Product overview of InTrust
InTrust is an event log management solution that addresses all of these concerns in heterogeneous environments composed of Windows, Unix and Linux servers, databases, business applications and network devices.
InTrust enables you to securely collect, store, search and analyze massive amounts of IT data from numerous data sources, systems and devices in one place. Get real-time insights into user activity for security, compliance and operational visibility.
With InTrust, you’ll be able to:
Correlate disparate IT data from numerous systems and devices into an interactive search engine for fast security incident response and forensic analysis. Include user entitlements and activity, event trends, suspicious patterns and more with rich visualizations and event timelines.
Automate, secure and scale the collection of event logs across servers, network devices and workstations with immediate availability for analysis, security and compliance reporting.
Sends real-time alert notifications about unauthorized or suspicious user activity directly to you via email or to third-party monitoring applications such as Microsoft System Center Operations Manager (SCOM).
Archive and conduct full-text search event log data for compliance and security purposes with long-term log retention.
Enables you to create a cached location on each remote server where logs can be duplicated as they are created, preventing a rogue user or administrator from tampering with the audit log evidence.
Easily convert investigations into multiple report formats. Schedule reports and automate distribution across teams or choose from a vast library of pre-defined best practice reports with built in event log expertise.
Forwards all log data collected from Windows servers and network devices to a security information and event management (SIEM) solution of your choice. Supports customizable event output formats to seamlessly integrate with a wide variety of SIEM solutions.
Save on storage costs with a highly compressed repository, 20-1 with indexing and 40-1 without.
Get a unified view into event log data from Windows, Unix/Linux, network devices, custom text logs and more. Make sense of log events by leveraging their simplified and normalized representation of Who, What, When, Where and Workstation.
Default Set of Components
The components installed by default are InTrust Deployment Manager, InTrust Server and InTrust Repository Viewer. If you customize the selection to install individual components, see the requirements for the components you need in the InTrust System Requirements document supplied in the product download. If you use the default selection, the combined requirements are as follows:
Min. 4 cores (for example, for evaluation purposes).
For any real-world uses, at least 8 cores are recommended.
Min. 4GB (for example, for evaluation purposes).
For any real-world uses, at least 8GB are recommended.*
If you deploy InTrust on a virtual machine, make sure the CPU and memory requirements above are met, and do not overload the virtual machine host.
Insider threat, Active Directory security, insider attack, data breach
Platinum Bank enhances security, ensures regulatory compliance and minimizes downtime with AD and Exchange auditing.
In this new report from the Information Security Community on LinkedIn, you will learn how your peers are approaching cybersecurity in the era of cloud, including the latest trends and benchmarks to gauge how your own organization stacks up.
In this informative white paper, Quest service partner XMS Solutions dives into the risks associated with legacy AD architectures as well as how to avoid them.
This ebook explores the anatomy of an AD insider threat and details the best defense strategies against it.
This white paper explains the key provisions of GDPR and why organizations need to take action today to achieve compliance before May 25, 2018, when steep penalties for non-compliance take effect.
Ensure security, compliance and control of AD and Azure AD.
Document all critical group, mailbox and public/private changes to Exchange
Track, audit and receive reports on all Windows File Server real-time system changes
Get answers to critical security and compliance questions
Simplify Microsoft on-premises and cloud-based platform security and compliance reporting
Self-service tools will help you to install, configure and troubleshoot your product.
Find the right level of support to accommodate the unique needs of your organization.