Securing Active Directory: Group Membership Alerts

0

In our last installment, I showed you how you can analyze the current status of all of your groups that have elevated privileges. After you analyze your groups and ensure that only the correct users have elevated privileges, you then need to keep tabs on these groups to ensure that the group membership does not change without your knowledge.

If we try to accomplish this using Microsoft auditing, Event Viewer, and Scheduled Tasks, we will find that there is no way to just get alerts regarding our elevated privileged groups.

However, if you use the alerting capability of ADAudit Plus, ‚Äčgetting those alerts is extremely easy. You can see in Figure 1 how easy it is to define the groups that you want to track.

group alerts figure1

Figure 1.

Integrate Applications Manager alerts into IBM Tivoli Console

0

To meet the growing complexity of their infrastructures, organizations today use numerous monitoring tools to track the health of their business environments. These monitoring tools generate alerts of statistics, errors, notifications or any other information that may be crucial to the enterprise. How does the operations team of any organization keep track of alerts from so many different tools generated on different systems?

We have received a fair number of queries from users whose enterprises use IBM Tivoli as their main Network Management System (NMS) console. They would like a direct method to display critical Applications Manager alerts in Tivoli’s console. This blog should help you in

Firewall Analyzer catches Spam Relays

0

“Be Proactive than Reactive” is a slogan for any NOC (Network Operations Control) or network specialist. The basic requirement is to ensure that there is no compromise activity on your network, and ensure the policies on your perimeter are intact.

Here is a support case, we faced very recently from an enterprise, which had a very large compromise attempt, and how our SEM (Security Event Management) module provided them enough information to nail down the issue completely.

This enterprise is one of a premium data centers, with multiple Firewalls deployed across the globe. Firewall Analyzer – Distributed edition is deployed, where Log collectors were monitoring their critical Firewa…