eDirectory and NetWare Auditing

DSMETER has been created to help you protect your enterprise. DSMETER's NLM foundation integrates seamlessly into your existing NDS/eDirectory Tree. For complete audit and control load the DSMETER.NLM on each NetWare server in your NDS/eDirectory Tree (the DSMETER Administrator interface can do this for you automatically).

DSMETER's NLM technology has been designed specifically for NetWare servers. The DSMETER NLM loaded at each NetWare server maintains its own set of audit activity files which are periodically transmitted to the master repository server which you designate. These audit activity files are used to produce DSMETER's activity reports.

The audit activity files are transmitted using a low-overhead transfer protocol that operates equally well in low speed WAN environments and gigabit ethernet networks. The protocol used relies upon NCP (Netware Core Protocol) and operates independently of the underlying transport protocols whether they be IPX, TCP/IP, X.25, etc. DSMETER v3 activity audit files are always encrypted.

DSMETER uses NDS/eDirectory to store your desired activity profiles. Therefore, each server's DSMETER NLM is updated with your commands as soon as NDS has been synchronized.

DSMETER's Administrator interface has been designed to facilitate your quick installation and deinstallation of the DSMETER.NLM at each server in the selected NDS Tree. Servers that are down or are not NetWare-based will be automatically excluded from the installation/deinstallation process. There is also the ability to update all DSMETER.NLMs as well as ping each for its load status.

DSMETER relies exclusively upon its NLM technology to help you audit and control your enterprise's data. There are no workstation agents to load nor are there any other software components required at user workstations to enable DSMETER's abilities. When you use DSMETER, your users cannot escape detection. Further, DSMETER works at the session level, therefore it does not matter what transport technology your users have enabled whether it be IPX, TCP/IP, X.25, etc.

Did you know that it is possible for sufficiently privileged users to create Hidden Objects in your NDS/eDirectory? Did you know that these Hidden Objects can be used as "backdoors" into your NDS/eDirectory? It is possible create a Hidden NDS User Object in less than a minute!

DSMETER gives you the power to discover and unhide as well as disable these troublesome Hidden Objects. Further, DSMETER can be configured to automatically scan for and unhide/disable Hidden Objects.

Sometimes you have specifically created Hidden Objects, in these cases you can choose whether to unhide and/or disable the Hidden Object.

DSMETER provides you with exceptional abilities to track NDS and eDirectory Security Activity. The following list outlines DSMETER's major security tracking options:

• Additions to Security Equivalence
• Changes in Group Membership
• Changes in Organizational Role Occupants
• Successful Password Changes
• Failed Password Changes
• Object Creation
• Object Deletion
• Changes in Object Security that result in Supervisory Privileges
• Changes in Object Security that result in other Privileges
• Changes in Inherited Rights Filters (IRFs)

DSMETER provides you with exceptional abilities to track NDS and eDirectory Attribute Activity. The following list outlines DSMETER's major attribute tracking options:

• Object Login Enable
• Object Login Disabled
• Object is Locked by Intruder Detection
• Additions to absolutely ANY Attribute, even those you define
• Deletions to absolutely ANY Attribute, even those you define
• Receive Desktop Alerts (Novell SEND Message) on any change

DSMETER provides you with truly exceptional abilities to track Logins and Logouts. When you use DSMETER you can optionally:

• Track "normal" Logins (i.e. those that use a connection license)
• Track Logouts
• Track Logins or Logouts by the object's NDS container path
• Track LDAP Authentications including those used by GroupWise
• Reports include Total Time Logged in (seconds or minutes)
• Track Bindery Login Attempts
• Track Failed Login Attempts - bad account name
• Track Failed Login Attempts - bad password used
• Track Failed Login Attempts - Intruder Lockout
• Track Failed eDirectory/NDS Account Name Lookups

For each action tracked, the following will be recorded:

• NetWare Server where action occurred
• TCP/IP address of where action originated, except LDAP
• If TCP/IP is not in use, the physical network address will be used
• Account Named used in the Action - includes Failed Logins so you will know what login names are being tried!

DSMETER provides you with the ability to Track File System Security activity. With DSMETER, you can optionally:

• Track changes in file system security that result in Supervisory privileges
• Track changes in file system security that result in other privileges

DSMETER provides you with exceptional abilities to Track File System Data activity. When you use DSMETER you can optionally:

• Track files by Extension (.MP3, .MPG, .AVI, .MPEG, .EXE, etc.)
• Track files by path (Server, Volume, Directory)
• Use wildcards in any portion of the path
• Track by exclusion - track all but excluded paths/extensions
• Track file open operations
• Track file changes (writes)
• Track file read operations
• Track file delete operations
• Track file salvage operations
• Track file purge operations
• Track file copy operations - who is copying files!
• Track folder/directory create operations
• Track folder/directory rename operations
• Track folder/directory delete operations
• Optionally receive Desktop Alerts (Novell SEND Message) on occurrence of any defined tracking action

Each record created includes:

• Tracking Action
• Who requested the Action
• The specific file object the Action was requested upon
• Whether or not the Action was blocked by DSMETER
• The time the Action occurred
• The TCP/IP or physical address of workstation Action was requested from
• For Rename Actions - the name the file object was being renamed to
• For Salvage Actions - the name the file object was being restored to

DSMETER provides you with the unprecedented and unequalled ability to control Object Creation and Deletion by Object Class!

Restrict NDS/eDirectory object creation and/or deletion:

Restrict operations by NDS/eDirectory Object Class!

• Scope allowed operations by Object Class and Container
• Define users allowed by Group or Organizational Role membership
• Define custom "you have been blocked" SEND Message upon detection
• Optionally Lockdown all object creations/deletions to only what you define
• Optionally Exclude specified Administrators from restrictions

DSMETER provides you with unprecedented and unequalled file system abilities!

Block Creation, Renaming, Modification and/or Deletion of Files:

• By file extension (.mp3, .mpg, .avi, .exe, etc.)
• By directory location (server, volume, path, any path, etc.)
• Use wildcards in any part of the directory path and/or filename
• Optionally receive Desktop Alerts (i.e. Novell SEND Message) upon detection

Now you can prevent users from downloading and using MP3 or any other type of file!

DSMETER can be used to collect pertinent NetWare Server Hardware data. Optionally, the following data are captured for each server running the DSMETER.NLM:

• NetWare Server Version and Revision
• NDS/eDirectory Version
• Processor 0 speed rating in MHz
• Processor 0 Type (Pentium, Pentium 2, etc.)
• Size of SYS:_NETWARE (i.e. amount of disk space NDS is using)
• Size and Free Space of each mounted Volume

DSMETER, new for v3, includes tracking and alerting of the following NetWare Server Activity:

• Replica Errors - when any eDirectory replica is in an error state
• CPU Utilization - when exceeds predefined criteria
• Volume Use - when exceeds % full
• Volume Mount and Dismount actions
• Server Last Reboot
• NLM Load and Unload actions
• Cache Buffer count is too low
• User Disk Space Restrictions - space use exceptions
• Folder/Directory Space Restrictions - space use exceptions

DSMETER includes our unique, patented Visual, Drag-and-Drop, Rules-Based Custom Reporting Engine. This component of DSMETER allows you to customize your reports to suit your exact needs. All items tracked can be used as filters in your reports. Whether you need to report by Date, Location, Action, etc, you can receive the report you need with the same drag-and-drop ease our DSRAZOR product employs. DSMETER includes several ready to run reports for you to use or customize.