Netwrix Auditor for Active Directory
Strengths: Solid Active Directory auditing tool.
Weaknesses: Limited feature scope and scattered documentation.
Verdict: If one needs to look closely at Active Directory – and just about every organisation running AD does – this purpose-built tool is just the thing.
SummaryNetwrix Auditor for Active Directory is a small piece of the much larger Netwrix Auditor Suite, which provides change and configuration auditing across a vast array of enterprise systems. Auditor for Active Directory focuses in on Active Directory configuration and change management, as well as overall security policy compliance. This product allows administrators and security professionals to monitor and report on changes in Active Directory, including who changed what, when the change was made, and from what workstation. Beyond change management, this offering also includes reporting and auditing tools for AD as a whole and Group Policy.
We found this product to be simple to install in our test environment. The software itself is installed from an executable which launches a setup wizard. At the completion of the setup wizard we were able to access the product application and begin the few short configuration tasks to add our domain settings and user information. We found the application quite easy to use with an intuitive layout. After we had our domain setup, we were able to easily run reports and perform other auditing tasks right away.
Beyond simple change management and auditing, this product also features the ability to perform recovery of unauthorised changes in which AD objects may have been deleted. Also, as a stop-gap measure, Netwrix Auditor can actually show the results of a change before the change is made to ensure there are no unintended problems. This product also includes a large amount of pre-defined reports, including regulatory audit reports for PCI, HIPAA, SOX, and FISMA.
Documentation was comprised of several PDF installation and administrators guides as well as a quick-start guide. The quick-start guide offered excellent detail of the initial installation and configuration steps. The other guides also offered a good amount of detail, clear step-by-step configuration instructions and many screen shots. However, we found having them broken apart by functionality made for an awkward experience. For easier and faster reference, we would like to see all documentation streamlined and organised into a single searchable document.
Netwrix offers no-cost support to customers during product trials and evaluations. After the evaluation period is over, customers can purchase either basic or standard support. Basic includes business-hours phone support as well as access to product updates and grades. Standard adds 24/7 phone-based technical support. All customers can also access an online area which includes resources such as product documentation, downloads and a knowledge base.
At a price of £919 for 149 users and per user prices starting at £0.30 per user at 150 users, we found this product to be an average value for the money. We found that while it does have some solid auditing capability, a per-user price model can become expensive in larger environments for a tool with such a specific purpose. With that said, if this functionality is exactly what you are looking for, this product does an excellent job of it and is quite easy to use and deploy. Prices are US-based, thus indicative only.