How to perform network-wide security event log monitoring

This white paper explains the need to monitor security event logs network-wide and how you can achieve this using GFI LANguard S.E.L.M. It is written by Randy Franklin Smith, author of the in-depth series on the Windows security log in Windows 2000 & .NET Magazine.

Microsoft Windows machines have basic audit facilities but they fall short of fulfilling real-life business needs (i.e., monitoring Windows computers in real-time, periodically analyzing security activity, and maintaining a long-term audit trail). Therefore, the need exists for a log-based intrusion detection and analysis tool such as GFI LANguard Security Event Log Monitor (S.E.L.M.).

This paper explains how GFI LANguard S.E.L.M.’s innovative architecture can fill the gaps in Windows’ security log functionality - without hurting performance and while remaining cost-effective. It discusses the use of GFI LANguard S.E.L.M. to implement best practice and fulfill due diligence requirements imposed by auditors and regulatory agencies;
and provides strategies for making maximum use of GFI LANguard S.E.L.M.’s capabilities.