Product: StealthAUDIT Management Platform for Exchange
Product Homepage: Click here
Free Trial: Click here
In a world where compliance standards go beyond discovery, stretching into every corner of your Exchange environment, you need to be able to audit and track everything that happens within your world, including changes that occur, who made those changes, and more. And it shouldn’t be an added burden for you to do so, Exchange administrators have enough on their plate especially if you wear multiple hats within your organization (as many do, acting as full IT administrator, Exchange/SharePoint/Lync administrator, virtualization expert and more).
Exchange has built in auditing features that an administrator can use for a variety of different reasons. For example, to comply with regulatory compliance if you need to know who made a change in your organization, there is administrator audit logging. Exchange 2010 also includes the ability to audit mailbox access, so you can record operations on a mailbox such as the deletion or copy of emails. So, Exchange does indeed have built-in auditing capabilities. However, auditing is one area within your Exchange ecosystem where a third-party tool like StealthAUDIT provides a more robust, more powerful, holistic approach that is feature-rich and incredibly flexible.
StealthAUDIT goes beyond compliance reporting with regard to who changed what or who accessed which mailbox and so forth. The insight you gain from StealthAUDIT with regard to the overall health and security is essential for a variety of different elements including migration information, capacity planning and more.
StealthAUDIT has 35+ Data Collectors that make it easy for you to obtain the information you need without having to script anything. It’s all wizard driven and intuitive (interface shown in Figure 1), even if you aren’t entirely sure what you are looking for at first. What I mean by that is you don’t really know what a tool can do until you see it in action and then the lights just go on in terms of knowing how this is going to help you.
Figure 1: Data Collectors that are wizard driven (no scripting)
Here is one example, with StealthAUDIT you can track stale distribution lists so you can see which ones aren’t in use (shown in Figure 2). You can track down who the DL owners are and, if an owner doesn’t appear to be assigned, who the “Most Probable Owner” is.
Figure 2: Exchange DL Management
I know what you thinking. That would be great for Public Folder clean up too. And there is a Public Folder Data Collector (shown in Figure 3) that does the same type of analysis on content, ownership, “Most Probable Owner” and so forth. If you plan on doing a migration and you really want to clean up your PF structure ahead of time, the data you can obtain in moments here with StealthAUDIT would save you hours/days of time trying to do it manually. And the cleanup work extends to PSTs and Mailbox data as well. Considering the migration efforts not only for on-premise migrations but also for migrations to the cloud, the more stale and worthless data, accounts, DLs, PFs, etc… you can find and remove the better.
Figure 3: Public Folder data
There are many additional features to StealthAUDIT including the ability to calculate storage costs for mailboxes and public folders for chargeback use. The ability to provide mail flow metrics and delivery time statistics so that you can compare to your SLAs. The ability to ensure server health and best practices are utilized. You can analyze ActiveSync usage and even see who is coming into your organization using Outlook Anywhere, OWA or OMA and view the load from individual users, as well as see peak load times. And as we discussed, having the ability to review mailboxes (shown in Figure 4) and see who has Send On Behalf or Send As permissions on that mailbox. Or Calendar permissions (and to what degree) or Inbox permissions (and to what degree) or Contact permission (and to what degree). This kind of auditing data is essential today and to find it in one place along with all of the other items mentioned above is just wonderful.
Figure 4: Mailbox Access Overview
One of the features I like is the ability to create a baseline and manage changes through alerts that occur to your environment that diverges from that standard. And not to be forgotten, especially in a world that is focused so heavily on high availability, is the ability to audit DAG replication.
Installation and Configuration
I always like to list out features before getting into the installation and configuration side. The reason for this is typically if you like a third-party solution like StealthAUDIT and want to have it for your environment they will hold your hand every step of the way. This process is normally done through a one hour work session with the customer and a STEALTHbits engineer to get the initial configuration and do some training on the console. So while, as a reviewer I’m obligated to see if I can get the product up and running using support documentation and solo it, you don’t have to.
You’re basically looking at a SQL database that is used in collecting and analyzing the data that the Data Collectors reach out and obtain from the targeted hosts. You will also need web services so you can have the reports displayed back. And you will have your StealthAUDIT Console itself. Keep in mind, these can all be installed on the same system (or installed separately).
There were a few dependencies that you need to install including MAPI CDO, SA MAPI CDO, Adobe Flash and the Management Tools (unless those are already installed). This was all easy enough.
The install was as easy as it gets. Next-Next-Finish. Hardest part was installing SQL. Once you get StealthAUDIT installed and open it for the first time you will be brought to a Welcome screen (shown in Figure 4) that helps you walk through locating your SQL server and moving you through your first Audit. Did I mention I didn’t have to install any agents. Not that I am anti-agent mind you, they are necessary at times depending on what you are trying to do.
Figure 5: The StealthAUDIT Welcome screen
Once you have your configuration in place you can begin to use the Data Collectors to run jobs (shown in Figure 5). As you can see you have a variety of different job categories you can use through wizards to begin auditing your Exchange environment. You can right click any of the categories and choose Run Group to immediately begin seeing data come in (as you can see through Figure 7) and you can literally see it processing the data as it works through your Exchange server environment. There are so many different directions to go in that you will quickly find yourself engrossed in obtaining all of that data in one place. Let the fun begin!
Figure 6: Configure StealthAUDIT Jobs
Figure 7: Job Progress screen
Pricing, Support and Training
Pricing varies. The list price is $12 per mailbox with volume discounts applied based upon the size of the mailbox environment. In addition you can license the produced perpetually (buy and own) or as a term-based license (annual subscription).
Support is excellent. The website support is solid in terms of plenty of instruction manuals online and so forth. However, they encourage you to call for support. They want to build that relationship with their customers so rather than get frustrated by something that may not be working the way you need, just call them.
To use STEALTHbits requires training. There are several reasons for this. First off, as Exchange admins we don’t know enough about auditing to start with. Exchange comes with basic auditing built in so you may not even be aware of how a tool like this can help you on so many levels without having someone to show you. Second, if you didn’t need training than the tool wouldn’t be worth buying really. STEALTHbits can do so much (more than Exchange auditing too, so keep that in mind) and they offer free training through the web through a five part training series that each last 90 minutes. The courses include:
- Introduction to StealthAUDIT
- Introduction to StealthAUDIT for Exchange
- Advanced StealthAUDIT for Exchange
- StealthAUDIT for Active Directory
- StealthAUDIT for Data & Access Governance
And they are more than happy to provide additional training tailored to your needs.
StealthAUDIT Management Platform for Exchange is impressive. And it is only one piece of the puzzle. STEALTHbits provides other elements like StealthINTERCEPT for real-time monitoring and blocking, and StealthNEWS as a monitoring dashboard that all works together. In addition, Exchange is but one solution that can be audited. Active Directory, SharePoint, IIS and other target systems in the infrastructure are capable of being audited.
Personally, I think the term “holistic” truly applies here. They have come up with a solution that feels complete. It feels more than complete and that is why I believe the Gold award with a 5.0 rating is warranted.