Softpedia >Windows >Internet >Servers >Server Tools >Netwrix Auditor >  Changelog

Netwrix Auditor Changelog

What's new in Netwrix Auditor 9.96.8314.0

Sep 8, 2020
  • New: State-in-Time reports for SQL Server
  • Close permission gaps in your SQL Server to ensure your database security —
  • Untangle complex database- and server-level permissions, and get a clear picture of who has access to what, so you can close your security gaps before threat actors get their chance. Simplify the entitlement review process, and keep user permissions in line with internal policies and further reduce the number of audit findings.
  • Maintain good database hygiene — Reduce the time and frustration associated with gathering and analyzing critical database configurations settings by getting a single-pane-of-glass view into your database
  • setup, so you can ensure that everything is in line with your internal policies and finally take a welldeserved break at work.
  • New:
  • State-in-Time reports for VMware
  • Remediate your weak spots to improve the security of your virtual environment — Understand the permissions in your virtual environment and clearly see who has access to what, so you can remediate excessive rights that increase the risk of attackers getting their hands on your sensitive data, disrupting business processes or causing you additional audit findings.
  • New:
  • Netwrix Auditor for Network Devices
  • Simplify IT auditing of Cisco Meraki, HPE Aruba and Pulse Connect Secure — Gain a single-pane-ofglass-
  • view into Cisco Meraki, HPE Aruba and Pulse Connect Secure configuration changes and both successful and failed logon attempts, so you can have the entire audit trail available from one place.
  • Respond to events that might cause downtime before anyone notices — Quickly detect when your switches, routers or other network devices suddenly stop responding, so you can troubleshoot the issue before it causes downtime and affects your users or customers.
  • New:
  • The Account locked out alert — Whenever an AD account gets locked out, get an alert with all the critical details required for troubleshooting, so you can restore access before user even picks up the phone.
  • New:
  • The Azure AD sign-in from suspicious location alert — Promptly detect successful and failed logons to your Azure AD and cloud applications that come from outside your trusted location, such as a specific IP address, IP range or even country. Then immediately investigate this suspicious activity and take proper measures to prevent damage.
  • Other major improvements:
  • Transition to MFA while keeping your IT auditing centralized — Netwrix Auditor now supports MFAonly
  • tenants, so it’s the right time to comply with this Microsoft security requirement while keeping your
  • top-notch, centralized IT auditing across SharePoint Online, Exchange Online and Azure AD.

New in Netwrix Auditor 9.9.6715.0 (Nov 14, 2019)

  • NEW:
  • Reporting on permissions in SharePoint Online and OneDrive for Business.
  • Reporting on permissions to delegated mailboxes in Exchange Online.
  • Reporting on logon activity in VMware.
  • Reporting on logons using Active Directory Federation Services.
  • Netwrix Auditor for Nutanix Files.
  • Add-on for CyberArk Privileged Access Security (available for free download from the Netwrix Auditor Add-on Store).
  • MAJOR ENHANCEMENTS:
  • Users can customize overview dashboards.
  • The product’s UI includes a live news feed.
  • Users can audit Windows file server mount points.
  • Users can monitor when Netwrix Auditor has been launched and when the auditing scope has been modified.
  • Netwrix Auditor for VMware now collects data as often as every 15 minutes.
  • Netwrix Auditor for Oracle Database now supports Oracle Database 19C.

New in Netwrix Auditor 9.8.5282 (May 17, 2019)

  • NEW:
  • IT Risk Assessment dashboard now includes risks from SharePoint and Windows Server.
  • SharePoint Data Classification reports.
  • MAJOR ENHANCEMENTS:
  • Netwrix Auditor now allows searching users’ activity outside business hours and configuring alerts to such actions.
  • Netwrix Auditor now enables users to search the activity by anyone who is not a member of a certain AD group, and configure alerts to those events.
  • Netwrix Auditor for Network Devices supports Palo Alto, SonicWall and Juniper devices.
  • Netwrix Auditor for Network Devices reports on the number of monitored network devices.
  • Netwrix Auditor applications for Windows file shares, EMC and NetApp provide an overview of folder structure.
  • Netwrix Auditor for Windows Server reports on whether servers are configured for automatic updates and detects changes to this configuration setting.
  • Netwrix Auditor for Windows Server reports on whether Windows Defender is enabled or disabled.
  • Netwrix Auditor for Windows Server provides details about domain accounts running scheduled tasks and services.
  • Netwrix Auditor for Windows Server reports on session start and end times and offers optional video recording of sessions.
  • Netwrix Auditor for Windows Server can trigger video recordings by Run As events.
  • Netwrix Auditor for Windows Server provides a configurable location for the video share.
  • Netwrix Auditor now supports SQL Server Always On availability groups as a storage.
  • Netwrix Auditor for VMware offers more efficient log storage, and increased collector speed, accuracy and integrity.
  • Users can navigate directly from the Behavior Anomaly dashboard to the User Profile.

New in Netwrix Auditor 9.5.2477.0 (Nov 2, 2017)

  • IT Risk Assessment dashboards.
  • Behavior Anomaly Discovery.
  • State-in-Time reports on Windows Server configurations at present or any moment in the past.
  • Add-on for ServiceNow Incident Management (available for download from the Netwrix Auditor Add-on Store).
  • Add-on for Privileged User Monitoring on Linux and Unix Systems (available for download from the Netwrix Auditor Add-on Store).
  • Add-on for Generic Linux Syslog (available for download from the Netwrix Auditor Add-on Store).

New in Netwrix Auditor 9.0.1654.0 (May 4, 2017)

  • New:
  • Unified alerting across all audited IT systems.
  • Threshold-based alerts.
  • Role-based access control.
  • Add-on for Cisco network devices (available for download from the Netwrix Auditor Add-on Store).
  • Compliance report packs with reports that address the requirements of GDPR, CJIS, FERPA, NERC CIP and GLBA
  • Major enhancements:
  • Enhanced predefined alerts that work right out of the box and can be easily customized.
  • Ability to set up an alert based on a search query.
  • Improved reporting on file and folder renames, moves and copies, and on stale data on Windows file servers.
  • Improved data collection speed and scalability for Windows-based file servers.
  • Single graphical user interface.
  • Netwrix Auditor for Windows Server now reports on the use of removable USB drives and DHCP configuration changes.
  • Netwrix Auditor for Windows File Servers now also provides the “workstation” detail where applicable.
  • Netwrix Auditor for Windows File Servers now reports on permissions changes with the “account type” detail (AD group, user account or computer account).
  • Netwrix Auditor for Windows File Servers now lists the user who created a folder.
  • Netwrix Auditor for Windows File Servers now provides the creation date of deleted files and folders.
  • Netwrix Auditor for Windows Server now collects data from Windows Server 2016.

New in Netwrix Auditor 8.5.982 (Oct 21, 2016)

  • NEW:
  • #completevisibility into activity across hybrid cloud IT infrastructures for threat detection and data access governance
  • New: Secure identities and data in the cloud
  • AZURE AD:
  • Solidify AD security—even if your identities reside in the cloud. The all-new Netwrix Auditor for Azure AD delivers actionable intelligence about what’s going on in Azure Active Directory, enabling you to detect and investigate unauthorized changes to security settings, privilege escalation and suspicious access to Azure applications in time to make a difference.
  • OFFICE 365:
  • Support your move to the cloud with proper security controls over your SharePoint data. The enhanced Netwrix Auditor for Office 365 provides security intelligence about user behavior in SharePoint Online, so you can easily identify inappropriate data access and promptly take steps to prevent leaks of sensitive information.
  • New: Protect your structured data against exfiltration
  • ORACLE DATABASE:
  • In addition to visibility into unstructured data, gain control over database activity to detect, investigate and remediate threats to structured data. The new Netwrix Auditor for Oracle Database gives you visibility you can trust into what users and DBAs are doing in your Oracle databases, so you can quickly spot anomalous behavior and take corrective or preventive actions before a data breach occurs.
  • SQL SERVER:
  • Harden the security of data in your Microsoft SQL environment. The enhanced Netwrix Auditor for SQL Server strengthens your control over highly privileged users, giving you confidence that you can detect any unauthorized access to your SQL databases.
  • New: User Behavior and Blind Spot Analysis—Detect insider threats or external attacks in progress
  • Spot anomalous access attempts, suspicious activity and abusive user behavior across multiple systems that would otherwise go unnoticed. With Netwrix Auditor, you can detect insider threats and cyberattacks, identify bad actors and respond to incidents efficiently. The new User Behavior and Blind Spot Analysis capability enables you to easily answer questions such as:
  • Has there been any abnormal access to sensitive data?
  • Is anyone accessing stale data?
  • Have there been any unusual spikes in failed activity?
  • Who is active outside of business hours and what are they doing?
  • Has anyone put harmful files on corporate data storage?
  • Are there any files likely to contain credentials, Social Security numbers, PHI or other sensitive data?
  • New: Add-on Store—Fully leverage your IT security ecosystem through seamless, bi-directional integration
  • Maximize the value of your existing security applications by feeding them granular audit data from Netwrix Auditor. Visit the Netwrix Auditor Add-on Store to discover new free add-ons for integrating with SIEM systems, such as Splunk, IBM Security QRadar, AlienVault USM, Solarwinds Log & Event Manager, Intel Security and LogRhythm.
  • More than 20 additional enhancements that improve usability, performance and scalability

New in Netwrix Auditor 8.0.684 (Jul 15, 2016)

  • WHAT'S NEW:
  • #completevisibility into hybrid cloud IT infrastructures to protect your data at rest regardless of its location
  • Regardless of data location - gain complete visibility into access, security changes and actions
  • Cloud:
  • Meet the all-new Netwrix Auditor for Office 365, which delivers visibility into changes to security settings and non-owner mailbox access in Microsoft Exchange Online.
  • Storage appliances:
  • Expand your visibility into changes and data access in storage appliances. The new Netwrix Auditor for EMC supports EMC Isilon as well as VNX and VNXe, and the new Netwrix Auditor for NetApp supports all the latest versions of Data ONTAP, including 8.3.1.
  • Windows-based file servers:
  • See the effective permissions for your data at rest with the new Netwrix Auditor for Windows File Servers, which analyzes both NTFS and share-level permissions.
  • SharePoint:
  • Establish audit controls over your most critical data. With Netwrix Auditor for SharePoint, you can now select specific documents and track who reads them.
  • File Analysis reports - make better information management decisions for unstructured data
  • New predefined reports enable you to quickly detect excessive access rights, overexposed data, and suspiciously high numbers of reads, modifications and failed access attempts. Get answers to questions such as:
  • Who has access to data they shouldn't have?
  • How are permissions assigned - directly or via groups?
  • Who owns what data?
  • Which file types are used most frequently?
  • Have there been any unusual spikes in file reads, modifications or failed access attempts?
  • Are there any empty folders or duplicate or stale files?
  • RESTful API - endless integration, auditing and reporting capabilities
  • Data in: Centralize auditing and reporting by feeding Netwrix Auditor with audit data from any existing on-premises or cloud applications. All of your audit data will be centrally stored and ready for search and reporting.
  • Data out: Get the most from your SIEM investment by feeding more granular audit data into your HP Arcsight, Splunk, IBM QRadar or other solution, thus increasing the signal-to-noise ratio. Moreover, you can also feed the granular audit data from Netwrix Auditor into critical IT processes, such as change management or ticketing, to further automate and streamline operations.
  • See how you can benefit from the RESTful API with examples of Amazon Web Services and HP ArcSight integration.
  • On-premises, virtual or cloud - deploy Netwrix Auditor wherever you need it
  • In addition to traditional on-premises deployment, Netwrix Auditor now offers two new deployment options that can speed time-to-value by getting you up and running in just 15 minutes:
  • Virtual: Download our VMware Ready™ virtual appliance, which is ready to run on Microsoft Hyper-V and VMware hypervisors.
  • Cloud: Visit the Microsoft Azure, Amazon, CenturyLink or VMware marketplace to deploy Netwrix Auditor in the cloud.
  • More than 20 additional enhancements that improve usability, performance and scalability

New in Netwrix Auditor 7.1.322 (Nov 6, 2015)

  • What's New:
  • Security Investigations
  • Identify the root cause of malicious activities and collect evidence for compliance.
  • Netwrix Auditor has always helped detect security incidents that put your IT systems, data or bottom line at risk. Now, it is even easier to identify the root cause, from a broken system configuration to abuse of privileges - even if the cause lies in the distant past. The Investigations feature enables you to import your archived audit trails into Netwrix Auditor and use them to build ad-hoc reports for key stakeholders and external compliance auditors.
  • Support for NetApp Clustered Data ONTAP
  • Gain visibility into changes and data access in the most recent versions of NetApp.
  • Maintain complete visibility into changes and data access while leveraging all the benefits of the new NetApp version, including its cluster mode.
  • New Predefined Reports
  • Account Permissions - Shows who has permissions to what across all of your file shares.
  • Netwrix Auditor System Health - Provides details about the health of Netwrix Auditor so you can make sure you are properly auditing all of your critical IT systems.
  • Migration of Archive Trails from Netwrix Auditor 6.5 and below
  • When upgrading to the latest version of Netwrix Auditor, easily migrate your audit trails from earlier versions to ensure continued access to all of your audit data.
  • Non-owner Mailbox Access Auditing of Exchange 2013
  • See who accessed what mailboxes in Microsoft Exchange Server 2013, what specific items inside those mailboxes (emails, appointments, tasks, etc.) were affected, and what actions (edit, delete, etc.) were performed on each item.

New in Netwrix Auditor 7.0 (May 27, 2015)

  • NEW:
  • AuditIntelligence Search. Find answers to questions about any IT infrastructure change or data access in minutes, not days:
  • Interactive Search allows you to quickly sort through audit data and fine-tune search criteria until you find the information you are looking for.
  • Export the results or create a custom report meeting your specific requirements. The search criteria can be saved for later use and shared with other users.
  • Delegated access to audit data. Enable key stakeholders to access audit data whenever they need it:
  • The new Netwrix Auditor client can be installed on an unlimited number of computers in your organization, providing full access to actionable intelligence.
  • Out-of-the-box compliance reports. Eliminate the stress of your next compliance audit:
  • Whenever you need to prove to auditors that specific processes and controls are (and were always) in place, prove it with data.
  • Netwrix Auditor now provides out-of-the-box reports that are mapped toward specific regulatory compliance standards, including PCI DSS 3.0, HIPAA, SOX, FISMA/NIST800-53 and ISO/IEC 27001.
  • New user interface. Streamlined product experience:
  • A major user interface update makes access to actionable audit data much simpler for administrators, IT management and key stakeholders involved in security and compliance processes.
  • Over 50 enhancements to improve scalability, performance and usability.
  • FIXED:
  • Event log collection may fail with Out of Memory errors when large number of target computers are specified.
  • Performance improvement is required for DFS namespace server processing.
  • Data collection fails if audited files or folders contain the \uDBB8 symbol in their names. Now these files and folders are excluded from auditing.
  • Enhanced logging is required for auditing file servers.
  • Netwrix Auditor generates empty file servers reports if DFS is configured so that link targets point to subfolders in file shares. Netwrix Auditor collects events anyway.
  • Netwrix Auditor Agent may hang while collecting events from the domain controller Windows event log.
  • After a Managed Object that consolidated event logs is deleted from the Netwrix Auditor Administrator Console, a scheduled task associated with this Managed Object will not be deleted automatically.
  • If you launch data collection manually for event log auditing (by clicking Run on your Managed Object page in Netwrix Auditor Administrator Console), and there is an invalid email address in the Events Summary Recipients list, email delivery will fail to all addresses, not just the invalid one.

New in Netwrix Auditor 6.0 (May 13, 2014)

  • Enterprise Overview dashboards: Netwrix Auditor provides complete visibility into what is happening in your IT infrastructure, and allows drilling down to details on every change across all audited systems.
  • Deliver a high-level overview of changes across all audited systems.
  • Show activity trends by date, user, server or IT system with detailed drill-down capabilities.
  • Aggregate change events across all kinds of audited systems (Active Directory, File Servers, SharePoint, etc.) into one single view.
  • Comprehensive SharePoint auditing: Netwrix Auditor further extends the range of audited systems, providing the broadest coverage on the market.
  • Supports SharePoint 2010 and SharePoint 2013.
  • Provides visibility into farm configuration and security changes, including modifications of permissions and permission inheritance, SharePoint group membership, permission levels, and security policies.
  • Reports on creation, deletion and modification of any SharePoint content, including sites, lists and libraries, folders, documents and list items.
  • Over 25 enhancements and fixed issues, including scalability, performance and usability.

New in Netwrix Auditor 5.0 (Feb 11, 2014)

  • What's New:
  • Enhanced Netwrix Auditor user interface provides consistent experience for all audited systems.
  • Automatic audit configuration in the target Active Directory domain reduces the time required for initial deployment or evaluation.
  • Improved reporting for Active Directory, Group Policy and Exchange Server:
  • Over twenty new reports.
  • The Overview report provides quick access to high-level statistics on changes.
  • Drill-down reports link to the next level of detail.
  • Originating workstation tracking further clarifies the source of a change even when changes are made using the same account.
  • New State-In-Time Reports allow reviewing Group Policy Objects at any specific moment in time.
  • New report filters allow viewing the changes made by members of the specified groups.
  • All previously customized reports are retained during the upgrade.
  • Improved Real-Time Alerts for Active Directory changes:
  • Alerts can be triggered by changes made by members of the specified groups.
  • Several new pre-configured alerts on critical changes, such as OU deletion, changes to the AD Configuration partition, and more.
  • Change management capabilities now allow you to assign statuses and provide comments for each change event for Active Directory, Group Policy and Exchange.
  • Netwrix Auditor can now automatically track and disable inactive users and computers in Active Directory.
  • Netwrix Auditor can now automatically send email notifications to users who don't interactively log on to Windows when their accounts or passwords are about to expire.

New in Netwrix Auditor 4.0 (Jun 7, 2013)

  • Completely revamped version with major improvements.
  • Integration with Netwrix Management Console: unified interface for most Netwrix products.
  • Auditing of Microsoft DNS Server.
  • Basic change management capabilities: editable status and comment fields for each change.
  • Improved reporting:
  • The Overview report shows high-level statistics on changes.
  • Drill-through reports link to the next level of detail.
  • Twelve new reports.
  • The report Subscription feature allows scheduling any available reports for automatic delivery by specifying report filters, schedule (daily/weekly/monthly) and recipients.
  • Automatic audit configuration on target computers.
  • New choice options for monitored computers: from within an AD container, an IP range, or by importing a list of computers from a file.
  • Email delivery through SMTP servers with SSL support (including the implicit SSL mode).
  • Support for the installation on servers with FIPS enabled.
  • Configurable audit database retention policy.
  • Typical fixes and updates.
  • The addition of Netwrix User Activity Video Reporter 1.0 allows to track all activities in any component of an IT infrastructure, regardless of the software you need to audit:
  • Video recording of users¹ activity (both interactive and remote sessions)
  • The Netwrix VideoScape technology allows collecting session embedded metadata (application names and windows titles, etc.) that can be used for filtering and data search inside video recordings.
  • Video recording session filters (allow recording only the specified users or active applications).
  • Ad-hoc reports, filtered by time/computer/user/application.
  • Possibility to start playback from a point associated with an action log entry.
  • Video recording sessions retention.
  • Integration with other Netwrix Change Reporter products allows to see HOW particular changes reported by these products were made.
  • Typical fixes and updates of Netwrix Management Console.

New in Netwrix Auditor 3.3 (Jun 7, 2013)

  • New version of Netwrix SQL Server Change Reporter 2.6:
  • Typical fixes and updates.

New in Netwrix Auditor 3.2 (Jun 7, 2013)

  • Automatic deployment and configuration of SQL Server 2012 Express Edition with Advanced Services (SQL Server 2008 for Windows Server 2008 w/o service pack, Windows Server 2003 or below).
  • New version of Netwrix Active Directory Change Reporter 7.2.
  • Support for the installation on Windows Server 2012 and Windows 8.
  • Support for Exchange 2013.
  • Support for Windows 2012-based domains.
  • A new report: "Users without Distribution Group Membership".
  • Support for the installation on servers with FIPS enabled.
  • Typical fixes and updates.
  • The addition of Netwrix Event Log Manager 4.0 which extends Netwrix Change Reporter Suite with native event log management for both syslog and Windows hosts. Version 4.0 has the following new features:
  • Support for syslog event collection. Predefined events collection rules are available for Ubuntu 11 and RedHat Linux.
  • New choice options for monitored computers: from within an IP range or by importing a list of computers from a file.
  • The new Subscription feature allows scheduling any available reports for automatic delivery by specifying report filters, schedule (daily/weekly/monthly) and recipients.
  • 30 new reports have been added.
  • New option allowing the collection and archiving only of the important events. Predefined sets of audit archiving filters are available for the following regulatory compliances: GLBA, HIPAA, PCI, SOX.
  • New option to collect detailed event descriptions and include them in reports.
  • Typical fixes and updates.
  • Support for the installation on Windows Server 2012 and Windows 8.
  • Support for Windows 2012-based domains.
  • All modules of the suite support auditing of Windows 2012-based domains.
  • Typical fixes and updates of Netwrix Management Console.

New in Netwrix Auditor 3.1 (Jun 7, 2013)

  • Improved support for Microsoft Exchange Server 2010
  • Improved scalability in larger AD environments
  • Integration with Netwrix Non-owner Mailbox Access Reporter for Exchange
  • Primary group membership displayed in Snapshot Reports
  • Support for Asian languages in report filters
  • New reports for Active Directory
  • Configurable audit database retention policy
  • Typical fixes and updates

New in Netwrix Auditor 3.0 (Jun 7, 2013)

  • Latest version of Netwrix Management Console:
  • Improved user interface, typical fixes and updates
  • Latest versions of Netwrix products, including:
  • Netwrix SQL Server Change Reporter 2.5
  • Configurable Record, Row and Column content auditing including the before and after values.
  • Originating workstation tracking further clarifies the source of a change when changes are made using the same service account.
  • SQL Job change auditing: tracks changes made to Jobs, Job Steps and Job Scheduling.
  • Permissions change auditing for tables, views, stored procedures and functions.
  • Improved report delivery options, including the new CSV format and pre-delivery compression.
  • Typical fixes and updates.
  • Netwrix Non-owner Mailbox Access Reporter for Exchange 3.0:
  • Improved support for Microsoft Exchange Server 2010.
  • Reports show accessed mailbox object types: email, appointment, note, task, contact, etc.
  • Optional notifications to users about non-owner access to their mailboxes.
  • Support for the SMTP authentication (including SMTP SSL).