Solved

logging and monitoring policy

Posted on 2011-09-29
3
410 Views
Last Modified: 2013-12-07
Does anyone have a corporate logging and monitoring policy for your IT Network? And if so what kinds of things does it cover, or is it the usual email/internet activity and nothing more? If it goes further what other areas are covered?
0
Comment
Question by:pma111
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 500 total points
ID: 36815224
Common to audit group policy changes, we audit adding and removal members to some of the built in groups like domain admins.

one thing about the built in auditing is that getting audit reports and alerts is not the greatest strength of AD natively.  There are third party tools that can really help in this space.  One example from quest.   http://www.quest.com/changeauditor-for-active-directory/

Thanks

Mike
0
 
LVL 3

Author Comment

by:pma111
ID: 36815250
Do you maintain audits of successful login/logouts into the domain?
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36815335
Not where I am now, at my last job we used a login script like this    http://msmvps.com/blogs/kwsupport/archive/2005/02/24/36942.aspx

Thanks

Mike
0

Featured Post

Ready to trade in that old firewall?

Whether you need to trade-up to a shiny new Firebox or just ready to upgrade from whatever appliance you're using now, WatchGuard has the right appliance for you! Find your perfect Firebox today with appliance sizing tool!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There is a lot to be said for protecting yourself and your accounts with 2 factor authentication.  I found to my own chagrin, that there is a big downside as well.
Article by: Justin
In light of the WannaCry ransomware attack that affected millions of Windows machines, you might wonder if your Mac needs protecting. Yes, it does and here is how to do it.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

622 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question