Presentation is loading. Please wait.

Presentation is loading. Please wait.

ManageEngine ADManager Plus. AGENDA The aim of this presentation is to showcase: * how ADAudit Plus works. * how ADAudit Plus be configured to extract.

Published byJob Hudson Modified over 8 years ago

Similar presentations

Presentation on theme: "ManageEngine ADManager Plus. AGENDA The aim of this presentation is to showcase: * how ADAudit Plus works. * how ADAudit Plus be configured to extract."— Presentation transcript:

1 ManageEngine ADManager Plus

2 AGENDA The aim of this presentation is to showcase: * how ADAudit Plus works. * how ADAudit Plus be configured to extract event data. * how ADAudit Plus reports and alerts help in security and IT compliance.

3 What is Auditing ? Changes are to be tracked, questioned and verified to ensure - an error free change management practice is followed to improve organization’s operations. We name it Auditing. The text book definition for auditing reads: Auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. Auditing helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of  Risk management,  Control  Governance Processes.

4 Why we need to audit the Active Directory ? Active Directory is the backbone infrastructure of any organization. It acts as a centralized repository for all authentications, changes and management actions in a domain. This means that every change or any event that occurs anywhere in your organization will be recorded in the Active Directory. Ignoring this will result in 1. Security breaches. 2. Government imposed liabilities. (Non-conformance to compliance pre-requisites). 3. Uncontrolled volumes of users, computers and other resources. 4. Added expenditures.

5 Relevance of ADAudit Plus How the organization do Active Directory audit ? What are its limitations? Manually read Windows Logs for security events. Not practical considering the huge volumes of data, varied audit requirements and limited storage capabilities. Using Scripts and Command line tools.They are tedious, not effective and dependency on individuals with scripting knowledge. Employing an Auditing Professional.Economically not the best choice one would consider. Risk of data being compromised.

6 ADAudit Plus What it is? An auditing software for Active Directory, file server and member server, ADAudit Plus is capable of exposing the four dimensions of a change: “who” did “what”, from “where” and “when”. What's on offer? Prepackaged reports. Configurable reports, alerts and notifications. Configurable object tracking. Member and File server auditing – inclusive of alerts & notifications. Terminal Services Activity monitoring User logon action tracking

7 Compliance & ADAudit Plus Every regulatory act asks for: Access Controls to be respected. Exclusive Protection to be offered to File Servers (It Storehouses of all data). Any access breach be notified. For a report of who is accessing what information and what is he doing with the storehouses (file server, etc.)

8 ADManager Plus Vs ADAudit Plus ADManager Plus: Fulfills all your Active Directory and Exchange management, reporting, and helpdesk delegation needs. The product also offers a “one-of-its-kind” service: “readymade” and “compliance-ready” reports to help you achieve IT compliance. ADAudit Plus: Active Directory auditing software, which captures and scrutinizes all the changes that happen in it. Covers the four dimensions of an event: “Who” effected “what” change, “when” and from “where” (which machine).

9 How ADAudit Plus works? ADAudit Plus collects the information about a change from EventLog of domain controllers, file server, and member servers. Then it converts this into human-readable reports. NOTE: ADAudit Plus collects only security events from EventLog.

10 ADAudit Plus's Provision ADAudit Plus is designed to address all crucial reports on: * User Logon * Local Logon-Logoff * Account Management * User Management * Group Management * Computer Management * Domain Policy Changes * OU Management * GPO Management * File Changes All these reports are mandated by several IT regulatory acts. User logon reports also include details about Terminal Services access.

11 ADAudit Plus Strength: Customized Reporting & Alerts Have you ever watched those who watch The President? They scan every inch of an area! That's how it should be when it comes to organizational security or IT compliance. ADAudit Plus offers a great deal of data extraction capabilities in the form of “Report Profile”. In plain terms, it is nothing but “Customized Reporting”. What's Report Profile? In a nutshell, this is your own “event extractor”, for there might be times when you will need more information than what ADAudit Plus prepackaged reports have to offer.

12 Report Profiles for extensive reporting Imagine, you are in need of a report which showcases modifications done to user accounts in a particular folder. In such cases, you can create your own reports.

13 Alerts & Alert Profiles What good is an auditing software that cannot alert you about critical issues?! ADAudit Plus offers a great deal more flexibility in alerts too. You not only can schedule alerts on prepackaged reports but also on your homemade reports too! You can even have these alerts emailed! NOTE: Critical events such as adding a user account to Admin group can be included in custom report and be alerted.

14 Scheduling Reports & Alerts When you schedule a report or alert, make sure you set the update interval to what you think is the best, in case you do not have an organizational policy for that. As always, highly critical report trackers or alerts should be having a low update interval value, so that you get the most up-to-date info frequently.

15 Tips Not everything you audit is worth auditing! Sometimes, you might be spending resources in auditing unwanted events. For example, the application might be tracking temporary files created whenever a resource accesses a filer server. ADAudit Plus comes in with inbuilt exclusions. All you need to do is configure.

16 Tips Excluding Safe But Exhausting Accounts from Monitoring Sometimes certain activities need not be monitored. For example, service accounts create an avalanche of events, which are of no importance. In case, your organizational policy allows for excluding this, you can always depend on ADAudit Plus's advanced configuration filters to exclude them from auditing.

17 Say you want to exclude event duplication in file server auditing, you could very well do so with the help of “Advanced Configuration”.

18 Event Clean-Up: Archiving & Regeneration of Reports Many IT regulatory acts demand that reports be maintained for a stipulated time period, which sometimes are as long as 7 or 10 years! Imagine, storing data for that long and reproducing it without any hiccups! That's one challenge in itself. However, ADAudit Plus comes in with inbuilt archiving system, which zips processed data and stores it in the location you prefer. ADAudit Plus easily reanimates this information in the form reports as soon as the archived data is loaded back into the system!

19

20 Benefits What are the benefits of all this? The first and foremost benefit of ADAudit Plus is that you will be alerted of anomalies early on and could prevent it from magnifying into catastrophe. Your organization stays compliant with IT regulatory acts such as HIPAA, SOX, etc., as ADAudit Plus also helps in File and Member server auditing, which are the storehouses for every organization. ADAudit Plus's archival system allows for safekeeping of relevant business data, at once satisfying the retention policy of several IT regulatory acts. Forensics: Problem identification becomes effortless with the solution offering you 4 different aspects of a change.

Download ppt "ManageEngine ADManager Plus. AGENDA The aim of this presentation is to showcase: * how ADAudit Plus works. * how ADAudit Plus be configured to extract."

Similar presentations

ADManager Plus Simplify Your Active Directory Management.

ADManager Plus Simplify Your Active Directory Management.
Complete Event Log Viewing, Monitoring and Management.

Complete Event Log Viewing, Monitoring and Management.
Using the Self Service BMC Helpdesk

Using the Self Service BMC Helpdesk
Chapter Five Users, Groups, Profiles, and Policies.

Chapter Five Users, Groups, Profiles, and Policies.
File Server Organization and Best Practices IT Partners June, 02, 2010.

File Server Organization and Best Practices IT Partners June, 02, 2010.
Enterprise Reporter 2.0 Customer Presentation. Market Landscape.

Enterprise Reporter 2.0 Customer Presentation. Market Landscape.
Lesson 17: Configuring Security Policies

Lesson 17: Configuring Security Policies
Click to add text Introduction to the new mainframe: Large-Scale Commercial Computing © Copyright IBM Corp., 2006. All rights reserved. Chapter 7: Systems.

Click to add text Introduction to the new mainframe: Large-Scale Commercial Computing © Copyright IBM Corp., All rights reserved. Chapter 7: Systems.
Chapter 8 Chapter 8: Managing Accounts and Client Connectivity.

Chapter 8 Chapter 8: Managing Accounts and Client Connectivity.
Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.

Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.
Maintaining and Updating Windows Server 2008

Maintaining and Updating Windows Server 2008
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.
© Softmark www.softmark.com www.softmark.com - 1 - Continuous Availability Operational Simplicity Financial Advantage Secure Your Stratus Systems VOS Auditor.

© Softmark Continuous Availability Operational Simplicity Financial Advantage Secure Your Stratus Systems VOS Auditor.
Guide to MCSE 70-290, Enhanced 1 Activity 9-1: Creating a Group Policy Object Using the MMC Objective: To create a GPO using the Group Policy Object Editor.

Guide to MCSE , Enhanced 1 Activity 9-1: Creating a Group Policy Object Using the MMC Objective: To create a GPO using the Group Policy Object Editor.
A Guide to Getting Started

A Guide to Getting Started
ManageEngine ADSolutions Identity and Access Management Auditing & Reporting for Compliance.

ManageEngine ADSolutions Identity and Access Management Auditing & Reporting for Compliance.
ManageEngine ADAudit Plus A detailed walkthrough.

ManageEngine ADAudit Plus A detailed walkthrough.
Product Demo. Terminal Services Log By Acceleratio Acceleratio Ltd. is a software development company based in Zagreb, Croatia, founded in 2009. Technology.

Product Demo. Terminal Services Log By Acceleratio Acceleratio Ltd. is a software development company based in Zagreb, Croatia, founded in Technology.
11 WORKING WITH USER ACCOUNTS Chapter 6. Chapter 6: WORKING WITH USER ACCOUNTS2 CHAPTER OVERVIEW Understand the differences between local user and domain.

11 WORKING WITH USER ACCOUNTS Chapter 6. Chapter 6: WORKING WITH USER ACCOUNTS2 CHAPTER OVERVIEW Understand the differences between local user and domain.
Ch 11 Managing System Reliability and Availability 1.

Ch 11 Managing System Reliability and Availability 1.

Similar presentations

Ads by Google