+886-2-2221-2155
[email protected]
0
已加入詢價收藏車: 0筆

本公司皆販售最新版本,目前版本僅供參考
最新版 FileAudit 6.5 更新於 2023/11/30

加入詢價收藏車

直接詢價

FileAudit為您有力管理Windows伺服器的工具。

主動追蹤、查核對每個檔案與資料夾的存取活動,提出報告與警示訊息。

即時監控
隨時追蹤、偵測並記錄您Windows系統上的檔案存取活動
(讀取/寫入/刪除/權限變更/屬性改變……等等)

自動E-mail警示
監控到特定事件發生時,發出警示郵件,防堵安全漏洞(來自黑名單用戶或特定IP之存取、資料刪除記錄、大量複製或移動資料等等,可由用戶自訂)

智慧型管理
排程E-mail報告,發佈對於各項主題之紀錄彙總(存取路徑、檔案類型、行為分類、存取IP來源),協助擬定管理方針。

另外創建帳戶
給非IT審核人使用,為無管理權限人員(外聘等)另外設定帳戶,讓他們發揮專業與自主性,而不影響企業隱私與安全。

更新介紹

FileAudit 6.5

New: Get an overview of your FileAudit alert history for clear visibility into potential issues
FileAudit alert history reports spare you the pain of scrolling through FileAudit alert emails to spot patterns and identify issues. Now, your alert history comes together in one place, so you can:

  • Cut the noise with powerful filters to zoom in on the information you need and more easily catch issues.
  • Get actionable information to:
    • Spot potential security risks when a user sets off repeated alerts or regularly attempts access outside of normal working hours
    • Identify needs for more end-user training or communication to reduce future alerts

 

Improved: The “Database Manager” tile is now “Maintenance”
You’ll notice that the Database Manager tile is now Maintenance, allowing for a new update that allows audit maintenance (details below).

New: Ensure compliance with scheduled, automatic maintenance of audit configuration on audited servers and paths
In the “Maintenance” tile, you’ll see a new “Audit” tab. Now, you can schedule regular maintenance of your audit configuration on audited servers and paths. These maintenance tasks check that your audit configurations have not been modified or overwritten by a GPO, and reconfigure them if necessary.

New: Opt for OAuth2 authentication for the mailbox you use for FileAudit alerts
If you use a Google or Microsoft mailbox for FileAudit alerts, you can now replace SMTP authentication with the more modern OAuth2 authentication protocol.

Improved: Speed up your FileAudit reporting
You can now spend less time on reporting since your FileAudit reports now load faster, use less service memory, and have no impact on GUI.

Improved: Solve MSP web communication problems faster
A more detailed error message now allows you spot the problem faster when you have a web communication issue accessing and/or setting up a new MSP license key.


實時訪問監控
跟踪誰有權訪問數據對於大多數組織而言至關重要。對文件系統的不當訪問或更改,無論是否有意,都可能使組織面臨數據丟失,安全漏洞和不合規的風險。
FileAudit實時監控文件訪問,使您可以輕鬆查看公司數據發生的情況,以便IT或管理部門在檢測到任何不當或可疑活動時採取措施。
 

文件和文件夾訪問警報
檢測到特定訪問事件時,可以自動立即觸發FileAudit電子郵件警報。可以定義觸發警報的事件,以及收件人和消息內容。使用FileAudit,組織可以立即識別和修復任何不符合其安全性和合規性策略的訪問嘗試。
 

文件和文件夾訪問審核
FileAudit提供全面而準確的報告,以準確回答有關不正確訪問,更改或破壞文件,文件夾或文件共享的問題。它提供了訪問(或嘗試訪問)文件的人員,他們所做的事情,他們何時完成以及從何處訪問的實時和歷史詳細信息。集中並歸檔在一個或多個Windows系統上發生的所有文件訪問事件,以生成始終可用,可搜索和安全的審計跟蹤。審核所有文件系統訪問事件對於遵守GDPR,PCI-DSS,HIPAA和IS0 27001等合規性規定也是強制性的。
 

集中式文件審核,錄製&長期存檔
FileAudit將來自多個Windows文件服務器的訪問事件整合到“文件訪問查看器”中,並自動將它們記錄到完整記錄的,可搜索的Microsoft Access或SQL Server數據庫中,以供將來參考。
多年的數據可以存檔而不會影響性能,從而提供始終可用的安全審計跟蹤。
 

強大的過濾能力
通過按類型,用戶帳戶或時間範圍過濾訪問事件,可以更好地控制和管理審計。查找有關文件訪問活動的答案可能非常耗時且具有挑戰性。 FileAudit以較少的工作量從審計的訪問事件中找到您需要的答案。

過濾選項:

From-顯示第一個可用事件或特定日期的事件。
To-在最後一個可用事件或特定日期之前顯示事件。
用戶/組-顯示特定用戶或Active Directory組的事件。
資源-通過輸入IP地址,計算機名稱或可執行文件名來顯示特定源的事件。
訪問類型-選擇所需的訪問類型
對像類型-顯示文件夾和/或文件中的事件。
-通過輸入域名顯示特定域的事件
狀態-過濾顯示以將其限制為成功(“授予”)或不成功(“拒絕”)訪問嘗試。

改進的文件審核性能
Windows存儲有關給定文件系統上發生的事情的大量信息。它將事件日誌中的信息保存在文件或文件夾中發生的每個操作中。
但是,文件系統訪問日誌提供的數據太多,速度很快,並且會在服務器上產生開銷,從而降低性能。
通過優化本機Microsoft審計,FileAudit利用此信息並以可用格式呈現它,以便從審計的訪問事件中找到所需的答案。

代表非IT審計員
由於FileAudit非常簡單直觀,即使是非IT主管(和外部審計人員)也可以安全自主地使用FileAudit,而不會破壞安全協議。

軟體具有直觀易用的特點
對文件系統的不當訪問可能會使組織面臨數據丟失,安全漏洞或不合規的風險。
FileAudit是一種企業安全軟件解決方案,可以直觀,輕鬆地監控,審核和保護對文件和文件夾的訪問。

      

 

 

 

 

 

 

 

Operating systems 作業系統
FileAudit supports the following operating systems for Audit service installation (as for Console installation):

  • Windows 11
  • Windows Server 2022
  • Windows Server 2019
  • Windows Server 2016
  • Windows 10
  • Windows Server 2012 R2
  • Windows 8.1
  • Windows Server 2012
  • Windows 8
  • Windows Server 2008 R2
  • Windows 7


The .Net Framework 4 is required.
Take note that retrieving the IP address of the computer from which the access attempt has been performed through the network is supported for Windows 2008 R2 or higher File servers.

Hard disk 硬碟
FileAudit installation files and folders require 60 MB of free hard disk space.

Additionally you have to consider the disk space consumed by the database to keep the file access events history: an access event audited by FileAudit consumes 0.5 KB of disk space when saved in the database. You can easily estimate the evolution of the database size by multiplying this value by the average number of access (known or observed during the test phase).

Database 資料庫
FileAudit supports the following database systems:

  • Microsoft Access database file (mdb)
  • Microsoft SQL Server Express 2008/2008 R2/2012/2014/2016
  • Microsoft SQL Server 2008 and newer
  • MySQL 5.6 and higher
  • SQLite

 

To facilitate FileAudit evaluation, the installation package integrates an "SQLite database" to archive all file access events.

We invite you to check the database size evolution during the first days using FileAudit to confirm that the database system you have chosen is correctly designed for your environment.

Take note:

  • An access event audited by FileAudit consumes 0.5 KB of disk space when saved in the database. You can easily estimate the evolution of the database size by multiplying this value by the average number of access (known or observed during the tests phase).
  • FileAudit provides some tools to manage the database size evolution.

 

Protocols & ports
FileAudit requires that these two protocols be authorized from the FileAudit service to the target audited systems:

  • File and Printer Sharing for Microsoft Networks - SMB TCP 445
  • ICMP - Ping

 

Please also ensure that 'Remote Event Log Management' (Windows 2008 and higher) is enabled in the Firewall Exceptions list.

The FileAudit console uses by default the TCP port 2000 to connect remotely to a FileAudit service. This specific port can be modified on the 'Service' settings.

When connecting FileAudit service to a remotely server, the Remote registry service must be enabled and started on the remotely audited system.

In the Windows Firewall, ensure that the "Remote Event Log Management" feature is allowed.

In case of Cloud Provider auditing TLS 1.2 is required.

Display resolution
FileAudit requires a minimum resolution of 1024 x 768.

FileAudit has certain limitations in cluster environments. It can only work with failover clusters (active/passive nodes). When the node changes, FileAudit needs to reconfigure the correspondence between drives names and their logical names via a manual operation.

UserLock

WINDOWS用戶登錄安全性
Powerful protection for all Windows Active Directory domain logins, even when credentials are compromised. UserLock helps administrators to manage and secure access for every user, without obstructing employees or frustrating IT.

 RemoteExec

Enterprise-wide remote installations, updates and executions.
RemoteExec remotely installs applications, executes programs/scripts and updates files and folders on Windows systems throughout the network.

WinReporter

WinReporter retrieves detailed information about hardware, software and security settings from Windows systems and automatically generates reports.

產品目錄

商務工具