Expiring Today—Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Unauthorised software and devices & asset mgmt

Posted on 2012-03-15
2
Medium Priority
?
334 Views
Last Modified: 2012-03-22
A couple of questions:

1) Is there any way to audit in your AD:

1a) Non approved devices that have connected to your Network - and report immediately to an admin for investigation?

1b) Non approved software that has crept on to either one of your Servers or Workstations (do you create an approved list of allowed software)

1c) And major change to say a baseline workstation, such as opening ports, changing services, changing user perms etc

1d) Exact versions of software running on devices

In terms of 1b - If users dont have local admin authority, is there still a need to audit what software has crept onto their machines

What tools would you recommend can cover the above?
0
Comment
Question by:pma111
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 26

Accepted Solution

by:
Leon Fester earned 2000 total points
ID: 37725310
Is there a way to see this information from Active Directory?
No, AD doesn't store this information.

But, you can do all of the above with system management tools like SCCM, Altiris, Radia, etc
But none of them are free.

There are free tools though are none enterprise tools and need to be run against local machines.

All of these software requires that you baseline your infrastructure first, then report on deviance's afterwards.

Your actions would be to:
1. Get the tool,
2. Deploy the tool for inventory gathering
3. Run scheduled scans and report on additions.

I think the biggest challenge you will have is that you currently don't have any control on your network. So creating a baseline for all systems wouldn't be possible, you'd have to baseline per machine.

You'll notice a common thread in my post about standardizing and getting control over your network by putting in the correct processes and procedures. Only THEN will you be able to effective manage your network and pass your PCI compliance.

Often when people learn that they will be audited they go into a flat panic and want to fix each item that broken....I've seen people pull out their hair over not getting things done before AUDIT. STOP!

You can get through audits, but recording where your problems and as long as you can mitigate the risk then you're fine, until the next audit.
Risk mitigation is as simple as telling them why it's broken, how you intend to fix it and by when you'll fix it.

If you have a decent auditor then he/she will followup on your dates.
This not a plan to NOT do the work, but by showing them that you're planning to fix it you can give yourself some time to breath and fix it properly...not just patch the hole each time.

Ultimately you want to get to a managed network.
That way, once you're compliant, you shouldn't need to spend 4 months getting ready for audit..because you've got the right procedure in place to extract the required information.
0
 
LVL 3

Author Comment

by:pma111
ID: 37751357
Thanks
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question