User Logon

In real-time, monitor user logon activity on Domain Controllers with pre-configured audit reports and email alerts. Audit reports ensure the administrator knows the reason behind users’ logon failures, login history, terminal services activity and users’ recent logon activities across the network including Workstations & Servers. Further, the logon audit solution acts as an indispensable tool to facilitate audit of specific logon events, current and past logon activity and lists all logon related changes.

Account lockout Analyzer | User Management Actions | Track User logon Actions

• Verify the employee attendance in a given periodic analysis / audit interval
• View the complete history of logon of any user in the domain
• Identify if any user is attempting a logon into machines with insufficient privileges
• Spot users who connect to Domain Controllers or Workstations or through remote access

Audit Reports

Logon Failures, Domain Controller Logon Activity, User Logon Activity, Recent User Logon Activity, User's Last Logon, Users Logged into Multiple Computers, Workstation logon activity, Member Server Logon Activity

GPO Settings

Audit and report on the GPO changes to the Windows Active Directory in real-time; In-depth advanced tracking of the Group Policy Objects before and after values of configuration, password policy and settings changes. A single settings error can be catastrophic, causing a spurt in the unauthorized access and in the compromise of IT security. Avoid the complexities involving auditing GPOs with pre-configured change audit reports and instant email alerts, all in real-time.

GPO settings audit | GPO management audit | GPO audit reports

• Monitor every GPO change in the probable 6000 settings
• Know the before and after values of GPO settings
• Automated periodic audit reports for review & Compliance
• Real-time email alerts upon critical GPO changes

Real-Time Audit Reports

Recently Created GPOs, Recently Deleted GPOs, Recently Modified GPOs, Group Policy Settings Changes, Computer Configuration Changes, User Configuration Changes, Password Policy Changes

Attribute Changes

Real-time audit of the old and new attribute values of all Windows Active Directory Objects; Know every change to Users, Computers, Configuration, Groups, GPOs, OUs, DNS Servers and be up-to-date on unauthorized attempts and get real-time alerts and email notification for every attribute modification / permission changes. Monitor and view the AD objects values in corresponding pre-configured report, query with the numerous attributes to filter and funnel down on the precise information in a simple interface.

Active Directory old / new attribute values

• Know Who did What, When and from Where
• Monitor the crucial 'Extended security attributes' and 'Extended user attributes'
• Track every access control list, attributes & permission changes
• View the before and after of every change in real-time, to reverse the erroneous setting effect

Real-Time Audit Reports

User Extended Attribute Changes, Group Extended Attribute Changes, Computer Extended Attribute Changes, OU Extended Attribute Changes, GPO Extended Attribute Changes

Data Archiving

Processed event log data older than required can be archived and cleared from the working DB. This can be done using the 'Archive Events' option in ADAudit Plus. Set periodic event cleanup schedules to compress events data. Archiving audit data helps to maintain an optimum size for the working DB. The archived data is required for historical reporting, for forensics and Compliance requirements. The audited reports can be exported to xls, csv, pdf and excel formats.

Audit reports from archived data

• Get historic reporting from archived data for security and forensic analysis
• SOX, HIPAA, PCI-DSS require historical event data from a minimum of 3 years
• Save gigabytes on disk space with archived events data
• View reports from years of archived data

Compliance

SMBs or Large organizations have to comply with industry specific Compliance Acts like SOX, HIPAA, GLBA, PCI-DSS, FISMA…. With our Compliance specific pre-configured real-time AD reports and alerts, we ensure your network is under 24/7 audit with periodic security reports and email alerts as standard procedure.

A Few Compliance Specific Reports

SOX – Recent User Logon Activity, Logon Failures, Administrative User Actions, Domain Policy Changes, User Management, Logon History, Changes on Member Server

HIPAA – All File or Folder Changes, Computer Management, OU Management, Logon Duration, Group Management, Terminal Services Activity

GLBA – Local Logon Failures, Folder Permission Changes, Folder Audit Setting Changes (SACL), Successful File Read Access, Domain Policy Changes

PCI-DSS – Logon history, Logon Failures, Successful File Read Access, Changes on Member Server, Radius Logon History (NPS)

FISMA – Administrative User Actions, Failed Attempt to Delete File, Failed Attempt to Write File, All File or Folder Changes, Computer Management

Real-Time Audit Reports & Alerts

Choose from the 200+ pre-configured audit reports with automatic periodic report generation right to your inbox. With 50+ Search Attributes, be ready to be empowered with detailed information, track Windows Active Directory object changes (Users, OU, Groups, GPO, Computer, Schema, DNS and System), all in real-time. Filter reports on business / non-business / all hours. Create custom reports, set profile based reports and also, do historical reporting from the archived data for forensics.

Real-time on-screen alerts with emailing of alerts upon unauthorized network access / modification events. User, time and volume based threshold alerts help identify the problem precisely.

All Active Directory change audit reports | Compliance audit reports

• Automate periodic reporting with schedulable pre-configured audit reports
• Create custom reports and email alerts with ease in a few clicks
• SOX, HIPAA, FISMA, GLBA, PCI-DSS Compliance specific audit reports to help meet requirements
• Export audit reports in XLS, CSV, PDF and HTML formats