File Integrity Monitoring (FIM) is critical for Microsoft Windows network security, w.r.t changes to configurations, files and file attributes (dll, exe and other system files). Data breaches across the network are constantly monitored for attempted or unauthorized modifications; pre-conceived reports and instant email alerts are sent upon access to monitored folders / files (Log, audit, text, exe, web, configuration, DB files). Ensure your Windows Servers security meets compliance requirements of: PCI DSS (Req. 10.5, 11.5), SOX (Sec 404), FISMA (NIST SP800-53 Rev3), HIPAA (NIST Publication 800-66).
The System, Configuration, Program Files & Folders are constantly monitored by ADAudit Plus and upon detecting a change, instant email alerts are sent with a detailed event summary to assist in a quicker action. Usually when a system is compromised the attacker will generally alter certain key files to get access and prevent detection. Know Who made What change from Where and When with ADAudit Plus.
Windows System Files: SysWOW64 | System32 | Program Files | DLLs | Drivers | Installed Programs
Restricted data: Personal Information | Financial Statements | Card Transaction Files
'Select & View-Export the Reports', the easy-to-view pre-configured reports help in monitoring the user actions in the Windows network. The 20+ filter attributes in each reporting helps to easily pin point details in the thorough reports. Switch reports view across configured Domains / time period of reports. Also, schedule periodic email reports to XLS, HTML, PDF and CSV formats for corporate network analysis and IT Compliance!
'Email Alerts' in ADAudit Plus further unburdens the administrator's call of duty. When a change / unauthorized access are logged, an email notification is sent, enabling the administrator to take immediate action. Alert Profiles are preconfigured and vigilant upon installation. Severity based custom alerts can be set for events in the Report profile.
Get updates on the modified files with details on who made the change attempt and at what time along with 35+ filter attributes to choose from.
Keep a track of the deleted configuration and system files, know when every file was deleted and by whom and when with this report.
Check the folder access permission changes and view which permissions were modified along with the new and original values.
Critical permission change report that monitors every folder to ensure its audit feature is not changed unauthorizedly.
Terminal Services Activity Report monitors the Remote Desktop Services activity. Monitor Terminal Services Activity with vital information of the source computer, client IP Address, access history; from among a list of attributes thoroughly scrutinizing the events logged.
|Other ADAudit Plus Features|
Windows Active Directory Auditing
Windows Logon/Logoff Auditing
Windows File Servers Auditing
Windows Servers Auditing