Native event logging mechanisms provided by Windows and Unix systems, as well as network devices (such as Cisco and Checkpoint), don't have built-in consolidation, archiving, alerting, and reporting features required to effectively utilize event data and comply with external regulations like SOX, HIPAA, PCI, and others. Numerous event logs and syslog events exist in uncompressed formats spread all over the network, with countless events lost every day because of overwrites, causing a breach in both security and compliance mandates.
Event log management with Netwrix Auditor allows you to collect events from Windows event logs and syslogs from multiple computers across the network, alerting to and reporting on most critical events, centrally archiving these events in a compressed format that enables convenient analysis of archived event log data. The product supports unlimited number of servers and features long-term archiving storage and distributed data collection for highest performance. The long-term archiving of event logs is required by compliance regulations, e.g., SOX and HIPAA require 7 years of data, PCI requires 1 year, etc.
Netwrix Auditor allows you to audit changes made in IIS configurations to secure sites and Web-based applications. All changes related to IIS application pools and websites are collected from Windows event logs and can be aggregated from multiple IIS servers. Built-in reports allow you to quickly see IIS configuration changes made by a user across all of your environment, or simply drill into details for specific date range, server, application pool, or website.
Netwrix Auditor aggregates syslog messages from multiple Cisco devices. With built-in alerting and reporting, Netwrix Auditor increases visibility into your network security. Messages that belong to User Authentication and Command Interface classes are additionally parsed to allow more granular filtering and grouping in reports. Reports included with Netwrix Auditor allow you to see all events for any given device, authentication events and commands executed by specific users across multiple devices, as well as all configuration operations (including reading configuration from and writing configuration to a device). The functionality supports all Cisco network devices that comply with Cisco Syslog ASA specification v8.0 and above.
Unlike traditional log management solutions (SIEM), which are too generic and don't meet change auditing needs, Netwrix Auditor helps to easily find relevant answers to key questions: who changed what, when and where in the entire IT infrastructure, including previous and new values for modified settings. The product generates easy-to-understand reports with complete information on every change that has occurred in the IT infrastructure and helps to sustain regulatory compliance, adhere to business processes, tighten security, minimize risk, avoid downtime, and monitor network resources.
This software is not reviewed yet.
Netwrix Change Notifier for Windows Server is a free auditing tool to monitor server configurations and automatically document changes, including installed software and hardware, local security settings, and registry settings.
Netwrix Change Notifier for Active SQL Server is a free tool to audit and report on administrative changes made to server configurations and databases: users, roles and schema changes.
Netwrix Change Notifier for VMware is a free tool that audits changes to VMware host and virtual machine settings, creation and deletion of virtual machines and sends you audit reports via email.
Netwrix Change Notifier for File Servers is a free tool to audit file server changes. The tool sends daily reports about all file server changes: file and folder changes, shares, and permissions with previous and new values of configuration values.
Netwrix Change Notifier for Group Policy is a free tool that audits the changes made to Group Policy and delivers detailed information on a daily basis about what was changed with previous and current values.