Sponsors

Tuesday, 23 August 2016

Top 10 Exchange Server Audit Reports with LepideAuditor Suite

Having a pro-active and in-depth Exchange server auditing plan is an important part of any IT security plan. However, attempting to achieve this level of detail using native auditing alone can be time-consuming and complex. 

Thankfully, there are solutions specifically designed to help audit the Exchange Server; one such solution is LepideAuditor Suite.

LepideAuditor Suite comes with numerous predefined audit and compliance reports divided into the following categories:

  • SQL Server 
  • SharePoint Server
  • Active Directory
  • Group Policy Objects
  • Exchange Server
  • File Servers
  • All Environment Changes and Console Auditing. 
These reports have been specifically designed to address all manner of security, systems management and compliance challenges.
The Exchange Server audit reports can be divided in two sections:

  1. Exchange Server Health Monitoring Reports
  2. Exchange Server Audit Reports
In this article we will take look at 10 most powerful Exchange Server Audit reports in LepideAuditor Suite:

1. Server Availability: 


This report shows the status of the server availability in a horizontal bar graph. The server is shown to be either Available, Unavailable or Unknown. 

The graph has three time control buttons; six hours, twelve hours and twenty four hours. The report is also available in text format. 

Some additional information about the server is also available; like partition size, free space and used space. 
Figure 1: Server Availability Report

2. Non-owner mailbox access report: 

These reports provide information on whenever the mailbox is accessed by the administrators, mailbox owners or non-owners. 

Complete information about the mailbox access is included in the reports including who accessed the mailbox, when and from, where all displayed in a tabular report.


Figure 2: Non Owner Mailbox Access Report
3. Exchange Services: 

This report provides a list of services currently running in the Exchange Server environment. 

The following information is included in the report: Service Name, Service Path, Service Caption, Start Mode, Date/Time and Service Status.

Figure 3: Exchange Services
4. SMTP Performance: 

This report displays the status of SMTP performance counters. Three reports for Messages Sent, Messages Received and Messages Refused for Size are displayed in line graph format. 

Additional information in this report are Bytes Received, Total Connections, Total Messages Sent and Total Messages Received etc.

Figure 4: SMTP Performance Report
5. OWA Performance Reports: 

This report displays the status of OWA (Outlook Web Access) Performance Counters. 

The following information about the OWA performance is available in the report: 

Average Response Time, Requests Failed, Current Unique Users, Sessions Ended by Timeout and Store Logon Failure Percent.

Figure 5: OWA Performance Reports
6. Mailbox Modifications: 

This is a category of reports that displays information on the changes made to Exchange mailboxes. 

It contains the following reports: 
  • Mailbox created
  • Mailbox moved
  • Mailbox deleted
  • Mailbox modified
  • Mailbox disabled. 
It also has a sub-category of reports called Mailbox Settings Modifications.
Figure 6: Mailbox Modification Report
7. Policy Modifications:

These reports contain the following: 
  • Policy Created
  • Policy Modified
  • Policy Deleted. 
These reports show all created policies, deleted policies and all modifications of policies including Address Book Mailbox Policy, Mailbox Recipient Policy, Sharing Policy and others. 
Figure 7: Policy Modification Report
8. Mail Contacts Modifications: 

Tracking changes to mail contacts modifications is important for Exchange Server auditing. 

These reports display information on modifications of the mail contacts. The following reports have been included in this category: 
  • Mail Contact Created
  • Mail Contact Modified
  • Mail Contact Deleted.
Figure 8: Mail Contacts Modification Report 

9. Address Book Modifications: 

As part of the Exchange Server auditing process, it is important to know what changes have taken place in the Exchange address book. 

Three reports have been included in this category: 
  • Address Book Created
  • Address Book Modified
  • Address Book Deleted.
Figure 9: Address Book Modification Report

10. Distribution Group Modifications:
 


The following reports have been included to report all kinds of changes to Distribution Groups in the Exchange Server. Any Distribution Group created, modified or deleted is shown in the reports. 

All changes to Distribution Groups, Distribution Security Groups and Dynamic Distribution Groups are included in the reports.


Figure 10: Distribution Group Modification Report
Conclusion:
 
LepideAuditor Suite for Exchange Server provides a simple way of pro-actively auditing critical IT systems. It provides numerous pre-defined reports that display auditing information in the Exchange Server environment. It helps organizations to address challenges with security, systems management and compliance. 


Please check vendor portal for more details about LepideAuditor Suite for Exchange Server.

1 comment:

  1. Nice to see a blog dedicated to Active Directory Migration , good luck. Keep continuing updating such kind of interested post here.

    ReplyDelete

Popular Posts This Week