BeyondTrust PowerBroker Auditor for Active Directory
Real-Time Auditing and Change Control for Active Directory
Trying to keep up with all the changes made in Active Directory can be an extremely timeconsuming and complex process, with delays in discovering and addressing changes possibly leading to business disruption, not to mention the security and compliance implications of such changes.
Maintain Business Continuity with PowerBroker
PowerBroker Auditor for Active Directory helps IT organizations meet PCI, SOX, HIPAA and other compliance requirements by auditing and alerting on Active Directory configuration changes in real time. Pinpoint changes that introduce security risks, jeopardize compliance, or impact operations via the solution’s real-time tracking of: who performed each change, what changed (including pre/post values), when the change occurred, and where the change was made.
The solution's centralized database enables both auditing and recovery, delivering a broader set of capabilities than native AD auditing – without the operational impacts. Add PowerBroker Recovery for Active Directory, and you have a continuous backup technology that enables you to both detect and roll back changes, minimizing the risks of business disruptions.
Increase Efficiency with Centralized Auditing and Recovery
PowerBroker Auditor and Recovery for Active Directory includes a centralized database to enable both auditing and recovery of AD data, delivering a broader set of capabilities than native AD auditing — without the operational impacts. With PowerBroker Recovery for Active Directory, you have a continuous backup technology that enables you to both detect and roll back changes. You can therefore quickly undo accidental or unwanted changes via a single console, without requiring a point-in-time backup.
PowerBroker Auditing & Security Suite
PowerBroker Auditor & Recovery for Active Directory is part of the PowerBroker Auditing & Security Suite. The suite provides centralized, real-time change auditing for Active Directory, file systems, Exchange, SQL, and NetApp.
- Audit and Alert - Audit the who, what, where, and when of changes in Active Directory, Exchange, file systems, SQL, and NetApp. Alert to those changes, providing real-time visibility to address potential compliance concerns.
- Discover and Enforce - Deliver entitlement reporting, ensuring that users have access to the resources — and only those resources — they need to do their jobs.
- Recover and Roll Back - Provide rollback and restore of any Active Directory changes or deletions, and backup and restore of Group Policy, protecting the business from downtime.
- Extend and Enhance - Extend throughout the Microsoft infrastructure, providing more capabilities than native tools and a unified view of changes across Exchange, file systems, SQL, and NetApp environments.
Real-Time, Centralized Active Directory Auditing and Alerting
Audit, alert and report on all changes made in Active Directory in real time without relying on difficult and cumbersome native event logs. Centralized, real-time auditing – including before and after values and simplified event translation – helps to quickly identify changes that can impact the security of the environment.
Integration of Audit and Recovery
PowerBroker Auditor for Active Directory is part of a suite of auditing and recovery solutions that track and alert to changes across the Windows environment – from Exchange, to Windows File Servers, SQL Server and NetApp. A web-based console acts as a single pane of glass helping administrators more easily manage their deployment and quickly meet compliance needs.
No Requirement for Native Auditing
PowerBroker Auditor for Active Directory does not require any GPO changes or native System Access Control Lists to be managed or defined. IT can leverage native auditing using Microsoft ACS along with PowerBroker Auditor for Active Directory to narrow the search for which audit log contains the needed information, making the process to find and remediate a change much quicker than using native auditing alone.
Features and Benefits:
Active Directory Auditing
- Reduce risk: Pinpoint changes that introduce security risks, jeopardize compliance, or reduce operational efficiency.
- Know who has access to what: Monitor access to mission-critical and sensitive IT assets.
- Ensure accountability: Track the “who, what, when and where” for every Active Directory change.
- Compare before and after: See old and new values for every change, including host name and originator IP address.
- Audit event translation: Enable less technical users to understand what activity has occurred while still maintaining the advanced details that administrators require.
- Integrate with native management tools: Gain single-click access to item and user histories via integration with native management tools such as Active Directory Users and Computers, Sites and Services, ADSI Edit and others.
- Enhanced auditor for PowerBroker for Windows: Any change to PowerBroker for Windows Group Policy is captured with pre- and post-values, providing complete least privilege enforcement and policy auditing in a single solution.
- Customize alerting: Design HTML templates or plain text email notifications, and simplify the appending, replacing or removing of recipients to alert notifications.
Deployment and Scalability
- Speed deployment: Ensure trouble-free deployments with a centralized database, agent and management console.
- Cover your entire organization: Audit environments with millions of users and thousands of servers.
- Simplify administration: Unite products in the suite through a web console which serves as a dashboard that enables admins and other users to perform management and enforce policy across their PowerBroker Auditing & Security Suite deployment.
- Intelligent search: Allow administrators or auditors to filter what they are looking for based on a user-friendly description of the change activity.
- User preferences: Increase usability and enable a consistent experience for users with more than a dozen customizable preferences – from colorblind options to column order.
Reporting and Compliance
- Centralize all audits: Access all audit data via a single database, even for multiple AD forests.
- Customize to your needs: Leverage intuitive wizards to quickly build custom reports and convert any view into a report.
- Automate reporting: Take advantage of expanded delivery options and formats via SQL Server Reporting Services
- Confirm compliance: Provide access and change histories for compliance with SOX, PCI, HIPAA and other mandates.
No Native Auditing
- Free yourself from native event logs: Conduct audits without managing SACLs or changing GPOs.
- Ease native auditing (when required): When Microsoft ACS auditing is required, PowerBroker Auditor can identify which native logs contain needed information.
Integrated Continuous Recovery
- Maintain business continuity: Avoid productivity and revenue losses caused by disasters or accidental deletions.
- Recover any state: Rely on continuous backups to quickly return to any previous state.
- Minimize disruption: Recover a full tree, a portion of the directory, selected objects, or individual attributes
How It Works:
PowerBroker Auditor and Recovery for Active Directory are part of the Auditing & Security Suite, which provides comprehensive auditing and recovery capabilities across complex Windows environments.
Download the BeyondTrust PowerBroker Auditor & Recovery for Active Directory Datasheet (.PDF)