Active Directory
Version: Windows Server 2012 R2, 2008 R2, 2003.
Active Directory is a centralized and standardized system that automates network management of user data, security, and distributed resources, and enables interoperation with other directories. Active Directory is designed especially for distributed networking environments.
With Netsurion Open XDR, organizations have complete visibility into their IT infrastructure. Know what’s happening now, what happened previously, what changed, and be compliant.
Netsurion Open XDR offers a high-level view, but allows you to drill down to the most granular level and provide you with the information you need – whether you are in charge of overall implementation, security, and compliance, or focused on the details of the events of specific devices.
Netsurion Data Source Integration for Active Directory allows you to monitor following:-
- Monitoring computers added or deleted to active directory.
- Monitoring group added, group deleted, group changed, group type changed and group member added or removed activities.
- Monitoring group policy actions such as added, changed and deleted.
- Monitoring Organizational unit and sub Organizational unit events like added, deleted, in active directory.
After the Active Directory is configured to deliver events to the Netsurion Open XDR, the dashboards and reports can be configured into Netsurion Open XDR.
The following are the key Data Source Integration available in Netsurion Open XDR.
Alerts
Type | Name | Description |
---|---|---|
Security | Active Directory – Group policy changed | This alert is generated when group policy changed in Windows Active Directory. |
Security | Active Directory – AD cannot update object | This alert is generated when object cannot be updated in Active Directory. |
Security | Active Directory – AD database is corrupt | This alert is generated when Active Directory database gets corrupted. |
Reports
Type | Name | Description |
---|---|---|
Security | Active Directory – OU added | This category based report provides information related to Organization Unit added to Active Directory. |
Security | Active Directory – Objects modified | This category based report provides information related to directory service object was modified. |
Security | Active Directory – Local group deleted | This category based report provides information related to group deleted from Windows Active Directory. |
Security | Active Directory – Group policy changed | This category based report provides information related to group policy changed in Windows Active Directory. |
Security | Active Directory – Group member removed | This category based report provides information related to members were removed from Active Directory group. |
Documentation
The configuration details are consistent with Netsurion Open XDR 7.x or later, and Microsoft Windows server 2000, 2003, 2008, 2012.
Download Integration Guide for configuration instructions and more information.