Solved

File monitoring and tracking

Posted on 2014-03-19
4
920 Views
Last Modified: 2014-03-24
I have been tasked with finding a solution that fits the following requirement:
Project Description:  
Ability to track files copied  to physical devices (usb drives, cds, dvds) and track upload/downloads to internet via web portals, email, drop box etc

The customer is running a small Windows Server 2012 AD environment with around 25 physical and VM systems. They do not care whether the solution is software or hardware based and I have not been given a price range for the project. I would like to create a comparative matrix with a couple of the best hardware and software options with prices attached so that I can at least get a ballpark figure of what they are looking to spend.

So far I have looked at Sonar, Spector 360 and Spy Agent 8 software applications and the Solera and IPCopper hardware solutions. I spoke with a Solera rep but they said they don't usually work with a project this small

Apologies if this has been discussed ad nauseum but I am not even sure what categories to search or if I am looking at the best options. I am wondering what the experts have used or considered. If you could point me in the right direction I can do the deep research.
0
Comment
Question by:DevilDoc325
4 Comments
 
LVL 80

Assisted Solution

by:David Johnson, CD, MVP
David Johnson, CD, MVP earned 167 total points
ID: 39940560
If they are concerned about files getting out of the organization then use Active Directory Rights Management System. You can configure it that anything with the word 'confidential' is drm'd and only machines in the company can access it.
0
 
LVL 54

Assisted Solution

by:McKnife
McKnife earned 167 total points
ID: 39941054
With windows 8 and server 2012, MS introduced advanced auditing options that enable you to do quite a lot concerning removable devices and more. Read what's new: http://technet.microsoft.com/cs-cz/library/hh849638.aspx

Also have a look at content filtering devices or softwares like http://www.clearswift.com/products/clearswift-content-inspection-engine-sdk
0
 
LVL 63

Accepted Solution

by:
btan earned 166 total points
ID: 39945099
I was thinking more like data leak and controlling those device, and network outbound and transaction via two layers, namely the
(1) managed whitelisted controls such as this devicelock/networklock; and
(2) contained virtualised application such as Sandboxie/Invincea Virtualspace

The a/m is to make sure the trail and audit log are available and known. of course it may not be foolproof if this not a well managed machine, meaning the login account user is the super admin or privileged user to disable all mechanism. Then maybe the hardware device to plug into to "snoop" the port interface and "record" network traffic transacted - the metadata can then be extracted from the raw capture in both...can be quite in depth but does serve as another layer.

Another thought is to not have any other s/w to be installed or brought into that endpoint such that secure wipe and bypassing browser using any other means is allowed - maybe alerting in audit may help but the data is loss...can be far off from your requirement so I keep this simple on above two mentioned (if they make worth).
0
 

Author Closing Comment

by:DevilDoc325
ID: 39950760
Experts,

Thank you for your input. I have included the DeviceLock/Networklock in my matrix that I am submitting to the customer. I am also going to be implement the Windows 2012 auditing and rights management immediately.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The next five years are sure to bring developments that are just astonishing, and we will continue to try to find the balance between connectivity and security. Here are five major technological developments from the last five years and some predict…
There's a lot of hype surrounding blockchain technology. Here's how it works and some of the novel ways it' s now being used - including for data protection.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question