ADAudit Plus: How L&T managed its real-time monitoring and auditing requirements
About the Organization
Larsen & Toubro Limited (L&T) is one of the largest and most respected companies in India's private sector with over 80 years of a strong, customer-focused approach and a continuous quest for world-class quality. It specializes and is an industry leader in the technology, engineering, construction, and manufacturing sectors. It operates in over 50 countries worldwide.
-
Country
Mumbai, India -
Industry
Construction -
Employees
10,001+
Business challenges
L&T had various configured servers it used to manually collect logs, as well as process, and audit. Log data was scattered across multiple servers and locations. The process of log collection was not automated and the organization didn't have a centralized repository to manage these logs. Without a central repository, it was challenging to track user activity across different systems and applications, which increased the risk of data breaches. As L&T didn't have a proper auditing solution, it was not able to search for a particular incident or navigate easily through the volumes of log data, making it hard to identify trends and patterns that could indicate potential security threats.
The solution
L&T needed an effective auditing solution and chose ManageEngine ADAudit Plus to help it manage, in one console, logs collected from various sources and monitor security incidents in real time. It was vital for the company to detect troublesome modifications in the network immediately. These modifications often consisted of attribute changes, such instances if a malicious user changed the password settings for another user account. ADAudit Plus detects modifications promptly and efficiently by auditing every AD attribute change in real-time with constant vigil.
Utilizing ADAudit Plus, L&T detected every change made to users, computers, groups, and OUs, and stayed up-to-date on unauthorized attempts, receiving alerts for critical attribute modification actions. L&T can also now audit AD object changes and view the before or after attribute values, along with detailed audit reports of who did what action, when and from where! ADAudit Plus helps L&T monitor crucial extended security attributes and extended user attributes, which gives it details about user objects and permission modifications. Security attributes, such as access control lists, helps L&T track any modifications made to permissions for a user or a group of users.
L&T wanted to track, monitor, and report on critical user account modifications, such as creation of multiple users with passwords set to never expire, user rename events, and resetting of old or new account values. With ADAudit Plus, it is able to track changes made in the AD instantly.
ADAudit Plus, being a comprehensive solution, simplifies AD auditing and reporting for L&T. This solution brings together an intuitive user interface, preconfigured reports, and advanced filter options, making it easy for L&T to track changes in its network, and detect threats immediately. The reports can be scheduled to be emailed to the analyst and be exported in XML, HTML, PDF and CSV formats for detailed analysis and auditing.
About ADAudit Plus
ADAudit Plus is a UBA-driven auditor that helps keep your AD, Azure AD, file systems (including Windows, NetApp, EMC, Synology, Hitachi, Huawei, and Amazon FSx for Windows), Windows servers, and workstations secure and compliant. ADAudit Plus transforms raw and noisy event log data into real-time reports and alerts, enabling you to get full visibility into activities happening across your Windows Server ecosystem in just a few clicks.
