change auditing: determine who changed what, when and where
TRANSCRIPT
#completevisibility
Netwrix Overview per Partners
#completevisibility
DISTRIBUITO DA CIPS INFORMATICA WWW.CIPS.IT
#completevisibility
Agenda
Chi siamo o cosa offriamo
Partnering with Netwrix
Strumenti utili per I Partners
Technical Overview and Live Demo – Danny Murphy
Domande
#completevisibility
Netwrix in breve
All awards: www.netwrix.com/awards
#completevisibility
Netwrix Corporation
Fondata nel 2006HQ in Irvine, CaliforniaFilosofia – garantire una visibilità completa sull’infrastruttura ITCustomer base Globale – 60006M di licenzeSupporto Globale in Nord America, EMEA e AsiaUna delle aziende USA di software a più alto tasso di crescita (Inc 5000, Deloitte)
Corporate Headquarters:20 Pacifica #625 Irvine, CA 92618888-638-9749www.netwrix.com
Additional Offices:Columbus, OHParamus, NJAtlanta, GAKent, UK
#completevisibility
Financial
Healthcare & Pharmaceutical
Federal, State, Local, Government
Industrial/Technology/Other
I Nostri clienti
#completevisibility
Configuration Auditing
I software di Configuration auditing forniscono agli amministratori di Sistema un valido strumento per la valutazione delle configurazioni di Sistema, il rilevamento di eventuali modifiche e la possibilità di rimediare tempestivamente ad eventuali errori mitigando I rischi di sicurezza connessi. Le impostazioni di Configurazione vengono valutate in base alle policy specifiche dell’azienda o in base agli standard di sicurezza previsti dalle normative vigenti. Questi strumenti vengono utilizzati non solo per il controllo specific di PC e Server, ma anche per l’audit di Applicazioni, databases, apparati di rete e ambienti virtuali.
#completevisibility
L’opinione degli analisti
• Forrester named configuration auditing the #1 security technology for next 5 years.
• "Configuration auditing tools can help you analyze your configurations according to best practices, enforce configuration standards and adhere to regulatory requirements."
#completevisibility
Casi comuni di utilizzo di IT Auditing
Compliance Raggiungere requisiti di conformità alle normative e agli standard di compliance, come PCI, HIPAA, SOX, FISMA/NIST800-53, GLBA, d.lg. 30 giugno 2003, n. 196.
Sicurezza Migliorare la sicurezza prevenendo la perdita, il furto o la modifica di dati sensibili e l’accesso non autorizzato a risorse quali email, applicazioni, databases…etc.
Analisi delle causeIdentificare la causa di un disservizio, risolvere rapidamente downtime dei sistemi e ristabilire l’operatività riducendo al minimo le conseguenze delle interruzioni di servizio.
#completevisibility
WW, EU and Italian Regulations
• Cobit• ISO 27001• SOX• EU Data Protection• HIPPA• PCI-DSS• D.LGS. 196/03• etc
#completevisibility
Linee guida del Garante
• Linee guida in materia di trattamento di dati personali di lavoratori per finalità di gestione del rapporto di lavoro in ambito pubblico
• Punto 2. Il rispetto dei princìpi di protezione dei dati personali prevede che Il datore di lavoro pubblico può lecitamente trattare dati personali dei lavoratori ……
• adottando adeguate misure di sicurezza, idonee a preservare i dati da alcuni eventi tra cui accessi ed utilizzazioni indebiti, rispetto ai quali l'amministrazione può essere chiamata a rispondere anche civilmente e penalmente (artt. 15 e 31 e ss. del Codice)
#completevisibility
Esempi reali di Audit Failures
Indagini sulla Compliance2010 – NY & Presbyterian Hospital e Columbia University. $4.8 millioni di multa 2009 – WellPoint Inc. $1.7 millioni di multa
Compromised Security 2014 – Home Depot 56 millioni di carte di credito dei clienti compromesse (la più grande violazione mai commessa presso una catena di vendita al dettaglio)
– Dairy Queen 400 fast food – Jimmy John’s 216 ristoranti – JPMorgan Chase 76 millioni di famiglie, 8 millioni di piccole imprese a richio
2013 – Target. $3.6 – 12 billion (stimati)2011 – Maricopa County $17 millioni
Interruzioni della Business Continuity Una compagnia petrolifera globale
Qualcuno a causa di un errore in uno script ha cancellato inconsapevolmente 2000 utenti. Al lunedì mattina I dipendenti non potevano accedere alla rete e alle risorse aziendali
Large Recycling CompanyGP change caused File Server Firewalls to snap on leading to major disruption, as around 60% of the users were unable to access particular applications/resources
#completevisibility
What we do
Simple: works right out of the box.Efficient: fills gaps and eliminates noise in native audit without intrusive agents Affordable pricing, no expensive staff or hardware
Change auditing: Determine who changed what, when and whereAudit the entire IT Infrastructure from a Unified PlatformAdditional features and functionality (Self Service Password Reset / Inactive User Tracking / Password Expiration Alerting / Logon Auditing / AD Rollback)
Our USP
#completevisibility
Limitations of native auditing
Report on who, what, when & where- Coverage is limited, change detail is limited and cryptic
Show before and after values- Little to no visibility of what the previous value was
Consolidation of audit data- Only individual security logs on each server
Prevent audit data loss due to log overwrites- Logs can easily be overwritten if configured incorrectly
Pre-Defined reports- No pre-defined reports available natively
Easy to understand change records- Multiple events need to be analyzed to determine a change
Long-term archiving capabilities - Requires large amount of disk space and maintenance
Real-time alerts for critical changes- Not available natively
#completevisibility
Netwrix Auditor Unified Platform for Change and Configuration Auditing
Active Directory
Exchange
File Servers
SharePoint
SQL Server
VMware
Windows Server
Auditing solutions for:
AD, Group Policy, Inactive User Tracking and Password Expiration
Windows Servers, EMC Storage and NetApp Filers
SharePoint farm configuration, security and content changes
Exchange changes and non owner mailbox access
SQL Configuration and Security Changes
Windows configuration changes and user activity video recording
VMware vSphere, ESX and ESXi
#completevisibility
Features – Unified Platform
Change auditing: detection, reporting and alerting on all configuration changes across your entire IT infrastructure with Who, What, When, Where details and Before/After values.
#completevisibility
#completevisibility
Features – Unified Platform
Configuration assessment: State-in-time™ reports show configuration settings at any point in time, such as group membership or password policy settings as they were configured a year ago.
#completevisibility
#completevisibility
Features – Unified Platform
Simple and affordable: works out of the box, low TCO - no expensive staff or hardware.
Unified platform to audit the entire IT infrastructure, unlike other vendors with a set of hard-to-integrate standalone tools.
#completevisibility
#completevisibility
Features – Enterprise-grade scalability
Agentless or lightweight, non-intrusive agent-based modes of operation.
AuditAssurance™: consolidates audit data from multiple independent sources, filling-in key details not present in any single source.
#completevisibility
#completevisibility
Features – Enterprise-grade scalability
Auditing of virtually any system or application, even if it does not produce any logs, via screen activity recording of privileged users with ability to search and replay or tracking of configurations stored in databases.
AuditArchive™: scalable two-tiered storage (file-based + SQL database) holding consolidated audit data for 10 years or more.
#completevisibility
#completevisibility
Features – AuditIntelligence™
Enterprise Overview dashboards provide complete visibility across the entire IT infrastructure.
#completevisibility
#completevisibility
Features – AuditIntelligence™
Reporting with filtering, grouping, sorting, export (PDF, XLS etc.), email subscriptions, drill-down, access via web, granular permissions and ability to create custom reports.
More than 200 predefined reports are included, enough to pass most audits.
Real-time alerts and reports
#completevisibility
#completevisibility
Features – SIEM, Rollback, FIM
Integration with SIEM: optionally forwards meaningful audit data into your existing SIEM, leveraging existing processes, protecting technology investments and reducing console sprawl.
Event log management: "catchall" of non-change events in Windows logs and Syslog, such as logon/logoff, account lockouts, etc.
Change rollback: Reverts unauthorized or malicious changes to a previous state without any downtime or having to restore from backup.
File Integrity Monitoring (FIM) of critical system and content files as required by compliance regulations.
#completevisibility
#completevisibility
Next Steps
Free Trial: setup in your own test environment netwrix.com/freetrial
Test Drive: virtual POC, try in a Netwrix-hosted test lab netwrix.com/testdrive
Live One-to-One Demo: product tour with Netwrix expertnetwrix.com/livedemo
Contact Sales to obtain more information netwrix.com/contactsales
#completevisibility
#completevisibility
Netwrix programma di canale
All awards: www.netwrix.com/awards
#completevisibility
Partnering with Netwrix
You can offer your customers the broadest coverage of audited systems and applications: agentless, Tier-2 storage for free, complete visibility. Empower your product portfolio with industry-leading productsTransparent and efficient partner program helping you to make more money – up to 40% margin!Robust marketing support to advance your sales!
Find our more: netwrix.com/partners/
#completevisibility
Netwrix Partner Program: Quick Start
Apply for partnership using Netwrix Partner Registration PortalWe will supply you with all necessary Information to make sure your sales are 100% Netwrix-ready.Drive sales and watch your revenue grow!
Helpful assets: Netwrix partner program Customer-facing Marketing content
Netwrix solutions
#completevisibility
How Do I Make Money with Netwrix?
The Netwrix PP Authorized Silver Gold
Basic discount new Software Sales, 1st year Support, Pre-
paid Support
5% 5% 5%
Deal Reg discount new Software Sales,
1st year Support, Pre-paid Support
20% 30% 35%
Total Partner Discount for
Registered Deals
25% 35% 40%
#completevisibility
I Benefici
Benefits Authorized Silver Partner Gold Partner
Sales Support NO YES YES
Presales Tech Support
NO YES Advanced
Marketing Support NO YES Advanced
SLA Portal SLA 1 SLA 2
Partner Portal Access
YES YES YES
Netwrix Partner Locator
NO YES YES
NFR Keys Limited Extended Extended+
#completevisibility
I requisiti
Requirements Authorized Silver Partner Gold Partner
Reg Deals Approvati 0 3 10
Representing Netwrix on Partner
Website
NO YES YES+
Co-Marketing Activities
NO Min 1 x Quarter Min 1 x Quarter
Certified Specialists: min. 1 Sales and 1
Technical
NO YES YES
Customer Success Story
NO 1 x Anno 2 x Anno
#completevisibility
Netwrix Auditor
Licensing Listini e Supporto
#completevisibility
Licensing & pricing
• Licenses can be perpetual or subscription based
• Licensed by number of AD users• Starts at 150 per enabled AD user• Special pricing is available for
government, education and non-profit organizations.
#completevisibility
Support
• New perpetual licenses include – 1-year Software Maintenance (additional cost) – Valid from the date of purchase – Entitles product updates and technical support
for the first year.
• Subscription license purchases come with a Software Maintenance contract at no additional cost.
#completevisibility
Anna Nikiforova
Netwrix Marketing per Partners
Netwrix CorporationRegional Marketing Manager Italy, Malta & [email protected] 8664420
#completevisibility
#completevisibility
Useful content for your customers
Free Trial: setup in your own test environment netwrix.com/freetrial
Test Drive: virtual POC, try in a Netwrix-hosted test lab netwrix.com/testdrive
Live One-to-One Demo: product tour with Netwrix expertnetwrix.com/livedemo
Contact Sales to obtain more information netwrix.com/contactsales
#completevisibility
Thank you for your attention!
Questions?
Giovanni ZanascaManagement Consultant Ciips InformaticaE-mail [email protected] 3491992152