Jump to content

Solution for File System Auditing

More than 95% of file access activity is not audited by IT. Why? Windows event auditing is cumbersome, as is BSM on Solaris, and audit on AIX. Linux didn't even have auditing capabilities until the Linux 2.6 kernel audit system was introduced. Netapp, EMC Celerra, Exchange and SharePoint audit functionalities all require moderate to extensive effort just to capture events, and capturing an audit trail is just the beginning. Once the events are captured, they need to be aggregated, normalized, and analyzed so they can become more than just log data and we can make use of them.

Interested but want to learn more? Register to download our free whitepaper for 3 tips for faster file system auditing.

Overview

The Challenge

Whether you are on the help desk, doing forensics for security, auditing data use, or just trying to analyze data, the same questions come up:

  • Who has been accessing this folder?
  • What data has this user been accessing?
  • Who sent emails to whom?
  • Who deleted these files?
  • Where did those files go?

The Varonis Solution

Varonis® DatAdvantage® captures, aggregates, normalizes, and analyzes every data access event for every user on Windows, UNIX/Linux, Netapp, EMC Celerra, Exchange and SharePoint servers, without requiring native operating system auditing functionalities on Windows and UNIX/Linux servers. Through its intuitive graphical interface and reports, DatAdvantage clearly presents the answers to these questions and others. This information is collected without impacting performance or storage on your file systems, using normal computing infrastructure.

Metadata Streams

Four types of metadata are critical for data governance

  • User and Group Information - from Active Directory, LDAP, NIS, SharePoint, etc.
  • Permissions information - knowing who can access what data in which containers
  • Access Activity - knowing which users do access what data, when and what they've done
  • Sensitive Content Indicators - knowing which files contain items of sensitivity and importance, and where they reside

Varonis Metadata Image

Why Varonis

Data protection is necessary to safeguard an organization's customers, employees, business partners, and investors. It is fundamental in securing an organization's intellectual property and competitive edge, and for maintaining the organizational trust required for it to properly function. Ongoing, scalable data protection and management require technology designed to handle an ever-increasing volume and complexity—a metadata framework.

The Varonis Metadata Framework non-intrusively collects this critical metadata, generates metadata where existing metadata is lacking (e.g. its file system filters and content inspection technologies), pre-processes it, normalizes it, analyzes it, stores it, and presents it to IT administrators in an interactive, dynamic interface. Once data owners are identified, they are empowered to make informed authorization and permissions maintenance decisions through a configurable web-based interface—that are then executed—with no IT overhead or manual backend processes.

Resources

  • Varonis Usage Example: Access Auditing

30-Day Trial

Our 30-Day Free Trial provides a full audit of your file system or your SharePoint environment. Audit permissions, auditing access, usage statistics, recommendations, impact analysis, and identification of business owners.

Within hours of installation

You can instantly conduct a permissions audit: File and folder access permissions and how those map to specific users and groups. You can even generate reports.

Within a day of installation

Varonis® DatAdvantage® will begin to show you which users are accessing the data, and how.

Within 3 weeks of installation

Varonis® DatAdvantage® will actually make highly reliable recommendations about how to limit access to files and folders to just those users who need it for their jobs.

Get the Varonis View. Sign up for the 30-Day Free Trial.

10 signs that you might have a data governance problem http://t.co/Q1Hj4e0n0N