Jump to content

Varonis® DatAdvantage® for Windows

Start a Free TrialorRequest a Demo
Permissions management, file access auditing, and data classification.

Sign up for our 30-day FREE trial!
Within a day of installation, Varonis DatAdvantage will begin
to show you which users are accessing your data, and how.
Click here to replay.

Interested but want to learn more? Register to download our free whitepapers, webinars, and case studies.

Overview

The Challenge

Microsoft Windows file servers, including NAS devices like EMC Celerra and NetApp filers, present significant management and protection challenges to administrators:

  • Permissions: Determining who has access to a folder, which folders a user or group has access to, and identifying excess, unneeded permissions.
  • Access Auditing: IT can't answer pressing questions like, "Who accessed or deleted my data?"
  • Data Ownership: IT can't reliably identify business owners of shares and folders.
  • Operational: Manual permissions and group changes are unreliable.
  • High Risk: Stale, excess permissions are rarely revoked. The "Everyone" group is out there—a problem that is hard to find and fix. Critical files and folders are exposed.

The Varonis Solution

Varonis® DatAdvantage® addresses these challenges by aggregating Active Directory user and group details, ACL information and all data access events—without requiring native OS auditing—to build a complete picture of who can and who is accessing data, and who should have their access revoked. It also leads IT to rightful data owners, so the right people can ensure appropriate access and usage. With the Varonis Data Classification framework, IT can immediately identify folders with excessive permissions that contain quantities of sensitive data.

"DatAdvantage® has enabled us to remove the risks associated with data permission changes within our IT environment. As an organization, we can prove to our regulators that our IT controls are stringent and that we are providing effective protection around our data." – Colin Lennox
Technical Services Manager, Baillie Gifford

Features and Benefits

Features

  • Complete, bi-directional view into the permissions structure of unstructured and semi-structured file systems
  • Complete Audit Trail
  • Recommendations and Modeling
  • Data Ownership Identification
  • Extensible Framework

Benefits

  • See who has permissions to shared folders – both NTFS and share permissions are displayed, organized, and aggregated
  • See which data a user or group can access
  • Audit and report on every file touch
  • See who should and should not have access, and simulate changes without affecting production environments
  • Identify data owners and involve them in management and protection through automation
  • Quickly and accurately identify files that contain sensitive information with the Varonis IDU Classification Framework
  • Accommodate new platforms and metadata streams

Why Varonis

Data protection is necessary to safeguard an organization's customers, employees, business partners, and investors. It is fundamental in securing an organization's intellectual property and competitive edge, and for maintaining the organizational trust required for it to properly function. Ongoing, scalable data protection and management require technology designed to handle an ever-increasing volume and complexity—a metadata framework.

The Varonis Metadata Framework non-intrusively collects this critical metadata, generates metadata where existing metadata is lacking (e.g. its file system filters and content inspection technologies), pre-processes it, normalizes it, analyzes it, stores it, and presents it to IT administrators in an interactive, dynamic interface. Once data owners are identified, they are empowered to make informed authorization and permissions maintenance decisions through a configurable web-based interface—that are then executed—with no IT overhead or manual backend processes.

Technical FAQ

Do you install any additional software on my servers?
We do not require additional software for user and group information and file system information (e.g., permissions, directory hierarchy, file sizes, etc.) on any platform. To collect data access audit events on Microsoft SharePoint, Microsoft Windows and UNIX/Linux platforms, Varonis requires the installation of a small stub-service. For Network Appliance and EMC NAS devices, there is no additional software installed as all the audit information is provided by the hardware itself.
Is there any performance impact on my production servers?
For NAS devices, we have typically measured between a 1% and 2% increase in utilization - something not even measurable in most environments. For Microsoft Windows, Microsoft SharePoint and UNIX/Linux environments, the Varonis agent is co-installed with a 'watchdog' service that ensures the data collection exercise never exceeds defined boundaries of CPU and memory utilization.
Can I only report on permissions using your product, or can I actually change them?
The Varonis IDU suite provides complete visibility and the ability to affect changes to user, group and file system security permissions (either as an administrator or delegate data owner using the appropriate interface).
Can I integrate the Varonis IDU suite into my existing applications?
Varonis® DatAdvantage® allows for scheduled, exportable reports on all information collected – into a variety of formats (CSV, Excel, etc). Varonis DataPrivilege also provides a web services-based interface to integrate data ownership actions (e.g., entitlement review, grant / revoke permissions, etc.) directly to the file system and to incorporate input and output streams for existing applications.
Do you use Microsoft Windows auditing?
Varonis implementation does not use Microsoft Windows auditing. All information collected and presented is based on a unique Varonis file filter that provides comprehensive information and has minimal impact on the monitored file system.

30-Day Trial

Our 30-Day Free Trial provides a full audit of your file system or your SharePoint environment. Audit permissions, auditing access, usage statistics, recommendations, impact analysis, and identification of business owners.

Within hours of installation

You can instantly conduct a permissions audit: File and folder access permissions and how those map to specific users and groups. You can even generate reports.

Within a day of installation

Varonis® DatAdvantage® will begin to show you which users are accessing the data, and how.

Within 3 weeks of installation

Varonis® DatAdvantage® will actually make highly reliable recommendations about how to limit access to files and folders to just those users who need it for their jobs.

Get the Varonis View. Sign up for the 30-Day Free Trial.