Active Directory Security Audit
Active Directory services act as the all-in-one control point for Identity Management and Security within an organization. Performing a complete AD Security Audit is a must in order to determine who has access to what in your Active Directory by reporting every object and its security in detail. More importantly, enterprise administrators need to determine who can perform what critical administrative actions such as deleting members of an OU, modifying permissions etc. Administrators also need to conduct a periodic search of Active Directory for Inactive, Disabled, Expired and Unknown Accounts and see where and how they compromise security. Vyapin AD Security Audit solution also covers important aspects of AD security such as:
Active Directory Group Membership Reporting – Determine the impact of indirect group memberships, especially membership of Security groups (instead of just finding out who the members of your Security groups are).
Active Directory Nested Group Membership Reporting – Generate the most comprehensive report on Active Directory Users and Groups information, including complex nested groups and multi-group memberships. ARKAD’s in-depth user/group membership report includes all the groups that a user is member of across the entire AD organization (and not just the groups within one domain).
Active Directory User Security Reporting – Identify and report on all control related aspects of User account management – report on Password Expiry, Password setting, last logon etc.
Access control information – View both standard and extended rights along with owner, Inherited and Apply Onto information. Identify what permissions Users and Groups have been assigned on objects. Using the Inherited information, identify which ACEs have been added explicitly. Additionally, using the Apply Onto information identify which ACEs are enforced by each object.
Auditing information – Identify what type of access has been audited for a User and/or Group on objects and to which objects it has been applied, along with their Inherited information. Using the Inherited information identify which type of access has been set to be audited explicitly. Auditing information is available for all objects that ARKAD reports on.
Delegated Permissions – View the tasks that have been delegated to a user and/or group on Domains, Sites and Organizational Units (reports tasks delegated using the Delegation of Control Wizard and also the tasks that have been delegated manually).
Active Directory Change Audit – Track Activities and Changes
Tracking and recording changes for compliance and regulatory purposes requires a thorough audit of all activities and changes in your Active Directory. With Vyapin’s Active Directory Change Audit solution you can take complete control of your Active Directory Change management. You can identify and track changes live and also document these changes for compliance. You must first determine what changes are critical and important for your organization and get all such AD changes tracked, reported and archived for later use.
The solution answers important questions on AD changes that impact the security of your network such as:
Answer important questions on changes that impact that the security of your network.