| |
Home > Products > In Focus
|
In Focus: Monitoring and Auditing
Proactively monitor your computer networks and effectively provide accurate, relevant information to auditors - these are two of the key benefits deliver by FoxT Enterprise Access Controls Management. The features that provide these benefits are outlined below.
Centralizing Security Events and Configuration Data
All FoxT Enterprise Access Controls Management solutions - BoKS Access Control for Applications, BoKS Access Control for Desktops and BoKS Access Control for Servers - propagate security events information to the shared security server.
The security server also has a central repository for access rules - information about users and user-roles and what access rights they have been granted.
This combination of 1) data about effective user privileges 2) actual access and 3) errors or irregular events detected by file monitoring or integrity checking features provides auditors and security administrators alike with a wealth of information about the security status of the network.
FoxT Enterprise Access Controls Management comes with a separate reporting module that extracts data from the security server's rules configuration as well as the audit logs. This information is categorized and ordered in a separate SQL database. A number of standard reports are delivered with FoxT Enterprise Access Controls Management but any SQL-enabled report generator can be used as well.
Alarms
Messages forwarded for centralized logging on the security server can be filtered for real-time alarms. Specific events can thus be captured and used to generate email, text or pager messages to be sent to administrators. This way, the FoxT Enterprise Access Controls Management monitoring capabilities can also be used for real-time network monitoring.
Keystroke Logging
Servers with sensitive data may require extra auditing. For some operations it is necessary to delegate administrator privileges to non-privileged users. The privileges may be required for specific tasks, for instance database maintenance, but can be misused for other purposes. BoKS Access Control for Servers provides key stroke logging of user sessions to further improve system auditing capabilities. Various levels of input and output data can be recorded. Key stroke logs are also consolidated on the central security server.
Application Level Logging
For application servers protected by BoKS Access Control for Applications, FoxT components are actually intercepting all traffic between client and server. Apart from normal user events, enhanced versions of these solutions are also used to capture SQL commands sent from an application to the database server.
Compliance Auditing
Organizations using FoxT Enterprise Access Controls Management have an advantage. With FoxT Enterprise Access Controls Management in place, essential steps have already been taken to enable automation of controls and data collection. FoxT customers find themselves well prepared to meet the requirements placed on their IT infrastructure by regulatory compliance, such as SOX audits.
|
|
|
