No, not really. GFI EventSentry's whole purpose is to handle this. You run reports out of it and set alert conditions. The *entire idea* is to use that software to handle the complexity for you.
Do you have another recommendation? -- Durf On Wed, Jan 7, 2009 at 11:27 AM, Roger Wright <[email protected]> wrote: > True, it may not be too difficult to capture all the information, but it > could be very resource-intensive to actually make use of it. The secret is > to capture only what you need, not "everything that happens", so it's easier > discern what's really going on. > > > > For a small office environment there are several useful and low-cost > systems that could be implemented to help in this regard. OpenDNS is one, > and the tools from Adventnet can also assist in making sense of it all. > > > > > > Roger Wright > > Network Administrator > > Evatone, Inc. > > 727.572.7076 x388 > > _____ > > > > *From:* Durf [mailto:[email protected]] > *Sent:* Wednesday, January 07, 2009 10:49 AM > > *To:* NT System Admin Issues > *Subject:* Re: Auditing Everything > > > > Christ you all. It doesn't have to be this hard. > > > > If they have a Sonicwall, buy the Viewpoint module. If they don't have a > Sonicwall, then get them one. There are equivalent products for Cisco and > Watchguard. > > > > For AD, just turn on appropriate auditing and use GFI EventSentry to gather > and report on events. > > > > That's it, you're done. Aside from literal keystroke logging on the > workstations, these two items will handle everything else on the network > that is appropriate. > > > > Whether they *should* do it or not is a whole different question, and not > what the OP asked. > > > > -- Durf > > > > On Wed, Jan 7, 2009 at 10:44 AM, Roger Wright <[email protected]> wrote: > > And how many people does he plan to hire to review and report on all this > data? You'll probably need to add storage and another server to accommodate > it. > > > > Take a look at Adventnet's Eventlog Analyzer… > > http://manageengine.adventnet.com/products/eventlog/index.html > > > > > > > > > > > > Roger Wright > > Network Administrator > > Evatone, Inc. > > 727.572.7076 x388 > > _____ > > > > *From:* Alex Carroll [mailto:[email protected]] > *Sent:* Wednesday, January 07, 2009 10:25 AM > > > *To:* NT System Admin Issues > > *Subject:* Auditing Everything > > > > I have a request from my CEO to audit everything that happens on our > network. When users open files, when they change files, delete files, use > any programs, go to any websites (we use ie7, firefox), etc etc etc. Do any > of you have a good solution you can recommend for that? I can google all I > want, but I won't know the real world experience by doing that. We are a > smaller company – 16 users. Right now we have 3 servers (1 SBS 03, 2 that > are 2003) in production. We use XP and Vista. > > > > Thanks in advance! > > > > Alex Carroll > > Software Support > > Crabtree Companies, Inc. > > 651-688-2727 > > > > > > > > > > > > > > > > > > > -- > -------------- > Give a man a fish, and he'll eat for a day. > Give a fish a man, and he'll eat for weeks! > > > > > > > > > > > -- -------------- Give a man a fish, and he'll eat for a day. Give a fish a man, and he'll eat for weeks! ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
