Chat now with support
Chat mit Support

Change Auditor 7.1.1 - Whats New

What's New in Change Auditor 7.1.1 What's New in Change Auditor 7.1 What's New in Change Auditor 7.0.4 What's New in Change Auditor 7.0.3 What's New in Change Auditor 7.0.2 What's New in Change Auditor 7.0.1 What's New in Change Auditor 7.0 What's New in Change Auditor 6.9.5 What's New in Change Auditor 6.9.4 What's New in Change Auditor 6.9.3 What's New in Change Auditor 6.9.2 What's New in Change Auditor 6.9.1 What's New in Change Auditor 6.9

SIEM tool integration improvements
Ability to send the rich events gathered by Change Auditor to a Syslog server.
Events to monitor changes to syslog subscriptions have been added:
Syslog subscription added
Syslog subscription modified
Syslog subscription removed

Ability to audit and protect the Active Directory Database

Ability to audit and protect the Active Directory Database

Change Auditor allows you to monitor the Active Directory database (NTDS.dit) file for possible unauthorized access attempts. When configured, Change Auditor can also prevent copying and other tampering attempts on the Active Directory database (NTDS.dit) file.

Extraction of this file could lead to parsing of usernames and passwords resulting in a security breach. The ability to audit changes to this file reduces the risk of the user account information from being accessed and tampered with by unwanted processes or users.

The following events have been added:

Active Directory database file access rights changed
Active Directory database file accessed
Active Directory database file attribute changed
Active Directory database file auditing changed
Active Directory database file central access policy changed
Active Directory database file classification changed
Active Directory database file created
Active Directory database file deleted
Active Directory database file last write changed
Active Directory database file moved
Active Directory database file ownership changed
Active Directory database file renamed
Failed Active Directory database access (Sharing violation)
Failed Active Directory database access (Change Auditor Protection)
Failed Active Directory database access (NTFS permissions)

The following built-in searches have been added:
All Active Directory Database Events under Shared | Built-in | All Events
Active Directory Database Events in last 30 days under Shared | Built-in | Security | Domain Controller Security
GDPR - Active Directory Database Events in last 30 days under Shared | Built-in | Regulatory Compliance |GDPR |Audit and Accountability | Active Directory
GDPR 32 - Active Directory Database Events in last 30 days under Shared | Built-in | Regulatory Compliance |GDPR |Security of Processing (32) | Active Directory

Ability to audit Active Directory Federation Services

Change Auditor allows you to monitor the Active Directory Federation Services login activity and configuration changes once an Active Directory Federation Services auditing template has been created and assigned to the appropriate agent.
The following events have been added:
* 
NOTE: A Change Auditor Logon Activity license is required to capture the sign-in events; Change Auditor for Active Directory license is required to capture the configuration changes events.
Successful Active Directory Federation Services sign-in
Failed Active Directory Federation Services sign-in
Additional authentication methods changed
Additional authentication method registered
Additional authentication method unregistered
Allow additional authentication providers as primary setting changed
Extranet authentication methods changed
Intranet authentication methods changed
Relying Party Trust added
Relying Party Trust changed
Relying Party Trust deleted
Relying Party Trust disabled
Relying Party Trust enabled
Active Directory Federation Services auditing template added
Active Directory Federation Services auditing template disabled
Active Directory Federation Services auditing template enabled
Active Directory Federation Services auditing template removed
Active Directory Federation Services auditing template added to agent configuration
Active Directory Federation Services auditing template removed from agent configuration
Active Directory Federation Services sign-ins auditing enabled
Active Directory Federation Services sign-ins auditing disabled
Active Directory Federation Services configuration changes auditing disabled
Active Directory Federation Services configuration changes auditing enabled
The following built-in searches have been added:
All Active Directory Federation Services sign-ins in the last 24 hours under Shared | Built-in | Active Directory Federation Services
All Successful Active Directory Federation Services sign-ins in the last 24 hours under Shared | Built-in | Active Directory Federation Services
All Failed Active Directory Federation Services sign-ins in the last 7 days under Shared | Built-in | Active Directory Federation Services

Foreign forest support

The following is supported in environments where a coordinator does not exist in the foreign forest where agents are deployed:
Ability to audit foreign forests by member of group.
Ability to search foreign forest by member of group using the Who criteria.
Ability to search foreign forest by member of group using the What criteria.
Ability to expand foreign forest groups by Group Membership Expansion.
Ability to audit Exchange mailboxes with an agent in the foreign forest.
Ability to exclude events generated by foreign forest accounts with account exclusion.
Ability to specify group Managed Service Account to be used for foreign forest agent to establish a coordinator connection.
Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen