ESM should fully support all tests specific to Windows Server 2008
Created: 31 Aug 2009 | 2 comments
For monitoring Windows Server 2008, there are some tests that do not seem to be available via ESM currently.
The tests are as follows (all of these are new settings for Server 2008, not in Server 2003):
Account Integrity module:
1. Access credential manager as a trusted caller
2. Change time zone
3. Create symbolic link
4. Increase a process working set
System Auditing module
1. Fine-grained auditing settings such as:
a. Audit Special Logon
b. Audit Directory Service Access
c. Audit Sensitive Privilege Use
This enhancement request (Idea) resulted from a case we raised on Symantec MySupport for ESM 9.0 SU37. The Symantec response was that these tests are not currently supported and we should submit an enhancement request.
idea Filed Under:
Comments
To cater to new features
To cater to new features introduced in 2008, there will be new checks added to Account integrity.
- Access Credential Manager as a trusted caller
- Increase a process working set
- Create symbolic links
- Change the time zone
These checks will be available to customers in SU39. SU39 is scheduled to release by March end 2010.
There is a check 'Granular
There is a check 'Granular System Audit Settings' in System Auditing module which reports on fine grained audting settings of 2008.This is a template based check.
The default template has entries to check for fine grined auditing settings like..
-Logon/Logoff (special logon)
-Privilege use
-Directory Service Access
In template, select the type of auditng you want to enable for the setting. Following are the different auditing states :
- Success
- Failure
- Success and Failure
- No Auditing
This feature was introduced in SU37.
Would you like to reply?
Login or Register to post your comment.