Audit Collection Services (ACS) is Microsoft’s solution for collecting and managing the Windows security log. I’ve followed ACS since its early days when it was first envisioned as an optional component for Windows Server or a standalone product. ACS ended up part of Operations Manager 2007 and has a unique architecture designed to collect and store massive amounts of security log data in a highly normalized SQL Server database.
In this webinar I will take you on a tour of the ACS architecture showing you how forwarders, collectors and databases work. I will compare ACS to log management and SIEM solutions. You will find that ACS is specifically designed with the Windows security log in mind while log management and SEIM solutions are more generalized. I’ll identify the strengths and weaknesses of both approaches.
As with many Microsoft technologies, ACS provides a core mass of functionality but there are other areas such as reporting, alerting and archival management that are missing. I’ll help you to understand the gaps in ACS functionality before it can be considered a real log management or SIEM solution.
And that’s where this webinar’s sponsor, Secure Vantage, comes in. I’ve worked with Jeremiah Beckett, the founder of Secure Vantage, from the beginning and exclusively licensed my security log knowledgebase to Secure Vantage. I can say without reservation that Secure Vantage completes ACS as a solution and after Jeremiah’s brief presentation you’ll see why I say that.
This is real-training for free. Learn about ACS. Compare it to log management and SIEM solutions and find out how Secure Vantage makes ACS a viable solution for log management.