Security, et al

Randy's Blog on Infosec and Other Stuff

«  LogRhythm 5.0 Opens New F... | Recommendation Withdrawn:... »

New Audit Features in Windows 7 and Windows Server 2008 R2

Fri, 11 Sep 2009 04:31:27 GMT

Just a quick note about the new audit/security log features in Windows 7 and Windows Server 2008 R2:

  1. You can finally configure audit subcategories via group policy!  No more need for running auditpol scripts on thousands of computers.
  2. Global audit policies for files and other objects.  This allows you to configure system wide audit policies for different file types.  The global policies are supposed to help you ensure all desired objects are audited without having to find and configure auditing at each location where such objects exist.
  3. Object access events now provide more information as to why access was allowed or denied by reporting the particular access control entries that played a part.

More to come on these new features in an upcoming webinar.  Subscribe to my newsletter in order to be notified.

email this digg reddit dzone
comments (0)references (0)

Related:
Auditing Privileged Operations and Mailbox Access in Office 365 Exchange Online
5 Indicators of Endpoint Evil
Severing the Horizontal Kill Chain: The Role of Micro-Segmentation in Your Virtualization Infrastructure
Anatomy of a Hack Disrupted: How one of SIEM’s out-of-the-box rules caught an intrusion and beyond

Comments disabled

powered by Bloget™

Search


Categories
Recent Blogs
Archive


 

Additional Resources