Audit NetApp Filer Changes
Through our integration with the Fpolicy framework and the assigned file policy, we’re able to capture events to audit and monitor file and folder activity on your NetApp through CIFS. We treat NetApp Filers the same as we would any traditional Windows File Server auditing all changes to files and folders, share, permissions, and more.
Track File and Folder Created, Modified, Deleted, Moved, Renamed and More
Our file server auditor is a simple way of keeping track of all changes as they happen. The predefined audit reports contain details regarding all attempts of file or folder creation, deletion, copy, move, rename, and other modifications. We also detail the time, drive, folder, file name, process and event. You can track what has happened to a file or folder since its creation, see who has accessed or modified it, and ultimately who has deleted it.
Analyze the Current Effective Permissions of Shared Files/Folders
Current Permission analysis of file servers shows the effective permissions applied on the Shared Folders. Our solution compares the applied NTFS with the Share Permissions to analyze the currently effective permission on a selected file or folder. It also displays the scope of the applied permission by showing the folder level where permission inheritance gets broken and whether the effective permission is direct, indirect or inherited. Reports can be filtered, sorted, saved and investigated for all 13 possible permissions.
Analyze Historical Permission Changes of Your Files/Folders
Our File Server change auditing solution analyzes Historical File Server permissions for Windows File System. You can view the list of all historical permissions for a selected file and folder. The administrator can also compare the permissions for the selected file or folder between two specified time intervals. You can save separate reports for both "Permission History" and "Compare Permission" in PDF, MHT or CSV formats on the disk. It also displays the scope of the permission changes.
Keep Track of File and Folder Permission Changes
Privilege management is essential in modern businesses. It's vital you know when permissions are being changed, who's changing them, what has been changed and from where the change was made. Using LepideAuditor for File Server will allow you to view a specific file or folder and instantly see the permission changes. It provides real-time alerts with advanced filtration and a threshold limit to keep you up to date on every critical permission change.
Track Who Accessed Your Files and Folders
All access attempts made to files and folders are audited by our File Server Auditor. The solution creates dedicated, in-depth auditing reports for different access types; such as read successful, read failed, creation failed and more. You can also configure the solution to send real-time alerts for these access attempts.
Dedicated Tracking for Shared Files and Folders
With our File Server auditing solution, you can audit all changes to shared files and folders including their permission changes. The dedicated reports help keep you aware of every change being made. You can customize these reports with auditing functions and create dedicated reports to track specific files, folders, users or permissions. We let you determine the effective permissions applied to the shared files and folders with an inbuilt “Current Permission Report”. This report compares the NTFS with the Share Permissions to evaluate the current effective permissions on a selected shared file or folder.
See the Original Value Before the Change Was Made
Naturally – you want to know if any of your files have been modified but the real value comes from the context. We think it’s important to show you what it was changed from. The before values allow you to truly understand the purpose of the event and enable IT teams to identify issues faster.
Accurately See File Copy Events
While it’s fair to say we’re not the only provider of file auditing and monitoring solutions on the market we’re actually one of the very few that can accurately show you when a file has been copied. We think this is pretty important when trying to keep track of your critical data. Especially given that copied files are the main source of data leakage.
We Let You Use Wildcards to Audit Potentially Sensitive Data
Our intelligent filters let you use “*” (asterisk) and “?” (question mark) to drill-down the audit reports and focus on the changes made to files and folders containing these characters in names, paths, usernames or other audit details. A common use case may be to search for all files where the filename contains the word ‘confidential’. You can then easily save this search in a PDF, CSV or MHT file. You can also use these wildcards to send the real-time alerts for changes made to for sensitive data.
Detect Suspicious Changes and Prepare Quick Incident Response
LepideAuditor for File Server lets you prepare a quick Incident Response by allowing you to run your own custom script with the alerting of selected critical changes. You can perform automated tasks defined in your script; including disable a user account, delete a user account, revoke the permission granted to a user or shut down a computer. For an example, you can set the solution to delete a user who has deleted multiple files. Yes, you can set to get notifications for both critical changes and script execution.
Improve Data Access Governance
LepideAuditor enables you to get insight into which files and folders that your users and groups have access to and manage the levels of permissions applied to them. You can also generate a list of open shares in your File Server, including the files and folders residing within them, and see by what means they were ‘opened’.