Monitor all Active Directory and Group Policy changes

Choose from 70+ predefined reports that detail changes to group membership, accounts, groups, organizational units, and all other Active Directory and Group Policy objects.
"Netwrix Auditor for Active Directory has enabled me to provide accurate visibility regarding what changed when. I really like the low system overhead of the Netwrix product and how easy it is to get up and running."

Kathryn J. Roxby, IT Systems Administrator Sr.,

Technologies Division

Detect unauthorized access to your domain

Get detailed information about every logon event, both successful and failed, to easily pinpoint intrusion attempts, even if those do not cause an account lockout.
Detect unauthorized access to your domain

Receive alerts on threat patterns

Prevent security breaches by setting up alerts for the most critical events. For example, you can choose to be notified whenever someone makes multiple failed attempts to log into your Active Directory within a short period of time, which could indicate a brute-force attack in progress.
Receive alerts on threat patterns

Investigate actions that seem suspicious

Suppose a report or alert reveals that a user who isn’t even a member of your IT team deleted an organizational unit or created a new password policy. With Interactive Search, you can quickly identify who gave excessive rights to that user and what else he or she did in your environment.
Investigate actions that seem suspicious

Compare current and past configurations

Make sure group membership, password policies and other critical objects do not change without your approval. State-in-Time™ reports enable you to quickly compare your current Active Directory and Group Policy configurations to snapshots from any point in the past.

Prepare compliance reports faster

Spend less time preparing for PCI DSS, HIPAA, SOX, GLBA, FISMA/NIST, CJIS, GDPR and other audits with out-of-the-box Active Directory reports mapped to each compliance standard.
Prepare compliance reports faster

Quickly roll back unwanted changes

Turn back the clock on Active Directory changes that are caused by human error, indicate a security threat or put your organization out of compliance — without any downtime or having to restore from backup.
Quickly roll back unwanted changes

Store audit trails for later review and periodic checks by auditors

The two-tiered (file-based + SQL database) AuditArchive™ storage keeps Active Directory audit data archived for more than 10 years, enabling easy review, security investigations and periodic checks by auditors.
Store audit trails for later review and periodic checks by auditors

Granularly limit access to security intelligence

Ensure that various IT and business teams have access to only the Netwrix Auditor’s security intelligence and settings that their jobs require. Granular role-based access control and easy report subscriptions empower you to support corporate business processes, ensure the security of your audit intelligence, and comply with industry best practices and security regulations.
Granularly limit access to security intelligence
"In a way Netwrix Netwrix Auditor is doing us a big favor, as it has highlighted some Active Directory issues of which we were previously unaware. Let´s face it, who has the time to sit and review the Event Logs on all of their DCs?"

Christopher Faithfull-Lisle, IT Product Manager,

SICK AG

Deploy Netwrix Auditor wherever you need it

On-premises
Download a free 20-day trial of Netwrix Auditor and deploy it on Microsoft Windows Server.
Virtual
Download our virtual appliance and start using Netwrix Auditor without having to provision any hardware or software.
Cloud
Deploy Netwrix Auditor from the Microsoft Azure or AWS marketplaces and get up and running with auditing in just minutes.