Ask the Expert

Configurating the Axent Enterprise Security Manager

Can the Axent Enterprise Security Manager be configured to report superuser activity or activities performed (i.e., what commands issued and which files or directories accessed) under selected user accounts considered to be sensitive? Can a record of these activities be "piped" to another server in realtime? Do you know of any other security auditing and monitoring software that can do this?


    Requires Free Membership to View

Yes, the Axent Enterprise Security Manager can do much of what you are looking for. It works on Windows, Novell, several UNIXes (AIX, HP/UX, Compaq True64, Irix and Solaris) and OpenVMS. The exact details of what it does vary from system to system. It can also send records of its alerts to other systems in realtime.

There are also other products and programs that can do similar things, depending on what you're looking for. All the major UNIX manufacturers have their own security auditing and logging systems. Products like Cybersafe's Centrax and Clicknet's Entercept work for NT. Cybersafe's Centrax will also work with a number of other operating systems. These also have the capability to forward audit information to other hosts.

There are also open source solutions. The "sudo" program runs on many, many UNIXes and can control and audit superuser access. Standard UNIX syslog can send audit information to other systems.


This was first published in April 2001

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: