Windows File Integrity Monitoring
File Integrity Monitoring (FIM) is critical for Microsoft Windows network security, w.r.t changes to configurations, files and file attributes (dll, exe and other system files). Data breaches across the network are constantly monitored for attempted or unauthorized modifications; pre-conceived reports and instant email alerts are sent upon access to monitored folders / files (Log, audit, text, exe, web, configuration, DB files). Ensure your Windows Servers security meets compliance requirements of: PCI DSS (Req. 10.5, 11.5), SOX (Sec 404), FISMA (NIST SP800-53 Rev3), HIPAA (NIST Publication 800-66).
Here's How FIM Works
The System, Configuration, Program Files & Folders are constantly monitored by ADAudit Plus and upon detecting a change, instant email alerts are sent with a detailed event summary to assist in a quicker action. Usually when a system is compromised the attacker will generally alter certain key files to get access and prevent detection. Know Who made What change from Where and When with ADAudit Plus.
File systems monitored for change
Windows System Files: SysWOW64 | System32 | Program Files | DLLs | Drivers | Installed Programs
Restricted data: Personal Information | Financial Statements | Card Transaction Files
Audit NOW with
'Select & View-Export the Reports', the easy-to-view pre-configured reports help in monitoring the user actions in the Windows network. The 20+ filter attributes in each reporting helps to easily pin point details in the thorough reports. Switch reports view across configured Domains / time period of reports. Also, schedule periodic email reports to XLS, HTML, PDF and CSV formats for corporate network analysis and IT Compliance!
'Email Alerts' in ADAudit Plus further unburdens the administrator's call of duty. When a change / unauthorized access are logged, an email notification is sent, enabling the administrator to take immediate action. Alert Profiles are preconfigured and vigilant upon installation. Severity based custom alerts can be set for events in the Report profile.
The ManageEngine ADAudit Plus Advantage
Pre-Configured Windows File Integrity Monitoring Reports
Key Benefits of the Windows File Integrity Monitoring change audit reports
Get updates on the modified files with details on who made the change attempt and at what time along with 35+ filter attributes to choose from.
Keep a track of the deleted configuration and system files, know when every file was deleted and by whom and when with this report.
Folder Permission Changes
Check the folder access permission changes and view which permissions were modified along with the new and original values.
Folder Audit Setting Changes (SACL)
Critical permission change report that monitors every folder to ensure its audit feature is not changed unauthorizedly.
Terminal Services Activity Report monitors the Remote Desktop Services activity. Monitor Terminal Services Activity with vital information of the source computer, client IP Address, access history; from among a list of attributes thoroughly scrutinizing the events logged.
This Windows File Integrity Monitoring feature is available with the File Server Add-On.