DirectAudit

Additional Resources

Home  |  Products  |  DirectAudit
Centrify DirectAudit

Why Customers Choose Centrify DirectAudit

Centrify DirectAudit delivers unique features and value not found in other IT auditing solutions.

High Fidelity, Efficient Session Capture and Replay

Most logging tools are system and application centric, simply rolling up higher-level events and notifications; they do not show you what users actually did or attempted to do. Or they may indicate they edited a file, but not show what changes they made. DirectAudit lets you visually replay any user session on any audited system to see exactly what the user did: the commands executed, the changes made to key files and data, and the results.

Other products use simplistic, heavyweight approaches to capturing user activity. Centrify DirectAudit captures and replays user sessions at high fidelity resolutions with an efficient technique that ensures scalability, efficient storage and high performance replay.

Comparing Centrify DirectAudit to other product approaches

Simplistic Approaches Centrify DirectAudt
Low-fidelity capture of screenshots High-fidelity capture of index frames
Increase the frequency of screen capture in an attempt to get the required detail, but still miss important information. Efficiently captures only the differences at the pixel block level and important information returned to the screen, ensuring all the required detail is available for high-fidelity, full-motion video replay.
Captures and collects lots of redundant data in storage while failing to provide enough user session detail. Captures and collects all the required user session detail with similar storage requirements.
Are too slow to allow for real-time monitoring. Efficient capture and compression enable real-time viewing of user sessions.

In addition, other auditing products can only support a historical view of system activity. DirectAudit gives you a real-time, at-a-glance view of activity across Windows, UNIX and Linux. For each session you can see who is logged on, and you can immediately drill down to see what they are currently doing.

DirectAudit efficiently captures the detail required to meet compliance requirements, troubleshoot changes that may have led to system failures and to view user sessions in real-time.

Highly, Scalable and Reliable with Minimal Administrative Resources

DirectAudit is an enterprise-scale solution covering all the key requirements for scale, fault tolerance, security, cross-platform deployment and simple administration:

  • Scalability. Multiple, load-balanced DirectAudit Collectors and Audit Stores can gather data from a large number of audited systems.
  • Scalability. A central SQL Audit Server acts as a large-scale data repository.
  • Reliability. DirectAudit continues to collect all audit data on a remote system if the network goes down and subsequently forwards it to the DirectAudit Collector when the network is back up.
  • Minimal Administration. Administrators and managers alike will appreciate DirectAudit's ease of use and management.
  • Security. To ensure audit data traffic is secure, it is communicated in an authenticated and encrypted format.
  • Cross-Platform. Centrify DirectAudit is the only solution on the market for monitoring privileged user activity on UNIX, Linux AND Windows systems.

Non-intrusive, Granular Role-based Access to Sensitive Session Data

DirectAudit ensures that only authorized users such as IT security and operations staff and auditors can search and replay user sessions and only the sessions required for their job function. In addition, DirectAudt uses a SQL database and implements other non-proprietary and non-intrusive features including:

  • Granular Audit Roles. DirectAudit's flexible, role-based access controls allow you to define the types of sessions that different IT auditor roles can search and replay.
  • Non-intrusive. DirectAudit requires low local system overhead and is non-intrusive for end-users.
  • Agent-based. DirectAudit is not a proxy or gateway solution, but audits activity locally on each system and securely rolls auditing data into a central repository. This further ensures that users are not able to circumvent user session auditing.
  • Non-Proprietary Data Storage. DirectAudit uses a modern SQL Server database. This means you can easily report and search on all session data using the DirectAudit Console or third-party reporting tools. Archiving and purging session data is also easy as well.
  • Ad Hoc Querying and Reporting. DirectAudit not only provides out-of-the-box views of user sessions, but also lets you perform a full-text search for specific keywords. Mining key audit and system availability data is as easy as searching the Internet.

Part of Centrify Suite, An Integrated Security Solution

DirectAudit is part of the Centrify Suite, an integrated family of solutions that leverages an infrastructure you already own — Microsoft Active Directory — to centrally control, secure and audit cross-platform systems and applications. Centrify offers a single, built-for-the-enterprise solution that is more secure, supports more platforms, and is easier to deploy and manage than the collection of acquired point products other vendors provide.

View a 5-Minute Demo
  A Better Way to Audit Request a Free Evaluation of Centrify DirectAudit
White Paper Privileged User Activity Auditing: The Missing Link for Enterprise Compliance and Security View
Now
On-Demand Webinar Beyond Logging: Addressing Security and Compliance with Detailed Audit Trails Linked to Active Directory