thedude0901
n00b
- Joined
- Oct 17, 2004
- Messages
- 41
Greetings,
I work in a financial institution that must follow specific government regulations regarding logging, reporting and auditing. My role in the company is to administer 75+ servers both Windows and Linux, 100+ network devices including routers, switches, firewalls and UTM boxes. All of the network stuff are HP Procurve switches and Cisco everything else. My other role is network security for all of the above.
The government has a real problem with me having so much administrative level access to both the servers and network equipment. Their argument is I can change something on the network then go in and delete the log entries removing any evidence something was done.
What they want is to have everything send logs to a centeral logging server that I don't have access to.
Do any of you work in an environment like this and what do you do for auditing? What products are out there that can satisify these requirements?
Best regards,
The Dude
I work in a financial institution that must follow specific government regulations regarding logging, reporting and auditing. My role in the company is to administer 75+ servers both Windows and Linux, 100+ network devices including routers, switches, firewalls and UTM boxes. All of the network stuff are HP Procurve switches and Cisco everything else. My other role is network security for all of the above.
The government has a real problem with me having so much administrative level access to both the servers and network equipment. Their argument is I can change something on the network then go in and delete the log entries removing any evidence something was done.
What they want is to have everything send logs to a centeral logging server that I don't have access to.
Do any of you work in an environment like this and what do you do for auditing? What products are out there that can satisify these requirements?
Best regards,
The Dude