One of the most popular add-ons for the ExtraHop platform is our Active Directory bundle. Built on analysis of LDAP, Kerberos, and DNS, this solution pulls together many of the performance and security metrics that teams care about for one of the most important pieces of their IT environment. Not sure you need the bundle? Here's what makes Active Directory monitoring critical for proactive SecOps in particular.
Active Directory is a complex tool, and its multiple components and protocols make it difficult to monitor and troubleshoot. With this in mind, we've updated our Active Directory bundle aiming to make those processes easier by surfacing problems and details more quickly.
For a comprehensive list of updates and bundle contents, check out the Active Directory bundle page.
New Top-Down Overview
We've added an Overview dashboard to provide a concise look at the health of the main Active Directory components. You can quickly see processing times, requests, responses, and errors for Kerberos authentication, Group Policy, LDAP, and DNS SRV resource record queries. The overview page also contains links to the saved EXA records page for quick investigation.
Now, detail drill-downs are available for all custom Active Directory metrics. If you see something interesting on a dashboard and want more information about what client, server, or user was involved, that information is available through a single click.
Standardized Dashboard Layout
Finally, we've refreshed the layout of both dashboards to align with built-in protocol pages. This allows us to use the space more effectively in a way users are already familiar with, without the dashboards becoming cluttered or losing information.
For more information and to download the Active Directory v4 bundle, head over to the Solution Bundles Gallery.
This is a companion discussion topic for the original entry at https://www.extrahop.com/company/blog/2018/active-directory-bundle-update/