The Digital Guardian Platform from Fortra (formerly HelpSystems, acquired in late 2021) is a cloud-delivered data protection platform purpose-built to stop data loss by both insiders and outsiders on Windows, Mac and Linux operating systems. Additionally, Digital Guardian User Activity Monitoring enables users to detect, investigate and mitigate suspicious user actions to ensure sensitive data doesn’t get out. And Digital Guardian for Data Discovery provides visibility and auditing of sensitive…
N/A
Netwrix Auditor
Score 8.6 out of 10
N/A
Netwrix Auditor is designed to enable auditing of the broadest variety of IT systems, including Active Directory, Exchange, file servers, SharePoint, SQL Server, VMware and Windows Server. It also supports monitoring of privileged user activity in all other systems.
According to the vendor, Netwrix Auditor eliminates these blind spots by delivering complete visibility into all changes to system configurations, content and permissions across the IT infrastructure. Moreover, Netwrix…
Digital Guardian has excellent data-preventing solutions, which locate and protect [that] database that [is] super sensitive. More so, Digital Guardian offers complete coverage of endpoint safety and network monitoring. Again, Digital Guardian has a team of elite professionals, who screens and detect any cyber threats. Finally, Digital Guardian has improvised and detailed attack response, very efficient in making the right controls.
Netwrix [Auditor] is a great tool for any SysAdmin no matter the company size. Licensing is determined by users, not employee count, and that makes it a great product from a small business to an enterprise application. The time savings coupled with the increased productivity is a key factor is determining this tool over other products.
Email data leaks - DLP software must prevent certain actions to work well. Let's say you try to copy and paste an SS # to an email, or upload sensitive data to your personal email account. Guardian Edge can prevent that, and then alert administrators that it happened
Unauthorized file copies - Guardian Edge can also prevent users from copying files from a sensitive restricted area to somewhere else where they might be able to more easily exfiltrate it. A good example would be from a company file share to a less secure server or their own home drive
Alerting Administrators of suspicious activities - Any time a user uploads a file to an upload service or personal email, it is logged and reported as an event to be reviewed. If it found nothing in scanning the data, it will still notify you that it happened so you can review it yourself to confirm it wasn't a false negative.
Netwrix Auditor performs the audit collection process in a method that does not burden the systems it is auditing. It usually just pulls the log and event logs data from the machine it is auditing and then performs the extraction of the information in these files on the Netwrix Auditor server. This reducing the audit processes to only pulling log data from the server but does not keep the server busy processing the data.
Once the log data has been pulled from a server being audited, Netwrix will store the log data in a compressed form in its Long Term Archive. This allows the database to be kept smaller than the all the data being kept in the Log Term Archive and therefore makes creating reports much faster since the database is not as big as it could be.
Since Netwrix Auditor uses standard Microsoft SQL Server and SQL Server Reporting Services (SSRS) to perform reporting, working with the results of the audit is much easier. Anyone who knows SQL Server and SSRS can work with the data and create their own reports.
The predefined reports that come with Netwrix Auditor cover most of the items required to properly report on the status of a system. They have many predefined reports for FedRamp, PCI, HIPPA, and other compliance regulations.
We have renewed already the licensing of the product minus SQL Server and Oracle Database because the organisation believes the modules are very expensive and have identified a different product for auditing Databases Other modules are very important like the User Activity monitor, AD queries that we can not get from the native AD itself or you have to run complicated powershell scripts! Easy to use interface Pre-defined Reports Easy way to subscribe to important alerts e.g Privilege account group membership changes
Netwrix is easy to use; it has a simple reporting system and modules for each area, e.g., exchange, active directory, and Azure. The user interface is quite basic but easy to navigate and is only seen by administrators anyway. Reports can be generated that are meaningful and in a clear format.
Customer support has always been fast and helpful when we run into any issues. The smaller issues are usually resolved within a day or two. It is great support and I feel like I am in good hands anytime an issue comes up. However, we don't run into many issues
Make sure you trial the software and understand the fundamentals of each module that you are interested in Make sure you get the buy in from both Management and most importantly your team members (the product users) for a successful implementation Watch the webinars of the product from the product website
DG is the only DLP platform I've used at my current employer. I used it at my previous employer as well, and we ended up abandoning future deployments of it due to many problems caused by it, especially with web browsers. This was in 2015, rather than the 2018 version I used with my current employer, but I feel it still warrants mentioning. DG works great...when it works. When it doesn't, it's a disaster.
I can only compare it to SolarWinds. Their similar products have larger foot prints and seem a little clumsy in comparison. The Netwrix product turns on a lot of the auditing options that were required for the product to work properly where it seemed I had to do a lot of manual tweeking with the SolarWinds product.
