Compliance Achieved Banner
Home arrow Products arrow StealthAUDIT Action Modules
StealthAUDIT Action Modules PDF Print E-mail


Product Function and Scope

StealthAUDIT Action Modules extend the scope and functionality of the base StealthAUDIT application into a new realm of dynamic communication, configuration, and remediation. These newest additions to the StealthAUDIT family were designed and developed in conjunction with our customers to solve real world business problems unlike any other product on the market today. These new action modules include the following components:

  • SendMail
  • Survey
  • Exchange Public Folder
  • File System
  • Registry

Workflow

The first two Action Modules focus on uniquely tying together technical audit information to the act of communicating that information out to end users and soliciting feedback or additional clarifying information from them. This is information that in only in the minds and heads of the people that work and interact with the systems and data itself.

SendMail - The SendMail Action Module provides you with the ability to email customized messages to your end users and system administrators. Don’t waste time cutting and pasting audit data into separate manually created email messages to each one of your target audiences. Use this action module with programs to communicate Public Folder clean up initiatives to their owners or reach out to workstation owners to inform them about unauthorized installed software and compliance to corporate policies. The SendMail action module will help streamline the effort with a polished and professional look while still maintaining a personal touch!

Survey - The Survey Action Module extends the capability of the SendMail Action Module by additionally including an embedded website link within your messages which provides targeted end users and administrators with the path to a StealthAUDIT created survey forms. Ask questions, obtain direction or clarification of audit data, or even collect approval for automated central remediation or changes from your target audience. All responses from the respondents’ are tied to the audit information and available for the same easy and custom reporting capabilities that are available within StealthAUDIT.

 


Remediation

The next three Action Modules focus on extending the reach of StealthAUDIT and extending administrators capabilities to make changes to thousands of systems or very targeted changes based on or supplied by the audit data. These new action modules give our users the ability to, not only assess their environment, but to initiate change and conformance to the desired states.

Exchange Public Folder - The Exchange Public Folder Action Module provides the ability to make changes to your Public Folder environment including: changing access permissions, age limits, custom attributes, adjusting replica copies, and renaming folders within your hierarchy.

File System - The File System Action Module provides the ability to make changes to remote files systems including; changing file and folder attributes, changing associated permissions, copying, deleting, moving, or renaming files or whole folders of information.

Registry - The Registry Action Module provides the ability to make changes to remote system registries including; changing permissions, creating, modifying, deleting registry keys and/or values. Additionally, this action module allows an administrator to import a registry file to make bulk registry changes against remote systems.

Many more new and unique action modules are under development and on their way to compliment and extend that StealthAUDIT product family even farther!


Architecture

Shown below is the architecture for StealthAUDIT  and descriptions of these components.



 
Core engine – This is the primary StealthAUDIT program. It can be run in a graphical (see Management Console below) or non-graphical mode to collect data, invoke actions and analysis processes, and generate reports. This flexibility permits it to be run either interactively or on a scheduled basis.

Management console – This is a Windows based UI application (currently embedded in the Core engine – see above) that permits the intuitive administration of the product and visualization of the system configuration and output results.

Database – This is a SQL Server based database that can reside on the same or different machine from the StealthAUDIT Console application.

Data Collector – DC’s are dynamically loaded libraries that can be “plugged in” to a StealthAUDIT installation to expand its functionality for additional data collection techniques. Data collectors are implemented with graphical configuration interfaces that use inherent knowledge of the sources for these system properties coupled with “selection by example” techniques and logical element groupings. This implementation empowers administrators to compose and run queries in minutes that would take hours or days to script effectively.

Job – StealthAUDIT Jobs are executable entities that contain all configuration elements required to collect, filter, transform and store result data and generate reports against that data. This encapsulation provides for easy packaging and distribution of configured sets of functionality.
 
 


Operational Flow
The following steps represent the sequence of processing of the StealthAUDIT for Systems product:

  • Initially, device discovery is run for the environment to provide a list for targeting Jobs.
  • Jobs are selected from the sample libraries or created by the customer for inclusion in the Job tree.
  • Jobs are targeted to appropriate machines or groups from the discovered environment.
  • Jobs are either run interactively or scheduled from the Console to be run (once or repetitively).
  • When Job executes it performs:
    • Data collection
    • Change detection processing (if configured)
    • Data analysis tasks (if present) including data transformation and rules processing
    • Associated report generation and publishing
    • Notification (if configured)

 

 
Next >
[ Back ]