Start Free TrialLog in
Avatar of ncomper
ncomper

asked on 

Microsoft ATA (Advance Threat Analytics)

Afternoon all, im looking for a little advice on the Microsoft ATA solution. I have a client that has asked me to review the tool and implement it the network if appropriate. At present we have this in a Proof of Concept environment but i am having trouble getting anything to report back that is of any use (it notes new machines and users etc..)

Microsoft seem to have very little information on the tool and have not managed to come back with much useful information (they just keep providing web links to articles) we have the following setup in place at present:

Center Server: Virtual Server 2012 R2
Light Gateway: Virtual Server 2012 R2
Light Gateway: Azure Server 2012 R2
Light Gateway: Virtual Server 2008 R2

We have had limited feedback from the console on things that are happening within the network (but we did receive today on exposed credentials in clear text) so we know it is reporting things back. I wondered if anyone had used this before and could expand on the following:

  • How long is the learning period for the system
  • Will i be able to track access events (user/engineers accessing servers/shares they shouldnt
  • User account privileges (can i see if someone is given additional rights)
  • New administrator level account tracking

I would like to know how useful the system is in auditing the local network to offer feedback on potential security issues or will i need to review somthing like ManageEngine AdAudit?
* Threat Management Gateway (TMG)AzureSecurityMicrosoft Server Apps
Avatar of undefined
Last Comment
btan
ASKER CERTIFIED SOLUTION
Avatar of btan
btan
Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Security
Security

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection. Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.

32K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
Ask the experts

  • "Invaluable tool for our organization"

    Josh Regalski

  • "Your help has saved me hundreds of hours of internet surfing."

    @fblack61

  • "Just a dang good service!"

    @golferski

  • "Worth every penny."

    Steve Hougom

  • "It’s been a life saver."

    Maria Halt

  • "Best support site I’ve seen!"

    Bob Schneider

  • "I would be lost without them."

    @fblack61

  • "Saved my job multiple times."

    Walt Forbes

  • "I love this site."

    Maria Duwe

  • "Friendly respectful help."

    Andrew Kowtalo

  • "Such top-notch experts."

    @magento

  • "The best money I have ever spent."

    @rwheeler23

  • "Beyond any comprehensible value"

    George Morris

  • "Invaluable tool for our organization"

    Josh Regalski

Read over 600 more reviews

TRUSTED BY

IBM logoIntel logoMicrosoft logoUbisoft logoSAP logo
Qualcomm logoCitrix Systems logoWorkday logoErnst & Young logo
High performer badgeUsers love us badge
LinkedIn logoFacebook logoX logoInstagram logoTikTok logoYouTube logo
© 1996-2023 Experts Exchange, LLC. All rights reserved. Covered by US Patent