Desktop Compliance Monitoring
Requirements:
To obtain desktop compliance status and have reporting dashboard.
Server Side
Platform/Environment: Web Application or Win32 Application
Database: MySQL
1. Generate machine compliance report
o Antivirus status (i.e. virus infection, definition dateā¦)
o Patch applied
o Firewall
o In secure setting
o Registry or file changes
o New Account creation or system change
o Machine information: IP address, machine name, MAC address, Domain name and User logon name
2. Report/Dashboard: Client compliance status
3. Custom query to generate a compliance report
4. Execute a command on an endpoint (with agent installed)
5. Information stores on a database (i.e MySQL or MSSQL)
Client Side:
Platform: MS Windows XP, Windows Vista and Windows 7
1. To monitor critical file system that been changed
2. To monitor specific directory or file change (ie. c:\, c:\windows; c:\windows\system32)
*Option: either real-time monitoring or check based on a pre-defined schedule
3. To monitor critical registry key changes, specifically on:
– Process hooking
– Certain keys Windows startup keys, RunOnce, Run keys
Note: Specific detail will be provided later
4. To obtain MS patch status
5. To obtain virus infection status
6. Monitor new Windows account creation.
7. Execute command send by Server side (refer to #4 on server side such RDP)