Cross-platform management vendor Centrify this week introduced an auditing tool that lets Windows shops log, monitor and audit the activity of their users working in Unix and Linux environments.
Centrify DirectAudit is aimed at helping companies comply with regulatory mandates by capturing a user's entire network session and then allowing IT to "playback" what transpired. The software records keystrokes and session output and stores the data in an SQL Server database.
The software works against Microsoft's Active Directory and integrates with Centrify's other product DirectControl, which provides cross-platform authentication and authorization.
Centrify's suite of products is designed to give users one centralized identity service that runs in the Windows environment but extend to Unix and Linux..
"What we really like about DirectAudit is we have the ability to get into a console and use some user-friendly queries to get session information," says Manohar Nayak], senior architect of network security at Yodlee, which provides applications to financial institutions to support online banking. "Then we can play back what happened from a security or on operational perspective."
Nayak says the altering capabilities in the software also let Yodlee configure the software to provide notifications when particular events are happening in the network.
"Previously we have a lot of manual processes to make those things work. There was a lot of overhead. DirectAudit and DirectControl make those tasks simpler," says Nayak.
Centrify says DirectAudit also can be used to monitor system administration to help reconstruct problems that arise from configuration changes or to track what contractors or guest users have done on the network. Administrators also can see in real time who is accessing Unix and Linux systems and what they are doing.
The software has four parts, including a client agent used to gather session activity even if the network goes down. A Collector gathers the data from the agents, which send their information in a compressed and encrypted format. DirectAudit also supports load-balancing among multiple DirectAudit Collector Services.
The software also includes the Repository, which is built on an SQL Server database. DirectAudit ships with SQL Server Express in the box. The DirectAudit Console provides that centralized view into all monitored systems regardless of platform.
The software is priced at US$750 per system and US$2,500 for each console. It is expected to ship in May.