Best Auditing and Compliance Product 4 years in a row!
Netwrix Auditing Platform Architecture
Change auditing is critical to maintaining an efficient and secure IT infrastructure and for sustaining compliance and audit requirements. Without effective and convenient tracking and ongoing review of changes in systems and applications organizations risk losing control of security. Unauthorized, unwanted, and malicious changes in IT infrastructure can have tremendous impact on business continuity and predictability.
The Change Reporter feature of Netwrix Auditor, solution for information technology audit, automates and simplifies change auditing and reporting for critical IT systems across the entire IT infrastructure. No matter who changed what and where - be it Active Directory, file servers, Microsoft Exchange, filer appliances such as NetApp or EMC, virtual infrastructure, SQL Server databases, Windows Servers - everything is centrally audited, consolidated, and presented in easy to understand reports, scheduled for ongoing review and forensic auditing of day-to-day administrative activities by your security team and periodic inspections by compliance auditors.
The Netwrix change auditing solution also provides oversight for applications that may not produce logs or do not provide enough insight into user activity so that you have a complete audit trail of 'Who, What, When and Where' and changes that may risk security and compliance do not go undetected compromising auditing requirements and troubleshooting.
The Change Reporter streamlines compliance to HIPAA, SOX, PCI, GLBA, FISMA and many other regulations, provides an easy-to-use solution that drastically improves IT infrastructure visibility and internal security.
What's new in Netwrix Change Reporter 4.0:
- Video logging for critical IT systems: tracks activities with critical applications that do not produce event logs
- Improved Windows Server auditing: provides server configuration management over all critical Windows-based systems
Powered by AuditAssurance™ technology, the Change Reporter produces reports that include complete information on every single change that has occurred in an organization and can be used for detailed forensic analysis. Another unique Netwrix technology, AuditIntelligence™, transforms raw audit data into meaningful and actionable intelligence to drive security and compliance efforts. Data can be filtered by different criteria, such as name of person who made changes or accessed data, time period, and other parameters.
Unlike traditional log management solutions (SIEM), Netwrix makes it very easy to find relevant answers to key questions: who changed what, when, where, including previous and new values for modified settings.
Examples:
| Platform |
Typical Audit Questions |
| Active Directory |
- Who added user to security group?
- Who delegated management rights to OU?
|
| VMware |
- Who created a new virtual machine?
- Who changed resource pool parameters?
|
| MS Exchange |
- Who deleted a mailbox?
- Who accessed another user's mailbox?
- Who reconfigured information store?
|
| SQL Server |
- Who changed table structure schema in a production SQL database?
- Who deleted production SQL database?
- Who added new database login?
|
| File Server |
- Who changed file permissions on file server?
- Who accessed sensitive files on file servers?
- Who deleted files from file server?
|
| NetApp Filer |
- Who changed file permissions on NetApp Filers?
- Who attempted to access folders with sensitive data on NetApp Filers?
- Who failed to change files on NetApp Filers?
|
| EMC VNX/VNXe/Celerra |
- Who changed file permissions on EMC VNX/VNXe/Celerra device?
- Who accessed sensitive files on EMC VNX/VNXe/Celerra device?
- Who deleted folders from EMC VNX/VNXe/Celerra device?
|
| Group Policy |
- Who deactivated strong password policy?
- Who unlinked GPO from organization unit?
- Who configured new software installation policy?
|
| NEW! Windows Server |
- Who installed what software?
- Who changed computer configuration settings?
- Who made changes to registry?
- Who added members to local Administrators group?
- What changes were made to DNS zones and records?
- What patches and hotfixes were installed recently?
- Who modified startup programs (AutoRun)?
- Who changed file sharing settings and open shares?
|
SharePoint 2007
(SharePoint 2010 is coming soon) |
- Which web applications were created/changed/deleted?
- What servers were added to / removed from a farm?
- What changes occurred to the incoming/outgoing e-mail settings?
|
| Other |
|
Complete IT infrastructure audit with Netwrix Auditor
How to benefit from Netwrix Auditor
More on information technology auditing with Netwrix Auditor
Netwrix also recommends that you evaluate SCOM Management Pack for Netwrix Auditor, a solution that audits who changed what, when, and where in Active Directory, Group Policy and Microsoft Exchange, and feeds the audit data to Microsoft System Center Operations Manager, which generates appropriate reports and alerts.
