ManageEngine ADAudit Plus recently announced the addition of real-time change auditing for Windows Active Directory. Available immediately, the new feature provides administrators with real-time email alerts, when critical and unauthorized changes are made to AD. Similarly, administrators can view a real-time, live feed of alerts in the ADAudit Plus console along with a thorough analysis of “who did what, when and from where” in the solution’s 200+ pre-configured audit reports.
Active Directory, being the central data store for sensitive user data and critical business information, necessitates that companies secure the data and access permissions stored in Active Directory; but the inadequate monitoring and reporting capabilities of native Active Directory management tools make that security impossible to maintain and monitor. In short, the native tools do not provide a continuous, uninterrupted view of Active Directory changes. Instead, they capture brief slices of time that correspond to specific reporting periods. Consequently, the native tools leave Active Directory unmonitored and unprotected for long periods during which a single, undetected change can have a severe impact on the organization’s data and reputation.
Logon failures audit report
“ADAudit Plus real-time change monitoring and notification is like installing a surveillance camera inside a domain controller and designating an acute observer, who knows well the impact of every change, to man it 24×7″, said Balasubramanian Palani, product manager at ManageEngine. “The tool’s built-in and configurable alerts fire the moment some critical change is detected, which provides administrators all the head start required to successfully preclude an intrusion or re-mediate an untoward change.”
Secure Administration and Data with Continuous, Real-Time Auditing
To maintain a secure and compliant Windows environment, the real-time change auditing feature in ADAudit Plus gives administrators the power to control and monitor each and every critical and unauthorized change and quickly roll back in case of an erroneous or unauthorized modification.
For example, ADAudit Plus now continuously monitors and immediately reports changes and modifications such as adding or accidentally deleting users, password settings changes, account setting changes, any change among the 6,000+ group policy settings, giving group or user permissions, user logon failures, and many more.
Dashboard view with live feed of alerts
The continuous auditing and reporting of AD changes offers administrators the insight to understand, foresee potential security risks and take preventive actions in time, and thus administer a strong and safe organizational security. Not only does it indicate that the integrity of information can be evaluated at any given point of time, it also means that the information is able to be verified constantly for errors, fraud, and inefficiencies, all of which ensure a detailed audit.
About ADAudit Plus
ADAudit Plus is a real time, web based Windows Active Directory Change Reporting Software that audits-tracks-reports on Windows [Active Directory, Workstations Logon / Logoff, File Servers & Servers], NetApp Filers & EMC Servers to help meet the most-needed security, audit and compliance demands. Track authorized / unauthorized AD management changes access of users, GPO, Groups, Computer, OU, track every file, folder modifications, access and permissions changes with 200+ detailed event specific reports and instant emails alerts and also, export the results to xls, html, pdf and csv formats to assist in interpretation and computer forensics!
The original article/video can be found at Real-Time Change Auditing for Windows Active Directory