XcellHost 's File Integrity Monitoring examines different aspects of a file to create a "digital fingerprint," and compares that fingerprint to a well-known, good baseline fingerprint. While native auditing tools exist, these generally all suffer from deficiencies, such as decentralised storage of security logs from multiple domain controllers, lack of information about the old settings in the log entry, and, to name a few, inability to recover the object / configuration from the audit log. Organizations with moderately to highly complex IT environments generally rely on proven enterprise solutions for these reasons.
XcellHost's FIM software look at many aspects of files, including:
• Created, modified, and accessed settings and permissions
• Security and privilege settings
• Content of the file
• Core attributes and size
• Hash values, based on file contents
• Configuration values
FIM can be carried out on a continual, snapshot, or regular basis. It can happen randomly, or to any other rules that the security team sets up.