Win7 x32, Win2000, Win7 x64, WinXP, WinServer, WinVista, Win7 x32, Win7 x64, WinVista, WinXP
Active Directory change auditing is an important procedure for tracking unauthorized changes and errors to AD and Group Policy configurations. One single change can put your organization at risk, introducing security breaches and compliance issues.
Built-in Active Directory auditing lacks many important features and doesnâ€™t have reporting capabilities. Careful analysis of multi-megabyte Security logs can take enormous resources and still never paint the whole picture.
Netwrix Active Directory Change Reporter Enterprise Edition will provide users with an Active Directory auditing solution that will help you track and report all changes made to Active Directory and Group Policy, creates change audit reports and real-time alerts that show WHO changed WHAT, WHEN, and WHERE for all changes and features subscription capability that allows to configure scheduled report delivery.
The change audit reports list additions, deletions, and modifications made to Active Directory users, groups, computers, OUs, group memberships, permissions, domain trusts, AD sites, FSMO roles, Group Policy objects and settings, AD schema, and all other types of objects.
The modification events indicate "before" and "after" values for all modified settings, for example, the previous name of a recently renamed user or how the OU permissions looked like before they were changed.
The product also allows to report on Active Directory contents (AD "snapshots"), such as "All Members of Domain Admins group", etc. â€” both on the current state and on historical data (e.g. "All members of Domain Admins group as of December 31, 2008").
Here are some key features of "NetWrix Active Directory Change Reporter":
Detects Who Changed What, When and Where:
- The product detects all Active Directory changes on the most detailed level with information about who made changes, when they were made and where (domain controller name).
Reports Previous and Current Values for Every Change:
- Get complete understanding about every change by comparing previous and current settings. Example: when an Active Directory object is renamed, the audit report will show both the previous name and the new name.
- The Active Directory Change Reporter allows receiving instant alerts on critical AD changes, giving you the ability to be aware of most important changes and take appropriate actions on time.
Web-based Advanced Reporting:
- The product leverages SQL Server Reporting Services (SRS) to provide IT administrators and auditors with web-based, exportable and customizable reports.
Predefined and Custom Reports:
- The Active Directory Change Reporter comes with a set of out-of-the-box reports with extended filtering, sorting and grouping features. You can easily create your custom reports or order new reports from NetWrix.
Scheduled Active Directory Audit Reports with Automated Delivery:
- The new report subscription feature of the product allows to select any available reports, specify report filters, configure schedule (daily, weekly, monthly) and specify report recipients (e-mail addresses).
Group Policy Change Auditing:
- The product includes optional Group Policy auditing feature to track all GPO management activities in your Active Directory, such as creation of new GPOs, changes in GPO links, modification of GPO settings etc.
Long-term Historical Reporting:
- NetWrix Active Directory auditing tool features fast compressed storage for collected audit data and enables historical reporting for any period of time (e.g. 2 months or 3 years), as required by your IT auditors or internal regulations.
Active Directory Snapshot Reporting:
- NetWrix Active Directory reporting tool allows to report on Active Directory contents (AD "snapshots"), such as "All Members of Domain Admins group", etc. â€” both on the current state and on historical data (e.g. "All members of Domain Admins group as of December 31, 2008").
- The Active Directory Change Reporter is a scalable solution. An average-sized deployment is 10,000 AD users across 50 domain controllers; the largest deployment is 1 million users across 1,000 domain controllers.
Agentless and Agent-based Audit Collection:
- The product uses a combination of techniques to collect data and supports both agentless mode and non-intrusive agent-based mode (with agents needed solely for network traffic compression).
Change Rollback Wizard:
- Rollback Wizard facilitates control over unauthorized changes made to your Active Directory. Should you notice something wrong in the audit report, just start the wizard, select all unwanted changes and revert them to their initial state.