Changeauditor for windows file servers

С помощью Change Auditor вы получаете полный ИТ-аудит, в режиме реального времени, всестороннюю экспертизу и комплексный мониторинг безопасности для всех ключевых настроек, изменений пользователей и администраторов. Change Auditor также отслеживает действия пользователей для входа в систему, проверку подлинности и других ключевых служб.

Поддерживаемые системы AD, Exchange, Файловые сервера, FluidFS, EMC, NetApp, SQL Server, SharePoint, Skype for Business, VMware vCenter.
Контроль действий администраторов и пользователей. Отвечает на вопросы: Кто? Где? Когда? Откуда? Что именно сделал? Почему?
Настройка и ведение собственных логов. Возможно использовать как источник для SIEM, экономя на трафике за счет более сублимированных данных.
Защиты чувствительных данных на предмет удаления или перезаписи.
Модульная система лицензирования.
Дополнительный модуль ThreatDetection.
- Сбор и анализ логов (попытки авторизации, изменения в AD, действия с файлами);
- Создание базовых моделей поведения пользователей (на основе 30 дней наблюдения);
- Обнаружение отклонений от базовых моделей и аномалий поведения;
- Корреляция событий и подтверждение инцидентов;
- Построение моделей рисков;
- Приоритезация рисков, отслеживание подозрительных пользователей;

ChangeAuditor представляет собой линейку решений для оперативного аудита изменений в режиме реального времени на серверах служб каталогов, на файловых и почтовых серверах под управлением операционной системы Windows

В продуктах ChangeAuditor реализован ролевой контроль доступа, защита объектов доступа и ведение журнала событий для повышения уровня безопасности и исполнения законодательных требований по защите информации. Продукты также предлагают механизм автоматической генерации подробных отчетов для защиты от нарушений политики и предупреждения рисков и ошибок, связанных с повседневными модификациями.

ChangeAuditor осуществляет контроль изменений с соблюдением как внутренних, так и внешних требований по ограничению доступа к информации. Решение автоматизирует контроль любых изменений на ключевых серверах, обнаруживая все модификации в каталогах, в файлах и папках. Отслеживается вся активность на серверах – можно быстро определять пользователей, которые пытаются получить доступ, не имея на то соответствующих полномочий. Продукты включают сотни встроенных отчетов для поддержки для соответствия стандартам Sarbanes-Oxley, SAS 70, HIPAA, GLBA, ISO 17799, FISMA и т. д.

Состав линейки ChangeAuditor

ChangeAuditor for Active Directory – отслеживание критически важных изменений с помощью средств аудита Active Directory. Создание отчетов и оповещение в режиме реального времени о жизненно важных изменениях в конфигурации, причем без накладных расходов на внутренний контроль. Продукт немедленно сообщает администраторам о том, кто сделал, какое изменение, когда и с какой рабочей станции, исключая риски, связанные с повседневными изменениями.
ChangeAuditor for EMC – отслеживание и аудит критически важных изменений на EMC-серверах в режиме реального времени. Создание отчетов и оповещение о жизненно важных изменениях в конфигурации. С ChangeAuditor администраторы мгновенно получают сведения о том, кто сделал, какое изменение, когда и с какой рабочей станции, исключая риски, связанные с повседневными изменениями.
ChangeAuditor for Exchange – активное отслеживание, проверка, составление отчетов и отправление уведомлений об изменениях в конфигурации и разрешениях сервера Exchange. Продукт также автоматически создает подробные отчеты, направленные на обеспечение соблюдения политики безопасности и предотвращение рисков и ошибок, возможных при ежедневных изменениях данных. Кроме этого, администраторы всегда получают исходные и текущие значения для быстрого устранения проблем.
ChangeAuditor for LDAP – отслеживание и аудит LDAP-запросов к Active Directory в режиме реального времени, создание отчетов и оповещение об этих запросах. Продукт переводит LDAP-запросы в простые условия (кто, что, когда, где) и позволяет администраторам мгновенно обнаруживать их, чтобы специалисты могли быстро определять, нуждаются ли элементы в дальнейшем изучении.
ChangeAuditor for NetApp – отслеживание, аудит, отчетность и оповещения об изменениях в файлах и папках NetApp в режиме реального времени. С ChangeAuditor администраторы мгновенно получают сведения о том, кто сделал, какое изменение, когда и с какой рабочей станции, исключая риски, связанные с повседневными изменениями.
ChangeAuditor for SharePoint – отслеживание, аудит, отчетность и оповещения о критически важных изменениях в SharePoint в режиме реального времени. Продукт учитывает все изменения, включая фермы, серверы, сайты, пользователей и разрешения SharePoint. При этом события переводятся в простые условия, а данные сохраняются в централизованную и защищенную базу данных. Программа также автоматически создает подробные отчеты, направленные на обеспечение соблюдения политики безопасности и предотвращение рисков и ошибок, возможных при ежедневных изменениях данных.
ChangeAuditor for SQL Server – отслеживание, аудит, отчетность и оповещения об изменениях на SQL-сервере в режиме реального времени. Продукт переводит события в простые условия и дает администраторам представление о том, кто сделал какое изменение, когда и с какой рабочей станции, исключая риски, связанные с повседневными изменениями. Продукт также автоматически создает подробные отчеты, направленные на обеспечение соблюдения политики безопасности и предотвращение рисков и ошибок, возможных при изменениях данных.
ChangeAuditor for VMware vCenter – отслеживание, аудит, отчетность и оповещения об изменении данных в VMware vCenter в режиме реального времени. С ChangeAuditor администраторы могут отслеживать, кто сделал какое изменение, когда и с какой рабочей станции, исключая риски, связанные с повседневными изменениями.
ChangeAuditor for Windows File Servers – аудит, отчеты и уведомления об изменениях файловых серверов Windows. Продукт оперативно отслеживает, проверяет, составляет отчеты и уведомляет о важных изменениях в режиме реального времени без накладных расходов, связанных с ведением собственного аудита. Администраторы мгновенно видят, кто, где, когда и на какой рабочей станции внес какие-либо изменения, и получают исходные и текущие значения для быстрого устранения ошибок.

Источник

Quest ChangeAuditor for File Servers

ChangeAuditor for Windows File Servers — аудит в реальном времени всех файловых операций и изменений конфигурации серверов Microsoft Windows, включая изменения прав доступа. Продукт обеспечивает соответствие политик безопасности и доступа к данным принятым стандартам; повышает степень защиты данных и снижает риск утечки информации; предлагает механизм контроля за действиями администратора; публикует важнейшие данные аудита в виде отчетов для руководства. Для хранения собираемой информации продукт ведет свой собственный журнал, что позволяет в любое время восстановить полную картину событий и действий персонала, гибко реагировать на несанкционированное изменение прав доступа и попытки обращения к конфиденциальной информации.

Детальный аудит изменений прав доступа к файлам и папкам. Продукт выполняет в реальном времени тщательный контроль всех изменений прав доступа к файлам и папкам и собирает широкий спектр данных: пользователей, сделавших изменения; местонахождение изменений; значения измененных полей до и после изменений. Эта информация позволяет контролировать внесенные изменения и при необходимости восстанавливать первоначальные значения измененных полей, обеспечивает соблюдение политик безопасности и соответствие стандартам доступа к корпоративным данным на файл-серверах.
Аудит активности пользователей. Продукт собирает самую детальную информацию о всех операциях перемещения, уничтожения, чтения и записи на файл-серверах (файлы, папки, разделяемые ресурсы) и публикует отчеты в соответствии с заданными параметрами. При этом собираются данные о необычных и подозрительных файловых операциях пользователей и администраторов и устанавливаются возможные взаимосвязи между этими операциями.
Расширенные возможности аудита. Применение ChangeAuditor позволяет отказаться от других операций аудита, что освобождает системные ресурсы и снижает число событий, генерируемых при каждом обращении к папкам или файлам. Система фильтров позволяет точно задавать число контролируемых параметров и степень точности контроля, а также управлять аудитом критически важных файлов и папок.

В 2009 году продукт получил награду Silver Editor’s Best журнала Windows IT Pro в категории «Best Auditing & Compliance Product».

Источник

Product Support — Change Auditor

Add to My Downloads

— file has been selected to download. You can either download the file now with any of the other files selected below or add them to your download folder in order to download them at a later time. Adding files to your download folder is recommended when downloading multiple files at a time. By downloading, you agree to the Software Transaction, License and End User License Agreements listed here.

Add to My Downloads

Customers who have selected the file above have also downloaded the recommended files listed below. Popup blocker should be disabled in order to download the files listed below

Download Now

Customers who have selected the file above have also downloaded the recommended files listed below. Popup blocker should be disabled in order to download the files listed below

Please wait while we verify your entitlement to this file.

Downloads are restricted from Tablet and Mobile devices. Please access this page from a non-restricted device to complete this download.

Accept Terms and Conditions

Prior to downloading this Software, you must review the Software Transaction Agreement located here and confirm, by clicking the I agree check box below, that your organization accepts and is bound by the terms and conditions of the Software Transaction Agreement for this Software.

If you purchased the licenses for this Software by executing an order form with Quest or if you have an agreement with Quest that states that all purchases are governed by such agreement, then the terms and conditions of that agreement supersedes and takes precedence over the Software Transaction Agreement.

I agree to the above.

Filter by Version or Model (Choose different product)

Notifications & Alerts

Quest Support Product Advanced Notification — Change Auditor auditing events more

Quest Support Product Release Notification — Change Auditor 6.9.5 more

Subscribe to product RSS feed and receive the latest Knowledge Articles, New Release Notifications and Product.

Video Tutorials

Knowledge Articles

User Forum

Technical Documentation

Notifications & Alerts

Modal title

Our technical support staff has identified the following critical information to get you started. To get the best results make sure you read through all material prior to using your Quest Product.

Below is a list of the recommended software along with any documentation that will help with the install process to bring your product to the version referenced.

Technical Support has reviewed all the support information and has identified the most popular helpful tips and how to videos or articles to ensure you get the most out of your Quest Product.

The information below represents the most common issues customers are encountering or recent resolutions to help you trouble shoot your Quest Product.

Product Life Cycle

Version	Full Support as of	Limited Support as of	Support Discontinued
7.1	6/2/2020
7.0.x	5/23/2018	6/2/2021	6/2/2022
6.9.x	11/8/2016	3/31/2019	3/31/2020
Earlier product versions not listed are considered discontinued.

The Product Support Life Cycle table above describes the phase during which products are eligible for product support and new release downloads.

As a result of Quest’s recent divestiture from Dell, Quest acquired a number of products from Dell. Some of these legacy products found on this website may still contain Dell branding. However, these products are now owned and supported solely by Quest and not Dell. Dell is not affiliated with these products or services and any services Quest provides for these products is independent of Dell.

Product Support Policies

Product Support Life Cycle Policy

The Product Support Life Cycle describes the phases during which our products are eligible for patches (fixes), support and downloads from the Support Portal.

It is our policy to provide support and fixes in current versions of our products when you are under a current support agreement. Fixes to older versions are at our discretion. We strive to put resources behind the most recent product releases in order to continually improve and enhance the value of our solutions.

We will attempt to answer questions on older versions of our products provided resources are available; however, if you are using a discontinued version, we encourage you to upgrade to the currently supported version of the product.

Our usual support policy is to provide support on both the current (n) and prior (n-1) versions of our products. Refer to the product life cycle table on your Product Support page or Knowledge Base for specific supported versions of your product.

Full Support

Product is fully supported, generally available release/version.
The most current released version of a product and one or more prior releases are included.
Enhancement requests for this release are accepted and may be considered for future releases.
Maintenance releases and/or hot fixes are periodically made available for this release.
Release or version is fully supported by both Support and Development.
Release or version is available for download from Support Portal 1 .

Limited Support

Support is available for this release/ or version, and we use best efforts to provide known workarounds or fixes.
No new code fixes will be generated except under extreme circumstances and at our discretion.
Enhancement requests are not accepted.
You are encouraged to plan an upgrade to a release or version on full support.
Release or version is available for download from the Support Portal 1 .

Discontinued

Includes release or versions that are retired or discontinued.
No new patches or fixes will be created for this release.
Release is not available for download from the Support Portal 1 .
Support will be provided to assist with upgrading to a supported version.
Support is not obligated to provide assistance on this version of the product.

Continuing Support

If you are unable to upgrade or migrate your product prior to its end-of-life, we offer a Continuing Support service to provide you with one year of limited support beyond your software’s end-of-life or end-of-support date. Continuing Support is not guaranteed on every product:

Annual software maintenance contract must be renewed.
This includes uninterrupted access to technical support via phone, online and chat.
Support Engineers will provide known workaround solutions and fixes.
Fee-based service available on selected products.

1 Certain software released prior to November 1, 2016 may not be available for download. Quest’s recommendation is to retain a local copy of all software on site for back up

Appliance Warranty

For solutions that include an appliance, if we determine a hardware part needs to be replaced, a replacement part is delivered to your location based on the terms of your agreement. Regardless of the service response level purchased, some component parts are specifically designed for easy removal and replacement and are designated as Customer Replaceable (CR). If during the diagnosis we determine that a service request can be resolved with a CR designated part, we ship the part to you. If the part is not designated as CR, we provide on-site parts replacement during the next business day or within four business hours based on the service level you purchased.

Acquired Support

We recognize that certain support offerings and policies may change as the acquired company is fully integrated into the Quest® Support organization. Our goal is to make sure the continuity of services remains as synergistic as possible during this time. To help during the transition, we provide information and links about recent acquisitions on our Support Portal. For questions or support for a product that we have recently acquired, contact Customer Service using the numbers listed on the Contact Support page on our Support Portal.

Product Enhancements

Product Enhancements

If you are interested in submitting product enhancement requests, you can do so by creating a case with support. When we receive a product enhancement request, the Support Engineer will work to define and clearly document the request. Once documented, the request will be submitted into the enhancement review system, the identification number will be provided to the submitter, and the support case will be closed.

Product Management will review the open enhancement requests on a periodic basis and consider them for inclusion in a future product release. Product enhancements will not be considered or implemented in current or prior product releases. There is no guarantee that a specific enhancement request will be implemented in a future version of our product. It is at our discretion if a certain enhancement will be offered for an additional charge or as a chargeable option.

Product Defects

If your issue is determined to be a defect in the product, it is recorded in our defect tracking system, a unique Defect Identifier (ID) will be provided to you and the support case will be closed. Notifications of new product releases will be emailed to you as long as you who have configured your profile to receive product notifications. Release Notes for new releases of products will contain the list of Defect Identifiers that were addressed in the release. You can review the release notes or search the Knowledge Base on the Support Portal using your Defect Identifier to see if the issue has been addressed. We do not guarantee that all defects identified will be fixed in a future release of the product.

Product Licensing

Our products have license keys generated for your use. Some products require a new license key when upgrading to a new release and/or patch. We recommend that prior to any migration or upgrade of our products, new licenses are confirmed as functioning properly because some license keys are machine and machine name specific.
If you have questions about licensing of a product, complete the form available on our Support Portal Licensing Assistance page. A licensing representative will respond to your query within 24 hours.

Support for Trial Users

We offer software trials on selected products for evaluation purposes. Support for trial users is limited to 30 days from the registration date. Service Requests for your trial software may only be submitted during the first 30 days of your testing period.

Additional Services

Addtional Services

There may be times when additional resources are required to solve your case. We can work with Quest Services to ensure a reliable handoff of your issue.

Quest Services for your solutions

Quest® adoption services ensure your IT staff is effectively using your solution to its fullest potential. Quest deployment services help you quickly install and configure your product properly.

Quest software-enabled services combine the strengths of our proprietary software, tools and domain expertise to reduce complexity, demands on your IT staff and costs. Quest Services help you:

Experience faster time to value.
Get a customized solution to meet your unique business needs.
Quickly and properly deploy your solution.
Reduce risk and uncertainty.
Overcome internal resource constraints.

Support Policy on Customizations

A customization indicates functionality and configurations added to a Quest® product that are not provided as part of the standard generally available product release and, as such, would be outside the scope of the support and maintenance services provided herein. Customizations can include new or modified scripts used within or alongside our products as well as additional functionality,such as custom reports, dashboards,rules and automated actions, developed by you, your partners or our services organization.

Support and Customizations

Technical support does not perform or maintain customizations. The design and development of customizations to our products is your responsibility. Assistance from technical support is limited to helping ensure that the product’s functionality, which enables the addition of customizations, is functioning as expected. Alternatively, you may obtain guidance through product-specific support sites or the Support Portal Knowledge Base.

Advanced Assistance

If more thorough and detailed assistance is needed to design and develop customizations, we recommend that you engage our Quest Services organization or fully certified partners to assist. Their expertise in designing customized solutions will ensure that you receive maximum value and product adoption. In addition to providing post-implementation expert services, Quest Services also offers a variety of prepackaged customizations for products that may meet your specific requirements

Educational Services

We recommend that you obtain appropriate product training before attempting to design, develop and implement any customization to our products. Our training courses will equip you with the necessary knowledge and ability to design and implement effective changes to our products. For more details on the training services available, refer to the Quest Educational Services section.

Maintaining Customizations

Careful consideration should be given to all customizations during future migration or upgrade exercises to new product or platform versions. Customizations could inhibit the upgrade itself and may require a level of rework to continue functioning properly. Technical support does not take ownership for any customizations. We strongly encourage you to document and maintain records on any implemented customization work. These records can be useful in determining whether problems are caused by customization or are a defect in the core product.

Support Policy on Virtualization

Our products leverage the binary compatibility offered through virtualization technologies, which provide complete transparency to the operating systems and applications deployed. As a result, for all service requests received where the product is being used in a virtual environment, we assume that the problem is common to both native and virtual operating environments and that we require you to recreate the problem in a native environment if and when there is reason to believe that the problem is unique to the virtual environment itself.

From a purely functional perspective, our products operate in exactly the same way; however, we can make no guarantees with respect to performance or scalability in a virtualization environment running multiple virtual instances. Configuration aspects, such as CPU, memory availability, I/O subsystem and network infrastructure, can all influence such a deployment, which should be given careful consideration to ensure that the virtual layer has the necessary resources available to provide a satisfactory user experience.

Support Policy on Readiness for Third Party Platforms and Technologies

We provide full details of all systems requirements, together with platform and third-party product versions supported on our products, in the release notes published for each product. These include operating system versions, service-pack levels, mail clients or server versions, database versions, browsers and other related technology supported, as well as which particular version level our products have been formally tested and certified to run against. The support of future platform versions, new service packs and other related technologies is generally taken into consideration and addressed during the regular product maintenance and release cycles of our products. Contact Quest® Support if you have questions regarding the current support status of any product and a particular related platform, patch or third-party product support not explicitly documented in our release notes, and we will provide collaborative assistance with the product in question.

For more information about the latest third-party platforms and versions supported, review the system requirements section of the release notes for your product or search the Knowledge Base on our Support Portal. Please note that while we do not directly or officially support third-party software, we work closely with many other providers to ensure that you receive the best possible service at all times.

Software Transaction Product Agreement

Regional software license agreement applicable to your use of the software is available below (including software preinstalled on hardware or made available to you by download, disk media or otherwise, at no additional cost).

Click here to find your regional agreement.

Vulnerability Reporting

A security vulnerability is a flaw or weakness in the design, implementation, operation or management of a product or service that could be exploited to violate the system’s security policy. To protect businesses and organizations worldwide, it is critical that the broader community of IT and security professionals report potential vulnerabilities as soon as they are recognized. This allows industry experts to take appropriate action to resolve any vulnerability that is discovered.

Click here to review Vulnerability Reporting information.

Click here to review Vulnerabilty Reporting Acknowledgements.

Источник

Changeauditor for windows file servers