Netwrix Auditor for Active Directory delivers security intelligence about what’s going on in Active Directory and Group Policy. Audit Active Directory changes and logons to mitigate the risk of privilege abuse, prove IT compliance and streamline troubleshooting.
- Comprehensive change auditing
Detects all changes in your Active Directory and Group Policy and provides the critical who, what, when and where details and before and after values.
- Logon auditing
Facilitates access control to critical systems by reporting on both failed and successful logons and displaying the full logon history of any user.
- Reporting on current configurations
Shows the current state of your users and groups, their permissions in Active Directory, your GPOs and their settings, and more, so you can easily compare them to a known good baseline.
- Active Directory security and compliance
Provides out-of-the-box reports aligned with controls from a wide range of standards, including PCI DSS, HIPAA, SOX, GDPR, GLBA, FISMA/NIST, CJIS and more.
- Group Policy monitoring
Reports on changes to audit policy settings and other Group Policy modifications with full details and before and after values.
- Alerts on threat patterns
Empowers you to respond in minutes to critical AD changes, repeated failed logons and other threats that put your environment at risk.
- Interactive Google-like search
Enables you to quickly sort through AD auditing data and fine-tune your search criteria until you find the information you need. Save your searches as custom reports that you can run on demand or have delivered to you on schedule.
- Active Directory risk assessment
Assesses risks related to improper privilege assignment and management of user and computer accounts. Enables you to remediate security gaps in your environment before they are exploited by attackers.
- Behavior anomaly discovery
Improves detection of malicious insiders and compromised accounts by aggregating their anomalous activity in Active Directory Domain Services and other critical systems, both on premises and in the cloud.
- User Behavior and Blind Spot Analysis reports
Simplifies detection of subtle indicators of possible threats in your AD, such as unusual logons that might indicate identity theft or a disgruntled privileged user trying to hide behind temporary accounts.
- Detailed reports and overview dashboards
Enables IT and business users to get the Active Directory audit information they need. Predefined reports and dashboards offer filtering, sorting, exporting, drill-down, Web access and email subscriptions.
- Control over effective permissions
Helps you enforce the least-privilege principle and streamline access management by reporting on who has access to what in your Active Directory and how those rights were granted.
- Change rollback and object recovery
Helps ensure business continuity by enabling you to revert changes to a previous state without any downtime or having to restore from backup.
- Inactive user tracking, password expiration alerting and account lockout detection
Automatically deactivates inactive user accounts and reminds AD users to change their passwords before they expire. Reports on account lockout security events so you can resolve these issues promptly.
- Non-intrusive architecture
Enables you to audit Active Directory changes and logons without agents so the auditing process never degrades performance or causes downtime.