Active Directory Auditing with Netwrix Auditor

Active Directory auditing and alerting on changes with state-in-time reports

Best Active Directory/Group Policy Product for 3 years!
Windows IT Pro awards that Netwrix Active Directory Change Reporter received as Best Active Directory and Group Policy Product and Best Auditing and Compliance Product  in 2009, 2010 and 2012 years

Forrester Report on Active Directory and Netwrix AD Change Reporter

Netwrix Auditing Platform Architecture Netwrix Auditing Platform Architecture

Active Directory auditing and reporting is a critical procedure for tracking unauthorized changes and errors to Active Directory and Group Policy configurations. One single change can put your organization at risk, introducing security breaches and compliance issues.

Built-in Active Directory auditing lacks many important features, provides cryptic GUID and SDDL information, and doesn't have any reporting capabilities (download  Summary: Limitations of Native Active Directory Auditing Tools to learn more). Careful analysis and cross-referencing of multi-megabyte security logs containing excessive amounts of log 'noise' can take enormous resources and still never paint the whole picture.

Netwrix Auditor provides configuration auditing (change and "state-in-time" auditing) for security and compliance of your Active Directory. Powered by AuditAssurance™ technology, the product features Active Directory change auditing capabilities and automatically creates reports and real-time alerts that show WHO changed WHAT, WHEN and WHERE, for all changes, including user and administrative activity, in a human-readable form. It also allows reporting on Active Directory contents ("state-in-time" auditing), such as "All Members of Domain Admins group", etc., both on the current state and on historical data, e.g., "All members of Domain Admins group as of December 31, 2010."

This feature is available in the Netwrix Auditor solutions for:

Netwrix Active Directory auditing software features report subscription capabilities that allow for configuration of scheduled report delivery. The change audit reports list additions, deletions, and modifications made to Active Directory users, groups, computers, OUs, group memberships, permissions, domain trusts, AD sites, FSMO roles, Group Policy objects and settings, AD schema, and all other types of objects filling the many major gaps found in native Active Directory auditing.

The modification events indicate "before" and "after" values for all modified settings - for example, the previous name of a recently renamed user or OU permissions before they were changed - in a single, easy-to-comprehend record for each change.

The change audit data is automatically archived and can be stored for years, so you can recreate the full audit trail of changes made to Active Directory and Group Policy during any period and drill down to as detailed information as is necessary. The AD audit trail archiving allows organizations to analyze any policy violations that occurred in the past and maintain ongoing compliance with internal and external regulations, such as SOX, PCI, and HIPAA.


Download Free Trial One-to-One Demo Request Quote