全面防護雲+地混合環境=提供即時安全和IT稽核管理

By 2019-12-11電子報專刊

edm201912_01

Hybrid Active Directory Environment

  • Office 365 requiresan Azure AD instance
  • Azure AD provides the Directory Service for Office 365 applications
  • Azure AD integrates with On-premise AD creating a Hybrid Directory environment

edm201912_02

Hybrid Directory Management Challenges

  • Office 365 requires an Azure Active Directory instance
  • Azure AD integrates with on-prem AD creating a HybridDirectory environment
  • Hybrid directory increases the management burden and doubles the attack surface area

未來Microsoft環境變的更難保護

edm201912_03

Hybrid Directory Management Challenges –What questions to ask, pain points

Top 5 IT Auditing Challenges in a Hybrid World

  • 如何查看誰在Active Directory、Windows、Azure AD和Office 365中做什麼?
  • 將地端和雲端之間的活動關聯到同一個稽核介面中
  • 如何追蹤違反安全策略的行為
  • 如何使企業得以持續遵守外部法規和內部審核
  • 維護稽核記錄以滿足內部政策和監管機構的要求

Active Directory Security Lifecycle

edm201912_04

本地稽核常見問題

edm201912_05

雲端稽核常見問題

edm201912_06

Change Auditor

Change Auditor

Provides complete, real-time change auditing, in-depth forensics and comprehensive reporting on all key configuration, user and administrator changes.

edm201912_07

Change Auditor platforms

edm201912_08

Change Auditor Architecture

edm201912_09

Easy to read, normalized 5W events

edm201912_10

Change Auditor for Active Directory: GPO Settings

edm201912_11

Hybrid Directory Support

edm201912_12

Protect Important Objects and Settings

  • Protect your important AD, Exchange and Windows File Servers objects and settings
  • Prevent operation mistakes
  • Last protection shield even admin credentials have been stolen

edm201912_13

Enabling Alert

  • Change Auditor can generate alerts when certain kinds of configuration changes occur.
  • These alerts appear in the Change Auditor Client and are then dispatched to designated recipients via mail (SMTP), SNMP or WMI events.

edm201912_14

Schedule Reporting

  • Generate comprehensive reports for best practices and regulatory compliance mandates for GDPR, SOX, PCI-DSS, HIPAA, FISMA, GLBA and more
  • Specify the format to be used for the report attachment (PDF, Html, Word, Text, Excel, CSV)

edm201912_15

IT Security Search correlates Quest Security and Compliance solutions

  • Forensic search tool engine
  • Search and analyze IT data –using one web interface
  • Correlate disparate IT data from numerous systems & devices
  • Single pane of glass–Google-like searching

edm201912_16

IT Security Search

edm201912_17

edm201912_18

On Demand Audit

On Demand Audit

  • Single view of on-prem and cloud activity from a modern, intuitive dashboard
  • Responsive search builder
  • Interactive data visualizations
  • Normalized view of hybrid audit data
  • Granular, delegated access
  • Long-term storage

edm201912_19

Comparing Quest with native auditing

edm201912_20

Why Quest On Demand?

快速,簡便的設置–輕鬆地啟動,並在幾分鐘內開始稽核。無需安裝、無需升級、無需複雜的配置,無需費力!

安全可靠的SaaS–Quest On Demand提供ISO認證包括ISO / IEC27001:2013,ISO / IEC 27017:2015和ISO / IEC 27018:2019。

快速創新–與Microsoft更新保持同步,因此Quest On Demand自動更新可快速提供新功能,客戶要求的增強功能和安全更新,而無需費力。

Change Auditor integration

  • Pair Change Auditor with On Demand Audit in a few simple clicks
  • Get a singled, hosted viewof all activity –on-prem or cloud

edm201912_21

Azure AD auditing

  • Track all configuration, user and administrator changes made across Azure AD

edm201912_22

Azure AD sign-ins

  • Track sign-in attempts
  • Visualize and filter by user, application or location

edm201912_23

Hybrid identity auditing

  • Correlate on-prem and cloud identities
  • Search and view all results you need regardless of where the activity originated.

edm201912_24

Normalized audit view

  • View every on-prem or cloud audit event in a simple, normalized format

edm201912_25

Real-time email alerts

  • Send real-time alerts to email and mobile devices to prompt immediate action

edm201912_26

Flexible, responsive search engine

  • Fast, responsive search across tenants
  • Search on any event or field
    • Actor
    • Changed attributes
    • Activity details
    • Cloud-only objects
    • And more!

edm201912_27

Hybrid Auditing with On Demand Audit

edm201912_28

Recovery Solutions for AD and Azure AD

edm201912_29

勒索病毒只是煙霧彈,聲東擊西,讓企業措手不及

edm201912_30

Mistakes, Corruption, Disasters –比您想像的更常見

edm201912_31

他們擔憂那些問題

edm201912_32

企業所面臨的恢復挑戰

edm201912_33

合規性需求

edm201912_34

停機成本

edm201912_35

災難復原計畫

edm201912_36

edm201912_37

Recovery Manager for Active Directory (RMAD)
Backup and recovery at the object and attribute level

Recovery Manager for Active Directory –Forest Edition (RMAD FE)
Backup and recovery at the object level, the attribute level and the directory level across the entire Forest

Recovery Manager for Active Directory –Disaster Recovery Edition (RMAD DRE)
Backup and recovery at the object and attribute level, the directory level and the operating system level across the entire Forest

edm201912_38

RMAD Disaster Recovery Edition:
診斷和管理

edm201912_39

裸機備份Bare metal backup

  • Automatically restore from bare metal and follow up with your most current system state backup.

edm201912_40

恢復方法Recovery method

  • Restore from a variety of recovery methods for each domain controller

edm201912_41

進度監控器Progress monitor

  • Monitor your progress to ensure complete forest recovery for server data and operating system.

edm201912_42

恢復專案計畫Recovery project plan

  • Automatically document your entire disaster recovery plan.

edm201912_43

Creating a virtual lab (test environment)

edm201912_44

Virtual Lab Wizard

edm201912_45

Comparing Quest with AD recycle bin

edm201912_46

Hybrid/Cloud compounds the risk

edm201912_47

Azure AD recycle bin limitations

edm201912_48

Quest On Demand Recovery

  • Part of the On Demand platform –Cloud-hosted, simple to use and consistent interface

edm201912_49

Comparing Quest with Azure AD recycle bin

edm201912_50

Recovery Manager + On Demand Recovery
A complete backup and disaster recovery solution for hybrid AD environments

edm201912_51