Discover and report on critical Microsoft Azure and Office 365 data. Millions rely on Microsoft Azure and Office 365 every day for their enterprise applications. But with users storing more and more sensitive data in Office 365 and Azure, you must be vigilant about security and compliance.
Enterprise Reporter for Office 365 helps ensure the security of Azure Active Directory (AD), Azure resources, Exchange Online, Microsoft Teams and OneDrive for Business environments. Detailed, customizable reports help you protect sensitive data and prepare for internal and external audits. Automated reports help you reduce IT workloads while ensuring stakeholders have the information they need, when they need it.
Secure the rest of your hybrid environment by extending your visibility with Enterprise Reporter Suite.Stay on top of who can access which resources across your Microsoft Azure and Office 365 environment, including Azure AD, Exchange Online, Microsoft Teams and OneDrive for Business, with permissions reporting on:
Ensure a smooth domain migration or consolidation project by pinpointing Azure AD user and group dependencies, matching conflicts and disabled accounts before the migration starts.
Disk space requirements will vary with the Enterprise Reporter components you install:
100 GB or more for larger environments
The Enterprise Reporter database is the storage location of all data collected for reporting. As such, the amount of hard disk space required is directly related to the amount of data being collected. The Database Size Estimator tool shipped with Enterprise Reporter can help determine how much space will be required.
SQL Server performance is needed to support inserting data into the database tables and to support querying that data for reporting purposes. To improve the performance of data collection or reporting, consider enhancing the SQL Server memory and processor.
Larger environments may have additional requirements for memory, processor, and hard disk space. There are many factors that can effect these requirements. For additional information please see release notes.
The following operating systems are supported for Enterprise Reporter components.
NOTE: It is not recommended that the server or console be installed on a domain controller.
The follow versions of Active Roles are supported as targets of Active Directory discoveries. See the Active Roles web site for hardware and software requirements for your version of Active Roles:
Enterprise Reporter can be configured to send discovery information to the following versions of IT Security Search. See the IT Security Search web site for the hardware and software requirements for your version of IT Security Search.
The following versions of SQL Server® are supported for the Enterprise Reporter database. See the Microsoft® web site for the hardware and software requirements for your version of SQL Server®:
SSL Encryption of SQL Server Connections using Certificates
Enterprise Reporter can be configured to work with a SQL Server® instance. To secure communications while working with Enterprise Reporter, data sent over connections to the SQL Server can be encrypted using an SSL certificate.
The steps required to configure this encryption are as follows.
The following required software is required for Enterprise Reporter.
To collect Active Roles information, the following software is required on the computer where the Enterprise Reporter Configuration Manager is installed and on the computer where the Enterprise Reporter node is installed:
For more information and installation instructions, see the Active Roles Quick Start Guide. The following additional considerations are required:
To collect Exchange® 2007 information, the following additional considerations are required:
To collect Exchange mailbox folders, the following additional considerations are required:
New- ManagementRoleAssignment–
Name: impersonationAssignmentAdministrator-
Role: ApplicationImpersonation –User:Administrator
To collect OneDrive information, the following additional software is required:
NOTE: PowerShell 3.0 and Microsoft SharePoint Online Management Shell are required on the node machines to collect OneDrive configuration settings.
NOTE: In addition, for OneDrive configuration settings to be collected successfully, an authorized connection must be established to the SharePoint Online service. To allow for credentials to be specified for your tenant, the “LegacyAuthProtocols” setting must be enabled on your tenant. To set this on your tenant, run the following commands using the Microsoft SharePoint Online Management Shell. This action must be performed on any node machine with Microsoft SharePoint Online Management Shell installed.
Set-ExecutionPolicy -Scope Process -ExecutionPolicy RemoteSigned
Import-Module -Name Microsoft.Online.SharePoint.PowerShell
Connect-SPOService -Url "<full tenant name>"
Set-SPOTenant -LegacyAuthProtocolsEnable $True
Disconnect-SPOService
To collect Azure information, the following additional software is required:
NOTE: Microsoft Azure Active Directory Module for Windows PowerShell is required on the node machines to collect multi-factor authentication attributes for Azure Users.
The following services are required on the Enterprise Reporter server and nodes.
The following services must be enabled on discovery targets for collections.
For more information see the release notes.