Domain controllers and member servers are obviously critical to security log monitoring but there are many things you can only track by monitoring end-user workstation security logs.
In this real-training (tm) webinar I will explain why the Windows network architecture makes workstation security log monitoring so important. I'll show you why you need to monitor workstation logs if knowing what your users are doing is really important.
Remember, insider threats account for more security related losses than external intruders. As always I will paint the big picture and then reveal specific event IDs you should look for to track end-user activity such as program execution, software installation and the only way to accurately determine when a user logged off their workstation.
But there’s also a critical need to monitor activity associated with USB devices and removable storage. In this webinar I’ll show you what the security log and other resources on XP and Vista computers are capable of and where you’re left high and dry.
Watch this webinar to learn how workstation security logs fill important gaps in your overall network monitoring strategy.