Have an internal requirement to set up some file share space that is fairly restricted. While we can isolate access of course with ACLs (AD environment), we're also looking for a way to generate access reports for the data. The users would also like to restrict the ability to copy the data (though OK to view). The last one sounds like a non-starter to me. :)
The ability to report on all ACL change activity would also be nice (though maybe could find some 3rd party tool for this).
Am thinking that we could use fsecurity to enforce permissions (not allow someone to override) and explore CIFS audit logs to generate reports on access.
Perhaps there is a slicker approach though or some pre-existing tool that would make at least the access reporting easier (assuming turning on CIFS auditing would generate some overhead).
Thanks, Ray
Ray,
For auditing and permissions, including reporting on who is accessing which files and when, you should take a look at Varonis. It's not cheap, but you can beat them up on price. It's a very thorough product that can be used for a lot of file-share-based things, including data migrations and standardizing permissions.
-Adam
On Mon, Feb 10, 2014 at 11:44 AM, Ray Van Dolson rvandolson@esri.comwrote:
Have an internal requirement to set up some file share space that is fairly restricted. While we can isolate access of course with ACLs (AD environment), we're also looking for a way to generate access reports for the data. The users would also like to restrict the ability to copy the data (though OK to view). The last one sounds like a non-starter to me. :)
The ability to report on all ACL change activity would also be nice (though maybe could find some 3rd party tool for this).
Am thinking that we could use fsecurity to enforce permissions (not allow someone to override) and explore CIFS audit logs to generate reports on access.
Perhaps there is a slicker approach though or some pre-existing tool that would make at least the access reporting easier (assuming turning on CIFS auditing would generate some overhead).
Thanks, Ray _______________________________________________ Toasters mailing list Toasters@teaparty.net http://www.teaparty.net/mailman/listinfo/toasters
Thanks. Looks slick.
So, looks like my options may be:
- Enable native CIFS auditing (Windows file auditing) via SACLs. I believe ONTAOP 8.1.x supports this. Downside is probably overhead?
- Use an FPolicy based solution like Varonis. Downside cost.
Ray
On Mon, Feb 10, 2014 at 12:03:12PM -0500, Adam Levin wrote:
Ray,
For auditing and permissions, including reporting on who is accessing which files and when, you should take a look at Varonis. It's not cheap, but you can beat them up on price. It's a very thorough product that can be used for a lot of file-share-based things, including data migrations and standardizing permissions.
-Adam
On Mon, Feb 10, 2014 at 11:44 AM, Ray Van Dolson rvandolson@esri.com wrote:
Have an internal requirement to set up some file share space that is fairly restricted. While we can isolate access of course with ACLs (AD environment), we're also looking for a way to generate access reports for the data. The users would also like to restrict the ability to copy the data (though OK to view). The last one sounds like a non-starter to me. :) The ability to report on all ACL change activity would also be nice (though maybe could find some 3rd party tool for this). Am thinking that we could use fsecurity to enforce permissions (not allow someone to override) and explore CIFS audit logs to generate reports on access. Perhaps there is a slicker approach though or some pre-existing tool that would make at least the access reporting easier (assuming turning on CIFS auditing would generate some overhead). Thanks, Ray
-
Adam Levin -
Ray Van Dolson