Re: Netwrix & STEALTHbits

[Harry Zahlis <harry.zahlis () FRESNOCITYCOLLEGE EDU>]

> From one of our techs...

We have been using the Netwrix products: "Auditing of Active Directory and Auditing of Windows File Servers" for the 
past 19 months. We have been very happy with our decision on the purchase and the ease of deployment of the products. 

We have use the Active Directory solution to provide us with daily reports on all changes made and to provide us with 
real-time alerts on specific objects in Active Directory like domain admins and other groups that we feel that need 
real time alerting. We are very happy with the reporting feature, the built-in reports and subscriptions have been very 
robust. The advance search feature is a great tool to really go after those items that are to find. We recently needed 
to find items that were in Active Directory and some our objects attributes were changed and reverting back. The 
advance search was critical in achieving a report in a very fast and effective manner to find those objects.

The Auditing of Windows Files servers have also been very critical in logging the type of access to files and folders, 
as we are all aware of when files and folders are deleted and we get the call that all my files are gone. Were able to 
pull reports and find out the who, when, and time that those files were deleted, changed or read.

It has been a pleasure in working with Netwrix

Doug Schreiner
Systems Technical Resource Analyst
Fresno City College

Harry Zahlis
Interim Director of Technology

FRESNO CITY COLLEGE
1101 E. University Ave.
Fresno, CA  93741
(559) 442-8206   Help Desk (559) 443-8670




-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Boyd, 
Daniel
Sent: Thursday, October 20, 2016 5:32 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Netwrix & STEALTHbits

We're currently using Netwrix, auditing AD and server changes in an 80+ server, ~2600 user environment.  I've not 
noticed any performance issues, but I will say that you can't just turn it on and say go.  We get alerts and notices 
throughout the day for everything from AD changes to issues with end points as well as complete recorded RDP sessions 
to our servers.  It took some time to tame the beast.

Most all of our reports are automated and generally cover no more than 24 hours, so unfortunately I can't comment on 
report speed.

We like the visibility and since we all (4 of us on staff) get copied on real-time change notices we can keep each 
other accountable for proper procedures.

Dan


Daniel H. Boyd (94C)
Senior Network Architect
Network Operations
Information Security Advisory Group Chair Berry College
Phone: 706-236-1750
Fax:     706-238-5824

There are two rules to follow with your account passwords:
1. NEVER SEND YOUR PASSWORD VIA EMAIL (TO ANYONE)!!!!!
2. If unsure, consult rule #1



-----Original Message-----
From: Penn, Blake [mailto:blake.penn () SECURITY GATECH EDU]
Sent: Wednesday, October 19, 2016 4:11 PM
Subject: Netwrix & STEALTHbits

Anyone out there had any experiences with Netwrix or STEALTHbits products that you would be willing to share?

Thanks,

Blake Penn
Information Security Policy and Compliance Manager Cyber Security Georgia Institute of Technology
(404) 385-5480