The security of Exchange
environment to a large extent depends on how meticulously and
elaborately the auditing data is being collected from it. The next
step is to process that data and present it in a format from which
inferences can be drawn about the nature of changes and their effects
on the overall health of Exchange environment. Those responsible for
the stability and security of Exchange servers must be in a position
to instantly filter critical changes and then have the necessary
tools to undo such changes or act on it as per requirement.
In this context, the basic framework of Exchange Server auditing can be understood to be as the one in which configuration changes being done to the servers are collected from the entire network, stored at one place and are reported in a manner that suits compliance to internal and external regulations.
In this context, the basic framework of Exchange Server auditing can be understood to be as the one in which configuration changes being done to the servers are collected from the entire network, stored at one place and are reported in a manner that suits compliance to internal and external regulations.
Native auditing
solutions, unfortunately, does not emphasize equally on all the
components of this framework. Moreover, they fail to look at the
auditing from real-world perspective. For example, in native auditing
you can choose to log even smallest of the changes done to Exchange
configuration, but the way they are logged makes it very difficult to
understand it from auditing perspective. Most of the Exchange
administrators work in a tight schedule where every minute of
downtime or mailbox unavailability is considered as a big issue. And
here we are talking about the organizations that are not at the
forefront of the league that put Exchange availability as their first
priority. Those organizations, take a proactive approach desiring
real-time alerts to critical changes and ability to draw insights
from the operational changes done on daily basis, so that a totally
secure and fail-safe Exchange server environment can be put in place.
In this backdrop, the ideal auditing solution can be presumed to be
the one which can provide details of changes in a glance, undo the
unwanted changes in a few clicks and also help administrators to
understand it completely to stop such changes from occurring in
future.
The problem with the
native auditing is that it lays bare all the complexities involved in
it. Auditors have to find their way through complex technicalities
where most of time and effort is lost into finding what went wrong,
where, when and by whom. In a real world scenario this is practically
unacceptable. The other options are commercially available business
add-on tools. These tools hide the technical complexities of the
native auditing from end users behind an intuitive and user-friendly
interface. They also integrate some algorithms based on real-world
requirements that provide efficiency to the entire process. As an
end user, what you do is click a few buttons and the underlying layer
beneath the user interface, performs a number of functions to present
the change logs to you in an “audit ready” format.
Common additional
features include centralized long-term storage of audit data,
real-time alerts for critical changes, scheduled generation and
delivery of reports, In-depth auditing that presents who, what, when
and where information in an easy-to-understand format through a
number of built-in reports. LepideAuditor for Exchange Server is one
such tool that can be downloaded for free and evaluated to audit your
Exchange server environment.
0 comments:
Post a Comment