Cygna Auditor helps you secure your business critical assets such as important files and folders stored on your Windows servers and shared resources.
Cygna Auditor notifies you on both successful and failed actions thus allowing you to identify unusual activity peaks or unauthorized access attempts, and mitigate these risks immediately. The reports shipped with the product are designed to help you prove compliance with various security standards and regulations, including PCI and GDPR.
Basically, Cygna Auditor reports the following actions on your file servers:
- On the Cygna Auditor home page, click the Configuration tile and then drill-down to File System / Servers.
Add servers for auditing. To collect data, Cygna Auditor needs to deploy an auditing service on each server you want to audit. The drivers are non-intrusive and will not affect the server operability. You can deploy a service automatically or manually.
Note: If you plan to audit Cygna Auditor application server for file system changes, install the service manually.
- Manually: Click (the question mark button) and click the link to download the File System auditing service installer package. On each server you want to audit, install the service and start it.
Automatically: Click (the Add server button). In the dialog that opens, provide administrator credentials and click . Cygna Auditor will look up for servers and show the list of available servers. Select servers you want to audit and click Install.
Note: On these servers, enable the following inbound firewall rules: Netlogon Service (NP-In), File and Printer Sharing (SMB-In), and File Server Remote Management (SMB-In).
- Specify folders for auditing. To do this, navigate to File System / Alerts and create a new alert for a folder you want to monitor. There is no need to add any actions. See Creating Alerts for detailed instructions.
Check the data collection status in the audited servers list.
Note: This step is only required if you use Windows authentication on your SQL Server.
To ensure the agent feeds audit data to your Cygna Auditor database, make sure it has sufficient permissions on your SQL Server instance.
For each file server where the agent runs, do the following: On SQL Server, create a login for each computer account (domain\computeraccount$) and assign it the db_owner and public roles for your Cygna Auditor database.