Windows server/Security countermeasure file server
「WEEDS WinServer-Trace+Guardian Option」
「I would like to audit server operation, deterrent of injustice operation.」
「I would like to audit operation on a sever room.」
「I would like to audit file access by file server.」
「I would like to grasp the situation of server resource together.」
Against present day of stepped-up security, there are many companies which have these above worries.
WEEDS WinServer-Trace+Guardian Option solve them.
What is WEEDS WinServer-Trace+Guardian Option
Windows operation acquired/deterred「WEEDS WinServer-Trace+Guardian Option」
WEEDS WinServer-Trace is the Enterprise edition which expands WEEDS Windows-Trace for a Windows-server GUI operation and CUI operation of Windows OS (command prompt) acquired and deterred by hooking Windows API.
WEEDS WinServer-Trace functions of acquiring operation log/ deterring are equal to WEEDS Windows-Trace. For additional information, please visit at our website at WEEDS Windows-Trace
Sufficient audit report
It is meaningless to only restore operation record. Daily audit and monthly audit take deterent effect of user and audit injustice operation.
Auditing needs conspicuous report.WEEDS WinServer-Trace has an utilization analysis report which search freely daily dettailed operation report and monthly collecting report aand log-server.
So that, audit report which previously prepared can starts audit-operation immediately.
<Audit report:Sample>
Acquiring external (file)access 「SMB monitor」
WEEDS WinServer-Trace acquires external file access acquires file-access from the outside acquires extraneous file-access which is utilized “file-server” and “folder/file sharing from SMB packet.
In the past day, there are companies which azquire external access by Windows event-log. Event-log,
<Problems about event-log>
・It is an obligation to name folder one by one and set "Outputting event-log"
・It is possible to set "Outputting event-log" by drive, but outputting too many logs.
・It is a specification to output event-log up to 4GB, but actually circulate by 300MB.
・It is impossible to acquire file name and pass by alering file/folder.
As above sentences, it is impposible to acquire external access-log by event-log in a fuctunal manner.
WEEDS WinServer-Trace is that SMB monitor acquires access from like file and folder and fileserver by acquiring these following information of SMB packet.
1.SESSION information
2.File-access information
3.Altering authorization information
4.Printing instruction information
WEEDS WinServer-Trace solved that object audit mechanism which have many problems about management of Windows event-log
To grasp the situation server running 「TCO Monitor」
WEEDS WinServer-Trace acquires logs CPU utilization , the mount of memory and HDD free area by the unit of process. It acquires log by process like CPU, memory HDD utilization.
It is possible to grasp historically management of system resource and load status.
Using this function makes us innecessary for accesssing release server (innecessary for audit access work), and grasp server running status.
To grasp server running status「Get User Monitor」
WEEDS WinServer-Trace acquires logs creating userID,deleting, and log-in information.
It is possible to grasp when user ID is created, how much utilization, when deleting.
Using this function makes us grasp inventory count of user ID which often asked on J-sox without accessing release server one by one.
Product specification
| Introduced effect | Internal control(Corresponding IT- general control), Corresponding control authority auditing, Corresponding law protecting personal information, Corresponding internal system audit, P-Mark, Corresponding ISMS |
|
| Agent Module | Corresponding OS (Operational log) | WindowsNT,Windows2000 Server,Windows2003 Server, Windows2008 Server(32Bit、64Bit) ※About Client, please visit the following our web site atWEEDS Windows-Trace. |
| Corresponding OS (External access) | Server:Windows2003 Server(Accessing OS:Only Windows XP) ※Sequential corresponding is planning. |
|
| Load | Agent activation takes a few minutes when log-in. No sensory load operating | |
| Memory | Average 3MB.(Transfer by the number of screen) | |
| Log | Log Item acquiring | Aforementioned |
| Encryption | Generating acess log with unique encryption | |
| Transfer | By every 3minutes and time of log-in/log-off | |
| The number of logs | 5kb/operation | |
| Licence system | Server(OS)unit(Virtualized server is by each OS unit) | |
| Price | Open(It has a volume discount) | |
.jpg)
.jpg)