How to audit user network logon activity in Change Auditor for Logon Activity
Promote better security, auditing and compliance in your organization by capturing, alerting and reporting on all user logon and logoff activity. Change Auditor for Logon Activity uses a centralized view to offer:
Get the answers to all your critical security and compliance questions, and simplify IT governance now.
Correlate disparate IT data from numerous systems and devices into an interactive search engine for fast security incident response and forensic analysis. Include user entitlements and activity, event trends, suspicious patterns and more with rich visualizations and event timelines.
Tracks critical end user and administrator logon activity with detailed information on who, what, when, where, why and from which workstation.
Fulfills and simplifies the collection of logon activity for major external regulations and internal security policies.
Sends critical alerts on access attempts (both successful and failed logons) via email and mobile devices to prompt immediate action, enabling you to respond faster to security threats even while you're off-site.
Easily discerns user logon and logoff by type (interactive, remote, local or network) and length of session to help identify suspicious activity.
Provides instant, one-click access to all information on the event you’re viewing and all related activity, eliminating guesswork and unknown security concerns.
Provides system visibility with comprehensive reports for best practices, such as access reports, successful logons, failed logons, authorization comparison reports and reports grouped by users.
Configures access so auditors can run searches and reports without making any configuration changes to the application, all without involving the administrator.
Enables the viewing, highlighting and filtering of logon activity and related change events over time for better forensic analysis of events and trends.
Searches from anywhere using a web browser, and creates targeted dashboard reports that provide upper management and auditors with access to the information they need without having to understand architecture or administration.
For a full list of system requirements and required permissions for all components and target systems that can be audited by Change Auditor please refer to the Change Auditor Installation Guide.
The Change Auditor coordinator is responsible for fulfilling client and agent requests and for generating alerts.
Quad core Intel® Core™ i7 equivalent or better
Minimum:8 GB RAM or better
Recommended: 32 GB RAM or better
SQL databases supported up to the following versions:
NOTE:Change Auditor does not support SQL high availability technology other than clusters.
Installation platforms (x64) supported up to the following versions:
NOTE: Microsoft Windows Data Access Components (MDAC) must be enabled. (MDAC is part of the operating system and enabled by default.)
For the best performance, we strongly recommend:
NOTE: Do NOT pre-allocate a fixed size for the Change Auditor database.
In addition, the following software/configuration is required:
Unless you’ve been hiding under a rock, it’s going to come as no surprise that Office 365 adoption is increasing rapidly. With primary drivers like Exchange Online, SharePoint Online and OneDrive, Office 365 is obtaining an average of around 1 million new
Explore key provisions of the European General Data Protection Regulation and best practices for ensuring compliance before the mandate takes effect.
Explore the new features coming in Windows Server 2016 and how they’ll impact Active Directory management.
In this new report from the Information Security Council, you will learn how your peers are approaching cybersecurity in the era of cloud, including the latest trends and benchmarks to gauge how your own organization stacks up.
Learn about the 5 key trends for insider threats and best practices for protecting Active Directory security.
Insider data breaches are on the rise. Many organisations have recently been affected on a massive scale, and, in each case, Active Directory (AD) accounts have been used to gain access to sensitive data. This is only the tip of the iceberg as these incidents, more often than not, are hidden from public view. The reality is that your organisation could be open to a similar breach due to a lack of insight and excessive privileges.Join us for an interactive hands-on demo day
Audit all events related to file activity and permissions on your EMC NAS devices.
Ensure security, compliance and control of AD and Azure AD.
Simplify and refine LDAP query data
Document all critical group, mailbox and public/private changes to Exchange
Audit all events related to file activity and permissions on your NetApp NAS devices.
Enable faster, easier and more secure Microsoft SharePoint auditing
Efficiently track, audit, report and alert on changes to Microsoft SQL Server in real time