ManageEngine, the real-time IT management company, announced a new version of†ADAudit Plus, its integrated Active Directory, workstation, file server and member server auditing software. The new version is capable of reporting on federated authentication requests administered by Active Directory Federation Services (ADFS). Enterprises that use ADFS to authenticate employee access to cloud-hosted apps or partner user access to shared applications will be able to establish and demonstrate access accountability using this new reporting feature.
When businesses implement ADFS to establish single sign-on access to IT resources across corporate boundaries, they often face a trade-off between seamless user experience and administrative overhead. Furthermore, the standard implementation of ADFS, which offers rich security features, is quite contradictorily found lacking in security event (such as user activity) reporting capabilities. Administrators must rely on heavy scripting to glean information about user activity, which is haphazardly logged in the federation servers. Preparing audit-ready reports from these federation server logs only adds to the complexity of auditing user activity. The newly added ADFS auditing in ADAudit Plus addresses these issues.
Available as an add-on to ADAudit Plus, the new reporting feature records and scrutinizes every authentication request handled by an account partner federation server. For successful logons, the report captures the essential data, including the IP address from which a logon request was initiated, the accessed app (such as Office 365) and the claims issued by the federation server. Logon failures are reported as well, pinpointing the reason the authentication failed, which enables administrators to quickly remediate the underlying issue. This piece of information also helps administrators to quickly spot and negate any denial-of-service attack. In addition, administrators can configure ADAudit Plus to automatically forward ADFS audit reports to other SIEM tools.
“In spite of the widespread adoption of ADFS in today’s cloud-driven IT environment, a tool that can comprehensively audit the federation servers is surprisingly unavailable,” said Balasubramanian Palani, product manager at ManageEngine. “As a result, businesses are needlessly spending a substantial portion of their IT management time on ADFS auditing and reporting. Our goal is to reduce that burden.”
Pricing and Availability
ManageEngine ADAudit Plus with Active Directory Federation Services auditing is available for immediate download. Pricing starts at $495.
†
