Maintaining HIPAA Compliance on Windows® Servers
CPTRAX Product BrochureCPTRAX for Windows provides Real-Time Tracking of User Logons and Logouts as well as complete audit trails of selected file system access on Windows, Windows Terminal Server and Citrix® Sessions.
HIPAA Issues addressed by CPTRAX for Windows
Procedures for guarding against malicious software § 164.308(a)(5)
CPTRAX includes the ability to deny creation and renaming of executable files located on file systems hosted by your Windows servers. This feature supplements your current anti-virus protection by ensuring unauthorized executable files are not created. This protection is provided at the Windows server level and does not require any special software to be used upon your workstations.
Additionally, CPTRAX provides the ability to block the creation and renaming of files on file systems hosted by your Windows servers by numerous parameters including any portion of the filename including the path.
CPTRAX also includes the ability to send alerts via email and/or our desktop alert console when any file/folder action occurs including Open, Write, Create, and Delete.
Procedures for recording logon activity including failed login attempts § 164.308(a)(5)
CPTRAX includes the ability to record logons and logouts occurring within your Windows and Windows Terminal Server (Citrix) servers. This ability is provided at the Windows server level and does not require any special software to be used upon your workstations.
Additionally, CPTRAX has the unique ability to track failed logon attempts including those using an incorrect password as well as those using a non-existent account. The failed logon name, error type, IP address and workstation name are all recorded. Further, failed logons can be separately track based upon the originating IP address.
Supplementing logon tracking is CPTRAX's ability to record and send alerts via email and/or out desktop alert console in response to any failed logon.
Procedures for recording system activity § 164.312(b)
CPTRAX includes the ability to track all access requested for sensitive files stored within file systems hosted by Windows Servers. This ability is provided at the Windows server level and does not require any special software to be used upon your workstations.
Make CPTRAX for Windows part of your ongoing HIPAA Compliance effort today.
The following sections provide additional technical details regarding CPTRAX for Windows and the needs it fulfills.
How is CPTRAX for Windows different than other File System Monitoring tools you may be using or have tested?
- Does not use Windows Event Logs
- Is not a snapshot tool that only notices after changes are made
- No changes to your Windows security configuration
- Audits local and remote file access in real-time including identification of IP address, workstation and user name
Your job just got easier because CPTRAX for Windows gives you visibility on who is creating, accessing, and deleting your data! Receive complete audit trails of selected file and folder accesses. You can optionally configure alerts to be delivered via email and our desktop alert agent.
Our companion product, DSRAZOR for Windows, gives you the power to administer and report on access rights to files and folders.
CPTRAX for Windows provides the following for terminal server / Citrix sessions and remote users via a lightweight server agent:
- Tracking of Terminal Server and Citrix® Session Login and Logout Activity
- IP Address of each remote session
- Computer name of each remote session
- User Name (including DN, SID and SAM Name)
- Tracking can be narrowed by IP address range (for instance: track only those connections made from offsite IP addresses)
- Total connection time
- Tracking of Kerberos, NTLM and NTLMSSP Login and Logout Activity
- IP Address where connection originated
- Computer name
- User Name (including DN, SID and SAM Name)
- Tracking can be narrowed by IP address range (for instance: track only those connections made from offsite IP addresses)
- Total Connection Time (based on logout time)
- Track of Failed Kerberos, NTLM and NTLMSSP Login Activity
- Specific error that occurred
- IP Address where request originated
- Login Name used
- Tracking can be narrowed by IP address range (for instance: track only those connections made IP addresses in your location)
- Receive real-time alerts via email
- Receive real-time alerts via desktop popup (using our Alert Agent)
- Interoperability across unrelated Domains, Active Directory Forests and stand-alone servers/workstations
- Scalable Administration interface that enables functionality on a small network to one with thousands of servers
- Unattended and Scheduled Reporting
- Automatic purging of old activity logs
- Encrypted activity logs
CPTRAX for Windows provides the following for remote and local users including terminal service sessions via a lightweight server agent:
- Tracking of File System Access:
- open
- create
- rename
- delete
- modification (file write)
- permissions changes
- ownership changes
- Tracking of Folder Access:
- open
- create
- rename
- delete
- permissions changes
- ownership changes
- Denial of File System Access:
- unwanted creates (for instance: no music or video files)
- unwanted deletes
- unwanted renames
- unwanted modifications
- Denial of Folder System Access:
- unwanted creates
- unwanted deletes
- unwanted renames (for instance: prevent unwanted folder moving)
- Receive real-time alerts via email
- Receive real-time alerts via desktop popup (using our Alert Agent)
- Interoperability across unrelated Domains, Active Directory Forests and stand-alone servers/workstations
- Scalable Administration interface that enables functionality on a small network to one with thousands of servers
- Unattended and Scheduled Reporting
- Automatic purging of old activity logs
- Encrypted activity logs
CPTRAX for Windows optionally provides the following via the same lightweight server agent:
- Track Kerberos, NTLM and NTLMSSP Logon and Logoff Activity
- Track Failed Kerberos, NTLM and NTLMSSP Logon Activity
- Track Terminal Server and Citrix® Session Logon and Logoff Activity
Selected details included in each CPTRAX for Windows report:
- Workstation Name
- Workstation IP Address
- SAM Account Name
- LDAP Account Name
- Security Identifier (SID)
- Total Time Logged On
- Share Used
- Full File System Path
- ACL Permissions
- Remote Computer Name for WTS/RDP Sessions
- Remote Computer IP Address for WTS/RDP Sessions
CPTRAX for Windows Feature Summary
- file change audit trail
- file access audits
- file system auditing
- file auditing software
- Citrix auditing
- monitor file changes
- monitor folder changes
- record file changes
- track file changes
- track folder changes
- Windows file server file auditing
- Windows file server folder auditing
- logon tracker
- login tracking
- track user logins
- track user logons
- track user logouts
- track user logoffs
- tracking logins
- tracking logons
- tracking logoffs
- tracking logouts
- tracking user logins
- tracking user logouts
- tracking Windows logons
- tracking Windows logouts
Visual Drag-and-Drop, Rules-Based Reporting Engine
CPTRAX for Windows includes our unique, patented Visual, Drag-and-Drop, Rules-Based Custom Reporting Engine. This component of CPTRAX allows you to customize your reports to suit your exact needs. All items tracked can be used as filters in your reports. Whether you need to report by Date, Location, Action, etc, you can receive the report you need with the same drag-and-drop ease our DSRAZOR product employs. CPTRAX includes ready to run reports for you to use or customize.
CPTRAX Product Brochure