File Server Auditing

Data is everything when it comes to IT security and, at Lepide, we’re all about securing the File Server data. Ensuring you have adequate File Server auditing and monitoring tools in place is more important than ever before. We believe all organizations should instantly be able to see ‘who, what, where and when’ files and folders are created, accessed, modified, copied or deleted at the click of a button. We also think it’s essential that organizations are easily able to track and compare permissions across their data. Lepide's File Server auditing solution addresses the challenges of the rise of the insider-threat and the reporting requirements associated with common regulatory compliance mandates. We give IT teams the power to see more, faster. Our solution is specifically designed to work on Windows File Server and NetApp Filers. LepideAuditor for File Server is available standalone or as a part our comprehensive LepideAuditor.

Over 5,000 Organizations Use LepideAuditor to Protect Their Businesses Against Data Breaches

How We Help to Audit File Server Changes

Deploying an File Server auditing solution, like LepideAuditor, helps you get more visibility into the changes taking place to your critical data stored in your File Servers. Real-time alerting, pre-defined reports and powerful File Server auditing capabilities, enable you to get a better understanding of user behaviour surrounding your data. Here are just some ways in which LepideAuditor for File Server can help your business.

  • Intuitive Dashboard Our graphical dashboard will enable you to easily track changes occurring across the whole of your File Server environment. It provides you with an easy-to-understand overview of the total number of changes made to File Server; broken down per administrator, source and trend. This should help you not only understand the causes of a single change, but help you spot overall anomalies in events. The performance of your File Server is also tracked and reported on to help you decrease downtime. The LiveFeed shows you all File Server changes made as they are happening so that you can react to them quicker.
  • Granular Audit Reports LepideAuditor displays a single log for a single change that gives you the answers to the “who, what, when and where” auditing questions. This data is collected and presented through predefined audit reports aimed at helping you solve all manner of security, compliance and IT operations challenges. Every change made is displayed with before and after values to provide you with helpful context. You can customize these reports with auditing functions and create dedicated reports to track a specific file, folder, user or operation. Reports are delivered via email at user-defined intervals through email or by saving at a shared location in either CSV, MHT or PDF formats. These File Server audit reports can be shared via a secure web console.
  • Alerts on Critical Changes The earlier you can react to File Server changes, the easier it is to mitigate the damage that can occur. To do this, LepideAuditor offers real time alerts based on a single event or based on threshold conditions that have been defined by the user. For example, we can set an alert to be sent to the intended recipients if an event occurs a certain number of times over a defined period of time. This kind of alerting enables you to spot trends in changes that may be indicative of unauthorized or inappropriate activity.
  • Meeting Compliances Demands A common driver for installing a solution such as LepideAuditor is regulatory compliance. Our solution addresses the ever-increasing demand to prove to auditors that adequate steps are being taken to ensure data is being responsibly monitored. It provides a wide range of detailed reports that directly map to the common requirements of compliance standards; such as PCI, SOX, HIPAA, GLBA, FISMA and GDPR. Read more
  • Mobile AppLepideAuditor comes with a free mobile app that has been specifically designed to help you track File Server changes on the go. It sends push-notifications for file or folder deleted, file or folder created, creation failed, access attempts made to critical files and folders, permission modifications and much more. You can get these notifications either in real-time or whenever they reach a threshold limit. Read more

Want to see the award-winning LepideAuditor in action? Schedule a Demo
What We Audit in File Server

Audit NetApp Filers Changes

Through our integration with the Fpolicy framework and the assigned file policy, we’re able to capture events to audit and monitor file and folder activity on your NetApp through CIFS. We treat NetApp Filers the same as we would any traditional Windows File Server auditing all changes to files and folders, share, permissions, and more.
Read more

Track File and Folder Created, Modified, Deleted, Moved, Renamed and More

Our file server auditor is a simple way of keeping track of all changes as they happen. The predefined audit reports contain details regarding all attempts of file or folder creation, deletion, copy, move, rename, and other modifications. We also detail the time, drive, folder, file name, process and event. You can track what has happened to a file or folder since its creation, see who has accessed or modified it, and ultimately who has deleted it.
Read more

Analyze the Current Effective Permissions of Shared Files/Folders

Current Permission analysis of file servers shows the effective permissions applied on the Shared Folders. Our solution compares the applied NTFS with the Share Permissions to analyze the currently effective permission on a selected file or folder. It also displays the scope of the applied permission by showing the folder level where permission inheritance gets broken and whether the effective permission is direct, indirect or inherited. Reports can be filtered, sorted, saved and investigated for all 13 possible permissions.
Read more

Analyze Historical Permission Changes of Your Files/Folders

Our File Server change auditing solution analyzes Historical File Server permissions for Windows File System. You can view the list of all historical permissions for a selected file and folder. The administrator can also compare the permissions for the selected file or folder between two specified time intervals. You can save separate reports for both “Permission History” and “Compare Permission” in PDF, MHT or CSV formats on the disk. It also displays the scope of the permission changes.
Read more

Keep Track of File and Folder Permission Changes

Privilege management is essential in modern businesses. It’s vital you know when permissions are being changed, who’s changing them, what has been changed and from where the change was made. Using LepideAuditor for File Server will allow you to view a specific file or folder and instantly see the permission changes. It provides real-time alerts with advanced filtration and a threshold limit to keep you up to date on every critical permission change.

Track Who Accessed Your Files and Folders

All access attempts made to files and folders are audited by our File Server Auditor. The solution creates dedicated, in-depth auditing reports for different access types; such as read successful, read failed, creation failed and more. You can also configure the solution to send real-time alerts for these access attempts.
Read more

Dedicated Tracking for Shared Files and Folders

With our File Server auditing solution, you can audit all changes to shared files and folders including their permission changes. The dedicated reports help keep you aware of every change being made. You can customize these reports with auditing functions and create dedicated reports to track specific files, folders, users or permissions. We let you determine the effective permissions applied to the shared files and folders with an inbuilt “Current Permission Report”. This report compares the NTFS with the Share Permissions to evaluate the current effective permissions on a selected shared file or folder.
Read more

See the Original Value Before the Change Was Made

Naturally – you want to know if any of your files have been modified but the real value comes from the context. We think it’s important to show you what it was changed from. The before values allow you to truly understand the purpose of the event and enable IT teams to identify issues faster.

Accurately See File Copy Events

While it’s fair to say we’re not the only provider of file auditing and monitoring solutions on the market we’re actually one of the very few that can accurately show you when a file has been copied. We think this is pretty important when trying to keep track of your critical data. Especially given that copied files are the main source of data leakage.

We Let You Use Wildcards to Audit Potentially Sensitive Data

Our intelligent filters let you use “*” (asterisk) and “?” (question mark) to drill-down the audit reports and focus on the changes made to files and folders containing these characters in names, paths, usernames or other audit details. A common use case may be to search for all files where the filename contains the word ‘confidential’. You can then easily save this search in a PDF, CSV or MHT file. You can also use these wildcards to send the real-time alerts for changes made to for sensitive data.

Detect Suspicious Changes and Prepare Quick Incident Response

LepideAuditor for File Server lets you prepare a quick Incident Response by allowing you to run your own custom script with the alerting of selected critical changes. You can perform automated tasks defined in your script; including disable a user account, delete a user account, revoke the permission granted to a user or shut down a computer. For an example, you can set the solution to delete a user who has deleted multiple files. Yes, you can set to get notifications for both critical changes and script execution.

Improve Data Access Governance

LepideAuditor enables you to get insight into which files and folders that your users and groups have access to and manage the levels of permissions applied to them. You can also generate a list of open shares in your File Server, including the files and folders residing within them, and see by what means they were ‘opened’.
Read more

Read all reviews

Read all stories

More from Lepide

Blog
Why Auditing Office 365 Natively Isn’t Enough

Office 365 does enable organizations to share content more easily, along with many other benefits. But these benefits are useless if Office 365 security concerns aren’t addressed.

Learn More ->
Whitepaper
Popular Cyber Attack Methods and How to Mitigate Them

This White Paper will go through some of the most popular cyber-attack methods attackers are using and the steps you can take to mitigate the risks of you falling victim to them.

Learn More ->
News
LepideAuditor Introduces Data Discovery and Classification

The Data Discovery and Classification Technology was developed, and is completely supported, in-house to give users a more complete Data-Centric Audit and Protection solution.

Learn More ->

Lepide® is a registered trademark of Lepide Software Private Limited. © Copyright 2018 Lepide Software Private Limited. All trademarks acknowledged.