Maintain network security and compliance by tracking critical Group Policy Object (GPO) changes, monitoring user logins, analyzing account lockouts, spotting malicious insiders, and more.
Features and benefits
- Receive Active Directory alerts and monitor changes in real time: Record any change in Active Directory, 24×7. Get instant notifications when changes occur, including who did what, from where, and when.
- Monitor user logon activity: Get a detailed report of users’ logon and logoff activity, whether they happen via workstations or terminal services.
- Get a complete audit trail for privileged user activity: Track what administrators do. Get details about activities carried out by other privileged accounts as well.
- Audit file access activity: See what files and folders users are accessing. Track every activity they carry out on a file, including reading, deleting, copying, or moving files.
- Detect anomalies instantly: Get alerted about unusual events—such as logons during non-business hours or dubiously high invalid logon attempts—before they lead to catastrophe.
- Perform context analysis of events: Leverage profile-based event trackers, filters, and event fetching rules to view every change and event from a broader perspective and easily detect incidents.
Other salient aspects
- Report & alert profiles: Configure your own event trackers and alerts
- Printer auditing
- File integrity monitoring
- Dedicated privileged account monitoring
- Organized data archiving
- Removable storage auditing (Win 8 & above)
- “Before and after” picture for every change (for Windows 2008 & above)
- Pre-packaged IT compliance reports for SOX, HIPAA, PCI, FISMA, and GLBA