Change auditing: Determine who changed what, when and where
•Download as PPTX, PDF•
0 likes•542 views
Change auditing: Who, What, When, Where details for every change with 'before' and 'after' values Configuration assessment: State-in-time™ reports showing configuration settings at any point in time More than 200 predefined reports and dashboards with filtering, grouping, sorting, exporting, email subscriptions, drill-down, web access, granular permissions and ability to create custom reports AuditArchive™: scalable two-tiered storage (file-based + SQL database) holding consolidated audit data for up to and beyond 10 years Unified platform to audit the entire IT infrastructure (including systems that do not produce logs), as opposed to multiple hard-to-integrate standalone tools from other vendors
Recommended
Recommended
More Related Content
What's hot
What's hot (20)
Similar to Change auditing: Determine who changed what, when and where
Similar to Change auditing: Determine who changed what, when and where (20)
More from Giovanni Zanasca
More from Giovanni Zanasca (13)
Recently uploaded
Recently uploaded (20)
Change auditing: Determine who changed what, when and where
- 1. #completevisibility Netwrix Overview per Partners #completevisibility DISTRIBUITO DA CIPS INFORMATICA WWW.CIPS.IT
- 2. #completevisibility Agenda Chi siamo o cosa offriamo Partnering with Netwrix Strumenti utili per I Partners Technical Overview and Live Demo – Danny Murphy Domande
- 3. #completevisibility Netwrix in breve All awards: www.netwrix.com/awards
- 4. #completevisibility Netwrix Corporation Fondata nel 2006 HQ in Irvine, California Filosofia – garantire una visibilità completa sull’infrastruttura IT Customer base Globale – 6000 6M di licenze Supporto Globale in Nord America, EMEA e Asia Una delle aziende USA di software a più alto tasso di crescita (Inc 5000, Deloitte) Corporate Headquarters: 20 Pacifica #625 Irvine, CA 92618 888-638-9749 www.netwrix.com Additional Offices: Columbus, OH Paramus, NJ Atlanta, GA Kent, UK
- 5. #completevisibility Financial Healthcare & Pharmaceutical Federal, State, Local, Government Industrial/Technology/Other I Nostri clienti
- 6. #completevisibility Configuration Auditing I software di Configuration auditing forniscono agli amministratori di Sistema un valido strumento per la valutazione delle configurazioni di Sistema, il rilevamento di eventuali modifiche e la possibilità di rimediare tempestivamente ad eventuali errori mitigando I rischi di sicurezza connessi. Le impostazioni di Configurazione vengono valutate in base alle policy specifiche dell’azienda o in base agli standard di sicurezza previsti dalle normative vigenti. Questi strumenti vengono utilizzati non solo per il controllo specific di PC e Server, ma anche per l’audit di Applicazioni, databases, apparati di rete e ambienti virtuali.
- 7. #completevisibility L’opinione degli analisti • Forrester named configuration auditing the #1 security technology for next 5 years. • "Configuration auditing tools can help you analyze your configurations according to best practices, enforce configuration standards and adhere to regulatory requirements."
- 8. #completevisibility Casi comuni di utilizzo di IT Auditing Compliance Raggiungere requisiti di conformità alle normative e agli standard di compliance, come PCI, HIPAA, SOX, FISMA/NIST800-53, GLBA, d.lg. 30 giugno 2003, n. 196. Sicurezza Migliorare la sicurezza prevenendo la perdita, il furto o la modifica di dati sensibili e l’accesso non autorizzato a risorse quali email, applicazioni, databases…etc. Analisi delle cause Identificare la causa di un disservizio, risolvere rapidamente downtime dei sistemi e ristabilire l’operatività riducendo al minimo le conseguenze delle interruzioni di servizio.
- 9. #completevisibility WW, EU and Italian Regulations • Cobit • ISO 27001 • SOX • EU Data Protection • HIPPA • PCI-DSS • D.LGS. 196/03 • etc
- 10. #completevisibility Linee guida del Garante • Linee guida in materia di trattamento di dati personali di lavoratori per finalità di gestione del rapporto di lavoro in ambito pubblico • Punto 2. Il rispetto dei princìpi di protezione dei dati personali prevede che Il datore di lavoro pubblico può lecitamente trattare dati personali dei lavoratori …… • adottando adeguate misure di sicurezza, idonee a preservare i dati da alcuni eventi tra cui accessi ed utilizzazioni indebiti, rispetto ai quali l'amministrazione può essere chiamata a rispondere anche civilmente e penalmente (artt. 15 e 31 e ss. del Codice)
- 11. #completevisibility Esempi reali di Audit Failures Indagini sulla Compliance 2010 – NY & Presbyterian Hospital e Columbia University. $4.8 millioni di multa 2009 – WellPoint Inc. $1.7 millioni di multa Compromised Security 2014 – Home Depot 56 millioni di carte di credito dei clienti compromesse (la più grande violazione mai commessa presso una catena di vendita al dettaglio) – Dairy Queen 400 fast food – Jimmy John’s 216 ristoranti – JPMorgan Chase 76 millioni di famiglie, 8 millioni di piccole imprese a richio 2013 – Target. $3.6 – 12 billion (stimati) 2011 – Maricopa County $17 millioni Interruzioni della Business Continuity Una compagnia petrolifera globale Qualcuno a causa di un errore in uno script ha cancellato inconsapevolmente 2000 utenti. Al lunedì mattina I dipendenti non potevano accedere alla rete e alle risorse aziendali Large Recycling Company GP change caused File Server Firewalls to snap on leading to major disruption, as around 60% of the users were unable to access particular applications/resources
- 12. #completevisibility What we do Simple: works right out of the box. Efficient: fills gaps and eliminates noise in native audit without intrusive agents Affordable pricing, no expensive staff or hardware Change auditing: Determine who changed what, when and where Audit the entire IT Infrastructure from a Unified Platform Additional features and functionality (Self Service Password Reset / Inactive User Tracking / Password Expiration Alerting / Logon Auditing / AD Rollback) Our USP
- 13. #completevisibility Limitations of native auditing Report on who, what, when & where - Coverage is limited, change detail is limited and cryptic Show before and after values - Little to no visibility of what the previous value was Consolidation of audit data - Only individual security logs on each server Prevent audit data loss due to log overwrites - Logs can easily be overwritten if configured incorrectly Pre-Defined reports - No pre-defined reports available natively Easy to understand change records - Multiple events need to be analyzed to determine a change Long-term archiving capabilities - Requires large amount of disk space and maintenance Real-time alerts for critical changes - Not available natively
- 14. #completevisibility Netwrix Auditor Unified Platform for Change and Configuration Auditing Active Directory Exchange File Servers SharePoint SQL Server VMware Windows Server Auditing solutions for: AD, Group Policy, Inactive User Tracking and Password Expiration Windows Servers, EMC Storage and NetApp Filers SharePoint farm configuration, security and content changes Exchange changes and non owner mailbox access SQL Configuration and Security Changes Windows configuration changes and user activity video recording VMware vSphere, ESX and ESXi
- 15. #completevisibility Features – Unified Platform Change auditing: detection, reporting and alerting on all configuration changes across your entire IT infrastructure with Who, What, When, Where details and Before/After values. #completevisibility
- 16. #completevisibility Features – Unified Platform Configuration assessment: State-in-time™ reports show configuration settings at any point in time, such as group membership or password policy settings as they were configured a year ago. #completevisibility
- 17. #completevisibility Features – Unified Platform Simple and affordable: works out of the box, low TCO - no expensive staff or hardware. Unified platform to audit the entire IT infrastructure, unlike other vendors with a set of hard-to-integrate standalone tools. #completevisibility
- 18. #completevisibility Features – Enterprise-grade scalability Agentless or lightweight, non-intrusive agent-based modes of operation. AuditAssurance™: consolidates audit data from multiple independent sources, filling-in key details not present in any single source. #completevisibility
- 19. #completevisibility Features – Enterprise-grade scalability Auditing of virtually any system or application, even if it does not produce any logs, via screen activity recording of privileged users with ability to search and replay or tracking of configurations stored in databases. AuditArchive™: scalable two-tiered storage (file-based + SQL database) holding consolidated audit data for 10 years or more. #completevisibility
- 20. #completevisibility Features – AuditIntelligence™ Enterprise Overview dashboards provide complete visibility across the entire IT infrastructure. #completevisibility
- 21. #completevisibility Features – AuditIntelligence™ Reporting with filtering, grouping, sorting, export (PDF, XLS etc.), email subscriptions, drill-down, access via web, granular permissions and ability to create custom reports. More than 200 predefined reports are included, enough to pass most audits. Real-time alerts and reports #completevisibility
- 22. #completevisibility Features – SIEM, Rollback, FIM Integration with SIEM: optionally forwards meaningful audit data into your existing SIEM, leveraging existing processes, protecting technology investments and reducing console sprawl. Event log management: "catchall" of non-change events in Windows logs and Syslog, such as logon/logoff, account lockouts, etc. Change rollback: Reverts unauthorized or malicious changes to a previous state without any downtime or having to restore from backup. File Integrity Monitoring (FIM) of critical system and content files as required by compliance regulations. #completevisibility
- 23. #completevisibility Next Steps Free Trial: setup in your own test environment netwrix.com/freetrial Test Drive: virtual POC, try in a Netwrix-hosted test lab netwrix.com/testdrive Live One-to-One Demo: product tour with Netwrix expert netwrix.com/livedemo Contact Sales to obtain more information netwrix.com/contactsales #completevisibility
- 24. #completevisibility Netwrix programma di canale All awards: www.netwrix.com/awards
- 25. #completevisibility Partnering with Netwrix You can offer your customers the broadest coverage of audited systems and applications: agentless, Tier-2 storage for free, complete visibility. Empower your product portfolio with industry-leading products Transparent and efficient partner program helping you to make more money – up to 40% margin! Robust marketing support to advance your sales! Find our more: netwrix.com/partners/
- 26. #completevisibility Netwrix Partner Program: Quick Start Apply for partnership using Netwrix Partner Registration Portal We will supply you with all necessary Information to make sure your sales are 100% Netwrix-ready. Drive sales and watch your revenue grow! Helpful assets: Netwrix partner program Customer-facing Marketing content Netwrix solutions
- 27. #completevisibility How Do I Make Money with Netwrix? The Netwrix PP Authorized Silver Gold Basic discount new Software Sales, 1st year Support, Pre- paid Support 5% 5% 5% Deal Reg discount new Software Sales, 1st year Support, Pre-paid Support 20% 30% 35% Total Partner Discount for Registered Deals 25% 35% 40%
- 28. #completevisibility I Benefici Benefits Authorized Silver Partner Gold Partner Sales Support NO YES YES Presales Tech Support NO YES Advanced Marketing Support NO YES Advanced SLA Portal SLA 1 SLA 2 Partner Portal Access YES YES YES Netwrix Partner Locator NO YES YES NFR Keys Limited Extended Extended+
- 29. #completevisibility I requisiti Requirements Authorized Silver Partner Gold Partner Reg Deals Approvati 0 3 10 Representing Netwrix on Partner Website NO YES YES+ Co-Marketing Activities NO Min 1 x Quarter Min 1 x Quarter Certified Specialists: min. 1 Sales and 1 Technical NO YES YES Customer Success Story NO 1 x Anno 2 x Anno
- 30. #completevisibility Netwrix Auditor Licensing Listini e Supporto
- 31. #completevisibility Licensing & pricing • Licenses can be perpetual or subscription based • Licensed by number of AD users • Starts at 150 per enabled AD user • Special pricing is available for government, education and non-profit organizations.
- 32. #completevisibility Support • New perpetual licenses include – 1-year Software Maintenance (additional cost) – Valid from the date of purchase – Entitles product updates and technical support for the first year. • Subscription license purchases come with a Software Maintenance contract at no additional cost.
- 33. #completevisibility Anna Nikiforova Netwrix Marketing per Partners Netwrix Corporation Regional Marketing Manager Italy, Malta & Iberia Anna.Nikiforova@netwrix.com 346 8664420 #completevisibility
- 34. #completevisibility Useful content for your customers Free Trial: setup in your own test environment netwrix.com/freetrial Test Drive: virtual POC, try in a Netwrix-hosted test lab netwrix.com/testdrive Live One-to-One Demo: product tour with Netwrix expert netwrix.com/livedemo Contact Sales to obtain more information netwrix.com/contactsales
- 35. #completevisibility Thank you for your attention! Questions? Giovanni Zanasca Management Consultant Ciips Informatica E-mail giovanni.zanasca@cips.it Telephone 3491992152
Editor's Notes
- This slide is shown when the webinar starts, at the same moment when the speaker starts to speak. A speaker says welcoming words – very brief “hi” by (a moderator who introduces a presenter, if moderator is actually involved) presenter, telling his name and position, introducing the topic, - and very importantly – explaining WHY attendees are here (optional), why we are happy to have the people here, what are their learning objectives (very briefly) that they are going to come away with. After that, there’s turning to the next slide. (You can check The Script for a possible exact text for this slide).
- It’s not just about reading the agenda points, but it’s rather about an explanation of specific takeaways and learning outcomes that the presenter will try to achieve in the webinar. An important thing is to remember that at the end of the webinar the presenter should return in his speech to this agenda and remind what it was that we covered today, what were the most important things that we want to make sure that people are taking away from this webcast.
- Explaining a little bit why companies do auditing stressing out these 3 reasons
- Compromised Compliance 2010 – a breach of health information in New York and Presbyterian Hospital and Columbia University. Result: the largest HIPAA settlement to date of $4,8 million monetary payments for violating HIPAA 2009 – a breach of health information in WellPoint Inc. Affected nearly 612,402 individuals. Result: HIPAA settlement for $1.7 million Compromised Security 2013 – a security breach in Target. Affected up to 110 million customers. Result: multiple legal claims to the company and monetary payments settlement for nearly $3.6 billion (estimated) 2011 – a security breach in Maricopa County Community College District. Affected 2.4 million individuals. Result: multiple lawsuits and estimated settlement for about $17 million Sources for this slide info: - NYP and CU: http://www.hhs.gov/news/press/2014pres/05/20140507b.html - Well Point Inc: http://www.hhs.gov/news/press/2013pres/07/20130711b.html - Target: http://techcrunch.com/2013/12/23/target-may-be-liable-for-up-to-3-6-billion-from-credit-card-data-breach/ - Maricopa: http://www.azcentral.com/story/news/local/phoenix/2014/05/02/lawsuit-filed-maricopa-districts-security-breach/8619189/ Additional text which could be used if needed: “The cost of managing a data breach can be huge, including fines, class-action lawsuits, lost staff time, not to mention long-term damage to organizational reputation. The cost of preventing such breaches, on the other hand, including encryption, change and configuration auditing, risk analysis, targeted policy and procedures manuals, and staff training, may not be cheap but is far less costly than cleaning up after a breach”. “Numerous recent security breaches, compliance violations and operations breakdowns at major retailers, healthcare organizations, telecom/Internet companies and hotel chains are vivid examples of audit failures”: (and then speak a little bit about the examples on the slide)
- We have just addressed difficulties (challenges) of auditing AD changes with native tools and said that there is Netwrix Auditor which can simplify this task. On this slide we briefly introduce NA describing its major features and systems coverage, after which we turn to the presentation.
- We have just addressed difficulties (challenges) of auditing AD changes with native tools and said that there is Netwrix Auditor which can simplify this task. On this slide we briefly introduce NA describing its major features and systems coverage, after which we turn to the presentation.
- Explaining a little bit why companies do auditing stressing out these 3 reasons
- Explaining a little bit why companies do auditing stressing out these 3 reasons
- Explaining a little bit why companies do auditing stressing out these 3 reasons
- Explaining a little bit why companies do auditing stressing out these 3 reasons
- Explaining a little bit why companies do auditing stressing out these 3 reasons
- Explaining a little bit why companies do auditing stressing out these 3 reasons
- Explaining a little bit why companies do auditing stressing out these 3 reasons
- Explaining a little bit why companies do auditing stressing out these 3 reasons