?
Solved

Server Access Monitoring

Posted on 2004-11-30
20
Medium Priority
?
1,322 Views
Last Modified: 2012-06-21
I'm trying to find an inexpensive (if it's possible) product or maybe a built-in feature that would log what files were accessed and by whom on a Netware 6 server.

The purpose of this is to keep track of what files our users are accessing and to make sure they aren't looking at files they really shouldn't be looking at. I’m sure you are probably thinking 'Why not just remove the rights to said files?' but in our situation that isn't very feasible because there may be a time when they need to access those files at the drop of a hat and it would be a nightmare to manage who has access to what. At least for the time being.

I'm not sure if this is possible but it would be nice to find a product that would keep track of what they did, open, copy, etc. to the file as well. That sounds like something that would need to be done on the workstation.

I have looked at Nsure Audit but it's +$8,000 and that is too much for our budget.

Thanks,

Kurt
0
Comment
Question by:kurtb
  • 8
  • 5
  • 4
  • +1
20 Comments
 
LVL 34

Expert Comment

by:PsiCop
ID: 12709811
OK, NetWare 6. Is that NetWare v6.0 or NetWare v6.5? What SUPPORT PACKS, if any?

The basic auditing functions that come with NetWare should be sufficient. Have you tried them? NAAS (Novell Advanced Auditing Services) are installed by default in NetWare v6.0 - here's a link to the documentation --> http://www.novell.com/documentation/nw6p/index.html?page=/documentation/nw6p/naas_enu/data/a4fe5v6.html
0
 

Author Comment

by:kurtb
ID: 12710014
6.0 SP3 (We are either going to upgrade to 6.5 or SP5 here soon)
If it makes any difference, the servers in question are paired in a 2 node cluster.

I was told that I would have to look at Nsure Audit to do what we were wanting. Very interesting...
Are there any problems with the NAAS that comes with NW6? Any caveats?
0
 
LVL 34

Expert Comment

by:PsiCop
ID: 12710280
I'm not aware of any significant issues with NAAS, as long as you're on the latest SP (which you seem to be headed for). Altho I confess to not having actually used NAAS, so perhaps another Expert who has hands-on time with it will chime in.

I do know that NetWare v6.0 is slated for End-of-Life status in the next 12 months - so a migration to NetWare v6.5 is certainly worth your while from that perspective.
0
Prep for the ITIL® Foundation Certification Exam

December’s Course of the Month is now available! Enroll to learn ITIL® Foundation best practices for delivering IT services effectively and efficiently.

 

Author Comment

by:kurtb
ID: 12710372
Thanks PsiCop. I will look at the documentation on NAAS and see if I can set it up on a VM Netware machine.

If anyone else has any input on NAAS I would greatly appreciate it.

Actually the end result is to go to W2K3 (ick) which I'm not really too happy about but that is what the partners want to do. Luckily I think we will be able to keep eDirectory and ZENworks (which has yet to be setup)
0
 
LVL 34

Expert Comment

by:PsiCop
ID: 12715429
Yanno, there are a lot of sound business reasons to NOT migrate to Windoze. You might also spend some time collecting that data. Perhaps once the partners come to understand that such a move would roughly double their IT costs, they won't be so quick to make it. The way to head that sort of thing off is to build a clear business case against it, one that can be butressed by facts and objective data (i.e. studies NOT funded by Redmond), and demonstrate that such a migration will result in higher IT costs and a less-cost-effective IT environment.
0
 
LVL 10

Expert Comment

by:DSPoole
ID: 12720589
too bad, there is a NAAS starter kit that comes with NetWare 6.5 that would most likely suit your needs.

buuuut, you are going to have sooo much fun purchasing OTHER products to enhance your Windows network that you have gotten for free from Novell (like network undelete of files...)

0
 
LVL 35

Expert Comment

by:ShineOn
ID: 12720703
"what the partners want to do."  Sounds like a law firm.  What the partners want, they get, and they're not about to listen to recommendations from any non-lawyer - the rest of us are idiots, you know.  ;-)

If they're a profitable law firm, maybe they WANT to spend a ton on IT costs.  It's a prestige thing, sometimes...
0
 

Author Comment

by:kurtb
ID: 12721766
In the legal field, M$ is king. I have had trouble with legal software vendors say "oh, you have netware" which really $#@& me off at the time. All the legal software I have encountered wants M$.  

You are correct, what the partners want is what they get. They will listen as long as I can build a sound case and pretty much gave up doing so for Netware. Our local Novell rep wasn't even conserned about us moving to Windows and wasn't interested in fighting. According to him Novell doesn't really care what NOS you use. I will still always like Netware better because it is. We still have it so it's not so bad. The problem I find is finding products to support Netware.

Thanks.

Are there any comments on NAAS for 6.0??? Is it easy to setup, are there any cavets, things I should know, etc.
0
 
LVL 35

Expert Comment

by:ShineOn
ID: 12721903
I had the same problem with legal software vendors when I worked for a law firm.  Caused me a bit of stress, to be sure, even though I had the satisfaction of proving them wrong on several occasions.

Now that I work in Manufacturing (what I like to call "the real world") I look at it more philosophically.  I figure, let the lawyers hang themselves on the Microsoft petard.  What they'll get will serve them right.  Nothing personal ;)

In the immoral words of Bill Clinton,  Ah Feel Your Pain.
0
 
LVL 10

Expert Comment

by:DSPoole
ID: 12722153
products that support NetWare?  Take your pick!  There are TONS of them out there.

but now, you won't have a problem finding a VIRUS that supports Windows ;)

In the immoral words of Bill Clinton, "Ah am the pontification of love..."
0
 

Author Comment

by:kurtb
ID: 12722233
DSPoole: I understand where you are coming from but this wasn't the reason for the post. I can go on and on with the problems I have had with Netware and at the same time give you lists of problems with M$ products. If it was up to me I would keep Netware but the plain truth is that in the legal field Netware is getting more and more difficult to support. Word has replaced WP. Exchange and SQL is defacto standard for law firms. Legal vendors are trying to stop support for Netware. </end soap box>

I will repeat my original question one last time:

Are there any problems with the NAAS that comes with NW6? Any caveats?
and
If anyone else has any input on NAAS I would greatly appreciate it.
and
Are there any comments on NAAS for 6.0??? Is it easy to setup, are there any cavets, things I should know, etc.

(This would be the NAAS that comes with NW6.0)

Thank you.
0
 
LVL 34

Accepted Solution

by:
PsiCop earned 1300 total points
ID: 12726120
kurtb,

As I've indicated in my previous responses, I think NAAS will fit your bill, but I lack the hands-on experience with that particular product to warn of you specific issues.

To step up on my own

<soapbox>
What does Word replacing WP have to do with the OS in your server room? Not a thing, when you think about it.

Redmond wants you to believe that Exchange is a "de facto standard", but if you look past the marketing hype, you'll find more and more companies and industries disenchanted with its high cost-of-ownership (Gartner estimates it at about $12 per mailbox per month; versus $4 per mailbox per month for GroupWise - how does the Managing Partner plan to explain choosing an E-Mail system that costs 3 times as much to own yet delivers no additional business funtionality) and vulnerability to every virus that comes across the 'Net (thanks to the foolish use of IE as the HTML renderer in LookOut!).

Go get the "Westvaco Financial Corp" Case Study from Gartner -  WFC migrated from Novell's products to Redmond's, and their hardware costs alone TRIPLED. Overall, their IT spending rose more than 40%, yet they got no additional services or business advantage.

Novell's products will give you CHOICES - you're not going to get those from Redmond. Choices will give your law firm adaptability, and the wherewithal to respond quickly to changing business needs. By 1H2005, many of the services you associate with NetWare will be available on EITHER a Linux kernel OR a "traditonal NetWare" kernel (like what's in v6.5). You can CHOOSE what fits your environment best, rather than being stuck with what benefits Redmond's back account best. You can adapt your IT environment rapidly to changing needs and integrate bost-of-breed solutions, rather than waiting on Redmond to maybe get that product you needed 6 months ago out the door by next year. How long was Windoze NT v5.0 delayed? So long they ended up calling it WIndoze 2000. What happened to "Whistler"? Its not "Longhorn" and its been delayed how long? And this is the company you want to trust your critical IT infrastructure to?

Because Novell offers you CHOICES, you can still use Windoze in the server-space if you have some app that requires it. Heck, you can run eDirectory and GroupWise both on Windoze, if you want to - end up costing you more than runing them on Linux or NetWare, but still less than using AD and Exchange (and then being LOCKED into a single platform with no choice or room to maneuver).

Think about (or have the managing partner think about) the business impact of tripling your hardware costs, or the damage to the firm's clients and business reputation when the next LookOut! virus slips past your scanners and starts sending out random files from the user workstations to random addresses in their LookOut! address book (gee, it'll be nice when that "confidential" settlement document is E-Mailed to the reporter who wrote in asking about another case; or better yet, to the head of the state Bar Association Ethics Committee - hope the managing partner has fun explaining that one).

And to forestall the inevitable comeback from any lurking Micro$oftie, the argument that Windoze is most-hacked because its so prevalent is specious. Apache is found on 67% of websites on the Internet (Source: Netcraft) - THREE TIMES as many websites as are run by IIS. But where are all the hacks? IIS. NetWare ships with Apache, Windoze ships with IIS. Now who has the "de facto standard"?
</soapbox>

Good luck. I hope NAAS meets your need, and that cool-headed and holistic business thinking, as opposed to marketing-hype-driven thinking, guides your firm's managing partner. And if you end up running a hybrid environment or sticking with NetWare, well, a number of people in this TA have extensive experience building best-of-breed solutions with Novell's products as the binding core, so drop back in when you need advice.
0
 

Author Comment

by:kurtb
ID: 12758053
PsiCop,
0
 

Author Comment

by:kurtb
ID: 12758272
PsiCop,
Thanks for the help on NAAS. Wish I could have received more input on experiences in implementing it but I guess I will be following the manual on this one.

<aside>
You are 'preaching to the choir' on the Novell vs. Microsoft debate. I am just baseing my soapbox on observations that I have seen in the <I><B>legal field</I><B>. I am not saying that Novell is going away in our firm, at least if I have anything to say about it. I'm just saying that the applications that provide us with the options that the attorneys are wanting, run on M$ products.

The comment on WP and Word was based on the fact that more than 95% of law firms we deal with use Word. That and the AmLaw Tech Survey shows that 97% of the biggest law firms in the country use Word. 3% use WP. It has been a very big hassle dealing with the conversion process. So much that to the people here it's not worth it. That and the problem I have had with WP crashing a lot more than Word I don't see why we should continue to use it.

I would argue that Novell is at least 2 years ahead of Microsoft as far as products go. Marketing not so much. You have to admit that Microsoft is the master of marketing. I will, and I <I>hate</I> marketing.

I will have to look at the Gartner report and see if I can use it as a basis for a case against going to Windows as the NOS. But again based on what I have seen in the legal field I doubt it.
</aside>

Thanks!
0
 
LVL 34

Expert Comment

by:PsiCop
ID: 12758411
kurtb,

Thanks for the points.

I still don't see what an end-user application (Word) has to do with the OS on which the network relies. No one here has suggested replacing Windoze as the WORKSTATION. We're talking...or I've been talking...about what's on the SERVER. Word replacing WordPerfect doesn't affect the SERVER. Its still just data files. The server doesn't care if they're Word or WordPerfect or SpellBinder (anyone remember SpellBinder?) or whatever. That's not germane to the choice of SERVER platform.

And again, because of the CHOICES that Novell will offer you (and that you won't get, ever, from Redmond), you can integrate Windoze for vertical apps without having to throw the baby out with the bathwater.

Looking over my 12/2/2004 @ 9:48am ET post, I see I misstated the Gartner Group case study. Is the "WestCorp Financial" case study, circa late 2002. Also look at the Heritage Oaks Bank case study by Nucleus Research from last year. I would challenge anyone to find a case study NOT financed by Micro$oft that shows any clear TCO advantage to switching to an all-M$ environment.

Personally, I put much of Novell's server-room techcnology, especially their Directory Services technology, more like 5 years ahead of Redmond.

And you're right, Novell's marketing leaves much to be desired. If you're committed to avoiding throwing the baby out with the bathwater, you end up having to do Novell Marketing's job for them. I've successfully done this, and convinced management to kill the idea of a 2300+ server NT deployment by collecting case studies and articles showing the high TCO of the M$ environment. You have to approach it as a *business* case - show that it will cost more money yet deliver no benefit for the additional expenses, as is typically the case.
0
 
LVL 10

Expert Comment

by:DSPoole
ID: 12758702
Psi, I've actually have had Microsoft reps tell me that we have to get rid of NetWare because Microsoft Office doesn't run on Novell NetWare but it will run on Microsoft Windows Server.  My reply to that was "so you want me to put a Windows Server on everyone's desktop or allow only one person at a time to use Word on the server console?"

<the following is for the logically impaired or MSCE's who might need to figure out how this works...>

That was just before I explained to him that you can have Windows on your desktop (it's called a "client")

The "client" runs Word, Excel, etc.

The files they generate are stored on a hard drive (it's called the "server")

The client doesn't care what the server is, as long as it can read the files, either via a mapped drive (G:) or a UNC path (\\server\share\folder\file.txt)

<end>

Kurt,

If ANYONE is telling you that you need Windows in your server closet to run Microsoft apps on your desktop, they are LYING to you.

Either that or they flunked out of "Used Car Salesman School"

0
 

Author Comment

by:kurtb
ID: 12759045
Psi: The WP/Word comment had nothing to do with the server. I only used it as one example of M$ being a dominate force in the legal field.

DSPoole: No one is telling me such lies. I think I don't get call backs from most companies (reps) because I see through their lies.

The "I'm just saying that the applications that provide us with the options that the attorneys are wanting, run on M$ products." comment was based on the fact that the firm blindly purchased a document managment system that only runs on SQL Server and IIS. Not my fault that they don't know about MySQL and Apache.

I get the feeling like you think I'm a novice. I will admit to being a 'jack of all trades, master of none' but I don't consider myself a novice nor do I think anyone that really knows me. I have been around Netware since 3.12 when Windows NT was in diapers. Ah, the days of syscon...

Thank you for your help and I hope to be able to come back again and seek help when needed in the future.
0
 
LVL 35

Expert Comment

by:ShineOn
ID: 12759595
kurtb -

I'm taking the liberty to speak for DSPoole and PsiCop here - please don't take what they said that way.  I'm sure there was no intent to belittle your level of expertise.

They (and I...) just get a little unhinged when they hear about anyone moving to Microsquish products for no good reason and often will take what might be percieved as a condescending tone when raging against the machine.  It's often not even directed at the asker or someone else commenting, but at the Redmondites that listen in on these things and often descend to plant their rotten seed of dissent.  >whew<

You admit yourself that the reason isn't a good one ;)

Please come see us again.  We really are nice folx...

0
 

Author Comment

by:kurtb
ID: 12759694
I understand. I do it too. Like I said you guys are speaking to the choir. I didn't mean to give off a condescending tone. Not my intension. Maybe I'm slowly losing my faith in Novell since I'm surrounded by Redmondites as you put it... <sob>
Can't let that happen. I think I will come back.
0
 
LVL 10

Expert Comment

by:DSPoole
ID: 12759743
"I get the feeling like you think I'm a novice."

Nope - just don't trust lawyers ;)

more importantly:

"the firm blindly purchased a document managment system that only runs on SQL Server and IIS."

What does that have to do with a NetWare file/print server?

My point is, let the document system run on SQL - but why do they want to yank the NetWare server for a product that doesn't even TOUCH it?  Do they think they can run all of that on a single server???
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This shares a stored procedure to retrieve permissions for a given user on the current database or across all databases on a server.
Most folks would know the basics of how Dropbox works, so that’s not the purpose of this article. Security is what it’s all about, so here I’ll share how I choose to secure my Dropbox Account and the Data it contains.
Loops Section Overview
Screencast - Getting to Know the Pipeline
Suggested Courses

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question