A good product for the money
We have been quite happy with Netwrix and staff are starting to rely on it for detailed auditing.
Netwrix Auditor is a good product that audits all of the items we need to audit. It will audit file servers, database server, Active Directory Servers, SharePoint servers and a whole lot more. We use it for all of these items and the price did not go up because we added more machine types.
Netwrix can be a bit finicky at times. We have has it stop auditing a server because the configuration on the server was changed. It took a bit of work with support for them to realize that it shouldn't have stopped due to the configuration change and once they figured that out, they fixed the problem. Once we got the auditing to start, it picked up all of the items it missed while it wasn't auditing, so we lost nothing.
Netwrix Auditor (AD, File, Windows Server, Logon Activity Auditing)
My Company has been using Netwrix since 2013, and it has been great for us. We love the reports that it generates around our Active Directory, Exchange, Windows Servers etc., including the alerts that we subscribe to for delivery. We've also used the Audit reports for our Auditing request, which we can produce in minutes with Netwrix, which used to take us days to put together. We've also used as a training tool to teach helpdesk level personnel, as it helped us capture errors that were done in Active Directory (and reverted back with the nifty Rollback feature), and that allowed us to customize training for an new employees while working in Active Directory.
Wading through event viewer events is no fun and very tedious, enter Netwrix that makes much more efficient, as you can build reports on a specific object and/or date range. I can’t tell you how many times we've used it to trace a lockout of a user and where exactly the user was being locked out from - incredibly helpful, as this occurs with regularity.
Netwrix has been absolutely brilliant for us, it's auditing, alerting and reporting capabilities has been and continues to be of great use for my Company. I must also give kudos to the Netwrix helpdesk, as there are very knowledgeable and have assisted successfully on numerous occasions.
Highly recommend Netwrix for any company that’s looking to audit their internal systems, with great reporting and alerting for all your critical and non-critical systems.
Ease of installation and usage, Reporting, alerts, etc.
I noticed that the new version of Netwrix tends to eat up a lot more hardrive disk space, but this is due to fine tuning Audit. Without proper tuning, it will easily eat up 100GB - which is what I experienced.
Netwrix auditor does what is needs to but watch out for hidden cost
Started off ok, but when the extra bill came and rude sales guy started in we were more than happy to turn this off. We moved to a fully managed SOC.
I liked I could get reports on who made changes to everything on my domain. I knew when someone adjusted a group policy, created a user, or made a change in SQL.
We set this up to monitor employees only. We did not want to monitor students or service accounts because of the extra cost. The count on the user side showed 2000+ and we were not licensed. I opened a support ticket with the company and was told not to worry about it because it would just not monitor any user because of the license. I didn't like the answer, but it was still monitoring so much more. Then a year later I was hit with a huge bill because we had 2000+ people being monitored. We decided to just turn of the service.
Netwrix Elevates Your Security Posture
My experience with Netwrix has been awesome. It is easy to start up and get going, but you can do an endless amount of things with it as your environment and/or your policies change.
The visibility, insight, alerting, reporting and response time it gives you to watch and respond to security events in your environment.
It is very expensive. They get you with the entry price then jack up the price at renewal.
If you are held to a number of regulatory governances, Netwrix Auditor is for you
If ever anyone is requiring a software that will audit their systems, I immediately recommend Netwrix because of the community presence (I have dealt with them primarily on the Spiceworks forums), and their amazing canned reports.
The amount of data you can collect about security events, group changes, object moves and deletions, system and file access (and much more) is astounding, especially considering the price. If I need to track something new that I wasn't thinking of when I bought this software, I only need to dig a little and there's something there already for me to utilize.
The variety of things we can monitor from a system level is fantastic too. Windows domains, file servers, Office 365, VMWare, SharePoint, SQL and more...each type of audit task yields the same types of reports as the other. Easy color coding for quick visual assessment.
Setting up is a cinch. The documentation has just about everything you'll need to get running, and the knowledgebase handles all the extra gotchas that you may run into if you have a temperamental environment :)
Probably one of my favorite things about Netwrix Auditor: no-nonsense licensing.
I think that the UI change from the prior major version to the new was the most jarring. I suspect it wouldn't have been as difficult to understand had I started with the newest UI.
Great tool for network visibility
I find visibility to be one of the greatest tools as a network manager. Netwrix gives me the ability to monitor file actions as well as account actions that may tip me off to a security breach on the network. Or, if an employee wants to know the exact reason a file went missing I am able to query Netwrix and provide an exact answer, even a screen capture of the event in progress if I wanted. With customizable notifications I am able to get on the spot information when specific events occur, like somebody attempting to log into a Domain Administrator's account without authorization. Though a little expensive, it is better to have the security Netwrix auditor provides than to allow a network breach go unnoticed until it is too late.
Easy to setup
monitor AD, Logs, Events, etc
visibility into files, Group Policy, Active Directory, Office 365, Azure, etc
advanced features that help track down file actions, like screen captures or recordings of the actual event
The interface is sluggish
can cause some network interference if not tuned properly
Great Overview of your Systems
I have been able to provide real-time reporting for AD changes and several other administrative functions that we did not have the ability to before which has allowed the institution to focus on our core products and information flow.
We are a smaller financial institution with limited staff and the automated reporting has been a great time saver for me to review various selected events. There are more than enough predefined reports to meet many of our oversight needs
I do have some issues with trying to understand the licensing and when we had to had other modules. Perhaps someone coming from an IT administration or CIO background would understand it better.
Great Auditing Tool for SysAdmins
Great, I use it in my daily auditing for reports to find trends and failed activity in my environment
Finding the Who, what, when and where. Built-in reports, and ability to install local client
Doesn't go as far as to show you the what is causing a logout or failed login.
Great product, easy to use & helps with GDPR compliance
Netwrix saves me time not having to go through continuous logs. I can just run reports on demand and review the scheduled reports. It also ensures helps to manage permissions and AD accounts. Netwrix saves me quite a bit of time on a weekly basis.
Consolidates logs, easy to access reports on AD/file server changes. You are also able to set up alerts for account lockouts, failed logins and more. Netwrix can also help detect ransomware by reporting on bulk file changes (thankfully this isn't an issue for us). The application is easy to set up and navigate.
Whilst the modular approach is great for price/budgeting, it's a shame you can't trial the different modules for 30/60/90 days before making a decision on which modules to implement.
Taking over this product from previous administration, left a bad impression of the product, having worked with the technical team to get the product up and running, has re-invested my confidence in the product.
The functionality of the software is impressive for tracking active directory changes and modifications.
Some configuration challenges and support from an older version is lacking, but with reason as long as you keep the product updated, you shouldn't run into troubles. Just make sure to keep the product updated to keep along with all the products changes.
Great software that reads your event logs and makes it easy to read, break down and report on.
Know exactly what is happening in your network so you can detect problems and intrusion attempts before they get bad.
This software takes your computer and server event logs and breaks them down into reports that you can easy view and understand exactly what is going on with your environment. You can also record what anyone does on your servers as a video. All reports can have real time notifications of events you select like multiple failed logins etc. It is also an amazing price for all that you get.
The only thing i have had is that the new version doesn't support Windows Server 2003-2008 so what i did was spun up 2 VM's for this software and ran an older version on one VM and the newest version on an other so I can have the old version monitor the 2003-2008 servers and the newest version monitor 2008 R2 to 2016.
Netwrix has helped revolutionize our processes and simplify environmental monitoring and management.
We are able to easily spend our time on innovation as opposed to "fire-fighting."
Netwrix makes the process of auditing changes within our Active Directory environment very simple. We no longer have to spend additional time chasing down problems and what caused them. We can quickly evaluate what has recently changed, who changed it and then evaluate the best resolution without wasting time. This allows us to focus on the most important aspects of our jobs!
Netwrix does not have a lot of features that I do not find amazing. The only item that I can find that comes close to being a "con" involves the way that data is processed. I would love to find a method of auditing active directory and servers that do not involve granting Domain Admin rights to an account used for the product. It is understandable, though.
A lot of features at a good price.
It has been used to show my company does take securing sensitive information seriously.
Netwrix Auditor audits a lot of different products such as SQL Server, Windows Servers, Active Directory and NetApp file servers. It is very consistent in its runs and produces reports and alerts that our US government clients fully accept. It has helped my company receive numerous accreditation for performing auditing properly.
It can be difficult to configure and sometimes fails during a heavy load. Although it may fail every now and then, it will go back and gather the information it missed in the last run and get backup to date on the audits.
A auditing solution with huge value to the organization!
It makes AD auditing easier for our Information Security Officer, while providing real-time reports for our IT department. The program saves a lot of time that had been spent doing things manually.
The daily reporting is great at providing a snapshot of changes the environment for Information Security Officer. In our IT department we rely on the real-time alerts daily for user lockouts and other AD related changes to inform us of changes made so we can act accordingly.
It takes some time to get a handle on the on-demand reporting, but Netwrix provides a huge list of canned reports so you rarely have to create a customized report from scratch.
Invaluable solution for our Microsoft Active Directory auditing requirements.
Ease of addressing our Microsoft audit/compliance activities.
Netwrix provides a thorough, easy to use interface to address supporting documentation for almost all of our Microsoft audit requirements. We have been able to easily produce the documentation and evidence for all requests from our audit team with ease. Something that used to take a considerable amount of time to compile.
Would prefer that the client be web based, as opposed to the Windows client that is used today. Additional detail in error reports to help identify exactly what is not working would be extremely helpful as well. We occasionally have to do quite a bit of exploration to determine exactly what component is generating the error.
Use this software to monitor, alert, and create reports for Government IT Audits
Easier domain management, real time security alerts, it is a wonderful piece of software.
The fact that Netwrix always includes new and better features all of the time. Great price for the software and once it is in place and working it is very stable and solid. The new 9.0 version really allows for so much more than the old versions.
Some of the plugins are hard to use. I have a hard time figuring out what is causing errors sometimes when it runs its nightly scans of my systems. But customer support is always very good in helping solve the issues.
It has been refreshing to know that strange activity is going to notify me.
The alerting is incredibly valuable. Changes taking place to multiple files will generate an alert long before a human eye could notice what was happening. This is true of administrative logins and failed logins as well. The ability to audit changes in permissions so that they can be "seen" has been very helpful as well.
It can be a bit too quick to alert but this is configurable. The initial configuration will set the tone for the application and goes a long way toward the initial implementation and usage so plan your install and determine what you want it to do for you before you actually install it.
The additional set of eyes you need.
Netwrix Auditor was easy to deploy and you can very quickly gain deep insights into what is occurring in your environment. A huge positive is that a single application can provide data for so many different environments.
Not a knock against the software itself, but in some cases, requirements for certain audit features could be documented a bit better or more centrally. Perhaps this has been improved upon since my initial deployment 5+ years ago.
Netwrix Auditor is a fairly easy software package to use. It also converse a lot of system types.
The software covered most of the system that we were required to audit.
Netwrix Auditor can be setup to audit most all of the systems that a company is running. It also allows, for one price to audit most of the systems that need to be audited. In addition you can audit systems that are not part of Netwrix by using the Integration API.
The primary con with Netwrix is that the documentation is not complete. It does show how to configure a basic system but then stops there. It should also show how to configure more complex configurations. This then requires you to submit a ticket which might take a bit to get a proper answer.
Netwrix Auditor for Dummies
We got this product to assist with our NIST 800-171 compliance with our aerospace customers. The logs and information it provides are invaluable.
It's very easy to configure most of what you'll want to log directly out of the box. The parts that are a little more confusing are easily done with talking to support. This is overall a great product and one that I've needed for years.
When you don't work with the setups on a regular basis it's sometimes time consuming to go back and make changes or add/delete things. Since it basically runs itself I haven't touched the setup in months.
Now a days changes in AD is very important
Like I said real time change alert is the best part of using this product
Real time notification of any changes in AD and successful and unsuccessful logins to machines, which tells administrators of unauthorized login tries and legitimate user problems even before users approach administrator
There has to be exception reporting options which lets administrator know as some thing is not right for example I particular user is not supposed to be logging into a particular server and if such action happens then administrator should be alarmed - such relationship database should be there
An Auditor's best friend.
It performs a multitude of different Auditing tasks for us, making PCI and SOX compliance much simpler.
It just works. Set it up once, and the daily/weekly jobs run without any further effort. We have our reports sent to our ticketing system, making the daily review a breeze.
Reporting filters can be a little confusing to use at times, and customization options are limited, requiring editing config files rather than within the GUI.
An excellent product that continues to improve.
If we start to experience a problem that goes back to AD or Group Policy, we can easily determine what changed and remediate it.
The version 9 client is awesome. It provides a much easier way to drill into reports and events than ever before.
The activity summary reports that it completed with errors, yet neither we nor tech support has ever been able to identify the problem. Since there are no events missing, we have just let it go.
Very nice and works the second you load it.
Insight into logs without manual log review and without having to create a lot of custom alerts and views.
The software works well and it doesn't take alot of configuration to be usable.
It proactively sends emails with daily recaps.
Very simple to setup
It is very expensive and to get everything, plan to buy multiple modules. The value for the money is there, but it is alot of money to start. Great value / High Price.
This software is very intuitive to use and a great value.
Easy to use interface, daily/weekly reporting on important Active Directory events, Real-time alerting, real-time forensics with the intelligent search feature. Ability to scale the product to additional areas as needed (Exchange, SQL, etc.)
Easy to find the information we need using the search feature. Real-time alerting. Ability to report on any event from the Windows event log.
Inability to format the reports (choosing data fields or placement of the fields). Inconsistent reporting formats depending on the method selected. Example: running a report within the reporting interface vs. Inactive account report. When running a report and then choosing to subscribe, must reconfigure the subscription to match the report that was already run.