Upload File

netwrix auditor deep dive€¦ · netwrix auditor deep dive how to secure your cisco and fortinet...

  • Home
  • Documents
  • Netwrix Auditor Deep Dive€¦ · Netwrix Auditor Deep Dive How to Secure Your Cisco and Fortinet Devices from Attackers. Welcome ... New users or groups #2: Repeated Failed Logon
14
Netwrix Auditor Deep Dive How to Secure Your Cisco and Fortinet Devices from Attackers

Upload: others

Post on 28-Jun-2020

35 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Netwrix Auditor Deep Dive€¦ · Netwrix Auditor Deep Dive How to Secure Your Cisco and Fortinet Devices from Attackers. Welcome ... New users or groups #2: Repeated Failed Logon

Netwrix Auditor

DeepDiveHow to Secure Your Cisco and

Fortinet Devices from Attackers

Page 2: Netwrix Auditor Deep Dive€¦ · Netwrix Auditor Deep Dive How to Secure Your Cisco and Fortinet Devices from Attackers. Welcome ... New users or groups #2: Repeated Failed Logon

Welcome

Netwrix Solutions Engineer

Email: [email protected]

Roy Lopez

Page 3: Netwrix Auditor Deep Dive€¦ · Netwrix Auditor Deep Dive How to Secure Your Cisco and Fortinet Devices from Attackers. Welcome ... New users or groups #2: Repeated Failed Logon

Top 5 Network Device Incidents

Briefly about Netwrix

Netwrix Auditor for Network Devices

Q&A

Agenda

Page 4: Netwrix Auditor Deep Dive€¦ · Netwrix Auditor Deep Dive How to Secure Your Cisco and Fortinet Devices from Attackers. Welcome ... New users or groups #2: Repeated Failed Logon

#1: Configuration Changes

Protocols, ports and connection limits

Modifications of Group Policy

New users or groups

Page 5: Netwrix Auditor Deep Dive€¦ · Netwrix Auditor Deep Dive How to Secure Your Cisco and Fortinet Devices from Attackers. Welcome ... New users or groups #2: Repeated Failed Logon

#2: Repeated Failed Logon Attempts

• Successful logons to network devices

are they fully authorized?

• Multiple failed logon attempts

Is someone trying to brute-force administrative credentials?

Page 6: Netwrix Auditor Deep Dive€¦ · Netwrix Auditor Deep Dive How to Secure Your Cisco and Fortinet Devices from Attackers. Welcome ... New users or groups #2: Repeated Failed Logon

#3: VPN Logon Attempts

• Who tried to access network devices over a VPN?

• Which IP address was the authentication attempt made from?

• What was the cause of each failed VPN logon?

• When was each VPN logon attempt initiated?

• What device was the user attempting to log on to?

Page 7: Netwrix Auditor Deep Dive€¦ · Netwrix Auditor Deep Dive How to Secure Your Cisco and Fortinet Devices from Attackers. Welcome ... New users or groups #2: Repeated Failed Logon

#4: Hardware Malfunctions

Underperfomance Complete shutdown

Page 8: Netwrix Auditor Deep Dive€¦ · Netwrix Auditor Deep Dive How to Secure Your Cisco and Fortinet Devices from Attackers. Welcome ... New users or groups #2: Repeated Failed Logon

#5: Scanning Threats

• Which host and subnet were scanned?

• When was each scanning attempt performed?

• Which IP address was the scanning initiated from?

• How many scanning attempts were made from each IP address?

Page 9: Netwrix Auditor Deep Dive€¦ · Netwrix Auditor Deep Dive How to Secure Your Cisco and Fortinet Devices from Attackers. Welcome ... New users or groups #2: Repeated Failed Logon

About Netwrix Auditor

Netwrix Auditor is an agentless data security platform that empowers organizations to accurately identify

sensitive, regulated and mission-critical information and apply access controls consistently, regardless of

where the information is stored.

It enables them to minimize the risk of data breaches and ensure regulatory compliance by proactively

reducing the exposure of sensitive data and promptly detecting policy violations and suspicious user behavior.

Netwrix Auditor

Page 10: Netwrix Auditor Deep Dive€¦ · Netwrix Auditor Deep Dive How to Secure Your Cisco and Fortinet Devices from Attackers. Welcome ... New users or groups #2: Repeated Failed Logon

“Swiss Army Knife” for Visibility Across the Entire IT

Active DirectoryWindows File Servers

Oracle Database

Dell EMC SQL Server

Exchange

NetApp

Office 365

SharePoint sMySQLOpenTextContent Suite

WebsitesPostgreSQL

Box

Salesforce

Google Drive

Windows Server

VMware

Network Devices

Azure AD

Nutanix Files

Audit

Data Discovery and Classification

Page 11: Netwrix Auditor Deep Dive€¦ · Netwrix Auditor Deep Dive How to Secure Your Cisco and Fortinet Devices from Attackers. Welcome ... New users or groups #2: Repeated Failed Logon

Netwrix Auditor for Network Devices

Page 12: Netwrix Auditor Deep Dive€¦ · Netwrix Auditor Deep Dive How to Secure Your Cisco and Fortinet Devices from Attackers. Welcome ... New users or groups #2: Repeated Failed Logon

Demonstration

Netwrix Auditor

Page 13: Netwrix Auditor Deep Dive€¦ · Netwrix Auditor Deep Dive How to Secure Your Cisco and Fortinet Devices from Attackers. Welcome ... New users or groups #2: Repeated Failed Logon

Useful Links

Free trial: Set up Netwrix Auditor in your own test environment netwrix.com/auditor

In-browser demo: Run a demo right in your browser with no need to install anything

netwrix.com/go/browser_demo

Contact Sales to obtain more information: netwrix.com/contactsales

https://www.netwrix.com/auditor9.7.html?utm_source=webinars&utm_medium=follow-up&utm_campaign=slide-deck-link-deep-dive-how-to-secure-your-cisco-and-fortinet-devices-from-attackers
https://www.netwrix.com/browser_demo.html?utm_source=webinars&utm_medium=follow-up&utm_campaign=slide-deck-link-deep-dive-how-to-secure-your-cisco-and-fortinet-devices-from-attackers
http://netwrix.com/contactsales?utm_source=webinars&utm_medium=follow-up&utm_campaign=slide-deck-link-deep-dive-how-to-secure-your-cisco-and-fortinet-devices-from-attackers
Page 14: Netwrix Auditor Deep Dive€¦ · Netwrix Auditor Deep Dive How to Secure Your Cisco and Fortinet Devices from Attackers. Welcome ... New users or groups #2: Repeated Failed Logon

Thank You!

www. .com

Questions?

Roy Lopez

Solutions Engineer


What’s New in Netwrix Auditor 8 · About Netwrix Auditor Netwrix Auditor A visibility and governance platform that enables control over changes, configurations, and access in hybrid

Netwrix Auditor Deep Dive€¦ · Azure AD Netwrix Auditor for EMC Netwrix Auditor for SQLServer Netwrix Auditor for Exchange Netwrix Auditor for NetApp Netwrix Auditor for Windows

Netwrix Auditor for SQL Server Quick-Start Guide ListstheknownissuesthatcustomersmayexperiencewithNetwrix Auditor9.6,andsuggestsworkaroundsfortheseissues. 25/25 Title Netwrix Auditor

Netwrix Auditor Configuration Tips & Tricks …...Netwrix Auditor Configuration Tips & Tricks –Windows Server / SharePoint Back to Basics Presenter: Adam Stetson Systems Engineer,

NETWRIX AUDITOR FOR ACTIVE DIRECTORY

Netwrix Auditor for SQL Server Quick Start Guide

Netwrix Auditor · Netwrix Auditor for SQL Server Netwrix Auditor for Windows Server ... It also ensures easy access to your complete audit trail for more than 10 years

Netwrix · PDF file02 Applications Netwrix Auditor Applications Netwrix Auditor includes applications for Active Directory, Azure AD, Exchange, Office 365, Windows file servers,

Netwrix Auditor for Oracle Database Quick-Start Guide · ActiveDirectory,Exchange,ExchangeOnline,Office365,SharePoint,SQLServer ... ENABLED from DBA_AUDIT ... Netwrix Auditor for

What is Netwrix Auditor A4 - Secutec · What Netwrix Auditor does? What is Netwrix Auditor? Netwrix Auditor is a visibility and governance platform that enables control over changes,

Netwrix Auditor - infopoint-security.de · 02 Applications Netwrix Auditor Applications Netwrix Auditor includes applications for Active Directory, Azure AD, Exchange, Office 365,

Netwrix Auditor Datasheet · 01 Product Overview Netwrix Auditor is an agentless data security platform that empowers organizations to accurately identify sensitive, regulated and

Netwrix Auditor Administrator's Guidenetwrix.solutions-exchange.fr/.../Netwrix_Auditor_Administrator... · materialsprovidedwithanynon-Netwrixproductandcontactthesupplierforconfirmation.Netwrix

Netwrix Auditor Virtual Appliance and Cloud Deployment … · Netwrix Auditor Virtual Appliance and Cloud Deployment Guide Version: 9.6 6/15/2018. Legal Notice The information in

Netwrix Auditor Virtual Appliance and Cloud Deployment Guide€¦ · 1.2. Virtual Deployment This section explains how to import a virtual machine with installed Netwrix Auditor to

What’s New in Netwrix Auditor 9WHAT’S NEW IN NETWRIX AUDITOR 9.5 Risk Assessment Behavior Anomaly Discovery Permission Analysis API-Enabled Integrations. IT Risk Assessment _____

Netwrix Auditor Deep Dive€¦ · Interactive Search RESTful API Dashboards Predefined Change Auditing Reports Risk Assessment Behavior Anomaly Discovery Add-on Store Visibility and

Netwrix Auditor for SQL Server Quick-Start Guide · Specifytheemailsettingsthatwillbeusedforactivitysummaries,reportsandalertsdelivery.Netwrix

Netwrix Auditor for Azure AD Quick-Start Guidebluekarmasecurity.net/wp-content/uploads/2018/05/Netwrix-Auditor... · materialsprovidedwithanynon-Netwrixproductandcontactthesupplierforconfirmation.Netwrix

Netwrix Auditor for SharePoint Quick-Start Guide

Netwrix Auditor · EMC NetApp SharePoint Netwrix Auditor Platform Azure AD Netwrix Auditor for Oracle Database Netwrix Auditor Unified Platform • Active Directory and Group Policy

Netwrix Auditor Release Notes

Netwrix Auditor for Windows Server Quick Start Guide

Netwrix Auditor for File Servers - Danysoft · Netwrix Auditor for File Servers. Figure 1. Netwrix Auditor presents File Server changes in a clear and easy-to-read format. Modern-day

Netwrix Auditor · 2019-11-12 · Netwrix Auditor provides the evidence required to prove that your organization’s IT security program adheres to ... there’s no need to crawl

Netwrix Auditor DEEP DIVE Deep€¦ · Interactive Search RESTful API Dashboards Predefined Change Auditing Reports Risk Assessment Behavior Anomaly Discovery Add-on Store Visibility

Netwrix Auditor for Active Directory€¦ · Netwrix Auditor for Active Directory improves your organization's security posture by delivering complete visibility into what’s happening

DATECHEET 2015 GERMANY v2++ - cio-solutions.de · Netwrix Auditor for Active Directory Netwrix Auditor for File Servers ermöglicht auch die Überwachung von EMC und NetApp Netwrix

Netwrix Auditor Datasheet Auditor... · Netwrix Auditor for Active Directory Netwrix Auditor for Exchange Netwrix Auditor for File Servers Include l’audit di EMC e NetApp Netwrix

Netwrix auditor

Netwrix Auditor - netwrix.solutions-exchange.frnetwrix.solutions-exchange.fr/wp-content/uploads/2016/05/netwrix... · Netwrix Auditor Une visibilité complète sur les changements

Netwrix Auditor for Oracle Database...Netwrix Auditor for Oracle Database helps you identify threats to your structured data and protect your critical assets by delivering 360-degree

Netwrix Auditor · Windows File Servers Netwrix Auditor Unified Platform • Active Directory and Group Policy changes • Logon auditing • State-in-Time reports on configurations

Netwrix Auditor Installation and Configuration Guidenetwrix.solutions-exchange.fr/.../Netwrix_Auditor_Installation... · Thesecomponentsmayberequiredforauditing.Ifneeded,Netwrix AuditorcaninstallthemautomaticallyduringtheManagedObjectcreation

DEEP DIVE Deep - Netwrix...DEEP DIVE Netwrix Auditor Deep Dive Insider Threat Detection. Welcome ... 2013 2016 2017 Data Discovery & Classification Edition 2019 User Profile Automated