We help IT Professionals succeed at work.

Microsoft ATA (Advance Threat Analytics)

782 Views
Last Modified: 2017-04-21
Afternoon all, im looking for a little advice on the Microsoft ATA solution. I have a client that has asked me to review the tool and implement it the network if appropriate. At present we have this in a Proof of Concept environment but i am having trouble getting anything to report back that is of any use (it notes new machines and users etc..)

Microsoft seem to have very little information on the tool and have not managed to come back with much useful information (they just keep providing web links to articles) we have the following setup in place at present:

Center Server: Virtual Server 2012 R2
Light Gateway: Virtual Server 2012 R2
Light Gateway: Azure Server 2012 R2
Light Gateway: Virtual Server 2008 R2

We have had limited feedback from the console on things that are happening within the network (but we did receive today on exposed credentials in clear text) so we know it is reporting things back. I wondered if anyone had used this before and could expand on the following:

  • How long is the learning period for the system
  • Will i be able to track access events (user/engineers accessing servers/shares they shouldnt
  • User account privileges (can i see if someone is given additional rights)
  • New administrator level account tracking

I would like to know how useful the system is in auditing the local network to offer feedback on potential security issues or will i need to review somthing like ManageEngine AdAudit?
Comment
Watch Question

Exec Consultant
CERTIFIED EXPERT
Distinguished Expert 2019
Commented:
This problem has been solved!
(Unlock this solution with a 7-day Free Trial)
UNLOCK SOLUTION

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions