Active Directory Auditing Headaches (and How to Solve Them)

Slides:

Advertisements

Similar presentations

ADManager Plus Simplify Your Active Directory Management.

Advertisements

Migration Manager for Active Directory & File Servers

Module 4: Implementing User, Group, and Computer Accounts

Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

Administering Active Directory

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Security Management IACT 418/918 Autumn 2005 Gene Awyzio SITACS University of Wollongong.

Change Auditing Software

Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.

Account Reset Console Delegated and secure self password resets Joe Vachon Sales Engineer.

ManageEngine ADSolutions Identity and Access Management Auditing & Reporting for Compliance.

Database Auditing Models Dr. Gabriel. 2 Auditing Overview Audit examines: documentation that reflects (from business or individuals); actions, practices,

Chapter 7 Database Auditing Models

Auditing Logical Access in a Network Environment Presented By, Eric Booker and Mark Ren New York State Comptroller’s Office Network Security Unit.

Presenter: Nick Cavalancia Auditing Evangelist 3 Ways Auditing Needs to be a Part of Your Security Strategy Brought to You by.

©Kwan Sai Kit, All Rights Reserved Windows Small Business Server 2003 Features.

Hands-On Microsoft Windows Server Security Enhancements in Windows Server 2008 Windows Server 2008 was created to emphasize security –Reduced attack.

POSITIONING STATEMENT For people who operate shared computers with Genuine Windows XP, the Shared Computer Toolkit is an affordable, integrated, and easy-to-use.

User Manager Pro Suite Taking Control of Your Systems Joe Vachon Sales Engineer November 8, 2007.

Master Data Impact, Data Standards, and Management Process and Tools.

Netwrix product briefing n4.0 Unified Auditing for Critical IT Systems.

Enterprise Security for Microsoft Dynamics GP Jeff Soelberg

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 7 Database Auditing Models.

SAM for Virtualizatio n Presenter Name. Virtualization: a key priority for business decision makers Technavio forecasts that the global virtualization.

Understand Audit Policies LESSON Security Fundamentals.

Ellis Paul Technical Solution Specialist – System Center Microsoft UK Operations Manager Overview.

Cloud, big data, and mobility Your phone today probably meets the minimum requirements to run Windows Server 2003 Transformational change up.

Why IT auditing is a must in your security strategy ?

Windows Active Directory – What is it? Definition - Active Directory is a centralized and standardized system that automates network management of user.

PremierPoint Solutions Announces Significant New Features in Extranet Collaboration Manager for SharePoint 2013 R2 1888PressRelease - PremierPoint Solutions.

Get to know SQLDocKit!. Monitoring and administration solutions for SharePoint, Office 365, Windows Servers, Remote Desktop Services, and Citrix admins.

The Ultimate SharePoint Admin Tool

KasPer Pro HRMS with Self Service Brings a Fully Featured Human Resources Management Solution to the Office 365/SharePoint Online Environment OFFICE 365.

WorkDiff Mobile, Scenario-Based Collaboration Solution WorkDiff Allows Users to Work Differently While Using Familiar Functions of Microsoft Office 365.

ESign365 Add-In Gives Enterprises and Their Users the Power to Seamlessly Edit and Send Documents for e-Signature Within Office 365 OFFICE 365 APP BUILDER.

Active Directory Management Software Borna

Active Directory Audit | User Logon/Logoff Audit | File Server Audit | Windows Server Audit Printer Audit | Removable Storage Audit | Compliance Reports.

Utilize Internal Data via Mobile Business Apps

Hybrid Management and Security

Get to know SQL Manager SQL Server administration done right

Configuring Windows Firewall with Advanced Security

Uniting Office 365 and PRINCE2, UPrince and Project Online Make Managing Structured Projects More Efficient Without Increased Overhead Costs OFFICE 365.

of our Partners and Customers

Officeatwork 365 Document Designer Allows Organizations to Design Brand- and Legal- Compliant Templates and Documents Globally OFFICE 365 APP BUILDER PROFILE:

Booklet365 Office 365 Outlook Add-In Makes Easy Work of Managing Schedules for Fitness Gyms, Sports Associations, Trainers, and Their Customers Partner.

Make Your Management and Board Meetings More Effective and Paperless with Microsoft Office 365, SharePoint, and the Pervasent Board Papers App Partner.

Identity and Access Management

Smart Org Charts in Microsoft Office 365: Securely Create, Collaborate, Edit, and Share Org Charts in PowerPoint and Online with OrgWeaver Software OFFICE.

Decisions Delivers an Easy Way to Plan, Organize and Run Efficient Board and Leadership Meetings Along with the Security of Microsoft Office 365 OFFICE.

SocialBoards Self-Service, Multichannel Support Ticket Notifications in Microsoft Office 365 Groups Help Customer Care Teams to Provide Better Care OFFICE.

SAP Dynamic Authorization Management by NextLabs

IT Management, Simplified

Skyhigh Enables Enterprises to Use Productivity Tools of Microsoft Office 365 While Meeting Their Security, Compliance & Governance Requirements Partner.

MetaShare, Powered by Azure, Gives SharePoint a User-Friendly, Intuitive User Interface and Added App Features with No Added Administrative Tasks OFFICE.

+Vonus: An Intuitive, Cloud-Based Point-of-Sale Solution That’s Powered by Microsoft Office 365 with Tools to Increase Sales Using Social Media OFFICE.

With IvSign, Office 365 Users Can Digitally Sign Word Documents in the Cloud from Any Device Without Having to Install Any Digital Certificates OFFICE.

Contextual Intelligence Platform Delivers Rich, Interactive Add-Ins to Microsoft Office and Brings Users Efficiency, Quick Access to Valuable Data MICROSOFT.

Office 365 Integration Enables WebUntis Users to Sign in Using Office 365 Account Information and to Export WebUntis Timetables Directly to Outlook OFFICE.

Get Enterprise-Grade Call Handling and Control for Microsoft Office 365 and Skype for Business with the Bridge Boss-Admin Executive Console OFFICE 365.

BluVault Provides Secure and Cost-Effective Cloud Endpoint Backup and Recovery Using Power of Microsoft OneDrive Business and Microsoft Azure OFFICE 365.

Office 365 and Microsoft Project Integrations for HULAK Project Management Software Enable Teams to Remain Productive and Within Budget OFFICE 365 APP.

Yooba File Sync: A Microsoft Office 365 Add-In That Syncs Sales Content in SharePoint Online to Yooba’s Sales Performance Management Solution OFFICE 365.

BACHELOR’S THESIS DEFENSE

BACHELOR’S THESIS DEFENSE

Designing IIS Security (IIS – Internet Information Service)

Azure AD Simon May Technical Evangelist.

SysKit Security Manager

IT Management, Simplified

Presentation transcript:

Active Directory Auditing Headaches (and How to Solve Them) John O’Neill Sr. - Petri Nick Cavalancia - Netwrix

About the Speakers John O’Neill Sr. Nick Cavalancia During his 20+ years in the IT industry, John has enjoyed the opportunity to work as a consultant, architect, executive, speaker, and author. He's been involved in multi-national networking, messaging, and communications projects as well as finding solutions for small businesses allowing them to use technology to increase business opportunity and decrease operational complexity. Nick Cavalancia Nick Cavalancia, is VP of Marketing with Netwrix, where he assists in driving innovation and the evangelism of Netwrix solutions. He has over 20 years of enterprise IT experience and is an accomplished consultant, trainer, speaker, columnist, and patent holder. He has authored, co-authored and contributed to over a dozen books on Windows, Active Directory, Exchange and other Microsoft technologies.

You Can’t Manage What You Can’t Measure Why Audit? Security Compliance Documentation Change Management Understanding You Can’t Manage What You Can’t Measure

Security AD is many organization’s front line when it comes to AAA Authentication Authorization Accounting When you suspect a compromise, the faster response the better!

Compliance Understand the who, what, when, where, and why for events in your AD Necessary for public AND private organizations Know your requirements

Because it’s going to happen! Requests for audit data are never timely Do you shutdown the IT department to sift through mountains of data? Does the data even exist?

What to Audit Security context changes Computer account activities Passwords Group memberships Enable, disable, or delete Computer account activities Added or removed OU shift

An Oft Forgotten One OU Management “OU’s Gone Wild” OU “sprawl” Managed OU structure is critical to proper operation “OU’s Gone Wild”

Free Help Is Available! Event Logs Event Log Subscriptions (http://url2open.com/CW) AD Auditing Freeware

Netwrix Change Notifier for Active Directory Formerly Active Directory Change Reporter Freeware Edition Completely Free Tool Provides Change Detail: Adds, Deletes, Modifications Object Changed Any Change Details

What’s Missing from Log-Based Solutions? Change detail Consolidation of events to a single change An easy way to report on criteria-based changes Insight into state-in-time of changes

Netwrix Auditor Change and configuration auditing for IT security, compliance and operations. Provides detection, visibility and intelligence into organizational changes in security, systems and data. Allows organizations to monitor, audit and report on changes in critical systems and applications impacting adherence to compliance, access to sensitive data, and operational efficiency.

Netwrix Auditor for Active Directory Scheduled and on-demand Alerting and Reporting Complete Change Detail Schema, objects, security, Group Policies State-in-Time Reporting Object Recovery down to attribute level Also Includes Password Expiration Alerting Inactive User Tracking Windows Server Auditing Event Log Management User Activity Video Recording

About Netwrix Core Competency Established in 2006 Change and Configuration Auditing of Critical Systems Simple, Efficient & Affordable Established in 2006 Recognized in the Inc. 5000 two years running

Customers Federal, State, Local Financial Government WebMD Healthcare & Pharmaceutical Industrial/Technology/Other

Awards & Recognitions PRODUCT AWARDS Windows IT Pro Community Choice Awards - 2012 Best Active Directory / Group Policy Product Best Auditing/Compliance Product 4th Year in a Row Best Messaging Product 2nd Year in a Row Best SharePoint Product 3rd Year in a Row Best Virtualization Product 3rd Year in a Row Best Security, Auditing, Compliance Product Redmond Magazine Editor’s Choice Award Info Security Products Guide Global Excellence Awards – 2013 Gold Award in Auditing Silver Award (2): Forensics, Fraud Prevention/Auditing Bronze Award (2): Best Security Software Products and Solution for Small Business & SOHO 40+ awards , SC Magazine, WinITPro, Windows Security.com and more… CORPORATE AWARDS Inc. 5000 - Ranked 2nd Year in a Row as one of the Top 100 software companies in 2013

Solutions from Netwrix Netwrix Change Notifier for Active Directory Free Basic report-based notification of AD changes http://url2open.com/CX Netwrix Auditor for Active Directory Paid Solution Advanced Auditing, Reporting State-in-Time Windows Server Auditing http://url2open.com/CY

Conclusion You can’t manage what you can’t measure It’s going to happen Solutions do exist to ease the pain Netwrix has Free and Paid solutions

Thank You