Native event logging mechanisms provided by Windows and Unix systems, as well as network devices (such as Cisco and Checkpoint), don't have built-in consolidation, archiving, alerting, and reporting features required to effectively utilize event data and comply with external regulations like SOX, HIPAA, PCI, and others. Numerous event logs and syslog events exist in uncompressed formats spread all over the network, with countless events lost every day because of overwrites, causing a breach in both security and compliance mandates.
Event log management with Netwrix Auditor allows you to collect events from Windows event logs and syslogs from multiple computers across the network, alerting to and reporting on most critical events, centrally archiving these events in a compressed format that enables convenient analysis of archived event log data. The product supports unlimited number of servers and features long-term archiving storage and distributed data collection for highest performance. The long-term archiving of event logs is required by compliance regulations, e.g., SOX and HIPAA require 7 years of data, PCI requires 1 year, etc.
Netwrix Auditor allows you to audit changes made in IIS configurations to secure sites and Web-based applications. All changes related to IIS application pools and websites are collected from Windows event logs and can be aggregated from multiple IIS servers. Built-in reports allow you to quickly see IIS configuration changes made by a user across all of your environment, or simply drill into details for specific date range, server, application pool, or website.
Netwrix Auditor aggregates syslog messages from multiple Cisco devices. With built-in alerting and reporting, Netwrix Auditor increases visibility into your network security. Messages that belong to User Authentication and Command Interface classes are additionally parsed to allow more granular filtering and grouping in reports. Reports included with Netwrix Auditor allow you to see all events for any given device, authentication events and commands executed by specific users across multiple devices, as well as all configuration operations (including reading configuration from and writing configuration to a device). The functionality supports all Cisco network devices that comply with Cisco Syslog ASA specification v8.0 and above.
Unlike traditional log management solutions (SIEM), which are too generic and don't meet change auditing needs, Netwrix Auditor helps to easily find relevant answers to key questions: who changed what, when and where in the entire IT infrastructure, including previous and new values for modified settings. The product generates easy-to-understand reports with complete information on every change that has occurred in the IT infrastructure and helps to sustain regulatory compliance, adhere to business processes, tighten security, minimize risk, avoid downtime, and monitor network resources.
This software is not reviewed yet.
Netwrix Active Directory Change Reporter is a free tool that reports the changes made to Active Directory and delivers detailed information on a daily basis. The report includes the 4 "W"s-Who, What, When, and Where-of all changes.
The product gives end users ability to securely manage their passwords and resolve account lockouts in a self-service fashion without involvement of helpdesk personnel. Please visit www.netwrix.com to obtain quote.
Netwrix Auditor is a unified solution for configuration auditing and compliance for your entire IT infrastructure. The product audits and reports who changed what, when, and where in AD, servers, VMware etc. Price for 150 users is $3450.
Netwrix Change Notifier for Exchange is a free tool that audits and reports changes made to Exchange Server configurations, mailboxes, and permissions.
Netwrix Change Notifier for Active Directory is a free tool that tracks the changes made to Active Directory and delivers daily email reports showing all changes made during the last day.