Merci, nos conseillers vont vous rappeler.
🛡 Contrôlez et sécurisez l’accès à vos données avec la suite Netwrix
WEBINAIRE mardi 05 juillet 2022 de 10:00 à 10:45. Découvrez les solutions Data Classification, Auditor et SbPAM de Netwrix.En savoir plus
par Lepide • 10 Jan 2019
The Active Directory is arguably the most important part of any Windows-based IT infrastructure within an organization. For this reason, it is imperative that you take extra steps to protect the Active Directory through regular, pro-active auditing. This process will help to reveal all accesses and changes made to objects so that you can spot anomalies and act faster.
By creating a list of requirements before you start auditing your Active Directory you can determine what aspects of the audit are important to your organization. For example, your requirements could be:
The Windows Server operating system does offer inbuilt auditing tools, such as Event Viewer, Windows PowerShell and others. However, there are some limitations which we go through here:
Event logs do contain snippets of relevant information, but more information is needed for IT teams to better understand changes being made. For example, if an Administrator has unlocked an account and reset its password, the auditor may want to know what changes have been made in the access control lists of the primary drive or other folders for that user. Using manual or other scripting methods to check the changes in currently assigned permissions on different folders and drives is a laborious and time-consuming task.
LepideAuditor Suite is a simple, cost-effective and automated solution designed to overcome the limitations of native auditing. It lets you audit multiple instances of Active Directory, Group Policy Objects, Exchange Server, SQL Server, SharePoint and File Server from a centralized platform. The intuitive dashboard makes it easier for IT Auditors and Administrators to track configuration changes being made to their most critical IT servers.
The solution offers agent-based, agentless or hybrid auditing. There are no major differences between agentless and agent-based auditing, as the agents are very light on the system resources. Agents are only required to audit logon/logoff events, non-owner mailbox accesses and NetApp Filers.
The changes are captured in real-time and displayed in the solution after processing. The logs are stored in a SQL Server or SQL Server Express database and there is no limit the number of audit logs you can store. Administrators also have the option of archiving logs to another SQL database if required.
Real-time alerts on selected critical changes are sent in to the specified recipients by email and they will also be notified through the LepideAuditor App (compatible with any Android or Apple iOS enabled device). Through the Web Console, administrators can create accounts for selected users and determine which reports are to be shared.
In addition to auditing, LepideAuditor Suite also monitors the health of the Active Directory, Exchange Server and SQL Server. The solution creates backup snapshots of the state of Active Directory Objects and Group Policy Objects that can be restored with just a few clicks. Objects can be restored regardless of whether they are in a tombstone state.
The dedicated Radar Tab visually provides information on all aspects of the audited servers, including changes by criticality and by source. With over 270 predefined audit reports and a powerful search function, LepideAuditor Suite enables users to find the root cause of a change or meet regulatory compliance mandates in seconds.