Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

File monitoring and tracking

Posted on 2014-03-19
4
Medium Priority
?
976 Views
Last Modified: 2014-03-24
I have been tasked with finding a solution that fits the following requirement:
Project Description:  
Ability to track files copied  to physical devices (usb drives, cds, dvds) and track upload/downloads to internet via web portals, email, drop box etc

The customer is running a small Windows Server 2012 AD environment with around 25 physical and VM systems. They do not care whether the solution is software or hardware based and I have not been given a price range for the project. I would like to create a comparative matrix with a couple of the best hardware and software options with prices attached so that I can at least get a ballpark figure of what they are looking to spend.

So far I have looked at Sonar, Spector 360 and Spy Agent 8 software applications and the Solera and IPCopper hardware solutions. I spoke with a Solera rep but they said they don't usually work with a project this small

Apologies if this has been discussed ad nauseum but I am not even sure what categories to search or if I am looking at the best options. I am wondering what the experts have used or considered. If you could point me in the right direction I can do the deep research.
0
Comment
Question by:DevilDoc325
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 83

Assisted Solution

by:David Johnson, CD, MVP
David Johnson, CD, MVP earned 668 total points
ID: 39940560
If they are concerned about files getting out of the organization then use Active Directory Rights Management System. You can configure it that anything with the word 'confidential' is drm'd and only machines in the company can access it.
0
 
LVL 56

Assisted Solution

by:McKnife
McKnife earned 668 total points
ID: 39941054
With windows 8 and server 2012, MS introduced advanced auditing options that enable you to do quite a lot concerning removable devices and more. Read what's new: http://technet.microsoft.com/cs-cz/library/hh849638.aspx

Also have a look at content filtering devices or softwares like http://www.clearswift.com/products/clearswift-content-inspection-engine-sdk
0
 
LVL 65

Accepted Solution

by:
btan earned 664 total points
ID: 39945099
I was thinking more like data leak and controlling those device, and network outbound and transaction via two layers, namely the
(1) managed whitelisted controls such as this devicelock/networklock; and
(2) contained virtualised application such as Sandboxie/Invincea Virtualspace

The a/m is to make sure the trail and audit log are available and known. of course it may not be foolproof if this not a well managed machine, meaning the login account user is the super admin or privileged user to disable all mechanism. Then maybe the hardware device to plug into to "snoop" the port interface and "record" network traffic transacted - the metadata can then be extracted from the raw capture in both...can be quite in depth but does serve as another layer.

Another thought is to not have any other s/w to be installed or brought into that endpoint such that secure wipe and bypassing browser using any other means is allowed - maybe alerting in audit may help but the data is loss...can be far off from your requirement so I keep this simple on above two mentioned (if they make worth).
0
 

Author Closing Comment

by:DevilDoc325
ID: 39950760
Experts,

Thank you for your input. I have included the DeviceLock/Networklock in my matrix that I am submitting to the customer. I am also going to be implement the Windows 2012 auditing and rights management immediately.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ransomware, the malware that locks down its victim’s files until they pay up, has always been a frustrating issue to deal with. However, a recent mobile ransomware will make the issue a little more personal… by sharing the victim’s mobile browsing h…
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question