Beyondtrust

PowerBroker Auditor for Active Directory:
Change Control and Compliance Reporting

Pinpoint the "who, what, when and where" behind changes to Active Directory without the operational impacts of native auditing.

Real-Time Auditing and Change Control for Active Directory

PowerBroker Auditor for Active Directory helps IT organizations meet PCI, SOX, HIPAA and other compliance requirements by auditing and alerting on Active Directory configuration changes in real time. Pinpoint changes that introduce security risks, jeopardize compliance, or impact operations  via the solution’s real-time tracking of:who performed each change, what changed (including pre/post values), when the change occurred, and where the change was made.

The solution's centralized database enables both auditing and recovery, delivering a broader set of capabilities than native AD auditing – without the operational impacts. Add PowerBroker Recovery for Active Directory, and you have a continuous backup technology that enables you to both detect and roll back changes, minimizing the risks of business disruptions.

Watch Video: PowerBroker Auditor for Active Directory enables you to quickly and easily roll back changes to AD

Learn how PowerBroker Auditor for Active Directory reveals the
"who, what, when and where" behind changes to AD

KuppingerCole

“The PowerBroker Management Suite is a formidable set of tools for administrators dealing with Microsoft-centric technologies.”

KuppingerCole
Real-time Centralized Active Directory Auditing and Alerting
Audit, alert and report on all changes made in Active Directory in real time without relying on difficult and cumbersome native event logs. Centralized, real-time auditing – including before and after values – helps to quickly identify changes that can impact the security of the environment.
Integration Across the Windows Environment
PowerBroker Auditor for Active Directory is part of a suite of auditing and recovery solutions that track and alert to changes across the Windows environment – from Exchange, to Windows File Servers to SQL Server. A single pane of glass helps administrators more quickly meet compliance needs.
Integration of Audit and Recovery
Leveraging the audit database, PowerBroker Auditor for Active Directory provides a single-click option to rollback or restore an object or attribute that was changed, helping to quickly recover from inappropriate or unwanted changes that could negatively impact the environment.
No requirement for Native Auditing
PowerBroker Auditor for Active Directory does not require any GPO changes or native System Access Control Lists to be managed or defined. IT can leverage native auditing using Microsoft ACS along with PowerBroker Auditor for Active Directory to narrow the search for which audit log contains the needed information, making the process to find and remediate a change much quicker than using native auditing alone.

ACTIVE DIRECTORY AUDITING

  • Reduce risk: Pinpoint changes that introduce security risks, jeopardize compliance, or reduce operational efficiency.
  • Know who has access to what: Monitor access to mission-critical and sensitive IT assets.
  • Ensure accountability: Track the “who, what, when and where” for every Active Directory change.
  • Compare before and after: See old and new values for every change, including host name and originator IP address.
  • Integrate with native management tools: Gain single-click access to item and user histories via integration with native management tools such as Active Directory Users and Computers, Sites and Services, ADSI Edit and others.

REPORTING AND COMPLIANCE

  • Centralize all audits: Access all audit data via a single database, even for multiple AD forests.
  • Customize to your needs: Leverage intuitive wizards to quickly build custom reports and convert any view into a report.
  • Automate reporting: Take advantage of expanded delivery options and formats via SQL Server Reporting Services
  • Confirm compliance: Provide access and change histories for compliance with SOX, PCI, HIPAA and other mandates.

NO NATIVE AUDITING

  • Free yourself from native event logs: Conduct audits without managing SACLs or changing GPOs.
  • Ease native auditing (when required): When Microsoft ACS auditing is required, PowerBroker Auditor can identify which native logs contain needed information.

DEPLOYMENT AND SCALABILITY

  • Speed deployment: Ensure trouble-free deployments with a centralized database, agent and management console.
  • Cover your entire organization: Audit environments with millions of users and thousands of servers.

INTEGRATED CONTINUOUS RECOVERY (Optional)

  • Maintain business continuity: Avoid productivity and revenue losses caused by disasters or accidental deletions.
  • Recover any state: Rely on continuous backups to quickly return to any previous state.
  • Minimize disruption: Recover a full tree, a portion of the directory, selected objects, or individual attributes.

Datasheet

PowerBroker Auditor for Active Directory

PowerBroker Auditor for Active Directory

Download this overview document containing capabilities, highlights and competitive advantages of PowerBroker Auditor for Active Directory. PowerBroker Auditor for Active Directory meets several compliance requirements for auditing, alerting and recovering Active Directory configuration changes. You can easily pinpoint changes that introduce security risks, jeopardize compliance, or reduce operational efficiency via PowerBroker’s real-time tracking.

Active Directory Recycle Bin: What is it, and how can I use it?

1/5/2015

Remember the Windows 95 Recycle Bin? It was a big leap forward to recovering “deleted” files. Well, it turns out that Active Directory has it’s own Recycle Bin for users, groups and computers, and it’s called… wait for it.. the Active Directory Recycle Bin. Here’s the good news about the Active Directory Recycle bin: *... more

BeyondTrust Webcast: Darren Mar-Elia’s 4 Active Directory Change Scenarios to Track

8/20/2014

In our latest webcast, we joined Darren Mar-Elia, CTO at SDM Software, to discuss best practices for Active Directory (AD) change management. Here are some key takeaways from the presentation, followed by a link to a full-length video of the presentation. Mar-Elia kicks things off with a critical insight: that the best AD change management... more

Did you know? Continuous Protection feature

8/21/2013

Did you know that the continuous protection feature in the PowerBroker Management Suite is unique in the market?  You may have heard it referred to as continuous recovery or continuous backup. What is it? – It’s like the undo feature found in MS Word but for Active Directory (AD). PowerBroker Auditor for Active Directory provides... more

Did you know? Create custom audit views and reports with PowerBroker Auditor for Active Directory

7/31/2013

Did you know about the create custom audit views and reports feature in the PowerBroker Auditor for Active Directory solution?  Even though there are already around 200 built-in audit views that ship with the product organizations need to be able to target specific information for their environment and the task that is at hand. Needless... more

Did you know? – Native tool integration

5/29/2013

Did you know about the native tool integration feature in the PowerBroker Management Suite?  PowerBroker solution functionality is available through the native Microsoft administration tools referred to as Remote Server Administration Tools (RSAT).  These are the tools that administrators use on a day to day basis to manage their environment. What is it? – It’s... more

Restoring/Undeleting a GPO

2/24/2012

Have you ever needed to undelete or rollback a GPO, but realized you forgot to back it up or could not remember what changes were made to it? Well, we have had many customers with the same problem. That’s why BeyondTrust Recovery for Active Directory also supports group policy objects (GPO). When group policies are... more

10 Things You Should Know About PowerBroker Auditor for Active Directory

2/21/2012

Rapid installation and minimal training with no reliance on native auditing tools Unmatched scalability and performance (“Our typical traffic volume is more than 1.5 million events per day and Blackbird has scaled-up effortlessly,” Josh Munn, Senior Systems Administrator, The University of Mississippi Medical Center) Real-time collection and alerting for active directory and group policy changes... more

Active Directory Changes Got You Down?

2/17/2012

When active directory goes down, everyone notices. Users cannot log in, applications become unusable and organizations lose money. Let’s face it, even without malicious events, people still make mistakes. Although recovering from directory outages can be streamlined with point in time and continuous recovery solutions such as PowerBroker Recovery for Active Directory, it’s always less... more

See all PowerBroker Auditor blog posts

VMware Plug-in for Retina

The industry's first and only vulnerability management solution directly integrated into vCenter.

DATASHEET VMWARE SURVEY Watch Video

Retina CS Enterprise Vulnerability Management

Delivers large-scale, cross-platform vulnerability assessment and remediation, with available configuration compliance, patch management and compliance reporting.

Learn More Request a Free Trial

Retina CS Enterprise Vulnerability Management

The Cofiguration Compliance Module can be purchased as an add-on to Retina CS, which delivers large-scale, cross-platform vulnerability assessment and remediation.

Learn More Request a Free Trial

Retina CS Enterprise Vulnerability Management

The Patch Management Module can be purchased as an add-on to Retina CS, which delivers large-scale, cross-platform vulnerability assessment and remediation.

Learn More Request a Free Trial

Retina CS Enterprise Vulnerability Management

The Regulatory Reporting Module can be purchased as an add-on to Retina CS, which delivers large-scale, cross-platform vulnerability assessment and remediation.

Learn More Request a Free Trial

Retina Network Security Scanner

Integrated network, web & virtual vulnerability assessment. Retina is the security industry’s most respected and industry-validated security scanner and serves as the engine for our vulnerability management solutions. There is no better option for securing your network from vulnerabilities.

Learn More Request a Free Trial

Retina Web Security Scanner

Rapidly and accurately scan large, complex web sites and web applications to tackle web-based vulnerabilities including cross-site scripting (XSS) and SQL injection.

Learn More Request a Free Trial

PowerBroker Event Vault

Automate and streamline the collection and management of standard Windows event log data and provide scalable and flexible centralized storage in the PowerBroker event database.

Learn More Request a Free Trial

PowerBroker Identity Services

Quickly and easily integrate your Unix and Linux servers into your Active Directory infrastructure.

Learn More Request a Free Trial

PowerBroker Identity Services Open Edition

Available as a free and open source version of PowerBroker Identity Services, giving you the access and flexibility to tailor your Active Directory bridging project

Download Now

PowerBroker for Unix & Linux

Quickly and easily manage root access on Unix and Linux servers, without ever disclosing the system password.

Learn More Request a Free Trial

PowerBroker for Windows

Implement least privilege for your Windows desktop environment, reducing attack surface and driving down costs.

Learn More Request a Free Trial

PowerBroker Auditor
for Active Directory

Track unauthorized changes to Active Directory and Group Policy configurations.

Learn More Request a Free Trial

PowerBroker Auditor
for Exchange

Tracks and reports all changes made to all Exchange Server configurations, groups, mailbox policies, information store changes, and permissions in a centralized audit log.

Learn More Request a Free Trial

PowerBroker Auditor
for File System

Enables tighter security and control over file system resources, including real-time tracking, interactive analysis, and flexible reporting on all key share, file, and folder changes.

Learn More Request a Free Trial

PowerBroker Auditor
for SQL Server

Monitor and review privileged user changes on SQL servers. Easily map your SQL activities with regulatory mandates such as GLBA, SOX, HIPAA, and PCI through consistent auditing and reporting.

Learn More Request a Free Trial

PowerBroker Privilege Explorer

Provides a centralized view of access and privileges, so you can be sure that users have access to the resources they need to do their jobs, and only those resources.

Learn More Request a Free Trial

PowerBroker Endpoint Protection Platform

Formerly known as "Blink", multi-layered security and attack prevention for windows desktops and servers.

Learn More Request a Free Trial

PowerBroker Recovery
for Active Directory

Advanced continuous data protection for Active Directory, providing unparalleled visibility and change control.

Learn More Request a Free Trial

PowerBroker Servers Enterprise

Combine the power of our Unix/Linux root delegation and our AD bridging for an enterprise approach to server compliance

Learn More Request a Free Trial

PowerBroker Password Safe

Automate Password Management for Increased Security across your entire dynamic infrastructure.

Learn More Request a Free Trial

BeyondSaaS

A cloud-based, external vulnerability assessment solution that conducts fast, affordable security assessments of your public-facing network infrastructure and web applications.

Learn More Request a Free Trial

BeyondInsight

Merge privileged account management and vulnerability management solutions into a single, contextual lens through which to view and address user and asset risk.

Learn More Request a Free Trial

Retina Protection Agent

Close the security gap created by systems that can't be reached with remote vulnerability assessments alone with this lightweight agent for local vulnerability assessment, continuous zero-day vulnerability monitoring, and intrusion prevention.

Learn More

Configuration Compliance Module

This Retina CS add-on module defines and manages security policies to monitor compliance with industry and internally developed benchmarks such as Microsoft, NIST, USBCG, and DISA STIGs.

Learn More

Patch Management Module

This Retina CS add-on module seamlessly integrated, automated, agentless Windows patch management closes the loop on unpatched vulnerabilities.

Learn More

Regulatory Reporting Module

This Retina CS add-on module contains automated solutions to help navigate complex corporate policies, government regulations, and industry standards such as SOX, PCI, FISMA, and ISO.

Learn More

PowerBroker Management Suite

PowerBroker Auditor for Active Directory is part of the PowerBroker Management Suite, which provides centralized real-time change auditing for Active Directory, File Servers, Exchange, and SQL, the ability to restore Active Directory objects or attributes, and helps to establish and enforce entitlements across the Windows infrastructure. Through simpler administration, IT organizations can mitigate the risks of unwanted changes and better understand user activity to meet compliance requirements.

Audit and Alert

Audit the who, what, where and when of changes in Active Directory, Exchange, File Systems and SQL, and alert to those changes, providing real-time visibility to address potential compliance concerns

Recover and Roll Back

Provide rollback and restore of any Active Directory changes or deletions, and backup and restore of Group Policy, protecting the business from downtime

Discover and Enforce

Deliver entitlement reporting, ensuring that users have access to the resources – and only those resources – they need to do their jobs

Extend and Enhance

Extend throughout the Microsoft infrastructure, providing more capabilities than native tools and a unified view of changes across Exchange, Windows File Server, and SQL environments

LICENSE EXCHANGE PROGRAM FOR QUEST®/DELL & NETIQ CUSTOMERS

License exchange program for Quest®/Dell & NetIQ customers

BeyondTrust will offer current Quest/Dell (which includes former NetPro) and NetIQ licensees the opportunity to exchange their auditing, recovery, and event log management software licenses for BeyondTrust PowerBroker Auditor licenses on a seat-for-seat basis.

If you’ve had enough of high license fees, big maintenance charges, and low productivity, the BeyondTrust License Exchange Program was designed with you in mind. It makes upgrading to a superior Active Directory security and compliance product fast, easy and very affordable.

Get the details

Vulnerability Management

Identifying, prioritizing, remediating, and mitigating
computer and network vulnerabilities.

Privileged Account Management

Managing user authorization to prevent internal data
breaches and meet compliance regulations.

Fusing
PAM & VM For
Stronger IT Security