White Paper
Gain a working knowledge of prominent mandates, including FISMA, HIPAA, PCI DSS, SOX and others, as well as best practices for achieving and maintaining compliance.
Read the paper »
Webcast a pedido
Learn from Randy Franklin Smith tips and issues for auditing your entire IT stack – from network devices and operating systems to business-critical applications.
Ver ahora »
Solicite info. o hable con un representante
¿Desea obtener más información o solicitar precios? ¿Tiene preguntas sobre algún producto específico? Tenemos cobertura para usted.
Comenzar »
InTrust Datasheet
Learn more about InTrust benefits and features with this comprehensive datasheet.
Leer ahora »
InTrust for Workstations
Learn how InTrust tightens up security by auditing and monitoring user activity on Windows workstations.
Leer ahora »

InTrust

Event Log Management for Security and Compliance

InTrust securely collects, stores, reports and alerts on event log data from Windows, Sistemas Unix y Linux, helping you comply with external regulations, internal policies and security best practices.

InTrust helps you achieve regulatory compliance by auditing user access to critical systems and detecting inappropriate or suspicious access-related events. Con esta herramienta, usted puede recopilar, analizar, informar y generar alertas automatizadas en tiempo real para todos los eventos relevantes relacionados con el acceso en su red heterogénea.

Using this single solution to monitor access to critical systems on multiple platforms reduces the complexity of event log management, saves storage administration costs, improves information assurance, mitigates risk and helps to reduce cost and improve efficiency of security, operational and compliance reporting.

  • Key to Compliance: Addresses regulatory compliance by collecting and reporting on event logs across the entire IT stack, monitoring user access to critical systems and applications and allowing you to perform forensic analysis of user and system activity based on historical event data.
  • User Activity Tracking: Collects events on user and administrator activity from diverse and spread-out systems and applications and presents them in an easy-to-use and complete form suitable for ongoing reporting and ad hoc analysis. Extracts all the essential details of user access such as who performed the action, what that action actually entailed, which server it happened on and which user workstation it originated from.
  • Automated Log Collection: Automates the secure collection of event logs, decreasing your workload.
  • Log Data Compression: Provides unparalleled long-term compression, versus storing the same amount of event data in a database.
  • Integridad de registros: le permite crear una ubicación en caché en cada servidor remoto donde los registros se pueden duplicar cuando se crean, lo cual evita que un usuario o un administrador deshonesto falsifique la evidencia de los registros de auditoría.
  • Forensic Analysis: Provides tools for interactive searching through historical event log data for on-the-spot investigation of security incidents and policy violations and preparation of evidence suitable for submission to the court.
  • Real-Time Alerting: Sends real-time alert notifications about unauthorized or suspicious user activity directly to you via email or to third-party monitoring applications such as Microsoft Operations Manager (MOM).
  • Flexible Reporting: Gives you unprecedented access to predefined and customizable reports, supporting a wide variety of file formats, including HTML, XML, PDF, CSV and TXT, as well as Microsoft Word, Visio and Excel.
  • Fault Tolerance: Provides automated server redundancy in the case of failure, enabling you to quickly move all configurations and jobs from a crashed server to a backup server to handle all activity and reducing the possibility of lost log files due to server failure.

Quest InTrust Manager

ArchitectureAny of the following:
  • Intel x86
  • Intel 64 (EM64T)
  • AMD64
  • IA64
Operating systemAny of the following:
  • Microsoft Windows XP Service Pack 1 or later
  • Microsoft Windows Server 2003
  • Microsoft Windows Server 2003 R2
  • Microsoft Windows Vista
  • Microsoft Windows Server 2008 (not tested on IA64)
  • Microsoft Windows Server 2008 R2 (not tested on IA64)
  • Microsoft Windows 7
Additional Software and ServicesFor installation through the InTrust setup suite, Microsoft .NET Framework 3.5 Service Pack 1

 

To create reports interactively using Quest Knowledge Portal:

  • Microsoft .NET Framework 2.0

Note: Requirements for local or remote installation of Quest Knowledge Portal are listed in the Quest Knowledge Portal documentation.

 

Quest InTrust Server

For InTrust Server:
ArchitectureAny of the following:
  • Intel x86
  • Intel 64 (EM64T)
  • AMD64
  • IA64
Operating SystemAny of the following:
  • Microsoft Windows Server 2003
  • Microsoft Windows Server 2003 R2
  • Microsoft Windows Server 2008 (not tested on IA64)
  • Microsoft Windows Server 2008 R2 (not tested on IA64)
MemoryMin. 1Gbyte
Hard Disk SpaceMin. 4 Gbytes when installing all components
Additional Software and Services
  • Microsoft .NET Framework 3.5
  • For installation through the InTrust setup suite, Microsoft .NET Framework 3.5 Service Pack 1

For agent-server communication:

Computers that are supposed to run InTrust Server must be configured to allow for incoming connections on the TCP port on which your InTrust Servers are configured to communicate with agents (TCP port 900 by default).

For the configuration, alert and audit databases:

Any of the following:

  • Microsoft SQL Server 2000 Service Pack 3a or later
  • Microsoft SQL Server 2005
  • Microsoft SQL Server 2008
  • Microsoft SQL Server 2008 R2

Notes:

  • A local or remote installation of SQL Server can be used.
  • The collation order must be case-insensitive.
  • Microsoft SQL Server Express Edition is not supported.

For reporting jobs:

  • Web server based on Microsoft Internet Information Services (IIS) version 5.0 or later, with ASP.NET *
  • Microsoft SQL Server 2005 or SQL Server 2008 Reporting Services**

Notes:

* A local or remote installation can be used. If you plan to use Microsoft IIS 6.0 or 7.0, make sure ASP extensions are allowed.

** A local or remote installation of Reporting Services can be used; Microsoft SQL Server Express Edition with Advanced Services is not supported.

For requirements on local or remote installation of Quest Knowledge Portal, refer to the Quest Knowledge Portal documentation.

For detailed system requirements for all the InTrust components and processed systems, see the Quest InTrust 10.4 System Requirements document supplied on the product CD.

White Papers

10 Best Practices for Reducing the Stress of IT Audits Active Directory eBook Chapter 4 - Auditing Be the Master of your Domain - Understanding WS08 and ADDS Best Practices for Identity and Access Auditing in a Heterogeneous Environment Best Practices Guide for the Compliance Lifecycle Better Together: Auditing with Microsoft Audit Collection Services & Quest Software Better Together: How the Quest One Identity Solution Products Enhance Each Other Business Brief: Making Your Job—and the Job of Compliance—Easier Than You Ever Imagined CH1 Implementation Strategies for Fulfilling and Maintaining IT Compliance CH2 Implementation Strategies for Fulfilling and Maintaining IT Compliance CH3 Implementation Strategies for Fulfilling and Maintaining IT Compliance CH4 Implementation Strategies for Fulfilling and Maintaining IT Compliance Collecting Compliance Evidence: The Role of Event Logs Combating Security and Compliance Challenges Compliance Is Easy When You Do It In Advance Generate Cost Savings and Improve Efficiency with Proper Compliance Efforts Meeting Change Management and Monitoring Compliance Needs in a Microsoft-Centric Network Meeting the Challenge of Log Management for Unix and Linux Systems PowerShell in the Enterprise: Best Practices and Recommendations Satisfying your PCI DSS Requirements with Quest One Identity Solutions Six Steps to Achieving Data Access Governance The FICAM Framework: Challenges and Guidance for Federal Identity, Credential and Access Management volver arriba

Documentos, notas y guías de soporte

Notas de prensa y manuales de usuario volver arriba
 

Información

Productos relacionados

Soporte para este producto