Security Information Management and Security Event Management for Compliance
转自http://www.quest.com/intrust/
Security Information Management and Security Event Management for Compliance
InTrust - Change Auditing and Policy Compliance for the Secure Enterprise
It has never been more important to have a system in place to watch over the biggest threats to corporate data security and compliance. Recent studies indicate that 75% of all corporate intellectual property is being transmitted via email. InTrust helps by securely collecting, storing, reporting and alerting on heterogeneous event data to meet the needs of external regulations, internal policies, and security best practices.
Today’s Challenge
The reason that your CFO isn't sleeping at night is all about corporate data security and compliance. Maintaining a secure and well-managed infrastructure that provides critical network resources has historically been a challenge to IT organizations, and now is even worse:
- No organization is a totally homogeneous Microsoft shop – and having multiple platforms to support causes complexity;
- Storing user activity data can quickly become expensive;
- Data management now carries compliance requirements that provide the reasonable assurance that the data you have can be trusted in a court of law;
- Change happens. Without awareness of all the necessary detail behind changes to critical Active Directory and Group Policy objects, such as who made the change and the before and after values, organizations cannot efficiently detect and react to unwanted change to rights and objects;
- Knowing when violations to security policies occur is not possible through native means, raising the risk of significant damage to your network and information assets; and finally
- Your organization is filled with key stakeholders with different agendas. Meeting the reporting needs of these various information consumers, and putting all the information together, can be a manual and time consuming process.
Today’s Solution
InTrust is the only single solution in the market that addresses each of these concerns. InTrust delivers its functionality through both modular functionality delivered by Plug-in's as well as through core Knowledge Packs. For customers who require advanced levels of auditing for their strategic Microsoft environment, Quest offers the additional modular functionality via InTrust Plug-ins for:
Exchange
- The InTrust Plug-in for Exchange (includes non-owner mailbox access and activity)
Active Directory
- The InTrust Plug-in for Active Directory (includes AD and GPO change auditing)
File Access
- The InTrust Plug-in for File Access (includes file/object access and permission changes)
These Plug-ins provide additional benefit by enabling organizations to audit these respective business critical applications in a more detailed manner. Local agents are able to audit and report on detailed activity and changes not available in the native Windows logs.
InTrust delivers it's core functionality via Knowledge Packs, which collect, store, report and alert on activity from the following:
| Windows |
Solaris |
| Linux (Redhat and SuSe) |
Firewalls (Checkpoint Firewall-1 and Cisco PIX) |
| Microsoft Excel |
SQL Databases |
| Oracle Databases |
Microsoft Internet Security and Acceleration Server (ISAS) |
| Quest ActiveRoles Server |
AIX 5L |
| Identity Lifecycle Manager (ILM) |
Free Webcasts!
Through 2010, organizations that select individual solutions for regulatory challenges will spend 10 times more on the IT resources for them than companies that take a more proactive, integrated approach. Quest can show you how to reduce cost and complexity in your compliance initiatives. Listen to one of our educational free Webcasts to find out more.
Key to Compliance
InTrust helps you achieve regulatory compliance by monitoring access to critical systems and helping you detect inappropriate or suspicious access-related events. With this product, you can collect, analyze, report, and generate real-time alerts for all relevant access-related events across heterogeneous systems.
First to Know
Be the first to know what is occurring in your network through the immediate collection of audit log data. The majority of data needed to complete an investigation is gone within an hour, so you need a way to gather that data immediately in order to conduct a complete forensic investigation.
Be Reliable
Rest assured that the audit log data you are receiving is complete, accurate and tamper proof. Knowing you have authentic data is invaluable when making critical business decisions and makes your decisions spot-on.
First to Act
Be the authoritative source as you walk into your boss’ office with key information about a compromise to your company’s systems and policies, providing him or her with information they can make sense of. This valuable information can be used to make immediate decisions because the output provided needs no explanation from IT.
Increase Uptime
Actively looking at all activity on the network in a consolidated view decreases the chances of a violation to corporate policy and, therefore, increases uptime. Making sure your policies and procedures are followed increases the performance of your network and the organization’s employees.
How do we accomplish all this? Click here to find out.
Getting Started
- Check out the free technical brief titled: Understanding Compliance from an IT Point of View
- Check out your free evaluation version of InTrust. Be sure to also download InTrust Audit Advisor while you are there, and also look at InTrust for Databases.
- Learn how to baseline, track and alert on access to critical data with Compliance Suite for Windows.
- PCI Compliance issues? Learn how Quest can help.
- Listen to the Compliance Lifecycle solution webcast now