RE: Auditing Solution
From: Phil Agcaoili (PhilAgcaoili_at_discussions.microsoft.com)
Date: 02/17/05
- Next message: Galen: "Re: Trojan! Need some help"
- Previous message: Roger Abell: "Re: Easy Password question"
- In reply to: John Collins: "Auditing Solution"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 16 Feb 2005 21:19:01 -0800
Try this out:
http://www.gfi.com/lanselm/
I answered another question like this tonight, but I've run it to monitor
developers on production machines with DA accounts bouncing machines during
the day or modifying system settings with going through change control.
The software has really made a difference in being able to detect and catch
people from doing things that they shouldn't and it was a lot cheaper to
deploy and compromised less system availability than competing intrusion
prevention systems we ran.
"John Collins" wrote:
> The Problem:
> Someone has been mysteriously bouncing our PDC....
>
> The Hoped-For Solution:
> My company / department is looking for a robust enterprise solution which
> will allow us to perform an extremely detailed level of audting and reporting
> on our windows servers. We currently run NT Server, 2000 Server, and an
> occasional version of 2K3.
>
> We want something that can provide answers to complicated questions like:
> Who initiated a system restart on <insert date/time>?
> Where did <specific> terminal services session originate from?
> How many bad logon attempts were made by <user id / account> on <machine/ box>
>
> We're running an NT domain, hope to move to AD sometime by the end of Q1 or
> Q2. If anyone has any good suggestions for products which can help us solve
> these problems, it would be greatly appreciated!
>
> If anyone has an alternative solution to the reporting and data aggregation
> which my company requires, please let me know. I don't think cost is an
> issue, at this point.
>
> Thanks!
> John
- Next message: Galen: "Re: Trojan! Need some help"
- Previous message: Roger Abell: "Re: Easy Password question"
- In reply to: John Collins: "Auditing Solution"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
