Access control

Netwrix Auditor capabilities:

• Enables auditing of user account creation, deletion, enablement, disablement and modification.
• Provides auditing of user access rights and permissions granted on files and folders across the entire IT infrastructure.
• Enables you to audit password changes and resets, group membership changes, and group policy changes.
• Enables auditing of the activities of privileged users, including capturing their screen activity.
• Ensures auditing of logon activities, including unsuccessful attempts; alerts and reports on account lockouts.
• Provides a mechanism for quick rollback of unauthorized and accidental changes to Active Directory objects, including restores of deleted objects without the need to reboot a domain controller.
• Enables you to audit changes of your Active Directory screen saver timeout policy, remote desktop session timeout and other policies.
• Facilitates change management, reviewing and monitoring of all user activities across the entire IT infrastructure via a change review history reporting mechanism.
• Enables auditing of access to and modifications of the data stored in Microsoft SQL, file servers, SharePoint and other IT systems.

Audit and accountability

Netwrix Auditor capabilities:

• Reports current and historic configuration states; captures and reports on changes and access events with who, what, when and where details and the before and after values; provides a complete audit trail preserved in a reliable two-tiered (file-based and SQL database) storage system which holds data for 10 years or longer and enables reporting, analysis and investigations.
• Delivers daily summary reports indicating whether there were any failures of audit data collection, processing and other critical processes.
• Facilitates auditing and improves internal control by providing multiple predefined reports with filtering sorting, exporting and subscription options; reduces the burden of systematic reviews of audit trails by offering reports with a change review history mechanism; offers real-time alerts for Active Directory and Windows Server that can be configured to provide timely notifications; provides the ability to search specific audit data with custom queries.

Security assessment and authorization

Netwrix Auditor capabilities:

• Offers multiple predefined audit reports that deliver relevant context to tracked activities and enough details to assist with determining the effectiveness of security controls; enables easy creation of custom audit reports.
• Enables you to compare the current state of an IT system to its historic states or the baseline configuration.

Configuration management

Netwrix Auditor capabilities:

• Enables you to compare your organization's defined baselines to current and historic states of IT systems.
• Tracks and reports on all changes in Active Directory, file servers and other systems so you can control deviations and violations; enables quick and easy rollback of certain unauthorized changes, returning the configuration to the original state.
• Facilitates control over system configuration violations by reporting on changes to group and local policies, access permissions, the registry, and other configuration assets that can be critical for maintaining FISMA compliance.

Contingency planning

Netwrix Auditor capabilities:

• Provides quick and easy access to audit trails for investigating security incidents and other problems and validating the effectiveness of the corresponding controls.
• Enables you to roll back unwanted changes to Active Directory using a built-in object-level and attribute-level recovery wizard.

Identification and authentication

Netwrix Auditor capabilities:

• Enables auditing of user accounts and user account creation, deletion and modification in Active Directory, Microsoft SQL Server and Windows Server; allows organizations to validate their compliance with NIST SP 800-53 guidelines and achieve FISMA compliance.
• Detects and reports on changes to password policies; provides automatic password expiration notifications; simplifies password management with a challenge-response system.

Maintenance

Netwrix Auditor capabilities:

• Captures all user activities during maintenance and preserves the records in a secure audit trail; provides the ability to compare the current system configuration with the one in the past or with the baseline state to validate proper system functionality after maintenance.
• Enables auditing of remote access sessions and activities.

Personnel security

Netwrix Auditor capabilities:

• Reports on user account creation, deletion, modification, activation and deactivation.
• Detects and reports on user logons and logoffs.

Risk assessment

Netwrix Auditor capabilities:

• Enables auditing of unauthorized access to resources with sensitive data.
• Ensures consolidation and archiving of all audit trails; keeps audit data securely preserved in a reliable two-tiered storage for as long as required, while enabling continued quick access to audit records.

System and communications protection

Netwrix Auditor capabilities:

• Enables auditing of privileged user activity across various IT systems in the IT infrastructure; facilitates access control with reporting on successful and failed access attempts, logons and logoffs.
• Detects and reports on the granting of permissions and changes to user access rights.

System and information integrity

Netwrix Auditor capabilities:

• Enables auditing of IT changes, access events, and historic and current system configurations across the broadest variety of IT systems.
• Delivers actionable audit information that allows organizations to verify the correctness of system functioning by looking for deviations from baselines.
• Makes audit data easily available with predefined, on-demand and scheduled reports, report subscriptions, real-time alerts, dashboards, interactive data search, filtering, sorting and exporting options, and more.