netwrix auditor · aws environment to ensure data ... • changes to farm configuration, user...
Post on 06-Oct-2020
11 Views
Preview:
TRANSCRIPT
Richard NootebosCountry Manager, Benelux and NordicsRichard.Nootebos@netwrix.com
Netwrix Auditor
Know your data. Protect what matters.
Kennet JohansenSystems EngineerKennet.Johansen@netwrix.com
Time Check & Goals
Briefly about Netwrix
Product Overview
Product Demonstration
Q&A
Agenda
About Netwrix Corporation
Year of foundation:
2006
Headquarters location:
Irvine, California
Global customer base:
over 10,000
Recognition:Among the fastest growing software
companies in the US with more than
140 industry awards from Redmond
Magazine, SC Magazine, WindowsIT
Pro and others
Customer support:global 24/5 support with 97%
customer satisfaction
Netwrix Locations
Corporate Headquarters:
300 Spectrum Center Drive #200
Irvine, CA 92618
888-638-9749
www.netwrix.com
Netwrix Customers
Financial Healthcare and Pharmaceutical
Federal, State & Local Government Education
Industrial and Technology Business Services
About Netwrix Auditor
A visibility platform for user behavior analysis and risk mitigation
that enables control over changes, configurations, and access in hybrid IT environments.
It provides security intelligence to identify security holes, detect anomalies in user behavior
and investigate threat patterns in time to prevent real damage.
Netwrix Auditor
How Faster Detection Saves Costs of Data Breach
Data exfiltration window
Elapsed time (mean number of days)
Act
ivit
y le
vels
Bre
ach
De
tect
ion
Co
nta
inm
en
t
197 days 69 days
On AVG 98 day reduction save $1m On AVG 39 day reduction saves $1m
* Source: 2018 Cost of a Data Breach Study: Benchmark research sponsored by IBM Security / Independently conducted by Ponemon Institute LLC
Netwrix Auditor Unified Platform
Netwrix Auditor for
Active Directory
Netwrix Auditor for
Windows File Servers
Netwrix Auditor for
Oracle Database
Netwrix Auditor for
Azure AD
Netwrix Auditor for
EMC
Netwrix Auditor for
SQL Server
Netwrix Auditor for
Exchange
Netwrix Auditor for
NetApp
Netwrix Auditor for
Windows ServerNetwrix Auditor for
Office 365
Netwrix Auditor for
SharePoint
Netwrix Auditor for
VMware
Netwrix Auditor for
Network Devices
Netwrix Auditor for
Windows File Servers
Netwrix Auditor Unified Platform
• Active Directory and Group Policy changes
• Logon auditing
• State-in-Time reports on configurations
• IT Risk Assessment
• User profile information
• Inactive user tracking
• Password expiration alerting
• Change rollback wizard
• Changes to files, folders, shares and permissions
• Successful and failed access attempts
• State-in-Time reports on configurations
• Data Discovery and Classification
• File Analysis
• IT Risk Assessment
• Windows Server configuration changes
• State-in-Time configuration reports
• User activity video recording
Netwrix Auditor for
Active DirectoryNetwrix Auditor for
Azure ADNetwrix Auditor for
Office 365
Netwrix Auditor for
EMCNetwrix Auditor for
NetApp
Netwrix Auditor for
Oracle DatabaseNetwrix Auditor for
SQL ServerNetwrix Auditor for
VMware
Netwrix Auditor for
ExchangeNetwrix Auditor for
Windows ServerNetwrix Auditor for
SharePoint
Netwrix Auditor for
Network Devices
Netwrix API
Netwrix Auditor Add-on Store
Stay abreast of any suspicious access to your Linux systems to avert potentially harmful activity
Maximize visibility into the actionsof privileged users across your Linux and Unix environment
Gain complete visibility into your AWS environment to ensure data
security and compliance
Detect and analyze unauthorized access to your network with visibility into RADIUS logons.
What is happening in my IT infrastructure?
Are my security and compliance policies being followed?
Who is violating security principles or behaving strange?
Who has access to what data and systems and who shouldn’t have access to what?
What exactly was changed or viewed, when and where in my environment, and who must be held accountable?
How were my IT systems configured in the past as compared to now?
Are there any files likely to contain PII or other sensitive data?
and more…
Security Intelligence to Answer Key Questions
Netwrix Auditor Conceptual Model
Demonstration
Netwrix Auditor
Why Netwrix Auditor?
Sharp focus on visibility
Broadest coverage of on-premises and cloud systems
Truly integrated as opposed to multiple hard-to-integrate standalone tools from other vendors
Noise-free security analytics
Non-intrusive architecture
API-enabled ecosystem integrations
Cost-effective two-tiered storage (file-based + SQL database) holding consolidated audit data for over 10 years
Fast deployment with no professional services required
First-class, U.S.-based customer support with 97% customer satisfaction
Next Steps
Free Trial: setup in your own test environment
netwrix.com/freetrial
Virtual Appliance: get Netwrix Auditor up and running in minutes
netwrix.com/go/appliance
Online Demo: explore Netwrix Auditor at your own pace without having to deploy the product
netwrix.com/browser_demo
Contact Sales to obtain more information
netwrix.com/contactsales
Upcoming and On-Demand Netwrix Webinars: join upcoming webinars or watch the recorded sessions
netwrix.com/webinars
netwrix.com/webinars#featured
Thank You!
Questions?
Richard NootebosCountry Manager, NetherlandsRichard.Nootebos@netwrix.com
Kennet JohansenSystems EngineerKennet.Johansen@netwrix.com
Appendix
INTRODUCING NETWRIX AUDITOR 9.7
Detect and Block Attacks on Your Network Devices
Netwrix Auditor Architecture
Data Discovery and Classification Architecture
Netwrix Auditor for Active Directory
• Active Directory and Group Policy changes
• Logon auditing
• State-in-Time reports on configurations
• IT Risk Assessment
• User profile information
• Inactive user tracking
• Password expiration alerting
• Change rollback wizard
Netwrix Auditor for
Active Directory
Netwrix Auditor for
Windows File Servers
Netwrix Auditor for
Oracle Database
Netwrix Auditor for
Azure AD
Netwrix Auditor for
EMC
Netwrix Auditor for
SQL Server
Netwrix Auditor for
Exchange
Netwrix Auditor for
NetApp
Netwrix Auditor for
Windows ServerNetwrix Auditor for
Office 365
Netwrix Auditor for
SharePoint
Netwrix Auditor for
VMware
Netwrix Auditor for
Network Devices
Netwrix Auditor for Azure AD
• Changes to Azure AD groups, users, passwords,
roles, applications, service principals, devices,
contacts, and more
• Logon auditing
Netwrix Auditor for
Active Directory
Netwrix Auditor for
Windows File Servers
Netwrix Auditor for
Oracle Database
Netwrix Auditor for
Azure AD
Netwrix Auditor for
EMC
Netwrix Auditor for
SQL Server
Netwrix Auditor for
Exchange
Netwrix Auditor for
NetApp
Netwrix Auditor for
Windows ServerNetwrix Auditor for
Office 365
Netwrix Auditor for
SharePoint
Netwrix Auditor for
VMware
Netwrix Auditor for
Network Devices
Netwrix Auditor for Exchange
• Changes to Exchange Server configuration, Exchange
databases, mailboxes, mailbox delegation and
permissions
• Non-owner mailbox access auditing
Netwrix Auditor for
Active Directory
Netwrix Auditor for
Windows File Servers
Netwrix Auditor for
Oracle Database
Netwrix Auditor for
Azure AD
Netwrix Auditor for
EMC
Netwrix Auditor for
SQL Server
Netwrix Auditor for
Exchange
Netwrix Auditor for
NetApp
Netwrix Auditor for
Windows ServerNetwrix Auditor for
Office 365
Netwrix Auditor for
SharePoint
Netwrix Auditor for
VMware
Netwrix Auditor for
Network Devices
Netwrix Auditor for Office 365
• Exchange Online administrative changes, changes to
mailboxes, users, groups, permissions and policies
• Non-owner mailbox access auditing
• SharePoint Online and OneDrive for Business
configuration, security, and content changes, and
data access events
• Sensitive data discovery on SharePoint Online and
OneDrive for Business
Netwrix Auditor for
Active Directory
Netwrix Auditor for
Windows File Servers
Netwrix Auditor for
Oracle Database
Netwrix Auditor for
Azure AD
Netwrix Auditor for
EMC
Netwrix Auditor for
SQL Server
Netwrix Auditor for
Exchange
Netwrix Auditor for
NetApp
Netwrix Auditor for
Windows ServerNetwrix Auditor for
Office 365
Netwrix Auditor for
SharePoint
Netwrix Auditor for
VMware
Netwrix Auditor for
Network Devices
Netwrix Auditor for Windows Server
• Changes to configuration of Windows-based servers,
DNS, Services and more.
• State-in-time information on configurations
• User activity video recording
Netwrix Auditor for
Active Directory
Netwrix Auditor for
Windows File Servers
Netwrix Auditor for
Oracle Database
Netwrix Auditor for
Azure AD
Netwrix Auditor for
EMC
Netwrix Auditor for
SQL Server
Netwrix Auditor for
Exchange
Netwrix Auditor for
NetApp
Netwrix Auditor for
Windows ServerNetwrix Auditor for
Office 365
Netwrix Auditor for
SharePoint
Netwrix Auditor for
VMware
Netwrix Auditor for
Network Devices
Netwrix Auditor for Windows File Servers
• Changes to files, folders, shares and permissions
• Successful and failed access attempts
• State-in-time information on configurations
• Data Discovery and Classification
• File Analysis
• Risk Assessment
Netwrix Auditor for
Active Directory
Netwrix Auditor for
Windows File Servers
Netwrix Auditor for
Oracle Database
Netwrix Auditor for
Azure AD
Netwrix Auditor for
EMC
Netwrix Auditor for
SQL Server
Netwrix Auditor for
Exchange
Netwrix Auditor for
NetApp
Netwrix Auditor for
Windows ServerNetwrix Auditor for
Office 365
Netwrix Auditor for
SharePoint
Netwrix Auditor for
VMware
Netwrix Auditor for
Network Devices
Netwrix Auditor for EMC
• Changes to files, folders, shares and permissions
• Successful and failed access attempts
• State-in-time information on configurations
• Data Discovery and Classification
• File Analysis
• Risk Assessment
Netwrix Auditor for
Active Directory
Netwrix Auditor for
Windows File Servers
Netwrix Auditor for
Oracle Database
Netwrix Auditor for
Azure AD
Netwrix Auditor for
EMC
Netwrix Auditor for
SQL Server
Netwrix Auditor for
Exchange
Netwrix Auditor for
NetApp
Netwrix Auditor for
Windows ServerNetwrix Auditor for
Office 365
Netwrix Auditor for
SharePoint
Netwrix Auditor for
VMware
Netwrix Auditor for
Network Devices
Netwrix Auditor for NetApp
• Changes to files, folders, shares and permissions
• Successful and failed access attempts
• State-in-time information on configurations
• Data Discovery and Classification
• File Analysis
• Risk Assessment
Netwrix Auditor for
Active Directory
Netwrix Auditor for
Windows File Servers
Netwrix Auditor for
Oracle Database
Netwrix Auditor for
Azure AD
Netwrix Auditor for
EMC
Netwrix Auditor for
SQL Server
Netwrix Auditor for
Exchange
Netwrix Auditor for
NetApp
Netwrix Auditor for
Windows ServerNetwrix Auditor for
Office 365
Netwrix Auditor for
SharePoint
Netwrix Auditor for
VMware
Netwrix Auditor for
Network Devices
Netwrix Auditor for SharePoint
• Changes to farm configuration, user content and
security, permissions, group membership, security
policies
• Read access auditing
• State-in-time information on configurations
• Sensitive data discovery
Netwrix Auditor for
Active Directory
Netwrix Auditor for
Windows File Servers
Netwrix Auditor for
Oracle Database
Netwrix Auditor for
Azure AD
Netwrix Auditor for
EMC
Netwrix Auditor for
SQL Server
Netwrix Auditor for
Exchange
Netwrix Auditor for
NetApp
Netwrix Auditor for
Windows ServerNetwrix Auditor for
Office 365
Netwrix Auditor for
SharePoint
Netwrix Auditor for
VMware
Netwrix Auditor for
Network Devices
Netwrix Auditor for Network Devices
• Successful and failed attempts to change network
device protocols, ports or connection limits
• Successful and failed attempts to login directly
• Successful and failed VPN logon attempts
• Scanning threats
• Hardware issues
Netwrix Auditor for
Active Directory
Netwrix Auditor for
Windows File Servers
Netwrix Auditor for
Oracle Database
Netwrix Auditor for
Azure AD
Netwrix Auditor for
EMC
Netwrix Auditor for
SQL Server
Netwrix Auditor for
Exchange
Netwrix Auditor for
NetApp
Netwrix Auditor for
Windows ServerNetwrix Auditor for
Office 365
Netwrix Auditor for
SharePoint
Netwrix Auditor for
VMware
Netwrix Auditor for
Network Devices
Netwrix Auditor for Oracle Database
• Changes to roles and permissions, settings and audit
policy, databases, triggers, views, and more
• Content changes
• Login activity
• Data access
Netwrix Auditor for
Active Directory
Netwrix Auditor for
Windows File Servers
Netwrix Auditor for
Oracle Database
Netwrix Auditor for
Azure AD
Netwrix Auditor for
EMC
Netwrix Auditor for
SQL Server
Netwrix Auditor for
Exchange
Netwrix Auditor for
NetApp
Netwrix Auditor for
Windows ServerNetwrix Auditor for
Office 365
Netwrix Auditor for
SharePoint
Netwrix Auditor for
VMware
Netwrix Auditor for
Network Devices
Netwrix Auditor for SQL Server
• Changes to SQL Server objects and permissions,
server instances, roles and databases, tables and
stored procedures, etc.
• Logon auditing, both failed and successful
Netwrix Auditor for
Active Directory
Netwrix Auditor for
Windows File Servers
Netwrix Auditor for
Oracle Database
Netwrix Auditor for
Azure AD
Netwrix Auditor for
EMC
Netwrix Auditor for
SQL Server
Netwrix Auditor for
Exchange
Netwrix Auditor for
NetApp
Netwrix Auditor for
Windows ServerNetwrix Auditor for
Office 365
Netwrix Auditor for
SharePoint
Netwrix Auditor for
VMware
Netwrix Auditor for
Network Devices
Netwrix Auditor for VMware
• Changes to vCenter and its servers, folders and
clusters, resource pools, hardware configurations of
virtual machines
Netwrix Auditor for
Active Directory
Netwrix Auditor for
Windows File Servers
Netwrix Auditor for
Oracle Database
Netwrix Auditor for
Azure AD
Netwrix Auditor for
EMC
Netwrix Auditor for
SQL Server
Netwrix Auditor for
Exchange
Netwrix Auditor for
NetApp
Netwrix Auditor for
Windows ServerNetwrix Auditor for
Office 365
Netwrix Auditor for
SharePoint
Netwrix Auditor for
VMware
Netwrix Auditor for
Network Devices
Security Challenges Resolved by Netwrix Auditor
IT can’t assess security posture
and determine which assets
need the most protection.
Proactively identify and
mitigate IT security weak
spots, and prioritize data
protection efforts.
Lack of actionable intelligence
makes it hard to prevent policy
violations and data breaches.
Gain full control over user
permissions. Lock down
overexposed data, prevent data
breaches and privilege abuse.
Incidents go unnoticed. Noise
and alert fatigue make it hard to
discern real threats.
Quickly identify real security
threats with alerts on
anomalous activity and details
about high-risk user accounts.
IT security teams can’t ensure fast
and consistent response or analyze
attacks to understand how they
could have been stopped.
Reduce incident response time;
trace attacks step by step to learn
from them and prevent similar
incidents from happening again.
PREDICT
RESP OND DETECT
PREVENT
P R O B L E M
S O L U T I O N
P R O B L E M
S O L U T I O N
P R O B L E M
S O L U T I O N
P R O B L E M
S O L U T I O N
Netwrix Auditor Benefits
Detect Data Security
Threats, both On Premises
and in the Cloud
Bridges the visibility gap by delivering
security intelligence about critical changes,
configurations and data access in hybrid IT
environments and enabling identification
of security holes and investigation of
anomalous user behavior.
Pass Compliance Audits
with Less Effort
and Expense
Provides the evidence required to prove
that your organization’s IT security
program adheres to GDPR, PCI DSS,
HIPAA, SOX, FISMA, NIST, GLBA, CJIS,
FERPA, NERC CIP, ISO/IEC 27001, and
other standards.
Relieves IT departments of manual
crawling through weeks of log data to get
the information about who changed
what, when and where a change was
made, or who has access to what and
helps automate software inventory tasks.
Increase the
Productivity of Security
and Operations Teams
Netwrix Auditor Benefits
Bridges the visibility gap by delivering security intelligence about critical changes, configurations and data access in hybrid IT environments and enables
continuous assessment and mitigation of IT risks, as well as detection and investigation of anomalous user behavior.
Discover, classify and secure sensitive data
Continuously assess and mitigate data security risks
Prevent privilege abuse and data breaches
Identify high-risk user accounts and investigate abnormal user behavior
Receive alerts on threat patterns
Detect Data Security Threats, both On Premises and in the Cloud
Netwrix Auditor Benefits
Provides the evidence required to prove that your organization’s IT security program adheres to GDPR, PCI DSS, HIPAA/HITECH, SOX, GLBA, FISMA/NIST800-
53, NIST SP 800-171, FERPA, CJIS, NERC CIP, ISO/IEC 27001 and other standards.
Easily pinpoint the location of data your are required to protect
Enable control over security policies
Take advantage of out-of-the-box compliance reports
Prove that compliance controls are — and have always been — in place
Address auditors’ questions faster
Pass Compliance Audits with Less Effort and Expense
Netwrix Auditor Benefits
Relieves IT departments of manual crawling through weeks of log data to get the information about who changed what and writing PowerShell scripts to
identify inactive users, report on effective user permissions or perform software inventory tasks.
Keep tabs on what’s happening in your environment
Maintain good IT hygiene
Simplify reporting routines and speed report delivery
Minimize system downtime
Optimize IT workflows with API-enabled integrations
Increase the Productivity of IT Security and Operations Teams
IT AdministratorResolve user issues faster and
free up your day with ready-to-use
intelligence.
Security AnalystIdentify security gaps and
investigate suspicious user activity
in time to prevent real damage.
IT ManagerTake control over your IT
infrastructure, maximize uptime
and eliminate the stress of your
next compliance audit.
IT Director, CIOKeep your IT environment clean, manageable and secure.
Addressing the IT and Business Challenges
CISOPrevent data breaches and
minimize compliance costs.
Role-Based Access Control
Granularly provide various IT and business
teams with appropriate access to security
intelligence and settings
Establish and enforce segregation of duties
top related