OneFS Audit can detect potential sources of data loss, fraud, inappropriate entitlements, access attempts that should not occur, and a range of other anomalies that are indicators of risk. This can be especially useful when the audit process associates data access with specific user identities.
In the interests of data security, OneFS provides ‘chain of custody’ auditing by logging specific activity on the cluster. This includes OneFS configuration changes plus NFS, SMB, and HDFS client protocol activity, which are required for organizational IT security compliance, as mandated by regulatory bodies like HIPAA, SOX, FISMA, and MPAA.
OneFS auditing uses Dell’s Common Event Enabler (CEE) to provide compatibility with external, third-party audit applications like Varonis DatAdvantage. A cluster can write audit events across up to five CEE servers per node in a parallel, load-balanced configuration, allowing OneFS to deliver an end to end, enterprise grade audit solution.