Product
Function and Scope
StealthAUDIT for Systems is the foundation product
of the STEALTHbits Technologies offerings. It was designed and developed to
provide the broadest and deepest possible visibility into devices on customers’
networks. This is accomplished with a combination of elements including:
Comprehensive device discoveryAgent-less scanning, data and property collection
Flexible intuitive database storage with historical and cumulative
up-to-date information
Powerful report authoring, generation and publication facilities
Change detection and conformance evaluation
Notification and automated workflow subsystemsData results driven
remediation and change actions
StealthAUDIT for Systems offers a multi-threaded
engine with over 20 distinctly configurable “data collectors”. These data
collectors enable customers to easily compose powerful queries for obtaining:
Configuration settings (registry, database, .ini, or other configuration
file based)
Installed hardware, OS, and application software detail File age,
size, version, and access information
Windows domain and other directory based configuration information
User and group detail including administrative permissions
Event log detail
Inventory and state of services and processes on machine
....and many other properties from servers and workstations.
StealthAUDIT comes with hundreds of pre-developed
Jobs complete with query definitions and associated reports to provide instant
value to customers with very fast return on investment.
Architecture
Core engine – This is the primary
StealthAUDIT program. It can be run in a graphical (see Management Console
below) or non-graphical mode to collect data, invoke actions and analysis
processes, and generate reports. This flexibility permits it to be run either
interactively or on a scheduled basis.
Management console – This is a
Windows based UI application (currently embedded in the Core engine – see above)
that permits the intuitive administration of the product and visualization of
the system configuration and output results.
Database – This is a SQL Server
based database that can reside on the same or different machine from the
StealthAUDIT Console application.
Data Collector – DC’s are
dynamically loaded libraries that can be “plugged in” to a StealthAUDIT
installation to expand its functionality for additional data collection
techniques. Data collectors are implemented with graphical configuration
interfaces that use inherent knowledge of the sources for these system
properties coupled with “selection by example” techniques and logical element
groupings. This implementation empowers administrators to compose and run
queries in minutes that would take hours or days to script effectively.
Job – StealthAUDIT Jobs are
executable entities that contain all configuration elements required to collect,
filter, transform and store result data and generate reports against that data.
This encapsulation provides for easy packaging and distribution of configured
sets of functionality.
Operational
Flow
The following steps represent the sequence of processing of the
StealthAUDIT for Systems product:
Initially, device discovery is run for
the environment to provide a list for targeting Jobs.Jobs are selected
from the sample libraries or created by the customer for inclusion in the Job
tree.
Jobs are targeted to appropriate machines or groups from the discovered
environment.Jobs are either run interactively or scheduled from the
Console to be run (once or repetitively).When Job executes it performs:
● Data collection
● Change
detection processing (if configured)
● Data analysis tasks (if present) including data
transformation and rules processing
● Associated report generation and publishing
●
Notification (if configured)
Implementation and Scaling
StealthAUDIT can typically be implemented in hours as compared to alternative
agent based products that can take weeks and in some cases months to deploy.
Large enterprises can scale up by deploying multiple collection consoles with
the option to channel all results to a single central database.
The multi-threaded design of StealthAUDIT enables
it to assign processing for each target devices to one of a configurable number
of threads to optimize throughput. This approach allows the effective use of
multi-processor environments.
StealthAUDIT imposes minimal impact on network
resources providing the opportunity to run on frequent cycles to ensure that the
data in the database is very current at any point in time for reporting
purposes.
Learn more about StealthAUDIT: Overview |
Features |
For Active Directory |
For Exchange | For Systems
| Action Modules
|
Resources