Manage Learn to apply best practices and optimize your operations.

Configurating the Axent Enterprise Security Manager

Can the Axent Enterprise Security Manager be configured to report superuser activity or activities performed (i.e., what commands issued and which files or directories accessed) under selected user accounts considered to be sensitive? Can a record of these activities be "piped" to another server in realtime? Do you know of any other security auditing and monitoring software that can do this?

Yes, the Axent Enterprise Security Manager can do much of what you are looking for. It works on Windows, Novell, several UNIXes (AIX, HP/UX, Compaq True64, Irix and Solaris) and OpenVMS. The exact details of what it does vary from system to system. It can also send records of its alerts to other systems in realtime.

There are also other products and programs that can do similar things, depending on what you're looking for. All the major UNIX manufacturers have their own security auditing and logging systems. Products like Cybersafe's Centrax and Clicknet's Entercept work for NT. Cybersafe's Centrax will also work with a number of other operating systems. These also have the capability to forward audit information to other hosts.

There are also open source solutions. The "sudo" program runs on many, many UNIXes and can control and audit superuser access. Standard UNIX syslog can send audit information to other systems.

This was last published in April 2001

Dig Deeper on Penetration testing, ethical hacking and vulnerability assessments

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.