Announcement

Collapse
No announcement yet.

Need audit solution suggestions

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Need audit solution suggestions

    Iím trying to find the easiest and cheapest solution to allow vendors to access my network and still audit their actions. ObserveIT sounds like a nice solution but we have an internal debate regarding whether we should use a vendor like LogMeIn/GoToMyPC or instead use our VPN infrastructure. Can you guys share your concern regarding the usage of client based remote access services?

  • #2
    Re: Remote Access

    If you use VPN, you'll be able to audit the connection to a machine as well as the actions performed on that machine.
    Gareth Howells

    BSc (Hons), MBCS, MCP, MCDST, ICCE

    Any advice is given in good faith and without warranty.

    Please give reputation points if somebody has helped you.

    "For by now I could have stretched out my hand and struck you and your people with a plague that would have wiped you off the Earth." (Exodus 9:15) - I could kill you with my thumb.

    "Everything that lives and moves will be food for you." (Genesis 9:3) - For every animal you don't eat, I'm going to eat three.

    Comment


    • #3
      Re: Remote Access

      Is there a reason why I need to audit the connection as well and not only the actions taken on the server in organization premises.

      Thanks

      Comment


      • #4
        Re: Need audit solution suggestions

        Nubnub, please do NOT hi-jack another Member's thread. If you have a question, even if it the same as one posted, start a new thread.

        Thanks.
        1 1 was a racehorse.
        2 2 was 1 2.
        1 1 1 1 race 1 day,
        2 2 1 1 2

        Comment


        • #5
          Re: Remote Access

          Originally posted by nubnub1000 View Post
          Is there a reason why I need to audit the connection as well and not only the actions taken on the server in organization premises.
          So that you know who connected.

          LogMeIn etc just provides the console screen to you as if you were sat in front of the server and any apps are run as whoever is currently logged in interactively, if anybody is. If they connect using VPN, not only do you have the VPN connection logged, but also them logging into the server as themselves.

          Plus, using the VPN avoids the need to install another piece of software on your servers.
          Gareth Howells

          BSc (Hons), MBCS, MCP, MCDST, ICCE

          Any advice is given in good faith and without warranty.

          Please give reputation points if somebody has helped you.

          "For by now I could have stretched out my hand and struck you and your people with a plague that would have wiped you off the Earth." (Exodus 9:15) - I could kill you with my thumb.

          "Everything that lives and moves will be food for you." (Genesis 9:3) - For every animal you don't eat, I'm going to eat three.

          Comment


          • #6
            Re: Remote Access

            Originally posted by tehcamel View Post
            well, Gotomypc and other tools like that can't really be tracked, traced, monitored or secured by your enterprise security team.

            daniel's article is specifically about recording terminal services sessions.



            of course, the downside of an SSL or IPSEC VPN, is that traffic sometimes needs to be allowed through a firewall - I get clients calling sometimes for PPtP clients who are getting error 807 because GRE passthrough is not enabled outbound.


            with GoToMyPC, it basically works anywhere there is HTTPS access.
            Alot of enterprise security teams will also find cunning ways to block traffic like this as well.
            can you please elaborate on the "tracked, traced, monitored or secured" part?

            thanks
            Last edited by Wired; 23rd April 2011, 23:25. Reason: added quote

            Comment


            • #7
              Re: Need audit solution suggestions

              lesson learned

              still can you guys please throw me a bone here?

              thanks,

              Comment


              • #8
                Re: Need audit solution suggestions

                Originally posted by nubnub1000 View Post
                lesson learned

                still can you guys please throw me a bone here?

                thanks,
                Bone type has to be requested before it can be thrown. Please ask a question we know what sort of bone to through. Ta.
                1 1 was a racehorse.
                2 2 was 1 2.
                1 1 1 1 race 1 day,
                2 2 1 1 2

                Comment


                • #9
                  Re: Need audit solution suggestions

                  so you are basically saying that using LogMeIn or similar remote access vendors (remote access over http) introduces a security breach, right?

                  will my organization will be able to use remote access over http if it needs to comply with SOX, etc?

                  Comment


                  • #10
                    Re: Need audit solution suggestions

                    Depends on what type of auditing you want. LogMeIn/GoToPC, etc. allow you to have an external party connect to your network through the client that is actively using said software. Any and all actions done by that external party will show up in logs by the user who's running said software.

                    The only way to explicitly tie the external party's actions to a log would be to create a log in explicitly for them, and to log into the system with that ID, and then run said software with it.

                    LONG story shory, please provide much more detail into your scenario. Why are you looking for this, who do you think would need to gain access to your network in this way and why, etc.
                    ** Remember to give credit where credit is due and leave reputation points where appropriate **

                    Comment

                    Working...
                    X