I have a request of our security team to answer of some securty questions that i can't answer because I don't know.
Can you please help me to answer the following questions:
1. Is the application designed to log transaction events (such as: host name, account identifier, date and time stamp, event type, source IP address, description of the activity performed ,event ID, reason for logging event, source and destination network addresses)?
2. Does the application log user access activity such as successful logons, logoffs, and unsuccessful logon attempts?
3. Is the application designed to log and monitor activity performed by privileged accounts?
4. Does the application provide built in audit log reports?
5. Where are the logs saved? And for how long?
Thanks in advance
NPM is NMS use to monitor network infrastructure with snmp/trap syslog and icmp.
I think you look for SIEM that is realy good to monitor users ,firewall and protocols that running in the wire.
Solarwinds has that
Other vendors tools
Solarwinds is 100% integratet with MS-AD (users/groups access control)
From NPM 10.4 you will have Auditing trail (who did what in NPM)
Hope thats helps
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 150,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process. Learn more today by joining now.