What is Audit Mode and how to configure it in Advanced EPDR/EDR?
Related Products_
- Advanced EPDR
- Advanced EDR
Audit mode monitors the processes run on Windows, macOS, and Linux computers, and detects and notifies threats.
When you enable audit mode in a settings profile, detected threats are not blocked or deleted. This behavior affects all the protections for the computers that you assign the settings profile to.
We recommend that you limit the use of audit mode as much as possible to minimize the time your computers are exposed to the threats detected.
To enable audit mode:
- Select Settings from the top menu.
- Select Workstations and servers from the side menu.
- Select the settings profile for which you want to enable audit mode.
- Select Audit mode. Enable the toggle.
- Click Save. A message appears at the top of the Edit settings page, indicating that you have enabled audit mode for the settings profile.
Viewing computers in Audit mode
The Protection status widget shows the number of computers that have Audit mode enabled. Click the text on the widget to go to the Risks by computer list filtered by the Audit mode enabled risk
Installation requirements of products based on Cytomic Platform for Windows
Related Products_
- Cytomic EPDR
- Cytomic EDR
Supported Operating Systems_
Workstations
- Windows XP 32-bits SP3
- Windows Vista (32 and 64-bits)
- Windows 7 (32 and 64-bits)
- Windows 8 (32 and 64-bits)
- Windows 8.1 (32 and 64-bits)
- Windows 10 (32 and 64-bits)
Servers
- Windows 2003 (32, 64-bits and R2) SP2 and superiores
- Windows 2008 (32 and 64-bits) and 2008 R2
- Windows Small Business Server 2011, 2012
- Windows Server 2012 R2
- Windows Server 2016
- Windows Server 2019
- Windows Server Core 2008, 2008 R2, 2012 R2, 2016 and 2019
Hardware Requirements_
- Processor: CPU with x86 or x64 architecture and with support of at least SSE2
- RAM: 1 Gbyte
- Free space in disk for the installation: 650 Mbytes
Requirements for Windows Exchange Platforms_
Supported operating systems
- Exchange 2003: Windows Server 2003 32-bits SP2+ and Windows Server 2003 R2 32-bits
- Exchange 2007: Windows Server 2003 64-bits SP2+, Windows Server 2003 R2 64-bits, Windows 2008 64-bits and Windows 2008 R2
- Exchange 2010: Windows 2008 64-bits and Windows 2008 R2
- Exchange 2013: Windows Server 2012 y Windows Server 2012 R2
- Exchange 2016: Windows Server 2012, Windows Server 2012 R2 and Windows Server 2016.
- Exchange 2019: Windows Server 2012, Windows Server 2012 R2, Windows Server 2016 and Windows Server 2019.
Hardware and software requirements
The hardware requirements to install the protection on Exchange servers are the ones determined by the Exchange Server:
- Exchange 2003: http://technet.microsoft.com/es-es/library/cc164322(v=exchg.65).aspx
- Exchange 2007: http://technet.microsoft.com/es-es/library/aa996719(v=exchg.80).aspx
- Exchange 2010: http://technet.microsoft.com/es-es/library/aa996719(v=exchg.141).aspx
- Exchange 2013: http://technet.microsoft.com/es-es/library/aa996719(v=exchg.150).aspx
- Exchange 2016: https://technet.microsoft.com/es-es/library/aa996719(v=exchg.160).aspx
Exchange versions supported
- Microsoft Exchange Server 2003 Standard and Enterprise (SP1 / SP2)
- Microsoft Exchange Server 2007 Standard and Enterprise (SP0 / SP1 / SP2 / SP3)
- Microsoft Exchange Server 2007 included in Windows SBS 2008
- Microsoft Exchange Server 2010 Standard and Enterprise (SP0 / SP1 / SP2)
- Microsoft Exchange Server 2010 included and Windows SBS 2011
- Microsoft Exchange Server 2013 Standard and Enterprise
- Microsoft Exchange Server 2016 Standard and Enterprise
- Microsoft Exchange Server 2019 Standard and Enterprise
