Previous Topic: eTrust Audit OverviewNext Topic: Audit Client


eTrust Audit Overview

As the system administrator for a server onto which the iRecorder is being installed, you need to know a few basics about eTrust Audit so that you can understand the relationship of the iRecorder you are about to install on your system and the eTrust Audit system operating in your enterprise.

eTrust Audit is a system that enables security managers to identify and capture security-related events on systems throughout the enterprise. After the events are captured they can be reviewed, stored, or acted on based on policies. The iRecorder that you are about to install receives the events from the application or device. Based on an eTrust Audit policy, the iRecorder ignores the event or routes it through the remaining components of eTrust Audit.

The major components of eTrust Audit follow:

While these components can be installed on the same host (if it runs Windows NT, 2000, XP, or 2003), it is more likely that these components are distributed among several different hosts throughout your enterprise.

The following diagram shows the relationship among the three components:

The eTrust Audit Environment

eTrust Audit uses Sun Remote Procedure Calls (RPC) to exchange data between the components of the Client and the Policy Manager. In addition, the components of the Data Tools, Collector, Viewer, and Reporter use ODBC to communicate with the underlying database (Microsoft Access, Microsoft SQL Server, or Oracle).