Quote:
Originally Posted by RayPesek  Hi derspot,
If you're in a SarBox environment, try to figure out how you're going to prove change control with ISA. It's impossible. It doesn't log anything related to policy changes or object changes. It doesn't log anything about log reviews. You will resort to documenting everything you do in a notebook instead of relying on automated processes and then you have to convince the auditors that you really did manually log everything and you did it contemporaneously.
Good luck,
Ray |
ECC Enterprise Compliance Auditing Reporting (ECAR) is the security accounting MOM 2005 based solution that automates measurable, sustainable and repeatable assessment of over 200 Microsoft ISA Server events for demonstrable compliance to Sarbanes-Oxley, FISMA, HIPAA and GLBA governance. Versions are available for each of the regulation, plus a cross regulation version covering 17 event categories. ISA Server security events are associated with specific regulation requirements and then mapped to NIST 800 series and other best practices. Over 50 customizable management reports are included. The ECAR extensible framework leverages the power of MOM and SQL Server with SQL Reporting Services.
This is not only for ISA.
http://enterprisecertified.com/ECARsox.htm