Date Added: Jun 2009
Microsoft Windows machines have basic audit facilities but they fall short of fulfilling real-life business needs (i.e., monitoring Windows computers in real-time, periodically analyzing security activity, and maintaining a long-term audit trail). Therefore, the need exists for a log-based intrusion detection and analysis tool such as GFI EventsManager. This paper explains how GFI EventsManager's innovative architecture can fill the gaps in Windows' security log functionality - without hurting performance and while remaining cost-effective. It discusses the use of GFI EventsManager to implement best practice and fulfill due diligence requirements imposed by auditors and regulatory agencies; and provides strategies for making maximum use of GFI EventsManager's capabilities.