuard Internet Security ReportWatchGuard Internet Security Report
WatchGuard Internet Security Report
 
BreakingPoint от Ixia
BreakingPoint от IxiaBreakingPoint от Ixia
BreakingPoint от Ixia
 
Cloud Visibility for Dummies от IXIA
Cloud Visibility for Dummies от IXIACloud Visibility for Dummies от IXIA
Cloud Visibility for Dummies от IXIA
 
Network Visibility for Dummies
Network Visibility for DummiesNetwork Visibility for Dummies
Network Visibility for Dummies
 
SIEM for Beginners
SIEM for BeginnersSIEM for Beginners
SIEM for Beginners
 
SIEM для чайников
SIEM для чайниковSIEM для чайников
SIEM для чайников
 
Обеспечение безопасности активов современного бизнеса с помощью криптографии
Обеспечение безопасности активов современного бизнеса с помощью криптографии Обеспечение безопасности активов современного бизнеса с помощью криптографии
Обеспечение безопасности активов современного бизнеса с помощью криптографии
 
Надежная защита от утечек информации в условиях современных тенденций ИТ
Надежная защита от утечек информации в условиях современных тенденций ИТНадежная защита от утечек информации в условиях современных тенденций ИТ
Надежная защита от утечек информации в условиях современных тенденций ИТ
 
Проблематика безопасности баз данных. Выявление уязвимостей, контроль транзак...
Проблематика безопасности баз данных. Выявление уязвимостей, контроль транзак...Проблематика безопасности баз данных. Выявление уязвимостей, контроль транзак...
Проблематика безопасности баз данных. Выявление уязвимостей, контроль транзак...
 
Внутренняя угроза: выявление и защита с помощью ObserveIT
Внутренняя угроза: выявление и защита с помощью ObserveITВнутренняя угроза: выявление и защита с помощью ObserveIT
Внутренняя угроза: выявление и защита с помощью ObserveIT
 
Обзор инструментов Toad для администраторов Oracle
Обзор инструментов Toad для администраторов OracleОбзор инструментов Toad для администраторов Oracle
Обзор инструментов Toad для администраторов Oracle
 

Recently uploaded

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 

Recently uploaded (20)

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 

Обзор и практическое применение Dell Change Auditor

  • 1. Change Auditor Vlad Samoylenko | BAKOTECH GROUP| vs@bakotech.com
  • 2. Dell - Restricted - Confidential2 Modules covered in this presentation • Change Auditor for Active Directory • Change Auditor for AD Queries • Change Auditor for Exchange • Change Auditor for SharePoint • Change Auditor for Windows File Servers • Change Auditor for NetApp • Change Auditor for EMC • Change Auditor for SQL Server
  • 3. Dell - Restricted - Confidential3 The Challenges Microsoft Active Directory, Exchange, SharePoint, Windows File Servers, VMware, NetApp, EMC and SQL Server are part of your mission-critical infrastructure • Event logging and change reporting are required to satisfy auditor requests and prove compliance • No comprehensive view of all changes and event logs, they scattered in various locations and formats • Searching for a specific event is time consuming and frustrating • Native event details contain limited information which is difficult to decipher without application expertise • No protection exists to prevent sensitive objects from being deleted or logs from rolling over. Administrators aren’t usually made aware of problems until it is too late causing potential compliance violations and system downtime • Reporting is a time consuming process • Event context is lost when viewing any single event across the Microsoft eco-system
  • 4. Dell - Restricted - Confidential4 Enables enterprise-wide change management from an intuitive client. Sort, group, filter and graph on the fly. Ensures a secure and compliant infrastructure by tracking changes in real time, while logging the origin as well as before and after values. Strengthens internal controls through object protection and insight into both authorized and unauthorized changes. The Solution: Change Auditor • Real-time, consolidated change auditing for: AD, AD Queries, Exchange, SharePoint, SQL, Windows file servers, VMware, NetApp, EMC, Lync, User logon Activity, SonicWALL NGFW devices, cloud storage auditing, Registry, Services, Local Users & Groups
  • 5. Dell - Restricted - Confidential5 What is Change Auditor? Change Auditor provides complete, real-time change auditing, in-depth forensics and comprehensive reporting on all key configuration, user and administrator changes for Active Directory, ADLDS, AD Queries, Exchange, SharePoint, Lync, VMware, NetApp, Windows File Servers, EMC, and SQL Server. Change Auditor also tracks detailed user activity for web storage and services, logon and authentication activity and other key services across enterprises. Who made the change? When the change was made? Why the change was made? (Comment) Where the change was made from? What object was changed (before and after)? Smart Alerts Workstation where the request originated?
  • 6. Dell - Restricted - Confidential6 Change Auditor - Key Features • In-depth auditing for: • Active Directory & ADLDS • Exchange • SharePoint • Windows File Servers • EMC • NetApp • Microsoft Lync • Detailed who, what, when, where, why and workstation, plus original and current values for all changes – presented in simple terms • Event Context – provides change information in relationship to other things happening in your environment • Optionally log events to a Windows event log • Protect against undesirable changes to AD objects, mailboxes, Windows files and folders • Restore unwanted changes to AD with a single click • User Logon Activity • SonicWALL NGFW devices • Cloud storage providers • SQL Server • VMware vCenter /ESX Hosts • AD queries against Active Directory (Applications and scripts) • Registry, Local Users & Groups, and Services
  • 7. Dell - Restricted - Confidential7 Change Auditor 6.6 Architectural diagram InTrust
  • 9. Dell - Restricted - Confidential9 Change Auditor for Active Directory AtAGlance EasyRead EventFilter Context & Restore
  • 10. Dell - Restricted - Confidential10 Change Auditor for Active Directory: GPO Settings
  • 11. Dell - Restricted - Confidential11 Change Auditor for Active Directory: Locked Out
  • 12. Dell - Restricted - Confidential12 Change Auditor for Active Directory ObjectProtect
  • 13. Dell - Restricted - Confidential13 Change Auditor for Active Directory Role-Based Access
  • 15. Dell - Restricted - Confidential15 The Challenges of Managing Exchange • Impossible to natively track changes to Exchange Store settings • Event log and audit data that is distributed throughout the enterprise • Volume of audit data is difficult to archive • Audit data is takes time to analyze, trend, report on and distribute • Native auditing does not provide detailed information on: – Non-owner mailbox access and specific activity related to this access – Changes to permissions at the client level – Changes to permissions to the Configuration Store • Native auditing does not provide detailed change tracking of permission changes made to a mailbox within AD
  • 16. Dell - Restricted - Confidential16 • No visibility into administrator or user activity in the cloud • Remote logs must be subscribed and downloaded • No alerting based on activity • Events are only in Excel 2010 format • Requires programming skills to turn on and collect audit data Managing Exchange Online / Office 365
  • 17. Dell - Restricted - Confidential17 What to consider if your going to audit Exchange • Access to Key Mailboxes – Executives, Board members, HR, … – Ignore Non-Owner auditing messages from Departmental Mailboxes • Changes to membership to Key Distribution Lists – Senior Leadership Team – discuss company strategies • Changes to administrative security groups • Exchange Server configuration changes
  • 18. Dell - Restricted - Confidential18 Change Auditor for Exchange Role-Based Access MailboxProtect
  • 19. Dell - Restricted - Confidential19 Change Auditor for Exchange ConfigTracker
  • 20. Dell - Restricted - Confidential20 Change Auditor for Exchange
  • 21. Dell - Restricted - Confidential21 Change Auditor for Exchange
  • 22. Change Auditor for Windows File Servers Change Auditor for NetApp Change Auditor for EMC
  • 23. Dell - Restricted - Confidential23 Managing Files and Access can be difficult • Providing timely information to help compliance/security teams meet requirements around file/object access is critical: – What are users doing with their access? – When potential violations occur to permission changes? – When ownership changes take place? • Critical documents may be at risk without reporting/alerting on permission and ownership changes. • File/Folder access auditing has always been a big hole in regards to compliance and security initiatives. • The collecting and reporting on file access audit data is difficult and takes many man hours. • Archiving and consolidating event logs takes up a large amount of network bandwidth and disk space. • Native file access auditing degrades server performance. • Permission changes made to files and folders is difficult to capture and interpret.
  • 24. Dell - Restricted - Confidential24 With Change Auditor for Windows File Servers, NetApp & EMC you can… • Centralize File System and NAS auditing into a single task – Normalized events across differing file infrastructure – Simplify and centralize alerting & configuration • Reduce cost & complexity and meet security objectives – Easily determine what permission changed – Easily determine what action was performed • Improve IT Operational Management and Efficiency – Critical system resources are saved & security is improved • Block users from destructive and dangerous actions – Prevent deletion and changes to permissions – Windows File System only
  • 25. Dell - Restricted - Confidential25 Change Auditor for Windows File Servers, NetApp & EMC
  • 26. Dell - Restricted - Confidential26 Change Auditor for Windows File Servers
  • 27. Dell - Restricted - Confidential27 Change Auditor for Windows File Servers ShareAudit Real-Time Alert RapidReport
  • 28. Dell - Restricted - Confidential28 Change Auditor for Windows File Servers ShareAudit
  • 30. Dell - Restricted - Confidential30 Change Auditor for SQL Server • Organizations face increased demands to improve security to meet regulatory requirements surrounding sensitive and financial data. • Reduce the risks of operational outages from accidental or malicious actions by privileged users. • Report on DBA and other privileged users activity on your SQL Servers across the enterprise and answer questions such as: – How do you monitor access to confidential information? – How do you log SQL Server security events such as startups, shutdowns, and logins and do you review exceptional events? – How do you report on direct access to production data that is outside of normal application controls? – How do you monitor database configuration and parameter setting changes?
  • 31. Dell - Restricted - Confidential31 Change Auditor for SQL Server (2) • Automates the process of collecting data about both privileged and non-privileged access. • Centralizes the collected events • Normalizes SQL and other Windows events into a single platform in simple to understand terms • Allows privileged users to perform their important and required job duties by unobtrusively monitoring and auditing behaviors • Allows you to answer your auditors’ and regulators’ questions about how you manage activity of users on SQL Servers across the enterprise
  • 32. Dell - Restricted - Confidential32 Change Auditor for SQL Server Auditing Templates • Enable SQL Server auditing by adding a SQL Auditing template to an agent configuration. – Which can then be assigned to a Change Auditor agent (SQL Server) • Change Auditor ships with a pre-defined SQL Auditing template – Best Practice SQL Auditing Template
  • 33. Dell - Restricted - Confidential33 Common SQL Configuration Examples Only audit events for databases named “Accounting”: Audit any activity that is not from this service account: Audit any activity that is not from my application server:
  • 34. Dell - Restricted - Confidential34 Change Auditor for SQL Server Supports: SQL 2005, 2008+R2, & 2012
  • 35. Dell - Restricted - Confidential35 Change Auditor for SQL Server
  • 36. Dell - Restricted - Confidential36 Change Auditor for SQL Server: Captures the Actual Query Used
  • 37. Dell - Restricted - Confidential37 Native SQL Auditing
  • 38. Dell - Restricted - Confidential38 SQL Server Audit Events in the Best Practices Template • Add DB User • Add Login • Add Login to server role • Add Member to DB role • Add Role • Change Database Owner • Change Member in DB Role • Create database • Delete database • Delete DB user • Delete Login • Delete Login from Server role • Delete member from DB role • Delete Role • Grant database access to DB user • Revoke database access from DB user In Total Almost 400 SQL events can be captured
  • 40. Dell - Restricted - Confidential56 Change Auditor for SharePoint • Audit SharePoint 2010 & 2013 – Includes Foundation Servers – Doc libraries, Lists, Permissions, etc. • Powerful tool when combined with CA UI grouping/sorting/filtering – See historical changes to sites and documents – Track users activity on a site by site basis • Track changes to farm/site configuration – Audits changes to Central administration – Additions of Sites and Site Libraries
  • 41. Dell - Restricted - Confidential57 Change Auditor for SharePoint
  • 43. Dell - Restricted - Confidential59 Reporting Capabilities in Change Auditor
  • 44. Dell - Restricted - Confidential60 Built-in Searches for Historical Reporting
  • 45. Dell - Restricted - Confidential61 Recommended Best Practice Reporting
  • 46. Dell - Restricted - Confidential62 Regulatory Compliance Reporting
  • 48. Dell - Restricted - Confidential64 Make sense of your IT data with on-the-fly investigations • InTrust: consolidate, store, search and analyze massive amounts of IT data in one place with real-time insights into user activity for security, compliance and operational visibility. – Reduce the complexity of searching, analyzing and maintaining critical IT data scattered across information silos – Speed security investigations and compliance audits with complete real- time visibility of your privileged users and machine data in one searchable place – troubleshoot widespread issues should an incident occur – Save on storage costs and adhere to compliance event log requirements (HIPAA, SOX, PCI, FISMA, etc.) with a highly compressed and indexed online long-term event log repository
  • 49. Dell - Restricted - Confidential65 InTrust as a big data solution with IT Search “Make sense of your IT data” • IT Search lets your organization make sense of the “big IT data” including log events, changes, file permissions, users entitlements and more to streamline regulatory compliance, conduct security incident investigations and improve day to day operations
  • 50. Dell - Restricted - Confidential66 Search all IT assets in one place
  • 51. Dell - Restricted - Confidential67 Exploit relationships between events and state based data
  • 52. Dell - Restricted - Confidential68 See what resources users had accessed
  • 53. Dell - Restricted - Confidential69 See where users have access
  • 54. Dell - Restricted - Confidential70 See how access was obtained
  • 55. Dell - Restricted - Confidential71 Other Enhancements Task The old way The new way Gathering of Windows logs Schedule based, have to wait hours until data becomes available Real-time, data is available seconds after it is generated Support of network devices (syslog data) Separate set up, unnecessary Windows event log overhead, poor performance Built into the main InTrust components, no overhead, great performance Running reports Slow import to the SQL database, clunky SSRS infrastructure, hard to create custom reports Reports directly from the repository, RV as the reporting client, every search easily converts into a report Integration with CA and ER Clunky and limited integration through QKP Unified and fast access to data from multiple products through web based search engine Integration with SIEM Schedule based querying of the audit DB Real-time forwarding of all logs that are collected Incidents investigation Slow, static and raw analysis of events from the audit DB Fast, customizable and free form searches against the indexed repository with rich results visualization
  • 58. Dell - Restricted - Confidential74 InTrust (Short Term Storage) Reports (Knowledge Portal) InTrust - Scheduled (Long Term Storage) Exchange Active Directory/ LDAP Windows File Server Change Auditor Real Time Change Auditor Client) SQL Server EMC NetApp Change Auditor Long Term Storage & InTrust Architecture 40Xcompression ratio
  • 59. Dell - Restricted - Confidential75 • •
  • 60. To learn more about Change Auditor • http://www.software.dell.com/products/change-auditor • Write an e-mail to vs@bakotech.com

Editor's Notes

  1. Proving ongoing compliance to critical government regulations such as HIPAA, FISMA, GLBA, ISO, PCI, SAS 70 and Sarbanes-Oxley, is a requirement today Knowing when violations to security policies occur is not possible through native tools Meeting the reporting needs of your organization – from management to auditor – is time consuming and manual Collecting event logs is like a puzzle, they are scattered across locations
  2. The lighter colored arrows in the System Overview diagram below illustrate how Change Auditor communicates with InTrust through the Data Gateway User Logon Activity Event Flow: 1. Using the Change Auditor Client, users run a built-in User Logon Activity search (or create and run a custom user logon activity query). 2. The Change Auditor Coordinator contacts the Data Gateway to forward the query to the InTrust Repository Viewer. 3. The InTrust Repository Viewer passes the query to and receives the results from the specified InTrust Repository. 4. The query results are then passed back to the Data Gateway, where the data is reformatted so Change Auditor can read the event details. 5. The reformatted event details are then forwarded on to the Change Auditor Coordinator, which forwards them on to the Change Auditor Client for display
  3. AtAGlance: streams change-related activity from all DCs in AD, creating a centralized view and uses a color coding system that enables administrators to immediately detect events and their severity on all DCs in one quick glance ObjectProtect: provides protection against changes to the most critical AD objects, such as OUs being accidentally deleted and GPO settings being modified. EventFilter: searches quickly, enabling administrators to pinpoint the source of the problem providing faster time to resolution EasyRead: provides the 6Ws for every event; who, what, where, when, workstation and why for each change event in simple terms with before and after values Real-TimeAlert: dispatches alerts in real time for events that meet predefined criteria enabling administrators to address problems immediately RapidReport: delivers preconfigured and customizable reports to satisfy auditor and management requests, so administrators can get back to their regular jobs fast Use case scenarios to mention: CAAD cases: - One of our customers was having trouble tracking changes made to nested group memberships, they weren’t able to track this using native tools, CAAD solved this problem for them.
  4. - Ever accidentally deleted an object in AD not realizing it was the parent to many other objects – gone. ObjectProtect functionality in Change Auditor can lock critical objects and OUs from being changed or deleted, you can even use the Real-TimeAlerts to receive a notification if someone else attempts to do so.
  5. RoleBased-Access: configures access so auditors can run searches and reports without the ability to make any configuration changes to the application.
  6. Active Directory administrators will note that there are technical challenges in dealing with activity tracking and change auditing of Active Directory, as well. Link to White Paper: http://www.quest.com/documents/landing.aspx?id=12268&technology=&prod=&prodfamily=&loc
  7. MailboxProtect: Tracks non-owner mailbox access and changes to server configurations ConfigTracker: tracks changes to Exchange Server configuration parameters such as policy changes, message size and mailbox size limits Real-TimeAlert: dispatches alerts in real time for events that meet predefined criteria enabling administrators to address problems immediately RapidReport: delivers preconfigured and customizable reports to satisfy auditor and management requests, so administrators can get back to their regular jobs fast RoleBased-Access: configures access so auditors can run searches and reports without the ability to make any configuration changes to the application. CAEX cases: Security: There have been cases where intellectual property has been stolen from a company. Some in particular involve a delegate who has been granted access to a C level employee’s mailbox. Thefts like this can be very difficult to detect and prove after the fact. With the MailboxProtect functionality of CAEX, administrators will be able to monitor non-owner mailbox access and see exactly what emails have been accessed, by who, when, where from which workstation. Cont’d next page
  8. CAEX Case scenario - Performance and Stability: A simple change in a policy for server configuration such as bumping up the maximum mailbox size for one employee, can actually have a drastic affect across your whole network. It can change everyone’s tolerance and pretty soon, your server can max out resulting is costly system downtime. ConfigTracker tracks changes to Exchange Server configuration parameters such as policy changes, message size and mailbox size limits. This captures all activity that could impact performance and stability.
  9. AtAGlance: streams change-related activity from all file servers, creating a centralized view and uses a color coding system that enables administrators to immediately detect events and their severity on all servers in one quick glance ShareAudit: tracks all events related to shares, including deletions, helping administrators ensure access to shared directories is maintained EventFilter: searches quickly, enabling administrators to pinpoint the source of the problem providing faster time to resolution EasyRead: provides the 6Ws for every event; who, what, where, when, workstation and why for each change event in simple terms with before and after values Real-TimeAlert: dispatches alerts in real time for events that meet predefined criteria enabling administrators to address problems immediately RapidReport: delivers preconfigured and customizable reports to satisfy auditor and management requests, so administrators can get back to their regular jobs fast RoleBased-Access: configures access so auditors can run searches and reports without the ability to make any configuration changes to the application.
  10. CAWFS Cases: - Shares are a great way for employees in large organizations or remote locations to share files. However, organizations are still required to track access, changes, deletion to files in the shares and that’s exactly what Change Auditor’s ShareAudit functionality does. - It can be very time consuming to configure and deploy auditing templates in each server, Change Auditor’s CentralManagment functionality saves administrators time by enabling them to do the above all from one console for all servers in the organization.
  11. we leverage the SQL Profiler using Event Tracing for Windows API, to gather SQL events and forward them to the coordinator. The client will then show the detailed information of the event such as who created, when it happened, what action and change happened. Agent deployment to SQL server (license needed) Agent event capture based on the template setup in the client DEFAULT template that contains 20 of the most common events in SQL that System Administrators are looking for Assign template to a configuration, and the configuration to the SQL agent CREATE or add your own template for named instances or to add additional events to audit
  12. Audit any activity that is not from my service account: Audit any activity that is not from my application server:
  13. SQL 2000 support: Microsoft has no direct connection support to interface with SQL 2000 events. We used to create trace sessions and capture events dumped into tables in Change Auditor v4.9.   SQL 2005 added kernel event support (EWS) and that is much better since we have a supported mean to capture events without messing with customer’s database. Handful of events (14) not supported in SQL 2005 – (seen on the second page of the template) Optional Column Filters to limit the amount of data retrieved Agent captures what the SQL PROFILER trace would capture, based on the template setup in the client. It translates the data into readable information for the SQL administrator and forwards the events to the coordinator. This information can then be searchable in the client
  14. ---Set event would contain, who made the change/addition etc, what information was modified in a detailed table with all the attributes listed for the object, what kind of change was (remove/add). *** http://support.microsoft.com/kb/823938 SQL Browser listens on UDP port 1434. The default SQL Server port is 1433 but only if it's a default install. Named instances get a random port number. The browser service runs on port UDP 1434. Reporting services is a web service - so it's port 80, or 443 if it's SSL enabled. Analysis services is 2382 but only if it's a default install. Named instances get a random port number.
  15. The lighter colored arrows in the System Overview diagram below illustrate how Change Auditor communicates with InTrust through the Data Gateway User Logon Activity Event Flow: 1. Using the Change Auditor Client, users run a built-in User Logon Activity search (or create and run a custom user logon activity query). 2. The Change Auditor Coordinator contacts the Data Gateway to forward the query to the InTrust Repository Viewer. 3. The InTrust Repository Viewer passes the query to and receives the results from the specified InTrust Repository. 4. The query results are then passed back to the Data Gateway, where the data is reformatted so Change Auditor can read the event details. 5. The reformatted event details are then forwarded on to the Change Auditor Coordinator, which forwards them on to the Change Auditor Client for display
  16. Over 700 built in and customizable reports come with Change Auditor
  17. Collect, store, report and alert on heterogeneous event data to meet the needs of external regulations, internal policies, and security best practices. With Event logging enabled all Change Auditor events can also be written locally in a Windows Event log and collected using InTrust