Chat now with support

Get Live Help
Complete Registration

Sign In

Request Pricing

Contact Sales

Quest has tools and processes in place to identify, protect, detect, and remediate vulnerabilities and incidents when they occur, including external security partners. As part of our standard security operations, Quest does not use CrowdStrike in any of our operations. We are reviewing our third parties, and so far, there is minimal affect. It is Quest's policy not to provide further technical details unless they directly impact customer data.

Change Auditor 7.4 - Whats New

Table of Contents

What's New in Change Auditor 7.4

Support for modern authentication PowerShell enhancements Performance improvements Integration with Quest Security Guardian Additional platform support Miscellaneous features and enhancements

What's New in Change Auditor 7.3

SQL Extended Events auditing (Preview) Active Directory Database auditing enhancements Active Directory Database protection enhancements Event forwarding to Microsoft Sentinel Security improvements Logon Activity auditing enhancements PowerShell improvements Subscription failover support Additional platform support Miscellaneous features and enhancements

What's New in Change Auditor 7.2

Cyber security enhancements Certificate authentication for Office 365 Active Directory Federation Services auditing enhancements Foreign forest support Additional events Additional platform support Miscellaneous features and enhancements

What's New in Change Auditor 7.1.1

Additional Office 365 Exchange Online mailbox events Enhanced security auditing Search enhancements SIEM tool integration improvements Ability to audit and protect the Active Directory Database Ability to audit Active Directory Federation Services Foreign forest support Authentication enhancements Additional platform support Miscellaneous features and enhancements

What's New in Change Auditor 7.1

Azure Active Directory and Office 365 updates Active Directory updates Foreign forest support On Demand Audit integration updates Authentication and Logon activity updates Additional platform support Miscellaneous features and enhancements

What's New in Change Auditor 7.0.4

Foreign forest support Additional internal events Azure Active Directory and Office 365 updates Threat Detection enhancements SIEM subscription updates and enhancements Additional platform support Miscellaneous features and enhancements

What's New in Change Auditor 7.0.3

Change Auditor and On Demand Audit integration Azure Active Directory and Office 365 enhancements Threat Detection enhancements Additional internal events Additional platform support Miscellaneous features and enhancements

What's New in Change Auditor 7.0.2

Threat Detection updates and enhancements SIEM subscription updates and enhancements Additional PowerShell commands Ability to search based on authentication type and port Enhanced security between Change Auditor components (FIPS compliance) Azure Active Directory and Office 365 enhancements Additional platform support Miscellaneous features and enhancements

What's New in Change Auditor 7.0.1

GDPR built-in reports SIEM tool integration improvements Azure Active Directory auditing improvements Active Directory auditing improvements Improved tracking of changes to searches Additional platform support Email alert improvements Office 365 Exchange Online search improvements Miscellaneous enhancements and updates

What's New in Change Auditor 7.0

Updated license format Ability to forward event to third party tools Enhanced data security between the SQL Server and the coordinator Ability to manage Active Directory protection with PowerShell commands Ability to identify Read-Only Domain Controllers Search enhancements New built-in searches Additional platform support Miscellaneous enhancements and updates

Ability to audit Active Directory Federation Services

Change Auditor allows you to monitor the Active Directory Federation Services login activity and configuration changes once an Active Directory Federation Services auditing template has been created and assigned to the appropriate agent.

•

The following events have been added:


	NOTE: A Change Auditor Logon Activity license is required to capture the sign-in events; Change Auditor for Active Directory license is required to capture the configuration changes events.

•

Successful Active Directory Federation Services sign-in

•

Failed Active Directory Federation Services sign-in

•

Additional authentication methods changed

•

Additional authentication method registered

•

Additional authentication method unregistered

•

Allow additional authentication providers as primary setting changed

•

Extranet authentication methods changed

•

Intranet authentication methods changed

•

Relying Party Trust added

•

Relying Party Trust changed

•

Relying Party Trust deleted

•

Relying Party Trust disabled

•

Relying Party Trust enabled

•

Active Directory Federation Services auditing template added

•

Active Directory Federation Services auditing template disabled

•

Active Directory Federation Services auditing template enabled

•

Active Directory Federation Services auditing template removed

•

Active Directory Federation Services auditing template added to agent configuration

•

Active Directory Federation Services auditing template removed from agent configuration

•

Active Directory Federation Services sign-ins auditing enabled

•

Active Directory Federation Services sign-ins auditing disabled

•

Active Directory Federation Services configuration changes auditing disabled

•

Active Directory Federation Services configuration changes auditing enabled

•

The following built-in searches have been added:

•

All Active Directory Federation Services sign-ins in the last 24 hours under Shared | Built-in | Active Directory Federation Services

•

All Successful Active Directory Federation Services sign-ins in the last 24 hours under Shared | Built-in | Active Directory Federation Services

•

All Failed Active Directory Federation Services sign-ins in the last 7 days under Shared | Built-in | Active Directory Federation Services

Foreign forest support

The following is supported in environments where a coordinator does not exist in the foreign forest where agents are deployed:

•

Ability to audit foreign forests by member of group.

•

Ability to search foreign forest by member of group using the Who criteria.

•

Ability to search foreign forest by member of group using the What criteria.

•

Ability to expand foreign forest groups by Group Membership Expansion.

•

Ability to audit Exchange mailboxes with an agent in the foreign forest.

•

Ability to exclude events generated by foreign forest accounts with account exclusion.

•

Ability to specify group Managed Service Account to be used for foreign forest agent to establish a coordinator connection.

Authentication enhancements

The following authentication options are supported through the client and PowerShell:

•

Certificate authentication when the client and coordinator exist in environments where NTLM restrictions are in place.

•

Azure Active Directory authentication when the Change Auditor database resides on an Azure SQL Managed Instance.

Additional platform support

The following support has been added:

•

Microsoft Exchange Server 2016 CU16, CU17, and CU18

•

Microsoft Exchange Server 2019 CU5, CU6, and CU7

•

Azure SQL Managed Instance (PaaS) with SQL authentication or Azure Active Directory authentication for Change Auditor coordinator

•

Azure SQL Managed Instance (PaaS) with SQL authentication for Change Auditor client

•

Microsoft SQL Server 2017 and 2019 for Skype for Business auditing

•

Windows Server 2016 ADFS

•

Windows Server 2019 ADFS

•

Fluid File System 6.0.4

•

•

CEE 8.7.7 for EMC auditing

•

Dell Storage Manager 18.1 and 19.1

•

•

•

•

The following support has been removed:

•

Windows Server 1803 Server Core

•

Windows 8 for the client and workstation agent

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating

© ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center