Microsoft has added new features to file access auditing in Windows Server 2012. In this webinar, I will show you what's changed in terms of audit policy and what gets sent to the security log.
Windows Server 2012 sports a new, more flexible global access and audit policy. The idea is to define one central access control list and audit policy for an entire domain or organizational unit. This central policy relies on user attributes and resource classifications to govern access control instead of permissions defined on each file and folder.
With the new policy you can draw on any attribute of user accounts and their groups in Active Directory. For instance, you can grant permission or control auditing based on a user's department or job title instead of just group membership. Furthermore you can define classifications for files based sensitivity (e.g. Public, Sensitive, Secret), by information type (e.g. human resources, financial, patient health) or even by regulation (e.g. HIPAA, PCI, SOX). Then you just define what types of users can access what classes of resources.
In this webinar, I'll show you these new features live and discuss practical aspects and caveats. I'll also identify what's changed in the events logged to the security log and make sure you understand the limitations that native file system auditing in Windows presents. There's nothing worse than spending days and weeks trying to make technology do something it can't.
Our sponsor is EventTracker, and A. N. Ananth, their CEO will be with me to add insights learned from the thousands of customers who have been assisted with the Windows security log and file monitoring by the EventTracker team. Ananth will show you the file auditing capabilities the EventTracker agent offers above and beyond Window's native functionality. Specifically he will demonstrate how you can easily a) detect and report on all changes to specific files/folders including Office documents, EXEs, DLLs etc. See who made changes, at what time and from where, and b) report on admin access to files/folders that are shared to a defined user group.
This is a very current and technical webinar-don't miss this real training for free™ session!