Netwrix Auditor for Network Devices provides security intelligence that enables you to quickly detect and investigate threats to your perimeter security, such as unauthorized changes to configurations, suspicious logon attempts and scanning threats. It also provides detailed information about hardware malfunctions and remote access to your network.
- Configuration change auditing
Unlike native network audit tools, automates auditing of configuration changes by providing clear, human-readable audit information on configuration changes with who, what, when and where details, so you can quickly spot and remediate unauthorized changes or change errors.
- Remote access monitoring
Monitors successful and failed VPN logon attempts to network devices, as well as remote access to the corporate network. Enables you to track device logons by network administrators and remote access by users from suspicious IP addresses.
- Logon auditing
Delivers clear information about each attempt to log in directly to a network device. Enables you to pay close attention to failed logons, especially those performed by unauthorized employees, such as database or system administrators.
- Scanning threat reporting
Enables automated network auditing for scanning threats, which indicate an intruder trying to identify weak spots in your network to breach it. Delivers detailed information about which subnet or host was attacked, and when and from which IP address it happened.
- Hardware malfunction reporting
Makes continuous hardware audit easy by reporting on hardware issues in network devices in an easy-to-understand format. Provides device data so you can detect technical issues with network devices before they lead to network traffic issues.
- Alerts on critical events
Provides alerting on device configuration changes that could negatively affect your network configuration, abnormal logon events, scanning threats and hardware issues, simplifying the detection of critical events and helping you resolve issues faster.
- Interactive search
Makes it easy to investigate unauthorized configuration changes and suspicious logon events to prevent similar events from happening in the future, and to troubleshoot hardware issues before they lead to network failures.
- Compliance reporting
Helps organizations ensure that they have compliant networks and provide definitive proof of their compliance during audits by providing predefined reports for PCI DSS, HIPAA, SOX, GLBA, FISMA/NIST, CJIS, GDPR and other regulations.
- Unified platform
Delivers visibility into Active Directory, Oracle Database, Windows Server, Office 365 and other on-premises and cloud-based systems. Brings more context to your SIEM data and enables centralized monitoring of any other application with a RESTful API.