Applies To: Active Directory Windows Server 2012,Windows Server 2012 R2,Windows Server 2008,Windows 8 and Windows 7.
Active Directory addresses the Windows default audit policy settings, baseline recommended audit policy settings, and the more aggressive recommendations from Microsoft, for workstation and server products.The SCM baseline recommendations shown here, along with the settings recommend to help detect compromise, are intended only to be a starting baseline guide to administrators. Each organization must make its own decisions regarding the threats they face, their acceptable risk tolerances, and what audit policy categories or subcategories they should enable.
EventTracker monitors user logon behaviour, access point configuration changes, WLAN group management and service status and generates flex reports, flex dashboards and alerts for rogue access point detected and system state changed.
EventTracker Knowledge Pack for Active Directory allows you to monitor the following components:-
Once Active Directory is configured to deliver events to EventTracker Manager; alerts, dashboards and reports can be configured into EventTracker.
Some of the Knowledge Packs available in EventTracker are listed below. For more information please refer Integration Guide.
Alerts
Reports
The configuration details in this guide are consistent with EventTracker Enterprise version 8.x and later,Active Directory Windows Server 2012,Windows Server 2012 R2,Windows Server 2008,Windows 8 and Windows 7.
For more information please refer to the Integration guide