In this white paper written by the leading industry expert on Windows Security, Randy Franklin Smith, we look at the main compliance frameworks, identify the common change management and monitoring elements, and call out important differences where they occur. Then we identify the main Microsoft platforms touched by those requirements (Windows Server, IIS, Active Directory with mention of SQL Server and Exchange). We also discuss the challenges of monitoring those technologies as well as reporting on changes.
Finally, we discuss ways organizations can address the change management and monitoring elements of compliance and the challenges of different log formats, use of other monitoring technology where logs fall short, performance, breadth of log sources, network topology, etc. We also cover to how to handle non-Microsoft products, such as Linux and Unix.
Acquisitions - Enstratius, RemoteScan, StatSoft