The effect of a delay in response to a change might allow a bump, which should have otherwise remained insignificant, snowball into an irreparable damage. This is more significant in a Windows Active Directory environment where the damage due to such delay could cost an organization in millions! With that being the case, there is a need for a watchful alert system, that identifies any threat present in the Active Directory network intuitively, steer the attention of an administrator towards such unwanted developments and channelizes the administrators attention to thwart identified threats at the bud.
ADAudit Plus provides an answer to this known challenge through an real-time alerting mechanism. This alerting mechanism helps in the process of channelizing (steering) an administrator's attention instantly towards any desired or undesired happenings and thus ensure that Active Directory network security is never compromised.
ADAudit Plus allows an administrator to configure alerts of varying urgencies or severities and also based on user, time and volume based threshold alerts. This will help organizations with an option to differentiate Active Directory events and also regularize the management of alerted events.
The severities are differentiated as
Consider a scenario, when an administrative account in Active Directory has been accessed by a miscreant and you being the chief administrator of the network are not aware of such a happening. Imagine the devastation that could cause! A stranger logging into an administrative account is undesired and ignoring such a critical activity puts the security of your network under a serious threat. A reporting solution will provide you with the data on User Logon activity or last logged on user, but it could be too late to be acted upon. There is a need for a solution that will alert the administrator well in time, on any activity that he considers to be critical, so that sanity prevails.
Other changes in the Microsoft Active Directory, though important, might not necessarily require an administrators' intervention, these actions require strict supervision. Consider, monitoring the correctness in execution of a delegated user creation task (or) tracking the modification done to a user profile. These actions are to be religiously administered and controlled.
Instant information on day-to-day user and administrative actions are also required in other cases. There is a need to differentiate Active Directory event alerts based on their urgencies of importance / criticality. ADAudit Plus - Active Directory audit software allows the configuration of alerts with varying levels of severity (importance). The severity associated with an alert could be either critical, troublesome or attention seeking. These alerts can be viewed on the ADAudit Plus console from a web browser and from any domain machine.
ADAudit Plus allows you to custom configure (define) alerts for one or more desired Active Directory change events. Just like ADAudit Plus granular reports, these alerts are broad-based in scope – listing all related audit characteristics for the alerted event, including - who did what actions when and from where.
With ADAudit Plus, you can configure and view alerts for a specific change event. For example: You can configure and view an alert for a failed logon on a specific computer in the Domain.
Any alert is complete on being delivered to the mailbox of intended recipients. ADAudit Plus allows one to select one or more desired / undesired Active Directory change events and configure them to be emailed as alerts to one or more users. These alerts will be delivered right to the recipients' inbox.
Some Active Directory changes might require alerting but not necessarily flood an administrator or other recipients' inbox. Those alerts can be viewed directly on the ADAudit Plus web browser from any where in the network. The facility in ADAudit Plus that allows users to view all alerts on its web browser or enable email alert notifications for selected Active Directory changes helps in an organized and effective administration.
Alerts in ADAudit Plus are categorized and can be cleared or deleted at convenience.