Okay, so I know there has to be something out there that does this, I just can't find it. I'm not even sure how exactly to look for it.

What I am doing is heading up our software compliance program at work. We have a network sever that contains our installer programs for our various software packages.

What I want is something I can lay over that server that will tell me who logs on and when and then also tell me what programs they are pulling off of the server. Obviously the login tracking is easy enough. It's tracking what they pull off that's harder.

I just can't believe with all the push over the years to stay compliant with software that someone, somewhere hasn't come up with something that does this.

Anyone know of anything?

I don't know of anything off-hand that does this, but I would be looking for logging software. Specifically, logging of file actions (copy, run, etc).

http://www.google.com/search?hl=en&q=file+auditing&aq=0&oq=file+au

3 software packages listed in the ads, although it may be a struggle to find anything free or cheap (business=$$$)

I'll check those out. Cost isn't really an object unless something is obscene. This is for work so we will be paying for it.

And knowing it has to deploy across 18,000+ desktops we are expecting it to be expensive.

Hmmm. And it looks like file auditing will tell you who changed or modified a file but not who downloaded it. Am I missing something there?

I'll continue to look down through the file auditing search though. I may hit on something in those results that leads me further, since that's partially what I want.

Thanks Jim

not sure what you mean, for instance, looking at the quest one it includes 'file opened' transactions, which would be the one you would use. of course if you are using a web browser for http access to files then the reporting will not be correct....

I am not really sure what you are looking for but what it sounds like is you are trying to audit the server. This can be configured into your server already. I am a little lost but if you can make up a scenario I can probably help you better. The way I have some servers running, I will get a log of when the employee takes a shit. Let me know what OS you are using and maybe I can help you in some sort of way.

We have a server on the network where we put our enterprise installers for the software we buy. For example we have a folder on there with Adobe Acrobat Standard v8. Another with Acrobat Professional v8. Another with Visio, another with Microsoft Project, etc etc etc.

That way any our techs can install software on a users desktop without having to carry around a full library of software and of course we don't want to have to buy shrinkwrap for everyone.

The problem is we have techs who try to "help" the end users by installing software before they've ordered it. You all know the scenario. They go out because someone has a dead DVD-ROM. While they are there the customer says how they can't modify a pdf file. So the tech tells them to put in an order for Adobe and hey, since I'm here already I'll just install it.

Then of course the problem is that no one ever puts in the order. Then we end up with 4900 licenses for a piece of software and 5400 installations. And yeah, those are real numbers from an audit we just did for a software title we use.

So what I need is a way to monitor that server. Logon/logoff is easy. Even opening a directory/folder whatever is easy enough with the links Jim provided. What ISN'T easy is finding a way to monitor if they copy the contents of a directory out onto a desktop out in one of the hospitals.

That way we can call in tech Leroy Bob and say 'Hey, yesterday at 3:10pm you copied the adobe files. I don't show you had a ticket for that - where did you put it.'. Or we can say 'We purchased 25 copies of Crystal Reports in June. I show 28 installations for the same time. Someone needs to go find those extra 3 installations'.

Hope that clears it up. Sorry!

I don't know. If I were a decision maker in your company, I'd spend less money on monitoring people that aren't following the rules, and just pay people that you're confident will do the right thing (i.e. fill out the report when they install software). This is likely to be less costly in the long run.

I don't think it is a monitoring issue as much as it is a departmental budgeting issue. Their MIS likely has a software budget and they probably have to pay for all unaccounted software installs, whereas with a ticket the department requesting the software gets charged. that is my guess.

I don't know. If I were a decision maker in your company, I'd spend less money on monitoring people that aren't following the rules, and just pay people that you're confident will do the right thing (i.e. fill out the report when they install software). This is likely to be less costly in the long run.

In a perfect world - you are absolutely correct. Unfortunately, with roughly 1100 people who have a need to have access to software installs things are going to happen. If everytime someone made a mistake we had to fire them and rehire well... that in itself would be far more costly.

And Jim is partially correct. What I'm most worried about is the scenario I outlined above - where over the course of a year or two we end up hundreds of licenses out of compliance. That clearly opens us up to massive legal problems.

To be sure, we are taking many other steps to keep this from happening and to mitigate the real-world accidents that will happen. This is just 1 part of the possible solutions I'm considering.

It would just be a great multi-step solution if there is a way to do it. It would work both as a monitor to check to see if our other processes are keeping us compliant (Yes we show we bought 10 licenses and yes we show it was installed 10 times) as well as making sure our monitoring processes are catching those people not following procedures and installing software without a license

Let me get this right, you have a person walking around installing software on your network computers? Why ar ethe software packages being auotmatically sent to the workstations? I would also suggest looking into open source applications. You would be amazed on how much money an office can save in one year with software that is free and just as effective.

I am unsure how your network is being run but I might suggest someone who is familiar with group policy. Ofcourse your company can hire me and allow me to audit your entire office and work flow:thumbs:. I become instantly hated by IT as soon as I enter the building.