Skip to content

Capabilities

This section describes the main File Access Manager capabilities and provides a technical mapping of each service to a set of capabilities. You can find more information on each capability in the relevant chapters of this guide.

Feature Description
Activity Monitoring Activity monitoring involves capturing information about events that users perform on monitored applications. An activity includes:

- Who? - A user

- Performed what action? - Read, write, or delete

- Where? - On what business resource? For example, a file, a file folder, a SharePoint site, or an Exchange mailbox

- When? - Date and time which is displayed in the user’s local time
Real-Time Alerts Issue real-time alerts based on pre-defined alert rules regarding suspicious activities.
Threshold-Based Alerts Issue threshold alerts when activities exceed a defined threshold within a timeframe, e.g., "Alert me when a user reads more than 1000 files in an hour."
Crawling The process that discovers business resources (BRs) of an application (folders, mailboxes, etc.), required for capabilities like Permissions Collection and Data Classification.
Permissions Collection Discovers and collects permissions on the BR(s) of an application for use in Permissions Forensics, Access Certification campaigns, Access Requests, etc.
Data Classification Provides the ability to discover and classify resources/files with sensitive information like credit card data, personal information, and health records.
Identity Collection Collects and aggregates users and groups from identity repositories (e.g., Active Directory, Azure, NIS) for analyzing users, groups, memberships, and structures.
Access Certification A campaign process to certify or remove stale or unneeded permissions or identities.
Access Requests Users' requests to gain permission to BR(s), managed and automatically fulfilled using approval workflows.
Access Fulfillment Automatically adds or removes permissions to users’ BR(s).
Discovery of Data Owners Automates the process of identifying data owners by collecting activity/permissions data and consulting business users about folder ownership.