NetWrix Change Reporter Suite

Unified auditing for critical IT systems

NetWrix Change Reporter Suite is an integrated solution for automated auditing of the entire IT infrastructure, comprising several different modules that can also be purchased individually.

Active Directory and Exchange Audit Configuration

Active Directory, Group Policy, and Exchange Audit Configuration

More screenshots

Overview

Change auditing is critical to maintaining a secure IT infrastructure and sustaining compliance. Without effective and convenient tracking and ongoing review of changes in systems and applications organisations risk losing control of security. Unauthorised, unwanted, and malicious changes in IT infrastructure can have tremendous impact on business continuity and predictability. Also, change auditing is a cornerstone of all major compliance regulations.

NetWrix Change Reporter Suite is an integrated solution for automated auditing of the entire IT infrastructure. No matter who changed what and where — be it Active Directory, file servers, Microsoft Exchange, filer appliances such as NetApp or EMC, virtual and physical infrastructure, SQL Server databases — everything is centrally audited, consolidated, and presented in easy to understand reports, scheduled for ongoing review and forensic auditing of day-to-day administrative activities by your security team and periodic inspections by compliance auditors. The product streamlines compliance to HIPAA, SOX, PCI, GLBA, FISMA and many other regulations, provides an easy-to-use solution that drastically improves IT infrastructure visibility and internal security.

Powered by AuditAssurance™ technology, the Change Reporter Suite produces reports that include complete information on every single change that has occurred in an organisation and can be used for detailed forensic analysis. Unlike traditional log management solutions (SIEM), NetWrix makes it very easy to find relevant answers to key questions: who changed what, when, where, including previous and new values for modified settings. Another unique NetWrix technology, AuditIntelligence™, transforms raw audit data into meaningful and actionable intelligence to drive security and compliance efforts. Data can be filtered by different criteria, such as name of person who made changes or accessed data, time period, and other parameters. Examples:

Platform	Typical Audit Questions
Active Directory	Who added user to security group? Who delegated management rights to OU?
VMware	Who created a new virtual machine? Who changed resource pool parameters?
MS Exchange	Who deleted a mailbox? Who accessed another user's mailbox? Who reconfigured information store?
SQL Server	Who changed table structure in a production SQL database? Who deleted production SQL database? Who added new database login?
File Server	Who changed file permissions on file server? Who accessed sensitive files on file servers? Who deleted files from file server?
NetApp Filer	Who changed file permissions on NetApp Filers? Who attempted to access folders with sensitive data on NetApp Filers? Who failed to change files on NetApp Filers?
EMC VNX/VNXe/Celerra	Who changed file permissions on EMC VNX/VNXe/Celerra device? Who accessed sensitive files on EMC VNX/VNXe/Celerra device? Who deleted folders from EMC VNX/VNXe/Celerra device?
Group Policy	Who deactivated strong password policy? Who unlinked GPO from organisation unit? Who configured new software installation policy?
Windows Server	Who installed what software? Who changed computer configuration settings? Who made changes to registry? Who added members to local Administrators group? What changes were made to DNS zones and records? What patches and hotfixes were installed recently? Who modified startup programs (AutoRun)? Who changed file sharing settings and open shares?
SharePoint	Which web applications were created/changed/deleted? What servers were added to / removed from a farm? What changes occurred to the incoming/outgoing e-mail settings?