Solved

File monitoring and tracking

Posted on 2014-03-19
4
944 Views
Last Modified: 2014-03-24
I have been tasked with finding a solution that fits the following requirement:
Project Description:  
Ability to track files copied  to physical devices (usb drives, cds, dvds) and track upload/downloads to internet via web portals, email, drop box etc

The customer is running a small Windows Server 2012 AD environment with around 25 physical and VM systems. They do not care whether the solution is software or hardware based and I have not been given a price range for the project. I would like to create a comparative matrix with a couple of the best hardware and software options with prices attached so that I can at least get a ballpark figure of what they are looking to spend.

So far I have looked at Sonar, Spector 360 and Spy Agent 8 software applications and the Solera and IPCopper hardware solutions. I spoke with a Solera rep but they said they don't usually work with a project this small

Apologies if this has been discussed ad nauseum but I am not even sure what categories to search or if I am looking at the best options. I am wondering what the experts have used or considered. If you could point me in the right direction I can do the deep research.
0
Comment
Question by:DevilDoc325
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 81

Assisted Solution

by:David Johnson, CD, MVP
David Johnson, CD, MVP earned 167 total points
ID: 39940560
If they are concerned about files getting out of the organization then use Active Directory Rights Management System. You can configure it that anything with the word 'confidential' is drm'd and only machines in the company can access it.
0
 
LVL 55

Assisted Solution

by:McKnife
McKnife earned 167 total points
ID: 39941054
With windows 8 and server 2012, MS introduced advanced auditing options that enable you to do quite a lot concerning removable devices and more. Read what's new: http://technet.microsoft.com/cs-cz/library/hh849638.aspx

Also have a look at content filtering devices or softwares like http://www.clearswift.com/products/clearswift-content-inspection-engine-sdk
0
 
LVL 64

Accepted Solution

by:
btan earned 166 total points
ID: 39945099
I was thinking more like data leak and controlling those device, and network outbound and transaction via two layers, namely the
(1) managed whitelisted controls such as this devicelock/networklock; and
(2) contained virtualised application such as Sandboxie/Invincea Virtualspace

The a/m is to make sure the trail and audit log are available and known. of course it may not be foolproof if this not a well managed machine, meaning the login account user is the super admin or privileged user to disable all mechanism. Then maybe the hardware device to plug into to "snoop" the port interface and "record" network traffic transacted - the metadata can then be extracted from the raw capture in both...can be quite in depth but does serve as another layer.

Another thought is to not have any other s/w to be installed or brought into that endpoint such that secure wipe and bypassing browser using any other means is allowed - maybe alerting in audit may help but the data is loss...can be far off from your requirement so I keep this simple on above two mentioned (if they make worth).
0
 

Author Closing Comment

by:DevilDoc325
ID: 39950760
Experts,

Thank you for your input. I have included the DeviceLock/Networklock in my matrix that I am submitting to the customer. I am also going to be implement the Windows 2012 auditing and rights management immediately.
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
Here's a look at newsworthy articles and community happenings during the last month.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

690 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question