Más contenido relacionado La actualidad más candente (20) Similar a Monitoring and Securing Active Directory Government Webinar for the US Army (18) Monitoring and Securing Active Directory Government Webinar for the US Army2. @solarwinds 2
Speaker Introduction
Jordan Pfeiffer
Army Account Manager
jordan.pfeiffer@solarwinds.com
512.498.6584 (office)
Mike McDowell
Sr. Federal Sales Engineer
michael.mcdowell@solarwinds.com
703.386.2616 (office)
© 2019 SolarWinds Worldwide, LLC. All rights reserved.
3. @solarwinds 3
• SolarWinds Overview
• Active Directory® (AD) challenges, threats, and best
practices
• System, application, and log monitoring for AD
• Server & Application Monitor
• Log Analyzer
• Security Event Manager
• Leveraging access rights management for AD
• Access Rights Manager
• Demonstrations
• Q&A
• Additional resources
Agenda
© 2019 SolarWinds Worldwide, LLC. All rights reserved.
4. @solarwinds 4
SolarWinds at a Glance
1. Customers are defined as individuals or entities that have an active subscription for our subscription products or that have purchased one or more of our perpetual license products since our inception under a unique customer identification number. We may have multiple
purchasers of our products within a single organization, each of which may be assigned a unique customer identification number and deemed a separate customer.
2. IDC defined Network Management Software functional market, IDC’s Worldwide Semiannual Software Tracker, October 2018.
3. Source: Gartner, Market Share Analysis: ITOM: Performance Analysis Software, Worldwide, 2017. July 9, 2018. (AIOps/ITIM/Other Monitoring Tools Software Market ). SolarWinds term, Systems Management, refers to the AIOps/ITIM/Other Monitoring Tools Software
Market Taxonomy referenced in the Gartner report. All statements in this report attributable to Gartner represent SolarWinds interpretation of data, research opinion or viewpoints published as part of a syndicated subscription service by Gartner, Inc., and have not been
reviewed by Gartner. Each Gartner publication speaks as of its original publication date (and not as of the date of this [presentation]). The opinions expressed in Gartner publications are not representations of fact and are subject to change without notice.
#1
in Network
Management2
300,000+
customers in 190
countries1
50+
IT management
products
22,000+ MSPs serving
450,000+ organizations
Every branch of the DoD, and
nearly every civilian and
intelligence agency
150,000+ registered members of THWACK®, our global IT community
Founded in 1999
More than 2,500
employees globally
Austin, TX headquarters
Herndon, VA government office
30+ offices globally
Leader
in Remote Monitoring
and Management
#4
in Systems
Management3
Growing Security
Portfolio
500 of
Fortune 500®
© 2019 SolarWinds Worldwide, LLC. All rights reserved.
5. @solarwinds 5
SolarWinds on CHESS ITES-SW Contract
• SolarWinds is now available for
purchase on CHESS ITES-SW
• #W52P1J-15-D-0008 via Carahsoft
© 2018 SolarWinds Worldwide, LLC. All rights reserved.
SolarWinds products available on the contract:
• Network Performance Monitor
(NPM)
• NetFlow Traffic Analyzer (NTA)
• Network Configuration Manager
(NCM)
• Network Topology Mapper (NTM)
• VoIP & Network Quality Manager
(VNQM)
• IP Address Manager (IPAM)
• User Device Tracker (UDT)
• Additional Polling Engine
• Additional Web Server
• High Availability (HA)
• Enterprise Operations Console (EOC)
• Server & Application Monitor (SAM)
• Web Performance Monitor (WPM)
• Engineer's Toolset™ (ETS)
• Standard Tool Set
• Kiwi Syslog® Server
• Kiwi CatTools®
• Mobile Admin (MA)
• Security Event Manager (SEM),
formerly Log & Event Manager (LEM)
6. @solarwinds 6
SolarWinds on DoDIN APL
• We’re excited to announce after
rigorous testing, the Orion® Suite for
Federal Government v3.0 has been
placed on the Department of
Defense Information Network
(DoDIN) Approved Products List
(APL).
• The Orion Suite also has Common
Criteria certification.
© 2018 SolarWinds Worldwide, LLC. All rights reserved.
The Orion Suite for Federal Government v3.0
includes:
• Network Performance Monitor v12.2
• Server & Application Monitor v6.6
• Network Configuration Manager v7.7
• NetFlow Traffic Analyzer v4.2.3
• IP Address Manager v4.6
• User Device Tracker v3.3
• VoIP & Network Quality Manager v4.4.1
• Web Performance Monitor v2.2.1
• Enterprise Operations Console v2.0
• Storage Resource Monitor v6.6
• Virtualization Manager v8.2
7. @solarwinds 7
SolarWinds Army Case Studies
© 2018 SolarWinds Worldwide, LLC. All rights reserved.
DoD Quotes: https://www.techvalidate.com/portals/solarwinds-government?collection=military-us-federal-government
DoD Case Studies: https://www.techvalidate.com/portals/solarwinds-government?collection=dod-quotes
8. @solarwinds 8
Building Great Products That Simply Work Is at Our Core
© 2019 SolarWinds Worldwide, LLC. All rights reserved.
End User-Driven Product Strategy With a Constantly Growing OfferingFocused on Ease and Efficiency
Geekbuilt.®
Roadmap driven by end-users and products developed by
IT Professionals who understand today’s IT environment
Massive User Community
150K+ registered THWACK members; in 2017,
THWACK averaged over 7,000 daily unique visitors
22K+ MSPs access the MSP Institute
and Customer Success Center
Solve clearly identified problems
Orion®
Platform
Hybrid IT
management
Cloud Management
Affordable full-stack
monitoring for cloud
management teams
SolarWinds
MSP
Remote monitoring
and management
platforms, backup,
and email security
Easy to try, find, and buy
Ready to use
Security
Security, simplified
9. @solarwinds 9
Our Approach to ProductOurCorePrinciplesNotableExamples
Simple and
powerful
Deliver complete
visibility for hybrid IT
Grow with our
customers
Enable application-
centric management
•Quick value after install
•Seamless UX across
product portfolio
•Native support of the major
on-premises and public clouds
•Unified, integrated experience
•Start small, solve the first
problem, and be ready for
the next
•Add new capabilities quickly
• AppStack™ – manage the entire
app, not just components
• PerfStack™ – real-time
troubleshooting across the
modern app and infrastructure
stack
• NetPath™ – manage the network, not
just elements
• Cloud Infrastructure Monitoring –
AWS® and Azure® infrastructure
monitoring
•Support management of
traditional and modern apps
• Network Insight™ – deep
visibility for the modern
network stack across
performance and
configuration
• AppInsight™ – deep visibility
for packaged application
performance
• Increased scale – support for
400,000 NPM elements in a
single instance
• Simplified multi-product
installer – single installer to
automatically resolve upgrade
and install dependencies
© 2019 SolarWinds Worldwide, LLC. All rights reserved.
10. @solarwinds 10
AD Challenges and Threats
• Can be complex and difficult to administer
• Provisioning and deprovisioning users
• Defining user roles and delegation of tasks
• Auditing changes and demonstrating compliance
• AD is prone to being hacked
• AD crashes lead to network downtime
• Tracking changes can be difficult
• Inadequate reporting
© 2019 SolarWinds Worldwide, LLC. All rights reserved.
11. @solarwinds 11
AD Best Practices
• Utilize least-privilege principle in AD roles and groups
• Control AD admin privileges and limit domain user accounts
• Employ auditing and alerting
• Regularly backup your AD configuration and directory
• Patch vulnerabilities
• Standardize and increase efficiency for provisioning process
© 2019 SolarWinds Worldwide, LLC. All rights reserved.
12. @solarwinds 12
With SolarWinds Server & Application Monitor
Quickly Find and Troubleshoot Issues
• Diagnose AD replication issues
• Quickly view replication status between domain controllers to ensure
overall AD health
• Review domain controller roles
• See all domain controllers and their corresponding FSMO roles
• View AD site details
• Gain insight into AD infrastructure across your enterprise
• Monitor logon and Windows® Events
• See logon event summaries with detailed drill downs that can help
support AD auditing
© 2019 SolarWinds Worldwide, LLC. All rights reserved.
13. @solarwinds 13
Leveraging AD Logs to Improve Monitoring and Security
• Log Analyzer
• Aggregate, chart and search your logs all within the Orion platform
• Out of the box rules to monitor for interesting AD events
• Consolidated view of AD performance metrics with log data (SAM required for performance metrics)
• Security Event Manager
• Normalize your AD logs to easily comprehend each event
• Predefined correlation AD rules, filters and widgets
• Configure rules to monitor activity such as failed user logons, password changes, or account lockouts
• Active Response for immediate response to unusual events (Remove User from Group, Disable Account
and more)
• Produce FISMA, STIGs, HIPAA, PCI, SOX, ISO, NCUA, FERPA, GLBA, GPG13, and other compliance reports
from templates © 2019 SolarWinds Worldwide, LLC. All rights reserved.
Log data provides visibility into AD changes including User/Group member changes, GPO changes, and
authentication events
14. @solarwinds 14
With SolarWinds Access Rights Manager
Monitor and Audit AD Access Rights
© 2019 SolarWinds Worldwide, LLC. All rights reserved.
• Quickly analyze user access to systems, data, and files
• Easily review user account permissions to help identify associated risks to security and
compliance
• Standardize user account provisioning and deprovisioning
• Automate account creation and support timely and complete deprovisioning of user
access
• Help protect against the risks of data loss and breaches
• Help detect malicious access attempts, compromised accounts, use of stolen
credentials, and other risks
• Automate regulatory compliance reports
• Help demonstrate compliance with reports created on-demand or scheduled for
automated delivery
17. @solarwinds 17
SolarWinds AD Resources and Product Pages
• Topic pages: Active Directory monitoring
Active Directory management
• Whitepaper: The Who, What, and When of Active Directory Monitoring
• Tech Tip: Monitoring Active Directory Environment
• Blogs: 7 Key metrics to monitor your Active Directory environment
Monitoring and managing Active Directory
• Product Pages Server & Application Monitor
Log Analyzer
Security Event Manager
Access Rights Manager
Let us know how we can help you
© 2019 SolarWinds Worldwide, LLC. All rights reserved.
18. @solarwinds 18
Additional Resources
Let us know how we can help you
© 2019 SolarWinds Worldwide, LLC. All rights reserved.
• Visit our THWACK government group: http://thwack.com/government
• Watch a short demo video: http://demo.solarwinds.com/sedemo/
• Download a free trial: http://www.solarwinds.com/downloads/
• Visit our government website: http://www.solarwinds.com/federal
• Call government sales: 877.946.3751
• Email SolarWinds federal government sales: federalsales@solarwinds.com
• Email SolarWinds state and local government sales: governmentsales@solarwinds.com
• Email SolarWinds education sales: educationsales@solarwinds.com
• Follow us on LinkedIn®: https://www.linkedin.com/company/solarwinds-government
19. @solarwinds 19
THWACKcamp 2019
• THWACKcamp™ is a two-day virtual event held October 16 – 17
attended by thousands of IT pros around the world
• Save the date and visit www.thwackcamp.com for more details;
registration for this free event is open now
© 2019 SolarWinds Worldwide, LLC. All Rights Reserved.
20. @solarwinds
The SolarWinds, SolarWinds & Design, Orion, and THWACK trademarks are
the exclusive property of SolarWinds Worldwide, LLC or its affiliates, are
registered with the U.S. Patent and Trademark Office, and may be
registered or pending registration in other countries. All other SolarWinds
trademarks, service marks, and logos may be common law marks or are
registered or pending registration. All other trademarks mentioned herein
are used for identification purposes only and are trademarks of (and may be
registered trademarks) of their respective companies.
Notas del editor Proposed timeline-
SolarWinds Overview (5)
Active Directory® (AD) challenges, threats, and best practices (5)
System, application, and log monitoring for AD (10)
Leveraging access rights management for AD (5)
Demonstrations (30) (SAM 10, LM 5, LEM 5, ARM 10)
Q&A (5)
Scrape speaking details from- https://www.solarwinds.com/topics/active-directory-monitor Scrape speaking details from- https://www.solarwinds.com/topics/active-directory-management 30 minutes (SAM 10, LM 5, LEM 5, ARM 10)