Chat now with support

Get Live Help
Complete Registration

Sign In

Request Pricing

Contact Sales

Quest has tools and processes in place to identify, protect, detect, and remediate vulnerabilities and incidents when they occur, including external security partners. As part of our standard security operations, Quest does not use CrowdStrike in any of our operations. We are reviewing our third parties, and so far, there is minimal affect. It is Quest's policy not to provide further technical details unless they directly impact customer data.

Change Auditor 7.4 - Whats New

Table of Contents

What's New in Change Auditor 7.4

Support for modern authentication PowerShell enhancements Performance improvements Integration with Quest Security Guardian Additional platform support Miscellaneous features and enhancements

What's New in Change Auditor 7.3

SQL Extended Events auditing (Preview) Active Directory Database auditing enhancements Active Directory Database protection enhancements Event forwarding to Microsoft Sentinel Security improvements Logon Activity auditing enhancements PowerShell improvements Subscription failover support Additional platform support Miscellaneous features and enhancements

What's New in Change Auditor 7.2

Cyber security enhancements Certificate authentication for Office 365 Active Directory Federation Services auditing enhancements Foreign forest support Additional events Additional platform support Miscellaneous features and enhancements

What's New in Change Auditor 7.1.1

Additional Office 365 Exchange Online mailbox events Enhanced security auditing Search enhancements SIEM tool integration improvements Ability to audit and protect the Active Directory Database Ability to audit Active Directory Federation Services Foreign forest support Authentication enhancements Additional platform support Miscellaneous features and enhancements

What's New in Change Auditor 7.1

Azure Active Directory and Office 365 updates Active Directory updates Foreign forest support On Demand Audit integration updates Authentication and Logon activity updates Additional platform support Miscellaneous features and enhancements

What's New in Change Auditor 7.0.4

Foreign forest support Additional internal events Azure Active Directory and Office 365 updates Threat Detection enhancements SIEM subscription updates and enhancements Additional platform support Miscellaneous features and enhancements

What's New in Change Auditor 7.0.3

Change Auditor and On Demand Audit integration Azure Active Directory and Office 365 enhancements Threat Detection enhancements Additional internal events Additional platform support Miscellaneous features and enhancements

What's New in Change Auditor 7.0.2

Threat Detection updates and enhancements SIEM subscription updates and enhancements Additional PowerShell commands Ability to search based on authentication type and port Enhanced security between Change Auditor components (FIPS compliance) Azure Active Directory and Office 365 enhancements Additional platform support Miscellaneous features and enhancements

What's New in Change Auditor 7.0.1

GDPR built-in reports SIEM tool integration improvements Azure Active Directory auditing improvements Active Directory auditing improvements Improved tracking of changes to searches Additional platform support Email alert improvements Office 365 Exchange Online search improvements Miscellaneous enhancements and updates

What's New in Change Auditor 7.0

Updated license format Ability to forward event to third party tools Enhanced data security between the SQL Server and the coordinator Ability to manage Active Directory protection with PowerShell commands Ability to identify Read-Only Domain Controllers Search enhancements New built-in searches Additional platform support Miscellaneous enhancements and updates

Ability to search based on authentication type and port

For Active Directory, AD Query, and Exchange events, you can search events based on the authentication type and port. By default, All Transports is selected indicating that all events regardless of the transport protocol used are included in the search. However, you can clear the All Transports option and select individual options. The transport options available are:

•

All Transports - select to include all events regardless of the transport protocol used (Default)

•

SSL/TLS - select to include LDAP operation or LDAP queries that are secured using SSL or TLS technology

•

Kerberos- select to include LDAP operation or LDAP queries that are signed using Kerberos-based encryption

•

Simple Bind - select to include LDAP operation or LDAP queries that are secured using simple bind authentication (neither SSL\TLS or Kerberos used)

•

Port - select to identify a specific port used for communication

Enhanced security between Change Auditor components (FIPS compliance)

FIPS compliant practices are implemented in Change Auditor wherever possible. The following subsystems guarantee FIPS compliant communications:

•

Active Directory

•

•

•

Windows File Server

•

•

•

•

All other subsystems are not considered completely FIPS compliant due to limitations related to handling and passing of data through communications with external products.

Azure Active Directory and Office 365 enhancements

The following enhancements have been added for Azure Active auditing:

•

Ability to enable Windows event logging for Azure Active Directory auditing.

•

Ability to use an existing Azure web application when creating an Azure Active Directory or Office 365 auditing template.

•

Additional Azure Active Directory details available for email alerts (%OWNER% (user) and %MANAGER%).

Additional platform support

The following support has been added:

•

Exchange 2016 CU12

•

Exchange 2010 RU24

•

•

•

EMC Unity 4.4.1

•

ArcSight Enterprise Security Manager (ESM)

•

IT Security Search 11.4.1

•

Windows Server 2019 for coordinator and client installations

•

Windows Server 2019 for agent installations (Active Directory, ADAM (AD LDS), Azure Active Directory, Office 365 Exchange Online, SharePoint Online and OneDrive for Business, AD Query, Skype for Business Server 2015, SQL Server, SQL Data Level, File System, Registry, Services, Local Account (Local User/Group), NetApp, Dell Fluid FS, EMC Isilon, and EMC Unity (4.4.1) auditing only)

•

Windows Server 1803 Server Core (Active Directory, File system, Registry, Services and local user and group auditing only)

•

Windows Server 1809 Server Core (Active Directory, File system, Registry, Services and local user and group auditing only)

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating

© ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center