Chat now with support
Chat with Support

Change Auditor 7.2 - Whats New

What's New in Change Auditor 7.2 What's New in Change Auditor 7.1.1 What's New in Change Auditor 7.1 What's New in Change Auditor 7.0.4 What's New in Change Auditor 7.0.3 What's New in Change Auditor 7.0.2 What's New in Change Auditor 7.0.1 What's New in Change Auditor 7.0

SIEM subscription updates and enhancements

The following features have been added to improve your SIEM tool integrations:

Additional PowerShell commands

The following commands are available to help you manage your Change Auditor deployment:

Assign, remove, and get an auditing template for a Change Auditor configuration.

Assign an auditing configuration to a Change Auditor agent.

Run a search.

Manage Windows file system auditing.

 

Create and manage a Quest IT Security Search event subscription.

These commands are in preview mode for this release.

Ability to search based on authentication type and port

For Active Directory, AD Query, and Exchange events, you can search events based on the authentication type and port. By default, All Transports is selected indicating that all events regardless of the transport protocol used are included in the search. However, you can clear the All Transports option and select individual options. The transport options available are:

All Transports - select to include all events regardless of the transport protocol used (Default)
SSL/TLS - select to include LDAP operation or LDAP queries that are secured using SSL or TLS technology
Kerberos- select to include LDAP operation or LDAP queries that are signed using Kerberos-based encryption
Simple Bind - select to include LDAP operation or LDAP queries that are secured using simple bind authentication (neither SSL\TLS or Kerberos used)
Port - select to identify a specific port used for communication

Enhanced security between Change Auditor components (FIPS compliance)

FIPS compliant practices are implemented in Change Auditor wherever possible. The following subsystems guarantee FIPS compliant communications:

All other subsystems are not considered completely FIPS compliant due to limitations related to handling and passing of data through communications with external products.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating