Desktop Tools
File Managers
Editors
Utilities
HTML/XML
Email
PDF Tools
FTP
Browsers
Remote & Telnet
Network Tools
Internet
Graphics
Multi Media
Flash
Security
Recovery
Compression
Disk/Backup
System Tools
Maintenance
Databases
Education
Administration
Development
PDA/SmartPhone
|
Real-Time Change Auditing for Active Directory, Group Policy, Server File System and Server Authentication Events
CPTRAX for Windows provides real-time enterprise-wide alerting and auditing for your Windows and Active Directory environments.
Functionality is provided in four separate modules (you select those modules critical to your needs):
- Active Directory Auditing including schema changes
- Group Policy Objects (both those portions stored in Active Directory and Sysvol)
- Windows Server File System change (file, folder, permission changes plus share level activity) and who accessed files (when and from where)
- Windows Server Authentication tracking including login and failed login activity
Use CPTRAX to advance your IT compliance efforts relating to:
- Sarbanes-Oxley (SOX)
- Gramm-Leach-Bliley Act (GLBA)
- Financial Services Authority (FSA)
- Payment Card Industry (PCI) Compliance
- Health Insurance Portability and Accountability Act (HIPAA)
Auditing for Active Directory | Group Policy | Server File System | Server Authentication
CPTRAX for Windows has four separate auditing and reporting modules that enable you to purchase only the modules that you need:
- Active Directory Real-Time Auditing and Alerting
- By object class for create, delete and modify
- By attribute for add value, remove value and modify value (includes before and after values plus rollback ability)
- By specific object or by wildcard including path
- By schema definition changes including new object classes and attributes created
- Real-time alert examples:
+ Any change to administrative groups
+ Any time a user's account is locked out
+ Any change to designated admin or non-admin accounts
+ Alert based on event thresholds being reached such as too many users being created
Windows Server File System Real-Time Auditing and Alerting
- Server File and Folder changes, optionally including name of Share used
- Server File and Folder permission changes and ownership changes
- Server File access including open, create, rename (move) and delete
- Real-time alert examples:
- Any time designated "sensitive" data is deleted, renamed, or moved
- Any time a file with a specified file extension is created, opened, deleted, renamed or moved
- Any time permissions are modified on designated "sensitive" data
- Trigger alerts on high levels of activity such as excessive file deletes
Windows Server Authentication Real-Time Auditing and Alerting
- Server Authentication activity for Terminal Server and Citrix sessions, Kerberos, NTLM, NTLMSSP and FTP sessions
- Server Authentication Failures for Kerberos, NTLM, NTLMSSP and FTP sessions
- Reports include IP address where request originated and login name used and/or attempted (for failed authentications)
- Real-time alert examples:
- Any time a designated admin account enters a bad password or is locked out
- Any time there is a failed login within a specified IP or IP Range
- Any time a user logs into a specified IP or IP Range
- Threshold alerting of excessive activity such as logon failures
Group Policy Real-Time Auditing and Alerting
- By existing GPOs and newly created GPOs
- By gpLink and gpOptions attributes including changes to link priority
- By status changes (enabled, disabled including version number revisions)
- By actual granular level changes made including separate core and non-core files auditing
- By comparison to predetermined baseline GPO(s) or previous version compare
- Real-time alert examples:
- Any change to the Default Group Policy Object
- Any change to any specified Group Policy Object
- Activity pattern alerting such as changes to Group Policy Objects over a period of time
Pattern alerts based on event thresholds being reached
You can set boundaries that guard acceptable behavior so you get a warning when something abnormal occurs. Thresholds can be set for any indicator in combination with a time series and/or elements of a breakdown including user, source IP address and object affected (file, folder, Active Directory user or group, GPO and so on). After a threshold is activated, the system generates "pattern alert" which is a message and posts it to your defined alert email addresses.
Purchasing CPTRAX for Windows
CPTRAX for Windows Modules are licensed by the total number of enabled user objects. We also offer alternate per server pricing for the File System Auditing, GPO Audting and Logon/Logoff Auditing modules. To receive a custom quote for CPTRAX for Windows we will need to know the number of enabled user objects or the number of Windows Servers\Domain Controlers where you will be installing CPTRAX.
Please contact BTSoftware for pricing!
|
|
|
News:
[ 20220916 ] BTSoftware BV is now reseller of SoftMaker
BTSoftware BV has partnered up with SoftMaker
[ 20211223 ] BTSoftware and Parasoft reconfirm delivery agreements
BTSoftware has a long-standing relation with Parasoft.
[ 20211217 ] BTSoftware BV officially partnered up with Lansweeper
Lansweeper continues to be available through BTSoftware since 2011
[ 20211013 ] BTSoftware BV has added 7Edit to the product catalog
7Edit now available through BTSoftware BV
[ 20211013 ] BTSoftware BV has added AOMEI Backupper to the product catalog
AOMEI Backupper now available through BTSoftware BV
[ 20210205 ] BTSoftware BV has partnered up with Seagull Scientific
BTSoftware BV and Seagull Scientific are now partners
[ 20181231 ] BTSoftware BV is now partner of Unified Compliance
BTSoftware BV and Unified Compliance are now partners
[ 20180215 ] BTSoftware BV has partnered up with IronSoftware
BTSoftware BV and Iron Software are now partners
More ...
|