Page Last Updated:
October 12, 2003
|
 |
Free Evaluation |
Metering and Licensing News | Company Info
SofTrack's provides Enterprise Audit and Control options give you unpredented abilities and power on Windows-based workstations and thin clients. All audit and control options require the use of the SofTrack Local Workstation Agent at each workstation. All audit reports are stored in a secure folder at the server in CSV (Comma Separated Value) format for simple processing.
Softrack's Audit and Control options are controlled one simple and concise options screen:
Audit and Control - Configuration Screen
Click on the links below to learn more:
Audit
SofTrack's Audit options provide full auditing for:
- All Microsoft® Internet Explorer browser access attempts
- All Application Launch Attempts
- All File Open / Create and Copy attempts
- All Executable Files Created or Modified
Click on the screen shots below (or right-click to open in a new window) to view the types of reports SofTrack's Auditing will provide for you:
|
Audit Viewer
The Audit Viewer's Screen includes:
- List of Workstations that have been audited
- Date of first audit entry
- Date of last audit entry
- Size of Audit Log File
- Buttons of available actions
- Number of Workstations listed
Audit Viewer - All Entries
When you click on the View All entries for selected logs button you are presented with a screen similar to the one above.
Please note the power of this view. With this single view, and all audit options enabled, you will have an accounting of what activities were being performed at each workstation. Together, these audit options reveal what accesses the workstations' users were doing second-by-second during the day!
Audit Viewer - All Internet Explorer Entries
When you click on the View Internet Explorer use for selected logs button you are presented with a screen similar to the one above.
Audit Viewer - All Application Launches
When you click on the View Application Launches for selected logs button you are presented with a screen similar to the one above.
Audit Viewer - All File Opens and Creates
When you click on the View File Opens and Creates for selected logs button you are presented with a screen similar to the one above. This screen also indicates when a file was created via a file COPY request.
Audit Viewer - Executables Created
Via a separate menu option, the View Executables Created report indicates all executable files (*.EXE and *.COM) that have been created and/or modified.
Summary
As you have seen, SofTrack's audit reports provide you with a simple and deep method to audit workstation use throughout your enterprise.
Control
SofTrack's Control options provide a degree of control over how workstations are used throughout your enterprise that is unprecedented. The Control options you select are implemented by the SofTrack Local Workstation Agent. The Control options result in denial of the following activities - (please note: no record of denials is maintained):
- Deny File Rename and File Create and File Modification requests for executable files *.EXE and *.COM;
- This control option also prevents the user from performing unauthorized application installations! And, the user or process requesting such actions which are being denied, receive standard Windows error messages that indicate the file is inaccessible which has the benefit of not alerting the user to the presence of SofTrack and therefore are not aware that their actions being specifically denied rather than some other fault. The user is blocked from a behaviour which they likely know is not allowed but are not aware of the specific method to restrict their access.
- The SofTrack Local Workstation Agent can be configured to allow specifically named processes the ability to create and/or modify .EXE and .COM files. For instance, you would exercise this option in the case of a computer science lab where students are creating computer programs and therefore require the ability to create .EXE files.
- Deny execution/launch of any executable file that does not have a proper *.EXE or *.COM filename;
- With Windows NT/2000/2003 and XP servers/workstations it is possible to run an executable file with any extension instead of the usual .EXE or .COM. Because of viruses, worms, trojan horses and similar viral methods may rely on such an attack, SofTrack can help you prevent such access.
- Deny browsing of the internet via Microsoft's® Internet Explorer while allowing local access;
- Only accesses to local files on the local machine (127.0.0.1) or to non-routable TCP/IP addresses are allowed. Non-routable TCP/IP addresses include:
- http://10.0.0.0 through 10.255.255.255
- https://10.0.0.0 through 10.255.255.255
- http://172.16.0.0 through 172.31.255.255
- https://172.16.0.0 through 172.31.255.255
- http://192.168.0.0 through 192.168.255.255
- https://192.168.0.0 through 192.168.255.255
Summary
As you have seen, SofTrack's control options provide you with a simple yet extremely powerful method to control software access on each workstation throughout your enterprise.
|
