Q: What operating systems is the AuditShark console supported on?
The AuditShark Console can run on any Microsoft supported Windows system with the .NET 4.5 Framework installed. Generally speaking, this means Windows Vista, Windows 7, Windows 8, Windows 2008 and Windows 2012. Keep in mind that Windows Server operating systems running in Core mode do not have a UI and will not be able to run the AuditShark console.
Q: Do I need to install software on the target computers in my network?
No. AuditShark uses native API's to reach over the network, log into the target computers, and pull back the data it needs.
Q: What operating systems are supported for the target computers?
Currently, we support: Windows Desktops (XP, Vista, Windows 7 & Windows 8), Windows Servers (2003, 2008, 2012), AIX, HP-UX, Solaris and Linux (Red Hat, CentOS, Ubuntu). Other Linux distros or machines which support SSH connections should function properly, but have not been tested.
Q: How is AuditShark licensed?
AuditShark is licensed per machine it is installed on. From that installation, you can scan or audit a specified number of remote computers up to the limit of your license. Licenses are offered as a yearly subscription. Purchasing a multi-year subscription will lock the subscription price for your purchase during that time.
Q: What are the limits of what AuditShark can detect?
If it is programmatically possible, if the system has access to the data and it is possible to provide a definitive Ok or Not Ok result, then yes.
Q: Does AuditShark perform continuous auditing in realtime??
No. AuditShark essentially captures a snapshot of the information from the target computer and records it so that you can browse or report on it.
Q: I've been hacked! Can you help me?
Chances are good that we can't. Using AuditShark is preventative, not restorative. In a way, it's kind of like insurance. You don't need it until you do. And then it's too late. If you're worried, sign up for a free trial and check it out.
Q: Do you have the ability to perform ISO 27001, NERC, SCAP, etc audits?
The list of what we can look for is always changing. If you have specific requirements, contact us directly and we'll see what we an do for you.
Q: Do you accept purchase orders?
Absolutely. Contact us and we'll take care of you.
Q: What is your refund policy?
You may return the software for a full refund within 30 days of purchase. You may do this once per 18 month time period.
Q: How often should I audit my computers?
It depends a bit on your use case. Some customers run weekly audits for regulatory compliance reasons. Others are using AuditShark to proactively identify computers on the network which might start to exhibit problems in the near future. For example, you might have a policy that runs an automated test suite against computers, checking for low disk space, excessive RAM usage, high disk fragmentation, etc.
Q: How much system resources are used by AuditShark?
For most of the policies in our library, the impact to your system will be virtually unnoticed. We have implemented a governing mechanism in the software so that it intentionally holds back on what it does to minimize the impact. In most cases, the checks being implemented are no more invasive than querying a registry key or parsing a file. Those two actions are performed thousands of times per second on most computers, even when the user is doing nothing at all.
Q: Do you have baselining capabilities to accept current values as the expected values?
Not at this time, but baselining computers is on our roadmap.
Q: Do I need to open up ports in the firewall on the computer?
Generally speaking, the answer is No. So long as a computer has standard Windows Networking enabled or SSH (for non-Windows based computers), AuditShark should be able to audit it. However if you're blocking the $Admin share, have WMI disabled, or disable Remote Registry, then you may encounter some problems. AuditShark has the built in ability to fall back to different methods of gathering some of the information it needs so if something fails, it recognizes that and will not try it again during that audit.
Q: Do you have an Agent we can install on computers that are on the other side of a network firewall?
This feature is on our roadmap and is partially implemented, but not quite ready for customers.
Q: Can you accurately detect and read configuration files, even in non-standard installation locations?
Yes. Our auditing engine is rules based, so if you know that something is in a non-standard location, you can specify the location and we'll take care of it from there. Otherwise, we can perform searches and cache the location information we find for the next audit.