Improved version of NetWrix flagship auditing software improves systems forensics
With the launch of Auditor 6.0, Netwrix claimed that its flagship platform now delivers complete visibility into what is happening across the entire IT infrastructure.
Auditor provides change and configuration records for systems and applications, including Microsoft’s Active Directory, Exchange, Windows Server, File Servers, SharePoint, and VMware virtual machines.
Dashboard drill down
The Enterprise Overview dashboards in Auditor’s latest release gives a high-level overview of changes across these systems to show activity trends by date, user, server or IT system. From the dashboard, managers can drill down to investigate the details of every change. The system can also aggregate changes recorded across all the audited systems into a single view.
The company has chosen to emphasise the benefits of the new release in the current security crisis where the subtlety and stealth of systems penetrations mean that closer management of environments is needed.
“The avalanche of recent security breaches and compliance violations at major retailers, healthcare organisations and hotel chains, clearly indicates that traditional security mechanisms such as firewalls, IDS and antivirus, should no longer be treated as the only line of defence against external attackers and insider threats,” said Michael Fimin (pictured), CEO of Netwrix.
Auditing change can offer an insight into what is happening inside an IT system and could provide critical evidence to help with the mitigation of security breaches. The new version of Auditor provides “complete visibility into the entire IT infrastructure with one single view”, Fimin added, which could eliminate the need for using a blend of point solutions from several vendors.
Aside from the detection of security incidents, the Netwrix upgrade provides continuous compliance, vulnerability assessment and forensic analysis. The aim is to improve business continuity by providing data for root cause analysis and change management, which may decrease system downtime and establish an environment where accountability can be engendered.
The seven modules in Auditor 6.0 feature change auditing backed by alerting, configuration assessment and “hundreds” of predefined web-based reports with rich filtering. It also offers export and subscription capabilities and change rollback, and can be configured to consolidate audit data from multiple independent sources. All this is done without agents on monitored systems or with small-footprint agent-based modes of operation which can store consolidated audit data for “10 years or more”, Netwrix said.