Systems Administration
We feel your pain.
We know what it's like. Multiple administrators manage the same directory with the same set of groups and users.
Something gets changed and you get the call "Why can't I get to this file?" or "Why didn't I get that email?"
NetVision can help. We have been helping our customers overcome
these challenges for more than a decade.
Across the network, security is managed for the most part within the network directory (e.g. Active Directory
or Novell eDirectory). Administrators leverage security groups and file system Access Control Lists (ACLs) to grant or
deny access to various network resources. And because the directory has such a deep impact on security throughout the organization,
there are a number of common security concerns:
- Technical staff needs to have full rights throughout the network in order to effectively manage the environment but some information should be protected from technical staff.
- Multiple technical staff members don't know what the others are doing.
- It's difficult to maintain a historical view of changes to user accounts, group memberships and file system ACLs.
- There's no understanding of dormant or unused accounts, or when inappropriate rights are granted via group memberships or ACLs.
- There's no way for management to know when domain GPOs have been changed.
Managing a network directory like Microsoft Active Directory or Novell eDirectory in a dynamic organization can be
a complicated task. And there are some basic security risks that most directory implementations share. In a sentence,
administrators have too much control and there's no system of checks and balances.
Administrators, like other users in the environment, derive their power from three core components:
identity-related security controls, user behavior and the power granted to users. To effectively mitigate
the risk of having privileged users in the environment, NetVision provides reporting and
monitoring of all three.
And NetVision solves these problems with simple and effective solutions.
They're intuitive, easy to implement and significantly reduce organizational risk.
Visit our products page for more information.
FAQ
Q: Will NetVision help me understand who is accessing sensitive files on a File Server? How does that work?
A: Absolutely. NetVision provides an agent that resides on the file system and watches the files and folders for which you have set policies. When an action is taken on a file , NetVision looks through the policy for filters to determine if the event should be captured and what action (if any) should be taken.
Q: Can NetVision tell me when someone modifies the Active Directory domain Group Policy Object (GPO)?
A: Yes. A NetVision agent can watch the AD GPO objects and capture any change events. Based on the policies you set, the event can trigger actions such as writing the event to a database or sending an email alert.
Q: Can NetVision provide recursive reporting on a file-system folder's security permissions?
A: Yes. You can configure a report to capture the security permissions on a folder and all files and subfolders within it. The result is a comprehensive report of all explicit rights granted on the selected folder and all child objects.
Q: Do NetVision's products work for environments with a large number of user accounts?
A: Yes, NetVision's products are proven to scale well into the Fortune 500.
Q: We have a lot of employee turnover. Can NetVision tell us if there are accounts that have not been used in a while?
A: Absolutely. NetVision can report on dormant accounts based on last logon or virtually any other directory attribute.
Q: Our administrators require complete rights on the network. How can you enforce our access policy on sensitive documents without restricting admin access?
A: Although administrators may have the technical ability to open files, certain files or activities may be restricted by policy. NetVision can watch the files and report or alert when a restricted person takes action on the file. Frequently the very existence of this sentry is a significant deterrent to potential policy breaches.
