Tchater maintenant avec le support

Obtenir une aide instantanée
Terminer l’enregistrement

Se connecter

Demander les tarifs

Contacter le service des ventes

Change Auditor 7.2 - Whats New

Parcourir le contenu

What's New in Change Auditor 7.2

Cyber security enhancements Certificate authentication for Office 365 Active Directory Federation Services auditing enhancements Foreign forest support Additional events Additional platform support Miscellaneous features and enhancements

What's New in Change Auditor 7.1.1

Additional Office 365 Exchange Online mailbox events Enhanced security auditing Search enhancements SIEM tool integration improvements Ability to audit and protect the Active Directory Database Ability to audit Active Directory Federation Services Foreign forest support Authentication enhancements Additional platform support Miscellaneous features and enhancements

What's New in Change Auditor 7.1

Azure Active Directory and Office 365 updates Active Directory updates Foreign forest support On Demand Audit integration updates Authentication and Logon activity updates Additional platform support Miscellaneous features and enhancements

What's New in Change Auditor 7.0.4

Foreign forest support Additional internal events Azure Active Directory and Office 365 updates Threat Detection enhancements SIEM subscription updates and enhancements Additional platform support Miscellaneous features and enhancements

What's New in Change Auditor 7.0.3

Change Auditor and On Demand Audit integration Azure Active Directory and Office 365 enhancements Threat Detection enhancements Additional internal events Additional platform support Miscellaneous features and enhancements

What's New in Change Auditor 7.0.2

Threat Detection updates and enhancements SIEM subscription updates and enhancements Additional PowerShell commands Ability to search based on authentication type and port Enhanced security between Change Auditor components (FIPS compliance) Azure Active Directory and Office 365 enhancements Additional platform support Miscellaneous features and enhancements

What's New in Change Auditor 7.0.1

GDPR built-in reports SIEM tool integration improvements Azure Active Directory auditing improvements Active Directory auditing improvements Improved tracking of changes to searches Additional platform support Email alert improvements Office 365 Exchange Online search improvements Miscellaneous enhancements and updates

What's New in Change Auditor 7.0

Updated license format Ability to forward event to third party tools Enhanced data security between the SQL Server and the coordinator Ability to manage Active Directory protection with PowerShell commands Ability to identify Read-Only Domain Controllers Search enhancements New built-in searches Additional platform support Miscellaneous enhancements and updates

SIEM subscription updates and enhancements

The following features have been added to improve your SIEM tool integrations:

•

Ability to modify the subsystems included in a SIEM subscription.

•

Ability to encrypt QRadar subscriptions with TLS/SSL.

•

Ability to include and display the raw JSON event details provided by Microsoft for Office 365 and Azure Active Directory events.

•

Ability to forward events to Quest IT Security Search (Preview mode).

Additional PowerShell commands

The following commands are available to help you manage your Change Auditor deployment:

Table 1. PowerShell commands

Assign, remove, and get an auditing template for a Change Auditor configuration.

•

Add-CATemplateToConfiguration

•

Remove-CATemplateFromConfiguration

•

Get-CAConfigurationTemplates

Assign an auditing configuration to a Change Auditor agent.

•

Set-CAAgentConfiguration

•

Invoke-CASearch

Manage Windows file system auditing.

•

New-CAWindowsFSAuditObject

•

New-CAWindowsFSAuditTemplate

•

Remove-CAWindowsFSAuditTemplate

•

Set-CAWindowsFSAuditTemplate,

•

Get-CAWindowsFSAuditTemplates

•

Get-CAWindowsFSEventClassInfo

Create and manage a Quest IT Security Search event subscription.

These commands are in preview mode for this release.

•

New-CAITSSEventSubscription

•

Get-CAITSSEventSubscriptions

•

Set-CAITSSEventSubscription

•

Remove-CAITSSEventSubscription

Ability to search based on authentication type and port

For Active Directory, AD Query, and Exchange events, you can search events based on the authentication type and port. By default, All Transports is selected indicating that all events regardless of the transport protocol used are included in the search. However, you can clear the All Transports option and select individual options. The transport options available are:

•

All Transports - select to include all events regardless of the transport protocol used (Default)

•

SSL/TLS - select to include LDAP operation or LDAP queries that are secured using SSL or TLS technology

•

Kerberos- select to include LDAP operation or LDAP queries that are signed using Kerberos-based encryption

•

Simple Bind - select to include LDAP operation or LDAP queries that are secured using simple bind authentication (neither SSL\TLS or Kerberos used)

•

Port - select to identify a specific port used for communication

Enhanced security between Change Auditor components (FIPS compliance)

FIPS compliant practices are implemented in Change Auditor wherever possible. The following subsystems guarantee FIPS compliant communications:

•

Active Directory

•

•

•

Windows File Server

•

•

•

•

All other subsystems are not considered completely FIPS compliant due to limitations related to handling and passing of data through communications with external products.

Documents connexes

The document was helpful.

Sélectionner une évaluation

I easily found the information I needed.

Sélectionner une évaluation

© ALL RIGHTS RESERVED. Feedback Conditions d’utilisation Confidentialité Cookie Preference Center