Active Directory |
Logon auditing |
Provides information on both successful and failed logons. |
|
|
Account lockout analysis |
Notifies of a lockout along with information on the reason of lockout. |
|
|
Object change audit |
Provides information on user, computer, group, and OU management actions. |
|
|
GPO change audit |
Provides information on GPO management actions and GPO settings changes. |
|
|
Permission change audit |
Provides information on changes to objects' permissions. |
|
|
Schema and configuration change audit |
Provides information on changes made to schema and objects inside the configuration containers such as sites. |
|
|
Azure AD audit |
Provides information on successful and failed user logons; changes to Azure AD users, roles, groups, devices, and applications. |
|
|
|
File servers |
File/folder access audit |
Provides information on file/folder read, create, delete, and modify actions. |
|
|
File/folder permission change audit |
Provides information on file/folder DACL and SACL changes. |
|
|
File/folder failed attempts audit |
Provides information on failed attempts to read, write, and delete file/folder. |
|
|
Supported environments |
Windows, Windows failover cluster, NetApp, and EMC. |
|
|
|
Windows servers |
Local user logon auditing |
Provides information on both successful and failed logons on local machines. |
|
|
Local object change audit |
Provides information on local user and group management actions. |
|
|
Local policy change audit |
Provides information on changes to local security policy. |
|
|
File integrity monitoring |
Provides information on new programs and modifications to executable files. |
|
|
AD Federation Service auditing |
Provides information on both successful and failed AD FS logons. |
|
|
LAPS auditing |
Provides information on who is viewing or modifying local admin credentials. |
|
|
User work hour tracking |
Provides information on employees' actual work hours (excluding idle time). |
|
|
Printer auditing |
Provides information on printer usage. |
|
|
|
Key functionalities |
Real-time auditing |
Allows tracking of security events in real-time. |
|
|
Real-time alerts |
Provides instant notifications upon of security events. |
|
|
User behavior analytics |
Allows detection of abnormal user behavior based on users' previous activity patterns. |
|
|
Video recording of user screen activity |
Allows capturing of user screen activity even if no logs are produced. |
|
|
Who, when, where, and what of changes |
Provides complete user audit trail— who did what, when, and from where. |
|
|
Before and after values of changes |
Provides information on changed attribute values (before and after) of AD objects. |
|
|
Quick search |
Allows tracking down specifics quickly. |
|
|
Graphs |
Provides a visual representation of audit data. |
|
|
Prepackaged reports |
Provides audit data with one click. |
|
|
Report customization |
Allows creation of reports according to user needs. |
|
|
Compliance reports |
Provides prepackaged IT compliance reports for SOX, HIPAA, PCI, GLBA, and GDPR. |
|
|
Automated report generation |
Allows automatic generation of reports at user defined time intervals. |
|
|
Automated report delivery |
Allows automatic emailing of reports to user specified email addresses. |
|
|
Export of reports |
Allows the export of reports to multiple formats like PDF, XLS, CSV, and HTML. |
|
|
Alert delivery |
Allows email and SMS delivery of alerts. |
|
|
Alert thresholds |
Allows configuration of thresholds based alerts. |
|
|
Incident response |
Allows execution of a predetermined action when an alert gets triggered. |
|
|
Long-term log retention |
Allows long term retention of audit data. |
|
|
SIEM integration |
Allows forwarding of audit data to SIEM solutions. |
|
|
Web-based console |
Allows access to the product over the web. |
|
|
Multiple domain auditing |
Allows configuration of multiple domains for auditing. |
|
|
Role-based access |
Allows role-based user access to product. |
|
|
|
Evaluation and purchase |
Evaluation |
Provides online demo, free instant trial, and personalized demo. |
|
|
Ease of installation |
Does not require professional assistance to deploy the solution. |
|
|
Licensing and pricing |
Does not require professional assistance to deploy the solution. |
- Licensed based on the number of Domain Controllers/ File servers/ Windows servers/ Azure AD tenants
- Pricing starts at $595 (annual subscription fee for 2 DCs).
|
- Licensed based on number of Active Directory user accounts.
- Pricing starts at $12* per AD user.
|