NNT Change Tracker Enterprise

NNT Change Tracker Enterprise™ is an easy to use and extremely cost effective system auditing and change detection solution for improved security, compliance and IT management.

One easy to use solution, сombining

  • File Integrity Monitoring
  • Change & Configuration Management
  • Device Hardening

Securing your IT Estate against the Cyber Threats of today, NNT Change Tracker Enterprise™ helps you to prevent security breaches of your systems.

Feature-rich, easy to use and affordable Change Tracker™ is a comprehensive and powerful solution for validating, achieving and maintaining compliance with corporate governance or security standards, such as PCI DSS, HIPAA, NERC CIP, SOX and GCSx CoCo.

Operating at a forensic level within the IT infrastructure, Change Tracker™ works across all devices including:
• Servers
• Workstations
• Network routers and switches
• Firewalls and other appliances

Change Tracker™ monitors changes to:
• files, file attributes and folder structures
• registry keys and values
• installed applications and patches
• services’ startup and running states
• running processes (checked against blacklists and whitelists)
• windows audit and security policy settings detecting and alerting to any suspicious activity that may represent a security or performance threat



In the first instance, Change Tracker™ enables an organization to bring IT systems into compliance with a ‘known good and secure’ state using ‘out of the box’ or user-definable auditing policies.

Once IT systems are considered to be within compliance, as well as configured and set up properly, Change Tracker™ then uses sophisticated tracking methods to ensure they remain that way.

If something does change, Change Tracker will immediately report what changed, when, by whom and crucially, whether that change was part of a Planned Change. Dynamic Compliance Dashboards also provide ‘at a glance’ reassurance of your continued safe and compliant state.

Easy to scale across any organization, NNT Change Tracker™ provides a comprehensive solution, including:
• Real-time File Integrity Monitoring (FIM)
• Fully featured change and configuration management (CCM) solution for your entire IT infrastructure
• Best practice-based configuration hardening reports pre-packed
• Complete system policy management and protection
• Support for all platforms and environments (Windows, Unix/ Linux and all network devices and appliances)
• Choice of agentless or agent-based monitoring

Device Auditing & Hardening
• Pre-defined templates ensure devices are hardened and vulnerability-free, with ‘out of the box’ device hardening for Windows and Linux/Unix devices
• Customized hardening templates are easily created and applied across the estate
• Continuous automated vulnerability auditing of all devices including workstations, POS, servers (Windows, Unix and Linux), firewalls, switches and routers
• ‘Out of the box’ PCI DSS, ISO 27K, SOX and other compliance reports

Monitoring
• All devices are tracked for configuration changes, with the ability to automatically re-configure devices in bulk or roll-back configuration settings to a previous version
• Configuration change audit-trail provided at a forensic level for all server, workstation and network devices
• Both ‘planned’ changes and ‘unplanned’ changes are detected, with the ability to reconcile ‘unplanned’ changes and record, label and annotate appropriately
• ‘Who made the change’ detail reported in real-time, including when the change was made and the impact on the security profile

Reporting
• Real-time alerting on any file integrity changes
• Scheduled reporting for FIM and compliance initiatives
• Both real-time and scheduled reporting, with at a glance summary reports delivered straight to your Inbox
• Online dashboard displaying health, availability, change and configuration, and compliance status of the IT Infrastructure

What changed? Real-time and scheduled comprehensive tracking notifies you of exactly what changed, who made the change, when and what impact that has had on your security profile — vital in the fight against internal and external threats.

What is the risk profile? Configuration settings that govern the security of key devices are audited continuously, ensuring they remain hardened in line with your security and compliance standards. Unauthorized changes are recorded, showing who made the change and whether security is affected.

What are the real threats? By intelligently evaluating all events and changes within the IT estate to highlight only genuine security threats.

Which changes were Planned vs Unplanned? Change details are documented and reconciled with what actually changed. Planned changes can be authorized and scheduled, with the ability to separate planned from unplanned changes, cutting down the number of false alerts and assisting you in driving a culture of zero tolerance to unplanned changes throughout your organization.

Fully automated vulnerability assessment for all leading Database Systems, including Oracle and SQL Server
• Maximize Security — identify security vulnerabilities in your databases before they can be exploited
• Assess compliance with manufacturer best practices in secure configuration — plain english report shows any violation

New 64bit agent uses common codebase across all platforms, including Windows, Solaris and all leading Linux
• Massive Scalability — policy enforcement and change tracking distributed across hosts gives substantial increase in efficiency over agentless scanning
• Regex-based file exclusion/inclusion rules, recursion control, selectable hash algorithm (inc. MD5, SHA512)
• Live-tracking for file attributes plus ‘before and after’ reporting of changes to text-based config files

All Change Tracker™ components now operate with native 64bit support:
• System-wide file integrity monitoring now faster than ever, with rock-solid stability
• Ten-fold increase for device numbers and file change reporting support
• Hundreds of thousands of files can be tracked using both agent-based and agentless trackers

All reports improved for Version 6.5
• Updated Compliance Report format provides ‘cleaner’ test results, makes build-standard drift correction easier than ever
• Revised FIM report provides details of any ‘device unavailable’ periods to satisfy auditor requirements
• FIM Changes can now be provided in CSV/Excel format for simplifying analysis by larger teams
• Updated reports for all platforms, including Server 2012

Report against multiple GRC Standards while using a separate monitoring template
• For fast track compliance programs, the Vulnerability Report template can be assigned automatically as a monitoring template
• For larger IT Teams, reports can be processed without changing the monitoring template, convenient
for organizations subject to multiple governance standards

Prioritized File Integrity set-up incorporates new ‘File/Folder Match Rule’ for exacting control of FIM policy
• Inclusions and exclusions can be controlled with surgical precision even for custom applications
• Keyword exclusion for specified Software Updates such as regular AV updates
• Agentless FIM tracker performance improved to handle 50K plus FIM changes per poll
• New Agent Local Web Interface, self-contained report generation and viewing
• Standardized syslog message format for direct SIEM integration