Solved

logging and monitoring policy

Posted on 2011-09-29
3
406 Views
Last Modified: 2013-12-07
Does anyone have a corporate logging and monitoring policy for your IT Network? And if so what kinds of things does it cover, or is it the usual email/internet activity and nothing more? If it goes further what other areas are covered?
0
Comment
Question by:pma111
  • 2
3 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 500 total points
ID: 36815224
Common to audit group policy changes, we audit adding and removal members to some of the built in groups like domain admins.

one thing about the built in auditing is that getting audit reports and alerts is not the greatest strength of AD natively.  There are third party tools that can really help in this space.  One example from quest.   http://www.quest.com/changeauditor-for-active-directory/

Thanks

Mike
0
 
LVL 3

Author Comment

by:pma111
ID: 36815250
Do you maintain audits of successful login/logouts into the domain?
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36815335
Not where I am now, at my last job we used a login script like this    http://msmvps.com/blogs/kwsupport/archive/2005/02/24/36942.aspx

Thanks

Mike
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The 21st century solution to antiquated pagers.
With healthcare moving into the digital age with things like Healthcare.gov, the digitization of patient records and video conferencing with patients, data has a much greater chance of being exposed than ever before.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question