Ensuring a clean audit trail is essential to administrators and management for compliance, security and operational purposes. A common use case where this is especially important is managing endpoint least privilege policies through Group Policy.
Many organizations utilize Group Policy for pushing least privilege policies to their users. Naturally, those organizations will need additional auditing for those policies to ensure that changes made are appropriate. Given the distributed nature of Group Policy, organizations need a real-time, centralized view into the four W’s (who, what, when and where) of changes – as well as the ability to alert on those changes.
PowerBroker for Windows, our endpoint least privilege solution, can be managed via a Group Policy Extension or outside of Active Directory completely. Accordingly, PowerBroker for Windows will includes features from PowerBroker Auditor for Active Directory so that administrators can track changes made to PowerBroker for Windows rules including all four W’s. Any change to a PowerBroker for Windows policy is captured with details of the pre and post value.
PowerBroker Auditor for Active Directory is part of our PowerBroker Auditing & Security Suite which provides auditing, entitlement enforcement, and helps achieve compliance within Windows and Active Directory environments. This includes auditing of Group Policy changes and events.
This support will be available for PowerBroker for Windows Group Policy Mode, with Web Services support expected in an upcoming release. Current customers of PBW are eligible for a PowerBroker Auditor limited license (PBW Support) and can begin tracking changes in minutes. Check out this screenshot for a representation of a rule being disabled within PowerBroker for Windows.
This added functionality is available to PowerBroker for Windows customers at no additional cost and provides a seamless upgrade as you decide to expand your Active Directory auditing requirements.
For more on how this added capability can help you provide a clean audit trail, request a personalized demo.
Jason Silva, Sr. Solutions Engineer, BeyondTrust
Jason Silva brings over 25 years of solutions and management experience to the industry. Currently serving as Senior Solutions Engineer for BeyondTrusts' Universal Privilege Management Platform, he uses this knowledge to help customers realize the value of our solutions throughout the product lifecycle. Earlier in his career, he found success as a software developer in a global consulting company and spent over four years managing IT and Regulatory Compliance in the banking industry.
Specialties: Microsoft Active Directory, Microsoft Group Policy, Pre and Post Sales Training, Sales Engineering, Enterprise Security Tools, Privileged Access Management