Solved

Reporting tool for active directory and NTFS security auditing

Posted on 2014-02-25
2
609 Views
Last Modified: 2014-09-03
I'm looking for an all-in-one tool that can report on our Active Directory and NTFS structure from a security standpoint. The organization I work for is preparing to be audited by HIPAA and are looking for a paid solution that can help us get ready.
0
Comment
Question by:kj_syence
2 Comments
 
LVL 39

Accepted Solution

by:
Adam Brown earned 500 total points
ID: 39886334
Nessus: http://www.tenable.com/products/nessus
Retina: http://www.beyondtrust.com/

Those are the two big vulnerability baseline programs that are available. They can go through your servers and check against a database of existing vulnerabilities so you can either address or document them for HIPAA. There are some other free tools you might want to use like DumpSec: http://www.experts-exchange.com/Software/Server_Software/Active_Directory/Q_28373896.html which will export ACL and User information.

Those should give you enough to have the information you need to prepare for HIPAA. It should be noted, though, that HIPAA controls care more about encryption and data security than they do network vulnerabilities. Vulnerabilities are a part of it, but you'll get dinged a lot harder if you aren't ensuring encryption of PII data if it leaves your environment.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
GPO and server 2008 R2 7 37
Laptop "remote wipe" -- stolen ? 10 93
Elevated user monitoring in Active Directory 4 31
Office 365: Content Search, Search and Purge 17 16
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
It’s been over a month into 2017, and there is already a sophisticated Gmail phishing email making it rounds. New techniques and tactics, have given hackers a way to authentically impersonate your contacts.How it Works The attack works by targeti…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question