- Exchange Management
- Public Folder Management
- BlackBerry Management
- Active Directory Management
- Systems Governance
-
Data Governance
- Browse Sample Reports
- Calculate ROI
- Feature Explorer
- Arrange for a Demo
- Request a Free Trial
- Ask a Question
- Resource Library
- Contact Us
|
|
StealthAUDIT for Active Directory
product function and scope
StealthAUDIT for Active Directory is an extension to the StealthAUDIT
Core application that focuses specifically on information gathering
around AD and its interaction with the environment it controls.
As the authentication and authorization hub of any enterprise, Active
Directory touches almost everything in the environment and thus is an
extensively rich source of information regarding everything from a
user’s phone number to the policies enforced on an individual
machine. StealthAUDIT contains numerous Data Collectors, Jobs,
Queries, and Reports out of the box to provide administrators with the
information needed to manage AD effectively and efficiently.
architecture
Shown below is the architecture for StealthAUDIT and descriptions of these components.
| |
Core engine
– This is the primary StealthAUDIT program. It can be run in a
graphical (see Management Console below) or non-graphical mode to
collect data, invoke actions and analysis processes, and generate
reports. This flexibility permits it to be run either interactively or
on a scheduled basis.
Management console
– This is a Windows based UI application (currently embedded in the
Core engine – see above) that permits the intuitive administration of
the product and visualization of the system configuration and output
results.
Database – This is a SQL Server
based database that can reside on the same or different machine from
the StealthAUDIT Console application.
Data Collector
– DC’s are dynamically loaded libraries that can be “plugged in” to a
StealthAUDIT installation to expand its functionality for additional
data collection techniques. Data collectors are implemented with
graphical configuration interfaces that use inherent knowledge of the
sources for these system properties coupled with “selection by example”
techniques and logical element groupings. This implementation empowers
administrators to compose and run queries in minutes that would take
hours or days to script effectively.
Job
– StealthAUDIT Jobs are executable entities that contain all
configuration elements required to collect, filter, transform and store
result data and generate reports against that data. This encapsulation
provides for easy packaging and distribution of configured sets of
functionality.
|
StealthAUDIT for Active Directory contains four (4) AD-specific Data Collectors covering every area of AD data discovery.
- Active Directory Data Collector
- Provides
the ability to query objects published in AD including Domains, OUs,
Groups, Users, Computers, Shared Folders, Printers, and Contacts.
- Group Policy Object Data Collector
- Provides the ability to report on local and domain policy settings enforced on the target hosts.
- LDAP Data Collector
- Can
be used to view and query the contents of any LDAP databases including
Active Directory, Exchange V5.5’s directory, or any other LDAP
directory. Includes the ability to set wildcards and filters for
specific object types.
- DNS Data Collector
- Provides the ability to report on DNS Records and Configuration Properties.
All four Data Collectors leverage LDAP calls over RPC to gather the
desired information just as any remote Microsoft management solution
would, in an easy-to-use interface with point-and-click property
selection and granular scoping capabilities.
operational flow
The following steps represent the sequence of processing of the StealthAUDIT for Active Directory product:
- Initial device discovery is run for the environment to provide a list of target systems for auditing.
- Jobs are selected from the SMP Instant Job Library, pre-configured Instant Solutions, or are created by the customer for inclusion in the Job tree.
- Jobs are targeted to scan the appropriate systems or Host Lists from the discovered environment.
- Jobs are either run interactively (On Demand) or are scheduled from the SMP Console to be run (once or repetitively).
- When the Job executes, it performs:
- Data Collection
- Change Detection Processing (if configured)
- Data Analysis Tasks (if present), including data transformation, view creation, and rules processing
- Associated Report Generation and Publishing
- Notification (if configured)
implementation and scaling
The use of StealthAUDIT for Active Directory will automate manual
tasks, increase the efficiencies and capabilities of administrators,
and virtually eliminate the need for everyday scripting and script maintenance.
StealthAUDIT for Active Directory has proven to:
- Quickly and accurately determine Advanced Security Rights to ensure highly secure systems.
- Determine “WHO MADE THE CHANGE” to both configuration items and security access rights.
- Detect configuration changes to mitigate miscommunications and errors between systems.
- Reduce Help Desk traffic through automated detection of locked-out users and password violations.
- Determine Resultant Set of Policy through analysis of conflicts between Local and Domain policies.
- Remediate and perform Bulk Administration tasks with ease.
|
|
