Advance auditing enabling in domain controllers, servers and workstations
Hi Experts,
We are being audited by external partners, and they recommended to enable Advanced security audit policy, and enable all features as per screenshot below. The problem with this change is they want to apply to all DCs, workstations and servers of the organization.
I need your help to identify and prevent any major impact or performance degradation, as this change will be applied to all DCs, servers and workstations.
Can you please provide me with some sort of documentation about business case, blogs, service impact after enabling advance auditing?
What is the service impact for a large organization once this policies are enabled?
Any performance issues or log file impact on servers/dcs/workstation after enabling this per link below?
https://technet.microsoft.com/en-us/library/dn319056%28v=ws.11%29.aspx?f=255&MSPPError=-2147217396
Any known issues after applied advance auditing per link above?
Please, provide your input and elaborate the answers, it would be highly appreciated that you do not only attach links, more than links look for your feedback.
Provide instructions steps by step in case of the elaboration of a plan to prevent service/server degradation
Single forest/Single domain/multiple sites, all DCs are Windows 2012 R2 latest patches, no other software running on DCs.
Windows 2008 is the forest and domain level
All workstations run Windows 7 and 10.
Servers is a mix of 2003/2008/2008R2/2012/2012
AuditDCs.png
auditservers.png
AuditWorkstations.png
We are being audited by external partners, and they recommended to enable Advanced security audit policy, and enable all features as per screenshot below. The problem with this change is they want to apply to all DCs, workstations and servers of the organization.
I need your help to identify and prevent any major impact or performance degradation, as this change will be applied to all DCs, servers and workstations.
Can you please provide me with some sort of documentation about business case, blogs, service impact after enabling advance auditing?
What is the service impact for a large organization once this policies are enabled?
Any performance issues or log file impact on servers/dcs/workstation after enabling this per link below?
https://technet.microsoft.com/en-us/library/dn319056%28v=ws.11%29.aspx?f=255&MSPPError=-2147217396
Any known issues after applied advance auditing per link above?
Please, provide your input and elaborate the answers, it would be highly appreciated that you do not only attach links, more than links look for your feedback.
Provide instructions steps by step in case of the elaboration of a plan to prevent service/server degradation
Single forest/Single domain/multiple sites, all DCs are Windows 2012 R2 latest patches, no other software running on DCs.
Windows 2008 is the forest and domain level
All workstations run Windows 7 and 10.
Servers is a mix of 2003/2008/2008R2/2012/2012
AuditDCs.png
auditservers.png
AuditWorkstations.png
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.