Centrify DirectAudit's Key Benefits & Use Cases

DirectAudit was designed to help you answer some of the toughest questions you face when auditing, securing and managing UNIX/Linux systems

Click a benefit to read more and see the types of use cases DirectAudit addresses:

Enhance Compliance with Regulatory Requirements

Practically every industry and government compliance regulation (including SOX, PCI, FISMA, GLBA, Basel II and HIPAA) requires comprehensive logging and audit trails of user activity, especially on business-critical and sensitive systems. DirectAudit meets these needs by capturing detailed user session information - who logged into what systems, what commands they executed, what changes they made to key files and data. DirectAudit's flexible querying and reporting features enhance your ability to document compliance and provide robust tools for identifying and investigating potential security breeches. With DirectAudit you can now answer questions such as:

• Who has logged onto our UNIX servers running our ERP apps over the last month, and what did they do?
• What was that recently fired systems administer doing on our systems last week?
• Has anyone been editing these key system files, or typing any suspicious commands?

^ back to top

Perform In-Depth Troubleshooting and Configuration Reporting

From DirectAudit's central console you can quickly locate and replay user activity that may have contributed to a system outage. DirectAudit captures detailed session activity - both keystrokes and session output – so you can diagnose immediate problems or report on and document configuration and other changes. With DirectAudit you can now answer questions such as:

• Over the last few hours, did anyone do anything to this system that just went down?
• Did anybody change the Oracle config file on sol-ora-4 yesterday?
• Did Operations actually apply that required patch on all 10 of our web servers over the weekend?
• What steps did that consultant take to fix the problem on our file server?

^ back to top

Protect Against Insider Threats and Monitor Real-Time User Activity

DirectAudit lets you centrally view who is currently accessing all of your distributed UNIX and Linux systems and immediately drill down to see what they are doing. This real-time monitoring helps you proactively spot insider threats and gives you global visibility into activity across your organization. With DirectAudit you can now answer questions such as:

• Who is logged on to our HR database server, and what are they doing?
• Is anyone currently logged on to those development systems that we need to restart?

^ back to top