Windows File System

Cygna Auditor helps you secure your business critical assets such as important files and folders stored on your Windows servers and shared resources.

Cygna Auditor notifies you on both successful and failed actions thus allowing you to identify unusual activity peaks or unauthorized access attempts, and mitigate these risks immediately. The reports shipped with the product are designed to help you prove compliance with various security standards and regulations, including PCI and GDPR.

Basically, Cygna Auditor reports the following actions on your file servers:

Open Close Read Write
Create Delete Rename Set attribute
Set permission Recycle Restore Duplicate

Enabling Audit

  1. On the Cygna Auditor home page, click the Configuration tile and then drill-down to File System / Servers.
  2. Add servers for auditing. To collect data, Cygna Auditor needs to deploy an auditing service on each server you want to audit. The drivers are non-intrusive and will not affect the server operability. You can deploy a service automatically or manually.

    Note: If you plan to audit Cygna Auditor application server for file system changes, install the service manually.

    • Manually: Click (the question mark button) and click the link to download the File System auditing service installer package. On each server you want to audit, install the service and start it.
    • Automatically: Click (the Add server button). In the dialog that opens, provide administrator credentials and click . Cygna Auditor will look up for servers and show the list of available servers. Select servers you want to audit and click Install.

      Note: On these servers, enable the following inbound firewall rules: Netlogon Service (NP-In), File and Printer Sharing (SMB-In), and File Server Remote Management (SMB-In).

  1. Specify folders for auditing. To do this, navigate to File System / Alerts and create a new alert for a folder you want to monitor. There is no need to add any actions. See Creating Alerts for detailed instructions.
  2. Check the data collection status in the audited servers list.

Continue reading:

Search

Reports

Activity Widgets

Alerts

Global Search

Global Reports