Eksporter (0) Skriv ut
Vis alt
EN
Dette innholdet er ikke tilgjengelig på ditt språk, men her er den engelske versjonen.

Changes in Security Auditing

Updated: March 9, 2009

Applies To: Windows 7, Windows Server 2008 R2

This product evaluation topic for the IT professional describes changes to security auditing, including the Granular Audit Policies feature, in Windows 7 and Windows Server 2008 R2.

Deploying and configuring audit polices in a centralized manner through Group Policy is available in Windows 2000, Windows XP, and Windows Server 2003. In Windows Vista and Windows Server 2008, the Granular Audit Policies feature allows more precise auditing. However, the Granular Audit Policies feature does not provide centralized configuration through Group Policy.

As in previous versions of Windows, security audit policies in Windows 7 and Windows Server 2008 R2 can be located in Local Computer Policy\Computer Configuration\Windows Settings\Security Settings\Local Policies\Audit Policies by using the Local Computer Policy snap-in.

In Windows 7 and Windows Server 2008 R2, configuration and deployment of detailed audit policies by using the Advanced Audit Policy Configuration feature can be accomplished with Group Policy.

Detailed audit policies are located in Local Computer Policy\Computer Configuration\Windows Settings\Advanced Audit Policy Configuration.

Object Access auditing has been improved by these features:

  • Enhanced event messages

    Event messages now display the reason that an account was allowed or denied access.

  • Global Object audit policy

    In earlier version of Windows, a system access control list (SACL) had to be propagated to every single object on every single asset. By using the Global Object audit policy, you can use a Group Policy Object to track all of the targeted objects. Investigators now can analyze the object access events to understand exactly which objects users and processes attempted to access, and reasons for success or failure.

Vurderte du dette som nyttig?
(1500 tegn igjen)
Takk for tilbakemeldingen

Fellesskapsinnhold

Legg til
Vis:
© 2014 Microsoft