Netwrix Change Reporter is Now Netwrix Auditor
June 13, 2013 View all posts by Jeff Melnick →
netwrix.com/configuration-auditing
Following our recent announcement of the award-winning product name change from Netwrix Change Reporter to Netwrix Auditor, there has already been a fair amount of buzz around it. I wanted to offer some additional insight into key drivers behind this strategic change and set the scene for what is still to come.
The new product name truly represents the maturity of the existing product version 4.0, its tremendous value to customers, core functionality, as well as better supports our global product development strategy.
This has been timed with the corporate rebranding aimed to reflect the maturity of our entire company, a holder of more than 50 industry awards and #33 on the Inc. 500 list of the Fastest Growing Software Companies in America.
The most exciting part is that there are major updates to our information technology audit solution coming in Q3…and what better name to embody them all than Netwrix Auditor?
Netwrix Auditor provides you the most complete configuration auditing solution with the broadest coverage of supported systems and a clear display of the ‘5 Ws’ – Who, What, Where, When and Why details including the ‘before and after values’. According to Forrester, configuration auditing systems ‘have the potential to become ubiquitous in enterprise security organizations.’
If you are interested to see just how simple and efficient Netwrix makes configuration auditing, join one of our live webinars or try the solution yourself for free.
Posted in Articles | Tagged configuration auditing, Netwrix Auditor, NetWrix Change Reporter | Leave a commentAnd the 2013 CODiE Award Goes To…
May 24, 2013 View all posts by Jeff Melnick →
Awards season is in full swing in the software industry, with the latest technology nods coming from the Software & Information Industry Association (SIIA). The group’s CODiE Awards are going 27 years strong, recognizing leading products and services for excellence in innovation, vision and overall industry impact.
The program honors leaders within three awards tracks: content, software and education. And, finalists within each category are selected by their peers – an opportunity for current executives within the software industry to evaluate and honor each other’s work.
Winners were recently announced and we’re happy to share that Netwrix took not just one, but two coveted spots in the competitive software category. Netwrix Change Reporter won CODiE Awards 2013 as:
• Best Security Solution
• Best Systems Management Solution
We are continuously advancing our IT auditing platforms to provide customers with comprehensive security and management control to drive infrastructure visibility, reliability and compliance. And it’s great to have our efforts recognized.
Thank you SIIA, we accept.
Posted in Articles, Awards | Tagged awards, Netwrix awards | Leave a comment“You’re Fired”: What Should Happen Before You Let an IT Pro Go
May 15, 2013 View all posts by Jeff Melnick →
Here’s how the story goes: A talented system administrator, whom we’ll call J.C., joins a major pharmaceutical company. J.C. is told to leave after an internal dispute but then later brought back as a consultant. His good friend, who also works for the company and was instrumental in J.C.’s hiring, is fired. In an act of retaliation, J.C. uses his network credentials to shut down several of the company’s virtual machines, destroying the company’s infrastructure – all via a Wi-Fi connection at a local McDonalds.
While it sounds like fiction, the events are all too real, as detailed in: “How to Fire a Sys Admin: When IT Pros Go Rogue”, part of Spiceworks’ popular Spotlight on IT series. The author highlights the many “what not to do” lessons from this incident, such as do not re-hire an individual with a grudge. But, he also shares important recommendations about IT security monitoring:
- It’s good to be paranoid: The author, a system administrator himself, believes that keeping a close eye on what’s happening within the network perimeter is even more critical than what’s happening outside. “A little paranoia when applied to security is a good thing. Often times the enemy isn’t outside, he’s on the inside – he’s someone we trust.”
- Get aggressive with Active Directory: It’s critical to ensure that disabled accounts and unused/“zombie” accounts are properly deleted. Plus, an organization should be actively tracking when new accounts are created, changed or deleted as modifications could be a telling sign that something is amiss.
- Invest in a proven set of eyes: Keeping a close eye on infrastructure activities can be daunting when done manually. Therefore, the author recommends automating the process with a proven tool, such as Netwrix Change Reporter. That way, you’ll be on top of any unauthorized, unwanted or malicious changes that could negatively impact operations.
We’re big believers in keeping a close eye on IT activities, as are our customers. Knowing what’s happening within your IT infrastructure right now is a key piece to maintaining business continuity, infrastructure reliability and required security.
Posted in Articles | Tagged IT security, IT security monitoring | Leave a commentFast and Simple DNS Auditing
April 2, 2013 View all posts by Robert Bobel →
Microsoft DNS (Domain Name Service) is the service for all computer name resolution for both the Internet and also for Microsoft’s Active Directory. Every web browser request, every Active Directory logon, every email that is routed touches DNS somehow. Within DNS every computer or web site is represented by an entry called a DNS record. These records associate a name with an address and the lookup of a name to find the proper address is the essence of Name Resolution.
You might be saying. “Ok, so tell me something I don’t know…”
With all those pesky DNS records and DNS’ complex configuration it is no surprise that sometimes things go wrong. Unfortunately troubleshooting DNS problems can be time consuming and difficult. Often the problem is a simple lack of communication between the various people who may be allowed to update DNS. While Microsoft did introduce some native logging, it is cryptic and provides no proactive reporting to.
One of the problems that NetWrix Windows Server Change Reporter solves is in helping you keep an eye on potentially dangerous changes being made to your DNS configuration and DNS records, thus providing you with effective DNS auditing. The subscription feature makes daily reports trivial to configure and so within several minutes of installing the product you can begin receiving DNS change status reports right in your inbox. For more information check out the web page of our Windows Server auditing solution.
Posted in Articles | Tagged DNS auditing, Windows Server auditing | Leave a comment
Why Is SIEM Losing Steam?
March 11, 2013 View all posts by Robert Bobel →
A recent study reported by CIO magazine revealed SIEM challenges, saying that 1/3 of SIEM owners would stop using their current solution in favor of a more efficient and affordable solution. The study cited SIEM owner’s main complaints being:
- Long-complex SIEM deployment
- Long time before usable data was produced
- Months of expensive consulting to get the product working
- Two or more employees needed to maintain the SIEM
While some of these problems are probably due to SIEM being “oversold” by the vendors, some can’t be explained by overzealous sales people. As I mentioned in a previous post APT Threats Make Change Auditing More Critical Than Ever less than 8% of security breaches are discovered by the victim organization’s SIEM solution. My conclusion is that the cost and complexity of SIEM make it virtually impossible to implement it reliably.
If you have already invested in SIEM and want to make it more effective or if you simply want to replace your SIEM solution – the NetWrix platform can help. For more information on integrating you SIEM with the NetWrix Platform check out our SIEM integration page. If you are just tired of fighting you SIEM and want to replace it you are going to want to check out NetWrix Change Reporter product.
Posted in Articles | Tagged NetWrix Change Reporter, SIEM challenges, SIEM solutions | 1 CommentAPT Threats Make Change Auditing More Critical Than Ever
February 26, 2013 View all posts by Robert Bobel →
Cyber-attacks seem to be everywhere in the news these days. Some of the scariest attacks are those that fall under that Advanced Persistent Threat (APT) category. APT threats are especially scary because they work well for the attacker and are almost never caught by traditional SIEM solutions.
In Verizon’s 2012 DATA BREACH INVESTIGATIONS REPORT, they found that less than 8% of breaches analyzed were detected by event log auditing; most were found by law enforcement or an outside entity. Verizon’s conclusion was that SIEM based log monitoring solutions are simply not enough primarily due to complexity and cost.
Over the past several years, there has been a slow realization that event log monitoring is inadequate primarily due to log complexity and gaps in the log data itself. Unlike SIEM solutions, more modern change auditing solutions (such as NetWrix’s Change Reporter) do not rely on event data alone. These solutions use event data in association with other information such as current state details to provide a clear picture of what is happening to operationally critical IT systems.
NetWrix AuditAssurance™ technology can be deployed independantly or alongside your existing SIEM solution to have provide better visibility over critical IT systems. If you are interested in seeing just how simply NetWrix makes auditing you can try it for free.
Posted in Articles | Tagged APT threats, change auditing, Change Reporter Suite, SIEM solutions | Leave a commentFind Account Lockout Source and Fix Faster for FREE
February 11, 2013 View all posts by Robert Bobel →
There has been a surge in the number of account lockout incidents in the past several years. The increase is in large part due to the number of BYOD devices that are connecting to today’s networks. These devices often cache passwords making it easier for users to connect to backend email or networks resources. These cached passwords can cause the user’s account to become locked out if the user’s Active Directory password is changed, but the cached password is not updated. When the user’s account is inaccessible due to lockout the user is not productive and the help desk is going to get an expensive call.
One of NetWrix’s most popular small products is NetWrix Account Lockout Examiner. Account Lockout Examiner detects, alerts and helps resolve Active Directory account lockouts in real-time. Microsoft does provide a utility that may help in some limited situations, but Account Lockout Examiner picks-up where Microsoft’s tool stops.
If you want more information on how to find account lockout source you can visit the Account Lockout Examiner freeware page.
Posted in Articles, Freeware | Tagged account lockout, account lockout tools, find account lockout source, Freeware | Leave a commentNew HIPAA 2013 changes require more organizations to comply
February 5, 2013 View all posts by Robert Bobel →
The US Department of Health and Human Services (HHS) issued a HIPAA 2013 omnibus ruling in January that expands the list of organizations that must comply with HIPAA (Health Insurance Portability and Accountability Act) requirements. Prior to this ruling HIPAA directly affected health providers and health plan services; now any organization associated with these providers must also comply or face serious fines. It is noted in the announcement that some of the largest HIPAA failures were from these associated organizations and the fines were up to $1.5 Million per incident.
NetWrix HIPAA compliance solutions are built to help you sustain HIPAA compliance by providing detailed change information about your most critical IT systems. For more information on how we can help you sustain HIPAA compliance, check out HIPAA requirements page.
Posted in Articles | Tagged hipaa 2013, hipaa compliance solutions, omnibus rule | Leave a comment
Top 3 Requirements for Privilege User Activity Monitoring
January 28, 2013 View all posts by Robert Bobel →
If you haven’t heard, NetWrix released User Activity Video Reporter last week. The User Activity Video Reporter solution is purpose built to monitor privilege user activity across critical IT systems. Like a surveillance system for your servers, the solution easily targets specific servers, users or applications to be monitored. When a privilege user opens a session matching the solution’s target criteria, a video of all activity within that session is created. As a companion to the video an audit report of the tasks shown in the video is also created allowing the auditor to filter and focus on the most critical activities. There are many reason why customers have asked for this type of solution, but three requirements stand-out.
Requirement 1: Audit applications that do not provide audit data.
Many applications do not provide audit data, yet can be used to modify crucial applications. For example, an administrator who uses Windows Notepad to modify configuration files may go un-noticed because notepad provides no audit trail.
Requirement 2: Uncover user situational awareness or intent
A solid Change Auditing solution is critical to understanding what is happening to your servers and applications. While Change Auditing provides a detailed list of important changes it does not show how the individual tasks were performed. Being able to see how tasks are performed provides a context for the activity can help uncover user intent. For example if a change was made that was inappropriate, a quick review of the video will show if the user performed the task with confidence or if they were randomly trying features.
Requirement 3: Deterrence
When a user establishes a new session on a targeted system, User Activity Video Reporter displays a policy message indicating that the user’s activity will be recorded. This message serves as a powerful reminder to users that your organizations policy is to monitor privilege account activity. Being mindful of the recording, most users will be on best behavior because they are aware that their activity is being recorded.
User Activity Video Reporter provides auditing for applications that provide no audit details, assists in uncovering user intent and implements a strong deterrent for users who otherwise may make inappropriate or un-planned changes.
Next Steps: You can try User Activity Video Reporter for FREE by visiting the product page by clicking here.
Posted in Articles | Tagged audit inapropriate change, IT Policy, monitor privilege user activity, un-planned changes, User Activity Video Reporter | Leave a comment
NetWrix Virtual Customer Conference
January 21, 2013 View all posts by Robert Bobel →
I would like to thank everyone who took time out of their busy week to attend the NetWrix Virtual Customer Conference.
The NetWrix customer conference is an important event for two reasons. First, it provides us with an opportunity to explain how NetWrix increased the value of your investment in NetWrix’s products over the previous year. Second, it provides the opportunity for customers to ask questions and provide feedback. Both items are directly related to each other because feedback helps us drive strategy and improve the products thus making them more valuable to you – the customer.
2012 was an exciting year for NetWrix and we look forward to serving you in 2013 and beyond. To those attendees who won an iPAD we will be contacting you shortly about shipping. And for everyone keep an eye open we will be following up with all attendees with download links that were discussed during our session.
Thank you everyone!!!
Posted in Articles | Tagged Auditing Strategy, NetWrix Roadmap, NetWrix Strategy, NetWrix Virtual Customer Conference | Leave a comment
Subscribe
Join over 10,000 IT pros
who get fresh content from NetWrix blog!  RSS feedReceive change auditing and compliance tips, information about tools for IT pros and more. RecentArchivesTag CloudNetWorked BlogsFollow us |
