General discussion

Locked

Security: Auditing User Activity in Netware

By Zenak ·
Ok, I have recently become the only IT Security person in a large organization (~6000 users). Previously the departments handled security within themselves, but we have been shifting it over to me for auditing, policy implementation, etc.

I have been asking for weeks to get access to the Netware server logs, so I could start pulling together information on failed login attempts, password resets, login/logout etc. Finally, after meeting with the manager of that department I have been told that they don't have that type of auditing enabled, and won't enable it because it will be too much for the servers. (Although he isn?t sure if it would be memory, CPU, or storage intensive)

So I have to now pull together a document on why this should be done, and "It's security best practices" isn't going to cut it. Does anyone have a resource I could tap for a long list of reasons why this is something we would want?

This conversation is currently closed to new comments.

2 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Security: Auditing User Activity in Netware

by manishachhaya In reply to Security: Auditing User A ...

Apart from Netware server logs, do you have any security or auditing software installed?

Collapse -

Time for

by beads In reply to Security: Auditing User A ...

Sounds more like the manager is either running servers a bit too thin or doesn't have a real understanding of server capabilities. Perhaps he is trying to hide something.

Find the root cause. Check with the SA to discount CPU and or disk space issues. If either of them are lacking then work with the manager types before you have other problems as this is only a symptom of things to come. Network problems only get worse as time goes on not better. Be proactive.

Next, I would look into redeploying an older box or purchase a newer box to act as your security collection point under your control.

My guess is that this is really a political problem not a technological problem.

- beads

Back to Security Forum
2 total posts (Page 1 of 1)  

Related Discussions

Related Forums