Active Directory change auditing and reporting is a critical procedure for tracking unauthorized changes and errors to AD and Group Policy configurations. One single change can put your organization at risk, introducing security breaches and compliance issues. Built-in Active Directory auditing lacks many important features, provides cryptic GUID and SDDL information, and doesn’t have any reporting capabilities (download Summary: Limitations of Native Active Directory Auditing Tools to learn more). Careful analysis and cross-referencing of multi-megabyte Security logs containing excessive amounts of log 'noise' can take enormous resources and still never paint the whole picture. Netwrix Active Directory Change Reporter is an Active Directory change auditing solution that tracks all changes made to Active Directory and Group Policy such as permission delegation and schema changes. The product automatically creates change audit reports and real-time alerts that show WHO changed WHAT, WHEN, and WHERE for all changes in human-readable form without having to resolve complicated native identifiers. Netwrix Active Directory change auditing software features report subscription capabilities that allow for configuration of scheduled report delivery. The change audit reports list additions, deletions, and modifications made to Active Directory users, groups, computers, OUs, group memberships, permissions, domain trusts, AD sites, FSMO roles, Group Policy objects and settings, AD schema, and all other types of objects filling the many major gaps found in natively available resources. The modification events indicate "before" and "after" values for all modified settings, for example, the previous name of a recently renamed user or how the OU permissions looked like before they were changed in a single, easy to comprehend record for each change. Netwrix Active Directory reporting solution also allows to report on Active Directory contents (AD "snapshots"), such as "All Members of Domain Admins group", etc. — both on the current state and on historical data (e.g. "All members of Domain Admins group as of December 31, 2010"). Major features and benefits:
Powered by AuditAssurance technology, Netwrix Active Directory reporting tool tracks all changes in Active Directory, including user and administrative activity, and creates audit reports and alerts that can be automatically sent to AD administrators via e-mail (e-mail report sample). The change audit reports contain changes made to Active Directory object attributes and Group Policy settings as well as show newly created objects with their attributes and list deleted objects. The change audit data is automatically archived and can be stored for years, so you can recreate the full audit trail of changes made to Active Directory and Group Policy during any period and drill down to detailed information as necessary. The AD audit trail archiving allows organizations to analyze any policy violations occurred in the past and maintain ongoing compliance with internal and external regulations.
|
Next Steps
Demonstration
Testimonials
We love Netwrix products here as they have been valuable assets! I look forward to purchasing more products in the future. /Jason Domanico, IT Administrator, Fishbowl/
Learn More
|