Report this Article

Active Directory Change Auditing


  • Comments 0
  • Views 0

<!– @page { margin: 2cm } P { margin-bottom: 0.21cm } A:link { so-language: en-US } –>

So, you’ve got this beautiful AD structure set up. A Clean, new forest, ready for people to start moving in. You let everyone know the rules, they all tell you how great the setup is and how of course those rules are very sensible. So, you open the gates, tell everyone to wash their hands before touching stuff, and start letting them in.

A couple of months later, you start to notice strange things going on. You open the cupboard doors; take a look at your beautiful domain…. and you see a disaster. Look at how deeply those groups are nested. There are users and groups all over the place. Your beautiful OU structure is a thing of the past. There are two dozen new GPOs and they’re applied everywhere. You started with just 3 domain admin accounts, and now it looks like everyone has invited two friends to join the party and you’ve got 15 accounts in there. But, you told them not to do those things. How did this happen? Who made these changes? Once you fix it all, how do you prevent this from happening again?

Enter StealthINTERCEPT Directory Authority; STEALTHbits’ real-time, in-line Active Directory change auditing, monitoring, and prevention solution. StealthINTERCEPT will track all of the changes made to your AD environment – not just those recorded in your Domain Controller Security Logs. It will tell you who made the changes, and it will tell you what those changes are by giving you the old value and the new value of each change. It tracks AD objects and GPOs, giving you total visibility into all of the key changes that happen in your forests. It also tells you the “wheres” of AD changes – which domain controller the change made on and where did the change request originate from – so you can detect anomalous changes and alert on them immediately. It can also proactively prevent changes with its Active Directory change blocking functionality, preventing even your domain admins or other highly-privileged accounts from making changes to key objects or changes that violate your policies and procedures. In short, it gives you the tools you need to effectively manage Active Directory changes.

Fast forward a couple of months. You’ve pounded your domain back into that beautiful, pristine state. This time, before opening the floodgates again, you’re going to protect your investment by putting StealthINTERCEPT Directory Authority into place. You’ll know every change that happens, where it happens, when it happens, and what it is. And you’ve put some lockdown rules in place to protect your key assets and to enforce your policies with more than a wish and a word. This time, you know it’s going to remain pristine, because you have the tools to keep it that way.

To get more information about Active Directory change Auditing please visit our website URL http://www.stealthbits.com/stealthintercept/directory-authority

Share

STEALTHbits offers regex expression tester online. Article's Source: http://articles.org/active-directory-change-auditing/
Author:


  • Posted On May 10, 2012
  • Published articles 4

Post Comment