Data Security Software

Home Solutions Cross-Plartform Audit Overview

Enforcive Cross Platform Audit

Enforcive/ Cross-Platform AuditTM is an Enterprise Log Management and Database Activity Monitoring (DAM) tool, aimed at organizations running multiple systems and disparate platforms. The Cross-Platform Audit (CPA) consolidates platform-specific audit events and makes them available to auditors and administrators in an intuitive and easy-to-use interface. It does this while maintaining a high level of granularity to filter events by platform-specific characteristics.
Supported Platforms:
  • IBM i (AS400)
  • IBM z (Mainframe)
  • Windows
  • SQL Server
  • Unix/AIX
  • Linux
  • Oracle
  • Sun Solaris
The CPA lets you monitor the activity of a user across different computers on diverse platforms and present that activity on screen, in a single event log and graphical format. The CPA logs raw transactional data and, through a variety of online filtering, reporting and dashboard tools, provides meaningful information that can give valuable insight to the organization. It has the ability to monitor activity on all the organization's computers and analyze it in a consolidated manner. For example, a user in one enterprise application might execute a series of transactions across different platforms - something which doesn't draw interest when looked at on the level of one computer, but could be seen in a different light when the entire audit trail is examined.
Using the CPA, system activity and user behavior can be analyzed as a consolidated chain of actions executed across different computers. The global user function allows tracking of a user's trail under various user IDs on different computers and platforms.

How It Works

The CPA monitors and collects security audit events as they occur on each computer. There, they can be viewed and sorted directly and are made ready to transfer to the consolidated central data repository when requested.
The importing of audit data from each computer to the central data repository can be executed at any time and also be scheduled to take place on pre-defined days and times. You also have the flexibility to specify specific groups of audit events for import.
The audit events imported from the different platforms are stored in the CPA in a uniform format so they can be filtered, reviewed and analyzed as if they originated on the same computer.

Managing Audit Policy

The security events logged on each computer are determined by the audit policy. The CPA provides you with a convenient way of viewing and changing the audit policy for each computer and defining what kinds of events will be included in the audit.

Main Features

  • One GUI based Management Console for all Platforms: A single management console for all platforms from which you can manage the consolidated log, and also access all the different nodes monitored.
  • Multiple Event Types: Including system events, field-level data before and after change, user actions, policy deviations, TCP/IP events, SQL statements, object-specific events and more.
  • SOC: A graphical tool for the analysis of security audit events, trends and incidents (see detail later, in this document).
  • Audit Policy Management: Define the types of events to be logged by your computers.
  • Compliance Tools: Create template-based compliance policies with deviation checking and repair options. Ready-defined reports, alerts and templates for compliance.

Benefits

  • Collection of diverse data formats into a uniform database
  • Comprehensive monitoring in a multi-platform environment
  • Efficiency. Audit data from different computers all in one place
  • Powerful filtering to pinpoint events with specific characteristics
  • Graphical analysis of security data statistics
  • Correlation of seemingly disparate events into a uniform audit trail
  • Rich comprehensive audit information for every event, showing exactly who did what, and when

CPA Security Operations Center (SOC)

The Cross Platform Audit Security Operations Center (CPA SOC) makes the events consolidated in the CPA available through easy-to-configure dashboards. Events from across the enterprise can be combined, sorted and filtered into hundreds of different combinations of platform, application, IP address, user, global users, transaction status and date. The graphs are built dynamically by the user, selecting the sort parameter at each level.
Every component of the on-screen graphs can be expanded at the click of a mouse, to show the actual audit events behind the statistics and each event can be drilled down upon to show its detail including the name and value of each event parameter.
The graphs include statistical views and time-line views of the audit events. The graphs and summary tables can be displayed on the screen, printed, sent by email or saved as files in various formats including PDF and MS Office-compatible HTML that can be opened with Excel and Word.
soc_small
Click the picture to view screenshot

Report Scheduling and Exporting

The CPA's full power of multi-platform auditing is realized through its reports. They include the CPA correlation reports that automatically match events from different audit sources, the CPA special MF reports such as the unauthorized access to sensitive files report, and the CPA contents reports - for the display of database changes on different platforms.
Over 200 ready-defined reports complement the ability to create custom reports to meet most any requirement.
Create and run reports instantly on-screen, print them, email them or save them in different file formats such as PDF, Microsoft Word, Excel, text and more. Report runs can then be scheduled to run periodically by day, week or month.

Cross Platform Audit Report (Examples)

Consolidated Audit

The Enforcive/Cross-Platform Audit offers both the administrator and auditor a comprehensive solution for enterprise auditing. It provides the convenience of auditing, investigating or just browsing your enterprise activity in a consolidated and easy to understand format, in a single application. It empowers administrators to analyze behavior on their systems to pinpoint activity that might otherwise have passed unnoticed and to investigate incidents quickly and thoroughly.
It gives auditors the freedom to look into the activity of all the organization's systems and to produce their own reports without IT department assistance.
The CPA saves time in preparing management reports and saves expensive server disk space, by offloading enterprise audit data onto a consolidated database.
This functionality contributes greatly towards fulfilling legal and industry regulatory compliance requirements for auditing such as view-data monitoring, as required by the Health Insurance Portability and Accountability Act (HIPAA), or maintaining an audit trail for several years, as required by Sarbanes-Oxley (SOX).
Want to learn more?