Filling the Gap in Exchange Auditing. Written by Randy Franklin Smith Monterey Technology Group, Inc.
|
|
- Abner Casey
- 8 years ago
- Views:
Transcription
1 Filling the Gap in Exchange Auditing Written by Randy Franklin Smith Monterey Technology Group, Inc.
2 Copyright Quest Software, Inc All rights reserved. This guide contains proprietary information, which is protected by copyright. The software described in this guide is furnished under a software license or nondisclosure agreement. This software may be used or copied only in accordance with the terms of the applicable agreement. No part of this guide may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying and recording for any purpose other than the purchaser's personal use without the written permission of Quest Software, Inc. WARRANTY The information contained in this document is subject to change without notice. Quest Software makes no warranty of any kind with respect to this information. QUEST SOFTWARE SPECIFICALLY DISCLAIMS THE IMPLIED WARRANTY OF THE MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. Quest Software shall not be liable for any direct, indirect, incidental, consequential, or other damage alleged in connection with the furnishing or use of this information. TRADEMARKS All trademarks and registered trademarks used in this guide are property of their respective owners. World Headquarters 5 Polaris Way Aliso Viejo, CA info@quest.com Please refer to our Web site for regional and international office information. Updated August 1, 2008 WPW-FillingGapExchangeAuditing-US-AG
3 CONTENTS EXECUTIVE SUMMARY...1 WHY IS EXCHANGE SECURITY SO IMPORTANT?...2 BUSINESS-CRITICAL INFORMATION AND PROCESSES DEPEND ON EXCHANGE... 2 INFORMATION AND PROCESSES THAT RELY ON EXCHANGE SECURITY... 3 THREATS TO EXCHANGE SECURITY...5 NON-OWNER MAILBOX ACCESS... 6 Challenges to Managing Non-Owner Mailbox Access... 6 Risks Associated with Non-Owner Mailbox Access... 7 CONFIGURATION CHANGES BY ADMINISTRATORS (MALICIOUS OR ACCIDENTAL)... 8 Risks Associated with Actions by Exchange Administrators... 8 Risks Associated with Changes to Active Directory... 9 MITIGATING THE RISKS...10 NATIVE TOOLS ARE INSUFFICIENT ACCESS CONTROL IS INSUFFICIENT THE SOLUTION LIES IN OVERSIGHT AND AUDIT TRAILS THE SOLUTION: INTRUST PLUG-IN FOR EXCHANGE & INTRUST PLUG-IN FOR ACTIVE DIRECTORY...11 INTRUST PLATFORM InTrust Knowledge Packs InTrust Plug-Ins HOW INTRUST PLUG-IN FOR EXCHANGE AND INTRUST PLUG-IN FOR ACTIVE DIRECTORY MITIGATE RISKS CONCLUSION...14 ABOUT THE AUTHOR...15 ABOUT MONTEREY TECHNOLOGY GROUP, INC ABOUT QUEST SOFTWARE, INC CONTACTING QUEST SOFTWARE CONTACTING QUEST SUPPORT NOTES...17 i
4 White Paper EXECUTIVE SUMMARY The security of your Exchange infrastructure and its content is critical. But organizations have largely neglected to look at the risks arising inside the network and adequately monitor events that impact the availability, integrity, and confidentiality of messages and the system. In particular, organizations need to: 1. Audit non-owner mailbox access (by both unauthorized individuals and by authorized non-owners) and respond to instances of improper access. 2. Audit changes to the infrastructure and other activities of administrators, and hold individual administrators accountable. Unfortunately, Exchange lacks effective native tools for auditing non-owner mailbox access and configuration changes. With Quest InTrust Plug-in for Exchange and InTrust Plug-in for Active Directory organizations can fill the gaps in Exchange auditing by: 1. Auditing non-owner mailbox access 2. Tracking changes to mailbox permissions 3. Auditing changes to the attributes of Exchange-related Active Directory objects With these capabilities, organizations can monitor and respond to instances of nonowner mailbox access and erroneous administrative changes, thus mitigating the risks identified in this paper. 1
5 Filling the Gap in Exchange Auditing WHY IS EXCHANGE SECURITY SO IMPORTANT? Business-Critical Information and Processes Depend on Exchange Employees use to send and receive many kinds of data. Some common types of transmitted data include: financial, patient, customer, proprietary and legally sensitive. They use to collect information that impacts financial reporting, purchase approvals, or access control changes. These types of information and processes are critical to the success of your business, and they are often subject to compliance regulation and legal risks. Their security depends upon the security of Exchange, the central communications and workflow medium in your organization. Figure 1. Information and processes that depend on Exchange security 2
6 White Paper Information and Processes that Rely on Exchange Security The table below lists some of the most common types of information and processes that organizations use and the major regulations and security requirements that apply to them: INFORMATION AND PROCESSES REGULATIONS DOMINANT SECURITY REQUIREMENTS Financial reporting SOX Integrity Oversight Audit trail Access control changes All Integrity Separation of duty Accountability Non-repudiation Patient data HIPAA Confidentiality Audit trail Customer data PCI, GLBA Confidentiality Oversight Audit trail Proprietary information Internal Confidentiality Oversight Audit trail Mergers and acquisitions SEC Confidentiality Oversight Audit trail Approvals All Integrity Separation of duty Accountability Non-repudiation Human resources data Legal Confidentiality Oversight Audit trail Government and defense data FISMA, NISPOM, etc. Confidentiality Oversight Audit trail General communication and workflow Internal Availability Confidentiality Table 1. Information and processes that interface with Exchange 3
7 Filling the Gap in Exchange Auditing As we look at the security requirements, we define confidentiality, integrity, and availability as follows: Confidentiality: Protection of sensitive or secret information from disclosure to unauthorized parties, which could result in harm or liability to the organization Integrity: Protection of the accuracy and completeness of information against accidental or malicious deletion or modification which could result in delayed or inaccurate decisions or operations or expose the organization to liability Availability: Ensuring the relevant servers, network components, and data itself are operational so that the information can be readily accessed Because Exchange is a foundation technology with connections to nearly all your business-critical information and processes, you must take a holistic approach to Exchange security. It is necessary to provide same level of confidentiality, availability, and integrity for Exchange as is placed on the information and processes that depend on Exchange. 4
8 White Paper THREATS TO EXCHANGE SECURITY What are the threats to Exchange security from outside and inside an organization, and how are they addressed today? External threats include malware, spam, and interception of confidential ; these threats are generally well understood and mature security solutions are available to mitigate them. Some internal risks, including offensive content and proper storage of for discovery and compliance, are also already addressed by most organizations. But the business world and solution providers have largely neglected other important internal risks arising inside the network: unauthorized mailbox access and improper administrative changes to the infrastructure. The table below shows the types of -related risks and how they are typically addressed in most organizations: RISK CURRENTLY ADDRESSED IN MOST ORGANIZATIONS? STATUS HOW External Malicious Malware Phishing Spam and directory harvesting Yes Anti-malware, antispam Confidential intercepted Some Encryption Proprietary content forwarded outside organization Some Outbound keyword and heuristics filtering Internal Human Resources Harassment Offensive content, etc Yes Acceptable use policies Legal Yes Archival Discovery Compliance Unauthorized mailbox access Confidential information compromised No No detection and no audit trail Fraudulent transmission or modification of Destruction of record Malicious or inadvertent damage to infrastructure through configuration changes No No detection and no audit trail Confidentiality Integrity Availability Both Availability Yes Clustering and fault tolerant hardware Table 2. -related risks and typical state of mitigation 5
9 Filling the Gap in Exchange Auditing Let s take a closer look at the two major risks that have little or no mitigation in most Exchange infrastructures today: Non-owner mailbox access Configuration changes Non-Owner Mailbox Access Exchange allows a user to access another person s mailbox and potentially author s as that person. This capability has legitimate uses, such as the following: A manager or executive might need a subordinate to screen his or her e- mail and handle routine items. Sometimes the assistant may be directed to send on behalf of the executive. An employee who is on vacation might need someone else to monitor his or her inbox. A manager or the Human Resources department might require access to an employee s , either for the purposes of an investigation or a routine review according to policy. But non-owner mailbox access can also be misused or mismanaged, exposing the organization to significant risk. Therefore, non-owner mailbox access must be carefully controlled and supervised. Challenges to Managing Non-Owner Mailbox Access Unfortunately, controlling and auditing non-owner mailbox access is easier said than done, for two main reasons. First, Exchange allows a user to delegate access to his or her mailbox to any other user in the organization without intervention or approval from administrative staff. Users can delegate all of the following: Read access to their inbox and other mail folders. This includes their calendar, to-do list, contacts and any other folder in their mailbox Author and editor access, which allows the delegate to create new items in the mailbox and modify or delete existing items Send As authority, which allows the delegate to impersonate the user by sending as though it were from that user Second, there is the risk of non-owner access by IT administrators. Administrators seldom, if ever, need to read, much less modify, items in a user s mailbox. By default, administrators are denied access to user mailboxes. However, an administrator can easily override that restriction to gain access to anyone s , and delete or edit existing items or send new messages. 6
10 White Paper Figure 2. Exchange enables a variety of kinds of non-owner mailbox access. Risks Associated with Non-Owner Mailbox Access There are times when it is necessary for users and administrators to gain access to others mailboxes. However, there are serious risks associated with non-owner mailbox access, including the following: Non-owner mailbox access can lead to confidential information being compromised. For example, a user with read access to a manager s mailbox may read private information about another employee, such as disciplinary, health, or salary-related information. Proprietary or customer information obtained by unauthorized individuals could be improperly shared internally or externally, including with the press or competitors. Information can be improperly modified or deleted. It is possible for a subordinate to access his or her manager s mailbox and delete records regarding warnings or reprimands. An employee could modify information to cover up a bad report or to falsify figures that affect compensation or financial reporting. Users can send fraudulent . An impostor can send from another user s mailbox, making it appear that the mailbox owner has sent offensive or harassing to a third party, approved a purchase or disbursement transaction, or authorized an access change. Even in well-controlled environments, users focused on getting their jobs done naturally take the expedient route by granting other users access to their mailboxes. Unfortunately, these delegations of authority are rarely revoked or cleaned up. The resulting proliferation of non-owner mailbox access rights leads to an increasingly insecure Exchange environment, ripe for breaches in confidentiality, fraudulent , and data tampering or destruction. 7
11 Filling the Gap in Exchange Auditing Configuration Changes by Administrators (Malicious or Accidental) The second major threat to Exchange security that goes largely unaddressed today is configuration changes by administrators. This risk cannot be overstated. While many organizations go to great lengths to ensure separation of user roles in business and financial applications, large numbers of IT staff commonly have full access to the entire IT infrastructure, including all of its databases, systems, applications and files. Organizations commonly justify granting this broad authority with comments such as, You have to trust someone. But administrators are no less capable of fraud, maliciousness and error than others in an organization. One example is the catastrophic disruption caused by a disgruntled system administrator at UBS PaineWebber. 1 After learning his bonus would be less than expected, the administrator configured a logic bomb programmed to take down the company s entire Unix system that handled trades for the broker division. His actions cost the company three million dollars in consulting for cleanup alone; the lost revenue was never reported. Risks Associated with Actions by Exchange Administrators The risks associated with Exchange administrative power include the following: 8 Administrators can override mailbox permissions. Because administrators can access any mailbox in the organization as if the mailbox owner had given them full control, the risks associated with non-owner mailbox access discussed above also apply here: administrators can read confidential information (such as disciplinary, health, or salary-related information), impersonate other users, falsify or delete content damaging to themselves or others and access proprietary or customer information and share it improperly inside or outside the organization. Exchange server security can be weakened. Exchange security could be weakened in a number of ways: An administrator could accidentally or deliberately reconfigure Exchange to allow unencrypted access to mailboxes by remote employees. The internal domain credentials of privileged employees could then be stolen and used to access internal applications such as financial systems or confidential data, including customer information, patient data or proprietary secrets. It is also possible for Exchange itself to be compromised and the server used for access to the internal network. The SMTP service could be configured to allow the relay of unauthenticated SMTP mail, allowing spam and malware to be sent through the corporate server. When this has occurred, anti-spam services have recognized the company s server as a source of spam and malware. Legitimate from the company was not delivered and inbound messages were delayed. Disgruntled employees might exploit Exchange and force the organization s servers to be added to spam real-time block lists, causing devastating consequences.
12 White Paper Risks Associated with Changes to Active Directory The internal configuration and operations of Exchange are completely dependent on Active Directory (AD) objects. These AD objects can be modified directly, circumventing Exchange configuration and policy validation, resulting in the same risks as direct changes to Exchange configuration. Figure 3. Changes to Active Directory impact Exchange security 9
13 Filling the Gap in Exchange Auditing MITIGATING THE RISKS Native Tools are Insufficient How can the risks associated with non-owner mailbox access and administrative changes be mitigated? Unfortunately, native Exchange functionality is insufficient because of the following vulnerabilities or gaps: 1. It has no audit trail; it does not report to security log. Exchange lacks an audit trail of non-owner mailbox access and administrative changes to its infrastructure and configuration. Exchange does not report relevant events to the Windows security log. 2. It is dependent on Active Directory for security, policy, and configuration. Exchange is only as secure and dependable as the Active Directory environment it runs in. 3. It is exposed to the Internet; it directly handles network traffic and content likely to contain malware or other embedded attacks. Even with perimeter SMTP relay servers, Exchange is still more vulnerable to malicious content than other servers within the network and therefore more exposed to external attacks as well. Access Control is Insufficient Access control is also of limited use: you must allow users to sometimes delegate access to their mailboxes and grant administrators the authority to do their job; there s no way to configure the system to distinguish between legitimate actions, mistakes or malicious behavior. The Solution Lies in Oversight and Audit Trails The best way to mitigate the risks associated with non-owner mailbox access and administrative changes is through oversight and audit trails. You need to be able to audit non-owner mailbox access and respond quickly to instances of improper access or administrator actions, including identifying the perpetrators. 2 Proper oversight and audit trails help organizations discover security breaches quickly and provide evidence to prosecute violators. These tools can also serve as a deterrent. Employees who know their actions are being recorded and subject to review will be less inclined to misuse authority and practice careful mailbox management. 10
14 THE SOLUTION: INTRUST PLUG-IN FOR EXCHANGE & INTRUST PLUG-IN FOR ACTIVE DIRECTORY White Paper InTrust Plug-in for Exchange and InTrust Plug-in for Active Directory are specifically designed to provide effective Exchange oversight and audit trails. InTrust Plug-in for Exchange enables you to oversee and respond to instances of non-owner mailbox access, and InTrust Plug-in for Active Directory does the same for administrative changes, mitigating the risks discussed above. InTrust Platform The InTrust platform provides the core log management functions of event collection, alerting, archival, and reporting. InTrust has built-in support for the common log formats, including Windows event logs and any type of text file log, as well as syslog streams for support of Unix, Linux, and network devices like routers and firewalls. To support the special scalability requirements of enterprises and meet the challenges of log integrity in a distributed environment, InTrust includes the following distinguishing features: Log integrity: InTrust enables organizations to create a cached location on each remote server where each event is captured simultaneously as it is written to the event log. This prevents a rogue user or administrator from tampering with the audit log evidence. Redundancy: InTrust provides automated server redundancy in the case of failure. This enables administrators to quickly move all configurations and jobs from a crashed server to a backup server. This reduces the possibility of lost log files due to server failure. 11
15 Filling the Gap in Exchange Auditing InTrust Knowledge Packs Every system, application and device on an organization s network has its own unique log format, log rotation scheme, arcane event IDs, error codes, and other components. Proper log management and effective analysis of log data therefore requires specialized expertise for each monitored component and its corresponding logs a challenge for even the most knowledgeable IT professional. InTrust addresses this by providing modular knowledge packs built by experts in each technology. InTrust Knowledge Packs provide InTrust with the essential intelligence required to collect and analyze a wide array of log formats. InTrust Knowledge Packs are available for: Windows Solaris Linux (Redhat and SuSe) Firewalls (Checkpoint Firewall-1 and Cisco PIX) Microsoft Excel SQL databases Oracle databases Microsoft Internet Security and Acceleration Server (ISAS) Microsoft Internet Information Server (IIS) AIX 5L Microsoft Identity Integration Server (MIIS) Quest ActiveRoles Server InTrust Plug-Ins Wherever possible, InTrust leverages the native logs already provided by the operating systems, applications and devices on your network. But native functionality frequently falls short of providing the level of instrumentation required for enterprise compliance and security needs. Therefore Quest augments InTrust s core log management platform with specialized plug-ins that fill the gaps in the native logging functionality of platforms such as Active Directory, Exchange, and SharePoint. 12
16 White Paper How InTrust Plug-in for Exchange and InTrust Plug-in for Active Directory Mitigate Risks As explained above, Exchange lacks the necessary logging and audit functionality to mitigate the risks associated with non-owner mailbox access and administrative changes to configuration, whether they occur directly through Exchange or indirectly through the modification of AD objects. InTrust Plug-in for Exchange and InTrust Plug-in for Active Directory together fill this security and compliance gap with four key features. 1. Auditing and oversight of non-owner mailbox access: InTrust Plug-in for Exchange collects and correlates all unusual or suspicious user and administrator activity. It provides detailed information about non-owner mailbox access, including which s were read, deleted, copied, moved, or forwarded. 2. Tracking of changes to mailbox permissions: InTrust Plug-in for Exchange provides detailed, real-time auditing and reporting of changes to permissions, including changes made by users to their own mailboxes and those made by administrators. 3. Enhanced mailbox protection: InTrust Plug-in for Exchange can protect selected Exchange mailboxes with an elevated level of protection from unwanted access. You simply specify which mailboxes are to receive this elevated level of security and specify the users or groups (if any) who are allowed to bypass mailbox security. For example, you can prevent anyone but the mailbox owner from accessing a particular mailbox, which can protect VIP mailboxes from being compromised, even by IT administrators. 4. Audit and reporting of changes to the attributes of Exchangerelated Active Directory objects: InTrust Plug-in for Active Directory provides comprehensive and detailed real-time auditing of changes to mailbox permissions and to other AD-related objects such as Group Policy Objects (GPOs). InTrust Plug-in for Active Directory provides all the detailed information behind important changes, including who was responsible, the origination, and pre- and post-change values. Administrators can troubleshoot AD problems and reverse any changes when necessary. By tracking changes to AD security and policy and showing how the changes have strayed from the approved configuration, InTrust enables organizations to address their IT compliance requirements. InTrust Plug-in for Exchange and InTrust Plug-in for Active Directory together provide the critical oversight and audit trail capabilities to address the risks of nonowner mailbox access and administrative changes to configuration. These solutions fully integrate with the alerting, archiving, and reporting capabilities of the InTrust platform to provide complete corporate data security and compliance. 13
17 Filling the Gap in Exchange Auditing CONCLUSION The security of your Exchange environment is just as important as the security of your most critical applications and information. But many organizations today fail to adequately oversee and audit non-owner mailbox access and administrative changes to Exchange configuration, leaving them vulnerable to risks such as: Compromise of confidential information Modification or deletion of information Fraudulent Unavailability of the core communications infrastructure Quest developed InTrust Plug-In for Exchange and InTrust Plug-In for Active Directory to enable organizations to oversee and respond to incidents that could affect the integrity, confidentiality, and availability of Exchange and the information and business processes that depend on it. These two solutions help mitigate the risks from non-owner mailbox access, changes to mailbox permissions, and changes to the attributes of Exchange-related Active Directory objects. In addition, InTrust Plug-In for Exchange offers enhanced mailbox protection to prevent unauthorized access to critical mailboxes. InTrust Plug-In for Exchange and InTrust Plug-in for Active Directory help organizations establish controls and accountability for end-users and administrators of Exchange. This allows them to oversee and quickly respond to incidents that could affect the integrity, confidentiality and availability of their critical messaging system. These two important tools also ensure organizations are able to meet any regulatory compliance requirements. 14
18 White Paper ABOUT THE AUTHOR Randy Franklin Smith is an information security consultant and trainer who specializes in Windows and Active Directory security. He performs security reviews for clients ranging from small, privately held firms to Fortune 500 companies and national and international organizations. Randy is the designer and exclusive instructor for the Ultimate Windows Security seminars. For more than a decade, Randy has trained hundreds of information technology auditors from public accounting firms and the internal audit departments of organizations around the world on the security and control of Microsoft environments. Randy has written over 300 articles on Windows security issues that have appeared in publications like Information Security Magazine and Windows IT Pro, where he is a contributing editor and author of the popular Windows security log series. In 2003, Randy received the Apex Award of Excellence in the category of How-to Writing for his security feature, 8 Tips for Avoiding the Next Big Worm. He also writes the popular Access Denied Q&A column in Windows IT Security. Randy Franklin Smith began his career in information technology in the 1980s developing software for a variety of companies. During the early 1990s, he led a business process reengineering effort for a multinational organization and designed several mission-critical, object-oriented, client/server systems. As the Internet and Windows NT took off, Randy focused on security and led his employer's information security planning team. In 1997, he formed Monterey Technology Group, Inc., where he serves as CEO. You can contact Randy at rsmith@montereytechgroup.com. ABOUT MONTEREY TECHNOLOGY GROUP, INC. Formed in 1997 by CEO Randy Franklin Smith, Monterey Technology Group, Inc. serves the infosec, IT audit, and software development communities with specialized services, training, and solutions related to Microsoft product security. 15
19 Filling the Gap in Exchange Auditing ABOUT QUEST SOFTWARE, INC. Quest Software, Inc., a leading enterprise systems management vendor, delivers innovative products that help organizations get more performance and productivity from their applications, databases, Windows infrastructure and virtual environments. Through a deep expertise in IT operations and a continued focus on what works best, Quest helps more than 90,000 customers worldwide meet higher expectations for enterprise IT. Quest provides customers with client management as well as server and desktop virtualization solutions through its subsidiaries, ScriptLogic and Vizioncore. Quest Software can be found in offices around the globe and at Contacting Quest Software Phone: Mail: Web site (United States and Canada) info@quest.com Quest Software, Inc. World Headquarters 5 Polaris Way Aliso Viejo, CA USA Please refer to our Web site for regional and international office information. Contacting Quest Support Quest Support is available to customers who have a trial version of a Quest product or who have purchased a commercial version and have a valid maintenance contract. Quest Support provides around the clock coverage with SupportLink, our web self-service. Visit SupportLink at From SupportLink, you can do the following: Quickly find thousands of solutions (Knowledgebase articles/documents). Download patches and upgrades. Seek help from a Support engineer. Log and update your case, and check its status. View the Global Support Guide for a detailed explanation of support programs, online services, contact information, and policy and procedures. The guide is available at: Support Guide.pdf 16
20 White Paper NOTES 1 See Resource Center: UBS PaineWebber Insider Trial at informationweek.com: SNDLPCKHSCJUNN2JVN?cid=tab_art_sec 2 For a more general discussion of compliance requirements and how to implement monitoring and change control, see Meeting Change Management and Monitoring Compliance Needs in a Microsoft-Centric Network at gy=&prod=255&prodfamily=&loc=. 17
Overcoming Active Directory Audit Log Limitations. Written by Randy Franklin Smith President Monterey Technology Group, Inc.
Overcoming Active Directory Audit Log Limitations Written by Randy Franklin Smith President Monterey Technology Group, Inc. White Paper 2009 Quest Software, Inc. ALL RIGHTS RESERVED. This document contains
More informationQuest InTrust for Active Directory. Product Overview Version 2.5
Quest InTrust for Active Directory Product Overview Version 2.5 Copyright Quest Software, Inc. 2006. All rights reserved. This guide contains proprietary information, which is protected by copyright. The
More information8.3. Competitive Comparison vs. Microsoft ADMT 3.1
8.3 Competitive Comparison vs. Microsoft ADMT 3.1 Copyright Quest Software, Inc. 2009. All rights reserved. This guide contains proprietary information, which is protected by copyright. The software described
More informationTen Things to Look for in a SharePoint Recovery Tool
Ten Things to Look for in a SharePoint Recovery Tool Written by Ilia Sotnikov Product Manager, SharePoint Management Solutions Quest Software, Inc. White Paper Copyright Quest Software, Inc. 2009. All
More information4.0. Offline Folder Wizard. User Guide
4.0 Offline Folder Wizard User Guide Copyright Quest Software, Inc. 2007. All rights reserved. This guide contains proprietary information, which is protected by copyright. The software described in this
More informationGain Control of Space with Quest Capacity Manager for SQL Server. written by Thomas LaRock
Gain Control of Space with Quest Capacity Manager for SQL Server written by Thomas LaRock Copyright Quest Software, Inc. 2008. All rights reserved. This guide contains proprietary information, which is
More informationLegal Considerations for E-mail Archiving Why implementing an effective e-mail archiving solution can help reduce legal risk
Legal Considerations for E-mail Archiving Why implementing an effective e-mail archiving solution can help reduce legal risk Written by: Quest Software, Inc. Executive Summary Copyright Quest Software,
More informationFile Shares to SharePoint: 8 Keys to a Successful Migration
File Shares to SharePoint: 8 Keys to a Successful Migration Written by Doug Davis Director, SharePoint Product Management Quest Software, Inc. White Paper Copyright Quest Software, Inc. 2008. All rights
More information2007 Quest Software, Inc. ALL RIGHTS RESERVED. TRADEMARKS. Disclaimer
What s New 6.7 2007 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished under a software license
More informationImplementing Database Development Best Practices for Oracle
Implementing Database Development Best Practices for Oracle Written by, John Pocknell Product Manager, Toad for Oracle & Toad Data Modeler Quest Software, Inc. Technical Brief Copyright Quest Software,
More informationAchieving Successful Coexistence Between Notes and Microsoft Platforms
Achieving Successful Coexistence Between Notes and Microsoft Platforms Written by Technology Strategy Research LLC White Paper Copyright Quest Software, Inc. 2009. All rights reserved. This guide contains
More information2.0. Quick Start Guide
2.0 Quick Start Guide Copyright Quest Software, Inc. 2007. All rights reserved. This guide contains proprietary information, which is protected by copyright. The software described in this guide is furnished
More informationWhite Paper. Better Together: Auditing with Microsoft Audit Collection Services (ACS) and Quest Software
Better Together: Auditing with Microsoft Audit Collection Services (ACS) and Quest Software Written by Tom Crane, Product Manager, Quest Software, Inc. Edited by James Galvin, Microsoft Sr. Product Manager,
More informationQuest ChangeAuditor 4.8
Quest ChangeAuditor 4.8 Migration Guide Copyright Quest Software, Inc. 2009. All rights reserved. This guide contains proprietary information protected by copyright. The software described in this guide
More informationPragmatic Business Service Management
Pragmatic Business Service Management Written by Quest Software, Inc. White Paper Copyright Quest Software, Inc. 2007. All rights reserved. This guide contains proprietary information, which is protected
More informationPrivilege Gone Wild: The State of Privileged Account Management in 2015
Privilege Gone Wild: The State of Privileged Account Management in 2015 March 2015 1 Table of Contents... 4 Survey Results... 5 1. Risk is Recognized, and Control is Viewed as a Cross-Functional Need...
More informationPrivilege Gone Wild: The State of Privileged Account Management in 2015
Privilege Gone Wild: The State of Privileged Account Management in 2015 March 2015 1 Table of Contents... 4 Survey Results... 5 1. Risk is Recognized, and Control is Viewed as a Cross-Functional Need...
More informationDell InTrust 11.0 Best Practices Report Pack
Complete Product Name with Trademarks Version Dell InTrust 11.0 Best Practices Report Pack November 2014 Contents About this Document Auditing Domain Controllers Auditing Exchange Servers Auditing File
More informationBest Practices in Instant Messaging Management
Best Practices in Instant Messaging Management Enabling Productive, Secure and Compliant Instant Messaging Policies and Usage in the Business Environment Written by Quest Software, Inc. White Paper Copyright
More informationTechnical Brief. Unify Your Backup and Recovery Strategy with LiteSpeed for SQL Server and LiteSpeed Engine for Oracle
Unify Your Backup and Recovery Strategy with LiteSpeed for SQL Server and LiteSpeed Engine for Oracle Written by Tom Sager, DBA team leader E. ON U.S. Technical Brief 2009 Quest Software, Inc. ALL RIGHTS
More informationQuest Management Pack for AS400. Written by Quest Software, Inc.
Quest Management Pack for AS400 Written by Quest Software, Inc. 2009 Quest Software, Inc. ALL RIGHTS RESERVED. This document contains proprietary information, protected by copyright. No part of this document
More informationManage, Extend, and Simplify Group Policy using Quest Group Policy Solutions
Manage, Extend, and Simplify Group Policy using Quest Group Policy Solutions Technical Brief written by Darren Mar-Elia Chief Technology Officer Windows Management Quest Software, Inc. Copyright Quest
More informationHow To Send E Mail From An Exchange 2007 To A Domain Name Address Book On A Domain Address Book (For A Domain) On A Pc Or Mac Xp (For An Ipod) On An Ipo (For Windows 2007) On Your Ip
Lotus Domino Server and Exchange 2007 Server SMTP Routing using Smart Hosts Supplemental - Version 1.1, Dated June 2, 2009 Contents Purpose... 4 Current Lotus Domino Environment... 5 Sample Outbound Message
More informationUltimate Windows Security for ArcSight. YOUR COMPLETE ARCSIGHT SOLUTION FOR MICROSOFT WINDOWS Product Overview - October 2012
Ultimate Windows Security for ArcSight YOUR COMPLETE ARCSIGHT SOLUTION FOR MICROSOFT WINDOWS Product Overview - October 2012 Ultimate Windows Security for ArcSight As ArcSight customers expand their security
More informationFOR WINDOWS FILE SERVERS
Quest ChangeAuditor FOR WINDOWS FILE SERVERS 5.1 User Guide Copyright Quest Software, Inc. 2010. All rights reserved. This guide contains proprietary information protected by copyright. The software described
More information10 Simple Steps for Boosting Database Performance in a Virtualized Environment
10 Simple Steps for Boosting Database Performance in a Virtualized Environment Written by Dr. Bert Scalzo Quest Software, Inc. White Paper 10 Simple Steps for Boosting Database Performance in a Virtualized
More informationDefender Delegated Administration. User Guide
Defender Delegated Administration User Guide 2012 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished
More informationStorage Capacity Management for Oracle Databases Technical Brief
Storage Capacity Management for Oracle Databases Technical Brief Written by Name Title Quest Software, Inc. Technical Brief Copyright Quest Software, Inc. 2008. All rights reserved. This guide contains
More informationQuest SQL Optimizer 6.5. for SQL Server. Installation Guide
Quest SQL Optimizer for SQL Server 6.5 2008 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished
More informationDell InTrust 11.0. Preparing for Auditing Microsoft SQL Server
2014 Dell Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished under a software license or nondisclosure agreement.
More information10.2. Auditing Cisco PIX Firewall with Quest InTrust
10.2 Auditing Cisco PIX Firewall with Quest InTrust 2010 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide
More informationDell InTrust 11.0. Preparing for Auditing Cisco PIX Firewall
2014 Dell Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished under a software license or nondisclosure agreement.
More informationQuest ChangeAuditor 5.1 FOR ACTIVE DIRECTORY. User Guide
Quest ChangeAuditor FOR ACTIVE DIRECTORY 5.1 User Guide Copyright Quest Software, Inc. 2010. All rights reserved. This guide contains proprietary information protected by copyright. The software described
More informationQuest Collaboration Services 3.6.1. How it Works Guide
Quest Collaboration Services 3.6.1 How it Works Guide 2011 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide
More informationQuest Collaboration Services 3.5. How it Works Guide
Quest Collaboration Services 3.5 How it Works Guide 2010 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide
More informationSecuring Endpoints without a Security Expert
How to Protect Your Business from Malware, Phishing, and Cybercrime The SMB Security Series Securing Endpoints without a Security Expert sponsored by Introduction to Realtime Publishers by Don Jones, Series
More informationWeb Portal Installation Guide 5.0
Web Portal Installation Guide 5.0 2011 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished under
More informationBig Brother Professional Edition Windows Client Getting Started Guide. Version 4.60
Big Brother Professional Edition Windows Client Getting Started Guide Version 4.60 Copyright Quest Software, Inc. 2002 2011. All rights reserved. This guide contains proprietary information, which is protected
More informationDefender 5.7. Remote Access User Guide
Defender 5.7 Remote Access User Guide 2012 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished
More informationDell InTrust 11.0. Preparing for Auditing and Monitoring Microsoft IIS
Preparing for Auditing and Monitoring Microsoft IIS 2014 Dell Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished
More informationUnderstanding Enterprise Cloud Governance
Understanding Enterprise Cloud Governance Maintaining control while delivering the agility of cloud computing Most large enterprises have a hybrid or multi-cloud environment comprised of a combination
More informationThe Business Case for Security Information Management
The Essentials Series: Security Information Management The Business Case for Security Information Management sponsored by by Dan Sullivan Th e Business Case for Security Information Management... 1 Un
More informationChangeAuditor 6.0 For Windows File Servers. Event Reference Guide
ChangeAuditor 6.0 For Windows File Servers Event Reference Guide 2013 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described
More informationSecurity Analytics Engine 1.0. Help Desk User Guide
2015 Dell Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished under a software license or nondisclosure agreement.
More informationformerly Help Desk Authority 9.1.2 Quest Free Network Tools User Manual
formerly Help Desk Authority 9.1.2 Quest Free Network Tools User Manual 2 Contacting Quest Software Email: Mail: Web site: info@quest.com Quest Software, Inc. World Headquarters 5 Polaris Way Aliso Viejo,
More information7.5 7.5. Spotlight on Messaging. Evaluator s Guide
7.5 Spotlight on Messaging 7.5 Evaluator s Guide 2010 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide
More information6.7. Quick Start Guide
6.7 Quick Start Guide 2010 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished under a software
More informationChangeAuditor 5.6. For Windows File Servers Event Reference Guide
ChangeAuditor 5.6 For Windows File Servers Event Reference Guide 2011 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described
More informationWhite Paper. Getting Your Macs Under Control with System Center Configuration Manager 2007. Really?
Getting Your Macs Under Control with System Center Configuration Manager 2007. Really? Written by Don Jones Co-Founder, Concentrated Technology Microsoft MVP White Paper 2009 Quest Software, Inc. ALL RIGHTS
More informationDell Spotlight on Active Directory 6.8.3. Server Health Wizard Configuration Guide
Dell Spotlight on Active Directory 6.8.3 Server Health Wizard Configuration Guide 2013 Dell Software Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software
More informationSolving the Security Puzzle
Solving the Security Puzzle How Government Agencies Can Mitigate Today s Threats Abstract The federal government is in the midst of a massive IT revolution. The rapid adoption of mobile, cloud and Big
More information10.6. Auditing and Monitoring Quest ActiveRoles Server
10.6 Auditing and Monitoring Quest ActiveRoles Server 2013 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide
More informationTechnical Proposition. Security
Technical Proposition ADAM Software NV The global provider of media workflow and marketing technology software ADAM Software NV adamsoftware.net info@adamsoftware.net Why Read this Technical Proposition?
More information8.7. Resource Kit User Guide
8.7 Resource Kit User Guide 2011 Quest Software, Inc. ALL RIGHTS RESERVED. This document contains proprietary information protected by copyright. The software described in this document is furnished under
More informationHow To Manage A Privileged Account Management
Four Best Practices for Passing Privileged Account Audits October 2014 1 Table of Contents... 4 1. Discover All Privileged Accounts in Your Environment... 4 2. Remove Privileged Access / Implement Least
More informationGFI White Paper: GFI FaxMaker and HIPAA compliance
GFI White Paper: GFI FaxMaker and HIPAA compliance This document outlines the requirements of HIPAA in terms of faxing protected health information and how GFI Software s GFI FaxMaker, an easy-to-use fax
More informationformerly Help Desk Authority 9.1.3 Upgrade Guide
formerly Help Desk Authority 9.1.3 Upgrade Guide 2 Contacting Quest Software Email: Mail: Web site: info@quest.com Quest Software, Inc. World Headquarters 5 Polaris Way Aliso Viejo, CA 92656 USA www.quest.com
More informationSpotlight Management Pack for SCOM
Spotlight Management Pack for SCOM User Guide January 2015 The is used to display data from alarms raised by Spotlight on SQL Server Enterprise in SCOM (System Center Operations Manager). About System
More informationRSA Solution Brief. RSA SecurID Authentication in Action: Securing Privileged User Access. RSA Solution Brief
RSA SecurID Authentication in Action: Securing Privileged User Access RSA SecurID solutions not only protect enterprises against access by outsiders, but also secure resources from internal threats The
More informationLAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL. for INFORMATION RESOURCES
LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL for INFORMATION RESOURCES Updated: June 2007 Information Resources Security Manual 1. Purpose of Security Manual 2. Audience 3. Acceptable
More informationIn-House Vs. Hosted Email Security. 10 Reasons Why Your Email is More Secure in a Hosted Environment
In-House Vs. Hosted Email Security 10 Reasons Why Your Email is More Secure in a Hosted Environment Introduction Software as a Service (SaaS) has quickly become the standard delivery model for critical
More informationDell InTrust 11.0. Auditing and Monitoring Microsoft Windows
2014 Dell Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished under a software license or nondisclosure agreement.
More informationQuest InTrust. Version 8.0. What's New. Active Directory Exchange Windows
Quest InTrust Version 8.0 What's New Active Directory Exchange Windows Abstract This document describes the new features and capabilities of Quest InTrust 8.0. Copyright 2004 Quest Software, Inc. and Quest
More informationAIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE
AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE THE CHALLENGE: SECURE THE OPEN AIR Wirelesss communication lets you take your business wherever your customers,
More informationHow To Use Shareplex
Data consolidation and distribution with SharePlex database replication Written by Sujith Kumar, Chief Technologist Executive summary In today s fast-paced mobile age, data continues to accrue by leaps
More information8 Steps to Holistic Database Security
Information Management White Paper 8 Steps to Holistic Database Security By Ron Ben Natan, Ph.D., IBM Distinguished Engineer, CTO for Integrated Data Management 2 8 Steps to Holistic Database Security
More informationHow To Achieve Pca Compliance With Redhat Enterprise Linux
Achieving PCI Compliance with Red Hat Enterprise Linux June 2009 CONTENTS EXECUTIVE SUMMARY...2 OVERVIEW OF PCI...3 1.1. What is PCI DSS?... 3 1.2. Who is impacted by PCI?... 3 1.3. Requirements for achieving
More informationGuideline on Auditing and Log Management
CMSGu2012-05 Mauritian Computer Emergency Response Team CERT-MU SECURITY GUIDELINE 2011-02 Enhancing Cyber Security in Mauritius Guideline on Auditing and Log Management National Computer Board Mauritius
More informationQuest Management Agent for Forefront Identity Manager
Quest Management Agent for Forefront Identity Manager Version 1.0 Administrator Guide 2010 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright.
More informationOctober 2014. Application Control: The PowerBroker for Windows Difference
Application Control: The PowerBroker for Windows Difference October 2014 1 Table of Contents Introduction... 4 The Default-Deny Approach to Application Control... 4 Application Control s Dependence on
More informationTop 10 Most Popular Reports in Enterprise Reporter
Top 10 Most Popular Reports in Enterprise Reporter Users Rely Most on Reports for Active Directory Security and Operations and File Server Migration Assessment Written by Alexey Korotich, Dell Software
More informationData Management Policies. Sage ERP Online
Sage ERP Online Sage ERP Online Table of Contents 1.0 Server Backup and Restore Policy... 3 1.1 Objectives... 3 1.2 Scope... 3 1.3 Responsibilities... 3 1.4 Policy... 4 1.5 Policy Violation... 5 1.6 Communication...
More informationAdaptive Management to Achieve Java Application Service Levels
Adaptive Management to Achieve Java Application Service Levels Written by: Steve Stover Quest Software, Inc. Technical Brief Copyright Quest Software, Inc. 2007. All rights reserved. This guide contains
More informationChangeAuditor 5.7. What s New
ChangeAuditor 5.7 What s New 2012 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished under a
More information10 easy steps to secure your retail network
10 easy steps to secure your retail network Simple step-by-step IT solutions for small business in retail to leverage advanced protection technology in ways that are affordable, fast and easy October 2015
More informationAddressing the United States CIO Office s Cybersecurity Sprint Directives
RFP Response Addressing the United States CIO Office s Cybersecurity Sprint Directives How BeyondTrust Helps Government Agencies Address Privileged Account Management and Improve Security July 2015 Addressing
More informationQuest InTrust. Change auditing and policy compliance for the secure enterprise. May 2008. Copyright 2006 Quest Software
Quest InTrust Change auditing and policy compliance for the secure enterprise May 2008 Copyright 2006 Quest Software Quest is the Thought Leader in Active Directory Named Microsoft Global ISV Partner of
More informationDell Statistica. Statistica Document Management System (SDMS) Requirements
Dell Statistica Statistica Document Management System (SDMS) Requirements 2014 Dell Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described
More informationInformation Security Policy
Information Security Policy Touro College/University ( Touro ) is committed to information security. Information security is defined as protection of data, applications, networks, and computer systems
More informationData center and cloud management. Enabling data center modernization and IT transformation while simplifying IT management
Data center and cloud management Enabling data center modernization and IT transformation while simplifying IT management 2013 Dell, Inc. ALL RIGHTS RESERVED. This document contains proprietary information
More informationDefending the Database Techniques and best practices
ISACA Houston: Grounding Security & Compliance Where The Data Lives Mark R. Trinidad Product Manager mtrinidad@appsecinc.com March 19, 2009 Agenda Understanding the Risk Changing threat landscape The target
More information7 Tips for Achieving Active Directory Compliance. By Darren Mar-Elia
7 Tips for Achieving Active Directory Compliance By Darren Mar-Elia Contents 7 Tips for Achieving Active Directory Compliance...2 Introduction...2 The Ups and Downs of Native AD Auditing...2 The Ups!...3
More informationDell Statistica 13.0. Statistica Enterprise Installation Instructions
Dell Statistica 13.0 2015 Dell Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished under a software license or
More informationThe Comprehensive Guide to PCI Security Standards Compliance
The Comprehensive Guide to PCI Security Standards Compliance Achieving PCI DSS compliance is a process. There are many systems and countless moving parts that all need to come together to keep user payment
More informationSANS Top 20 Critical Controls for Effective Cyber Defense
WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a
More informationSecurity Guide for ActiveRoles Server 6.1
Security Guide for ActiveRoles Server 6.1 Written by Einar Mykletun, Ph.D Security and Compliance Architect Quest Software, Inc. Technical Brief 2009 Quest Software, Inc. ALL RIGHTS RESERVED. This document
More informationHIPAA Compliance with LT Auditor+
HIPAA Compliance with LT Auditor+ An Executive White Paper By BLUE LANCE, Inc. BLUE LANCE INC. www.bluelance.com 713.255.4800 info@bluelance.com On February 20, 2003, the Department of Health and Human
More informationWhite Paper. PCI Guidance: Microsoft Windows Logging
PCI Guidance: Microsoft Windows Logging Table of Contents Introduction...3 This white paper was written by: Cayce Beames, CISSP, QSA, Technical Practice Director, Strategic Services, Intel Security Preparation
More informationGlobal Partner Management Notice
Global Partner Management Notice Subject: Critical Vulnerabilities Identified to Alert Payment System Participants of Data Compromise Trends Dated: May 4, 2009 Announcement: To support compliance with
More informationManaging for the Long Term: Keys to Securing, Troubleshooting and Monitoring a Private Cloud
Deploying and Managing Private Clouds The Essentials Series Managing for the Long Term: Keys to Securing, Troubleshooting and Monitoring a Private Cloud sponsored by Managing for the Long Term: Keys to
More informationAbout Recovery Manager for Active
Dell Recovery Manager for Active Directory 8.6.1 May 30, 2014 These release notes provide information about the Dell Recovery Manager for Active Directory release. About Resolved issues Known issues System
More informationA Websense Research Brief Prevent Data Loss and Comply with Payment Card Industry Data Security Standards
A Websense Research Brief Prevent Loss and Comply with Payment Card Industry Security Standards Prevent Loss and Comply with Payment Card Industry Security Standards Standards for Credit Card Security
More informationEmail Management and Security Good Practice Guide. August 2009
Email Management and Security Good Practice Guide August 2009 contents 1 Introduction to Good Practice Guides 3 2 Email Management and Security Overview 3 2.1 Understanding Good and Better Practice 4 3
More informationDell InTrust 11.0. Preparing for Auditing CheckPoint Firewall
2014 Dell Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished under a software license or nondisclosure agreement.
More informationQuest Software Product Guide
Quest Software Product Guide Quest Software knows the expectations customers have for IT investments are not always met. That s why we develop innovative products that help our customers get more performance
More informationProtect Your Enterprise With the Leader in Secure Email Boundary Services
Postini Perimeter Manager Enterprise Edition Protect Your Enterprise With the Leader in Email Boundary Services The Most Comprehensive, Flexible And Trusted Email Security Solution Perimeter Manager Enterprise
More informationAn Oracle White Paper December 2010. Leveraging Oracle Enterprise Single Sign-On Suite Plus to Achieve HIPAA Compliance
An Oracle White Paper December 2010 Leveraging Oracle Enterprise Single Sign-On Suite Plus to Achieve HIPAA Compliance Executive Overview... 1 Health Information Portability and Accountability Act Security
More information