We were thrilled with the results and have already absorbed the feedback into our future plans to further improve upon the Change Reporter Suite. Specifically, we are looking to implement role based security, more real-time alerts and subscription capabilities as well as incorporating Syslog and other platforms into the product like Oracle and further extending our auditing to SIEM solutions such as BMC Remedy. Have a look at the extensive review on their site.

Let us know what YOU need. Leave us your feedback or tell us what you think is missing from change auditing and security below:

Without a resource like this, many pointed out that when it comes to using Group Policy, one of the most time-consuming and challenging tasks is simply recalling or locating what setting is needed for the particular task. Group Policy management allows you to control just about every user or machine behavior in your environment. The list of things you can manage with GPO settings is long and likely the primary reason why it’s so difficult to use it effectively unless you work with it every day.

Most administrators out there juggle multiple responsibilities and know how difficult it can be to acquire a high level of skill in a technology especially one that isn’t used often. Group Policy management can fall into this category. Many GPO settings for objects and behaviors such as enforcing a password policy and setting default desktop backgrounds are familiar and easily found and understood. Lesser known GPO settings are more like mythical creatures. You’ve heard a setting exists yet you can’t say for certain you’ve seen it let alone use it.

If you need more control over what’s going on in your environment and want to implement change auditing for Group Policy management and GPO settings, take a look at the NetWrix Group Policy Change Reporter. It audits all changes in Group Policy and automatically sends detailed e-mail reports showing who made what changes, when and where as well as before and after information. Furthermore, it can store this data for seven years or more and can generate custom reports.

I hope you visit the links above and get a chance to check out this great free tool to help your Group Policy management tasks. What is your most strange, mythical, mystical or odd Group Policy setting you worked with and how did you use it? Share your stories below and let me know if you found this tool useful too:

When I look at these numbers I also believe they tell a story of recovering IT budgets. New and heightened needs in various industries and other economic factors are driving IT spending. While they may not have supplied a more accurate answer, Administrators are few in number and constantly pressed for time. They recognize the need for efficient and cost-effective IT auditing solutions to help them demonstrate regulatory compliance, address important security challenges and simplify day-to-day management tasks. They need constant oversight of their network resources and detection of even the smallest of changes or problems to keep users safe and productive. Information needs to be stored centrally and reported on automatically without all the noise associated with traditional native logging data. While there may be widespread acceptance of these needs, each organization and IT team have different needs and may now be exploring their options through casual trial of various applications that may help them better define their requirements.

Products such as the NetWrix Change Reporter Suite are designed to help administrators implement change auditing throughout the enterprise. Managing users can be one of the most time consuming help desk tasks. With the NetWrix Account Lockout Examiner, IT staff can get users back onto the network and productive quickly. All of our tools are cost-effective and robust while simple to operate and manage. If you need to improve your security and/or meet regulatory requirements, download one of our many free titles to see if they might meet your needs. If you need more features, all products are available in full-featured edition trials as well.

Are you seeing more spending at your organization for 2012? Does this make you more or less likely to investigate new tools to help you manage your environment? Please share your thoughts below.

If too much logging occurs, it makes the value next to nothing and more like searching for a needle in a haystack. There’s also the risk of logs being overwritten if they aren’t set to handle all the events. It’s essential to know what is necessary and only audit those changes instead of using a broad approach hoping critical problems will jump out at you. Trying to keep up with all the native security data each day is nearly impossible without the proper resources. But what if you aren’t ready or able to commit to only a few aspects and need a broader overview? This is where you need the help of a tool that can automatically gather all the logs, remove unnecessary noise and produce readable reports in plain language you can understand.

Fact is, organizations that implement audit logging are far less at risk of a security or compliance problem than without even if they may be unsure at the outset what is and isn’t important. With NetWrix Change Reporter Suite, you can audit effectively and easily without the massive volumes of raw data and monitor changes that are important. In addition to Windows Servers, this solution audits changes to Active Directory, Group Policy, Exchange, SQL, SharePoint, VMware, EMC, NetApp, File Servers, Network Devices such as Cisco firewalls and more. It shows who made what change, when and where as well as many before and after settings in easy-to-read reports. It scales to environments large or small, sets up quickly and is cost-effective.

Have you tried Windows security auditing on your own successfully (be honest!)? What were the results? How more/less effective were you at maintaining Windows security before/after implementing a procedure to audit your environment or more specifically, your Windows systems? Please share your experiences, thoughts and comments below:

(A) Access control to the network resources is the most important role for IT. Granting, denying, monitoring all involved some form of privileged and systemic action to meet the needs of your end users. You will want to see who has access to what in snapshot reports of your environment including what access did users have previously as compared to the current state. For example, who has access to this folder now and who had access to it 6 months ago.

(B) Breaches are your virtual border crossings of information and access. For security and compliance, you need to report when users do something in case it is incorrect or damaging. Because of network complexity and existing rights that may not suit the users roles, you need to monitor who breaches data and resources using their granted permissions and rights. Just because a user has a right or permission does not mean they should be exercising it. You need detailed access reports on all uses of permissions both failed and successful throughout the environment.

(C) Changes are your worst enemy when it comes to meeting security and compliance objectives. You need change auditing to uncover the details of each change including who changed what permission and when on files, Active Directory OUs, SharePoint sites, SQL databases and so on. Knowing who changed what security groups and when, and even who changed the security policy to retain logs from 30 days to 2 helps sustain compliance and improve security. Do this change auditing task on a regular basis and you are simultaneously improving both security and demonstrating compliance.

Access, breaches and changes are your three ABCs to meeting your security and compliance goals. This is an ongoing activity of producing snapshot reports, access reports and change auditing must be performed daily if not very frequently in order to be successful at these two objectives. NetWrix provides the Change Reporter Suite for your compliance and security ABCs simply and easily. Using AuditAssurance™ and AuditIntelligence™ technologies, data is complete and accurate extracted from multiple sources, stored as single records and reported daily (or more frequently) to show your access, breaches and changes throughout the network.

Are you already following the ABCs of Security and Compliance or do you have your own simple approach to conceptualizing meeting your security and compliance goals?

As 2012 approaches, I want to extend my best wishes to you, your family and your colleagues for a healthy and Happy New Year. Thanks to your continued support, 2011 has been the best year yet exceeding even our own expectations. We have continued to grow in all directions: technology innovation, sales, customer service, regional support. And we look forward to another successful year of win-win partnership between you and NetWrix.

NetWrix prides itself on its relationship with its customers and that includes maintaining open communications with NetWrix senior management.  So please feel free to contact me personally about anything at any time – reply to this post or connect with me on LinkedIn.

Thank you for being our valued customer!

Warmest Regards,

Michael Fimin
CEO and President
NetWrix Corporation

Determine what is at risk: Document not only where the outside meets the inside, but also internal network segmentation and structural topology. These will be the points where you will want to carefully watch who is attempting to come in, from where and using what services. Document what’s accessible from the outside as well as what can be accessed between the internal borders of your network. Eliminate or manage through auditing your entry and exit points. Look for ways to close off ports that are unnecessary and retire old systems where possible. Make documentation a top-3 or top-5 priority. If you share responsibilities with other administrators, teams or subordinates, it’s time to get everyone on the same page and make network security a cultural priority.

Know your 4Ws: Changes are the single most important thing to be aware of. Know who is changing what, when and where. By detecting and reporting on changes, you are in a far greater position than someone waiting for the phone to ring or that e-mail to tell you there’s a problem. Most who will do harm or steal information want to do so as silently as possible. Reporting on changes provides greater visibility into the day-to-day activities in your environment and keeps everyone more honest and accountable.

Your responsibility is to implement standards and controls for users and systems, understand what is at risk and what changes are taking place each day while. At NetWrix, we provide change auditing solutions for the enterprise focusing on robust, easy-to-use and affordable software solutions. Our products detect changes on Active Directory, Group Policy, Exchange, SQL, File servers and appliances, VMware, Server Configurations, Event Logs, Password Management, User Management and a wide variety of tools for other areas aimed at securing your environment such as our USB blocker. Our widespread use of snapshot reporting gives you immediate visibility into who has access and to what. Many of these products are packaged as suites, such as our Change Reporter Suite that includes a number of our products bundled together to address a wide variety of needs.

What are you doing to secure your environment? Do you have your own set of basic principles for security? Share your thoughts below:

NetWrix Change Reporter Suite was selected the winner in the Network Auditing Software category of the WindowSecurity.com Readers’ Choice Awards. GFI LANguard and Admin Report Kit for Windows Enterprise (ARKWE) were runner-up and second runner-up respectively.“Our Readers’ Choice Awards give visitors to our site the opportunity to vote for the products they view as the very best in their respective category,” said Sean Buttigieg, WindowSecurity.com manager. “WindowSecurity.com users are specialists in their field who encounter various network security solutions at the workplace. The award serves as a mark of excellence, providing the ultimate recognition from peers within the industry.”

WindowSecurity.com conducts monthly polls to discover which product is preferred by Network Security administrators in a particular category of third party network security solutions. The awards draw a huge response per category and are based entirely on the visitors’ votes.

Just about a month before getting this honor NetWrix VMware Change Reporter won a VirtualizationAdmin.com Readers Choice Award which made it a second important award from TechGenix Media – one of the largest providers of free high quality technical content to IT professionals all over the World.

Many of the responses could be grouped into two categories. The first group said that Facebook was for personal things and not well suited for business or technical discussion. The second group felt that because Facebook has a well documented history of security and privacy problems, using it to host a group on security topics might be like having former ENRON executives give lectures on business ethics.

Both groups make a fair point. Facebook is most commonly for personal things that you share among friends and other people close to you in some way. Facebook does have a history of security problems and in principal, I see their point. I don’t entirely agree or disagree with these two positions.

How you use Facebook is a personal matter. I know of many professionals (including myself) that happily incorporate personal friends and business relationships via Facebook. There’s so much value in Facebook at so many different levels, I and millions of others are willing to accept the responsibilities that come with having an account in return for what it has to offer. Some in the post did state that it is a matter of personal preference and what you are comfortable with. If you would like to control interaction between personal, professional and other friends on Facebook, see this helpful post on how to do that.

Security is an entirely other matter. To not use Facebook for discussions could be a huge mistake because of the size of the audience. If you want to participate and benefit from a group, joining one on Facebook opens up the possibility of millions of potential contributors. There are risks and having the ability to moderate and establish guidelines is important. Here’s a great article on IT and Facebook responsibilities. Note that in group settings on Facebook, you do not need to be friends with someone to be part of a group. While there are many examples of groups gone bad because of a few, again, I would argue it’s an acceptable risk to see where it goes and hope that people will contribute constructively and be decent to one another.

From IT and non-IT perspectives, tell me if this is going to crash and burn or if you think it has an opportunity to thrive? Do you have any opinions on why not to start or join a group on Facebook? Is it time to let the individual decide if they can be responsible enough to have a Facebook account and can personal and professional worlds intermingle successfully?

• Reset passwords on all local accounts.
• Enable or disable local accounts.
• Re-processing of password reset attempts both automatic and manual if for example, the host system were powered off during the first or previous attempts.
• Scheduled processing of password resets including multiple retries.
• Ability to specify alternate account credentials for network access.
• Support for workgroup environments (non-domain) via alternate account access.
• Specify systems individually, by Domain, or select the entire organization.
• Specify systems by text file.

With just a few mouse clicks, you can reset all your local user and Administrator accounts on multiple machines at once. Please also have a look at our Privileged Account Manager for managing of Administrative accounts without having to store logins and passwords in unsecured spreadsheets and text files and also to track who used what admin accounts and when.

What are you doing now to prevent unauthorized account usage on your systems? Have you experienced security problems when local accounts are accessed fraudulently? Please share your thoughts and experiences below: