Hybrid Active Directory Environment
- Office 365 requiresan Azure AD instance
- Azure AD provides the Directory Service for Office 365 applications
- Azure AD integrates with On-premise AD creating a Hybrid Directory environment
Hybrid Directory Management Challenges
- Office 365 requires an Azure Active Directory instance
- Azure AD integrates with on-prem AD creating a HybridDirectory environment
- Hybrid directory increases the management burden and doubles the attack surface area
未來Microsoft環境變的更難保護
Hybrid Directory Management Challenges –What questions to ask, pain points
Top 5 IT Auditing Challenges in a Hybrid World
- 如何查看誰在Active Directory、Windows、Azure AD和Office 365中做什麼?
- 將地端和雲端之間的活動關聯到同一個稽核介面中
- 如何追蹤違反安全策略的行為
- 如何使企業得以持續遵守外部法規和內部審核
- 維護稽核記錄以滿足內部政策和監管機構的要求
Active Directory Security Lifecycle
本地稽核常見問題
雲端稽核常見問題
Change Auditor
Change Auditor
Provides complete, real-time change auditing, in-depth forensics and comprehensive reporting on all key configuration, user and administrator changes.
Change Auditor platforms
Change Auditor Architecture
Easy to read, normalized 5W events
Change Auditor for Active Directory: GPO Settings
Hybrid Directory Support
Protect Important Objects and Settings
- Protect your important AD, Exchange and Windows File Servers objects and settings
- Prevent operation mistakes
- Last protection shield even admin credentials have been stolen
Enabling Alert
- Change Auditor can generate alerts when certain kinds of configuration changes occur.
- These alerts appear in the Change Auditor Client and are then dispatched to designated recipients via mail (SMTP), SNMP or WMI events.
Schedule Reporting
- Generate comprehensive reports for best practices and regulatory compliance mandates for GDPR, SOX, PCI-DSS, HIPAA, FISMA, GLBA and more
- Specify the format to be used for the report attachment (PDF, Html, Word, Text, Excel, CSV)
IT Security Search correlates Quest Security and Compliance solutions
- Forensic search tool engine
- Search and analyze IT data –using one web interface
- Correlate disparate IT data from numerous systems & devices
- Single pane of glass–Google-like searching
IT Security Search
On Demand Audit
On Demand Audit
- Single view of on-prem and cloud activity from a modern, intuitive dashboard
- Responsive search builder
- Interactive data visualizations
- Normalized view of hybrid audit data
- Granular, delegated access
- Long-term storage
Comparing Quest with native auditing
Why Quest On Demand?
快速,簡便的設置–輕鬆地啟動,並在幾分鐘內開始稽核。無需安裝、無需升級、無需複雜的配置,無需費力!
安全可靠的SaaS–Quest On Demand提供ISO認證包括ISO / IEC27001:2013,ISO / IEC 27017:2015和ISO / IEC 27018:2019。
快速創新–與Microsoft更新保持同步,因此Quest On Demand自動更新可快速提供新功能,客戶要求的增強功能和安全更新,而無需費力。
Change Auditor integration
- Pair Change Auditor with On Demand Audit in a few simple clicks
- Get a singled, hosted viewof all activity –on-prem or cloud
Azure AD auditing
- Track all configuration, user and administrator changes made across Azure AD
Azure AD sign-ins
- Track sign-in attempts
- Visualize and filter by user, application or location
Hybrid identity auditing
- Correlate on-prem and cloud identities
- Search and view all results you need regardless of where the activity originated.
Normalized audit view
- View every on-prem or cloud audit event in a simple, normalized format
Real-time email alerts
- Send real-time alerts to email and mobile devices to prompt immediate action
Flexible, responsive search engine
- Fast, responsive search across tenants
- Search on any event or field
- Actor
- Changed attributes
- Activity details
- Cloud-only objects
- And more!
Hybrid Auditing with On Demand Audit
Recovery Solutions for AD and Azure AD
勒索病毒只是煙霧彈,聲東擊西,讓企業措手不及
Mistakes, Corruption, Disasters –比您想像的更常見
他們擔憂那些問題
企業所面臨的恢復挑戰
合規性需求
停機成本
災難復原計畫
Recovery Manager for Active Directory (RMAD)
Backup and recovery at the object and attribute level
Recovery Manager for Active Directory –Forest Edition (RMAD FE)
Backup and recovery at the object level, the attribute level and the directory level across the entire Forest
Recovery Manager for Active Directory –Disaster Recovery Edition (RMAD DRE)
Backup and recovery at the object and attribute level, the directory level and the operating system level across the entire Forest
RMAD Disaster Recovery Edition:
診斷和管理
裸機備份Bare metal backup
- Automatically restore from bare metal and follow up with your most current system state backup.
恢復方法Recovery method
- Restore from a variety of recovery methods for each domain controller
進度監控器Progress monitor
- Monitor your progress to ensure complete forest recovery for server data and operating system.
恢復專案計畫Recovery project plan
- Automatically document your entire disaster recovery plan.
Creating a virtual lab (test environment)
Virtual Lab Wizard
Comparing Quest with AD recycle bin
Hybrid/Cloud compounds the risk
Azure AD recycle bin limitations
Quest On Demand Recovery
- Part of the On Demand platform –Cloud-hosted, simple to use and consistent interface
Comparing Quest with Azure AD recycle bin
Recovery Manager + On Demand Recovery
A complete backup and disaster recovery solution for hybrid AD environments
