Skip to main content
Netwrix Auditor

Netwrix Auditor


What is Netwrix Auditor?

Netwrix Auditor is designed to enable auditing of the broadest variety of IT systems, including Active Directory, Exchange, file servers, SharePoint, SQL Server, VMware and Windows Server. It also supports monitoring of privileged user activity in all other systems. According to…

Read more
Recent Reviews

TrustRadius Insights

Netwrix Auditor has been widely used by various organizations to address a range of IT auditing and compliance needs. Many users have …
Continue reading
Read all reviews
Return to navigation


View all pricing

What is Netwrix Auditor?

Netwrix Auditor is designed to enable auditing of the broadest variety of IT systems, including Active Directory, Exchange, file servers, SharePoint, SQL Server, VMware and Windows Server. It also supports monitoring of privileged user activity in all other systems. According to the…

Entry-level set up fee?

  • No setup fee
For the latest information on pricing, visit…


  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

69 people also want pricing

Alternatives Pricing

What is Cyral?

Cyral is a cloud-native Security-as-Code solution to protect the modern data layer. It allows engineering teams to observe, secure, and manage data endpoints in a cloud via a sidecar.

What is IDERA SQL Compliance Manager?

SQL Compliance Manager helps database administrators to monitor, audit, and alert on Microsoft SQL Server user activity and data changes. The vendor states it provides quick configuration of audit settings, a broad list of regulatory guideline templates for audit settings and reports, before and…

Return to navigation

Product Demos

Netwrix Auditor for Windows Server - Overview


Netwrix Auditor for Active Directory - Overview

Return to navigation

Product Details

What is Netwrix Auditor?

Netwrix Auditor is designed to enable auditing of the broadest variety of IT systems, including Active Directory, Exchange, file servers, SharePoint, SQL Server, VMware and Windows Server. It also supports monitoring of privileged user activity in all other systems.

According to the vendor, Netwrix Auditor eliminates these blind spots by delivering complete visibility into all changes to system configurations, content and permissions across the IT infrastructure. Moreover, Netwrix Auditor alerts organizations to changes that violate corporate security policies, enabling users to proactively detect suspicious user activity and prevent breaches.

Netwrix Auditor Features

  • Supported: Change Auditing of IT Systems
  • Supported: Configuration Auditing
  • Supported: Access Auditing

Netwrix Auditor Screenshots

Screenshot of Full visibility into changes to critical IT systemsScreenshot of Out-of-the-box Compliance ReportsScreenshot of Customized Reports On-Demand and Easy Data Search

Netwrix Auditor Video

Visit to watch Netwrix Auditor video.

Netwrix Auditor Competitors

Netwrix Auditor Technical Details

Deployment TypesOn-premise
Operating SystemsWindows
Mobile ApplicationNo
Supported CountriesUSA, UK, Australia, France, Germany, Hong Kong, Italy, Netherlands, Spain, Sweden, Switzerland, India, Belguim, Russia
Supported LanguagesEnglish, German, French, Russian, Italian

Netwrix Auditor Downloadables

Frequently Asked Questions

ManageEngine ADManager Plus are common alternatives for Netwrix Auditor.

Reviewers rate Support Rating highest, with a score of 8.6.

The most common users of Netwrix Auditor are from Mid-sized Companies (51-1,000 employees).
Return to navigation


View all alternatives
Return to navigation

Reviews and Ratings


Community Insights

TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!

Netwrix Auditor has been widely used by various organizations to address a range of IT auditing and compliance needs. Many users have found it helpful in monitoring and identifying suspicious activity, generating comprehensive reports, and providing immediate response capabilities for incident management. For example, small organizations have benefited from Netwrix Auditor's ability to monitor failed logins, expiring passwords, and Windows file server activity, giving them peace of mind and enabling them to respond promptly to security threats. Additionally, companies have utilized the software to audit multiple systems including file servers, SQL servers, web servers, SharePoint servers, and Active Directory. This ensures access compliance and helps identify user file access patterns. The program is also being used by infrastructure departments to monitor changes to files, password updates, database changes, and GPO changes while accurately reporting on access to ITAR files. Furthermore, organizations have leveraged Netwrix Auditor for compliance reporting and analysis of activities in their domain, enabling greater insights into trends and occurrences across the entire organization. By utilizing this software solution, ICT departments can ensure compliance and housekeeping of servers by auditing system administrators' work. Likewise, IT departments have found value in conducting IT access rights audits with Netwrix Auditor as it provides visibility into network access while preventing unauthorized activity. The product is also employed by IS Access and IS Server Support teams to track changes for auditors, allowing visibility into modifications made to the internal AD. Moreover, organizations have utilized Netwrix Auditor to audit network accounts and gain visibility into AD modifications for compliance purposes and yearly tech audits. Beyond compliance needs, a law enforcement agency has used the software solution to prove the chain of custody of related files on file servers. Additionally, businesses have found Netwrix Auditor helpful in GDPR and ISO 27001 compliance analysis as it simplifies the detection and remediation of potential issues related to data protection regulations. For security departments within different organizations, Netwrix Auditor has been a valuable tool for tracking specific changes and addressing security problems, such as login failures and changes to user privileges. Research and innovation-focused organizations have also benefited from this product, as it ensures the security and confidentiality of information data while maintaining accessibility across branches. Furthermore, Netwrix Auditor has played a vital role in helping IS security teams monitor and manage changes to AD security setup, simplifying tasks, automating alerts, and increasing understanding of change within the AD environment. Lastly, users have leveraged the software to inspect technology environments comprehensively by generating alerts and daily reports on servers, network switches, locked accounts, file-level accesses, and more. Additionally, Netwrix Auditor logs user logins and sends email alerts for AD changes, providing users with timely notifications and ensuring transparency in the auditing process. With its robust features and capabilities, Netwrix Auditor has become an indispensable tool for organizations across various industries seeking to enhance their IT auditing practices. By offering comprehensive visibility into system activities, accurate reporting, and compliance monitoring, the software enables users to proactively address security threats, maintain regulatory compliance, and ensure the integrity of their IT infrastructure. Whether it's for small organizations looking for peace of mind or larger enterprises needing advanced auditing solutions, Netwrix Auditor proves to be a versatile and valuable asset in achieving effective IT governance.

Helpful Notifications: Several users have found Netwrix Auditor's ability to send warnings to users about expiring passwords and notifications for multiple failed logons to be helpful in preventing lockouts, spotting suspicious activity, and assisting with password changes.

Flexible Customization: Many reviewers appreciate the flexibility provided by Netwrix Auditor's 'Search' function, which allows them to create custom notifications and reports. This feature enables users to monitor specific events and set up email reports tailored to their needs.

Useful Alerts: Users highly value the alerts provided by Netwrix Auditor as they aid in identifying account lockouts, uncovering firewall issues, and offering insights into various aspects of the environment. The alerts are seen as a valuable tool for monitoring and maintaining system security effectively.

User Interface: Some users have expressed that the user interface of the Collector service could be improved to make it more intuitive and less overwhelming. They suggest that certain elements should be better organized and labeled clearly, as they currently find it confusing to navigate through the interface.

Technical Support: Several reviewers have mentioned experiencing slow response times from technical support when reporting issues with Netwrix Auditor. This has resulted in frustration and delays in problem resolution for these users. Prompt assistance is expected, especially for critical issues requiring immediate attention.

Documentation and Training: Users have raised concerns about the lack of comprehensive internal documentation and training materials provided by Netwrix. They feel that more detailed instructions, including videos and guides, would greatly help them learn how to effectively use Netwrix Auditor and maximize its potential within their organizations.

Based on user feedback, the following recommendations have been made for using Netwrix Auditor:

  • Use the virtual appliance option for quick deployment of Netwrix Auditor.
  • Get professional services to help set up Netwrix Auditor for data governance.
  • Plan and clean up Active Directory prior to implementing Netwrix Auditor for better system integration.
  • Understand how the audit trail works for Oracle databases before using Netwrix Auditor for Oracle DB auditing.
  • Install Netwrix on a dedicated server and configure reporting and alerts for maximum benefit.
  • Try out the free version of Netwrix first before purchasing.
  • Gain further insight and operate more efficiently with automated, canned, and customized reports in Netwrix Auditor.
  • Start with the trial version of Netwrix to ensure it meets all needs and supports the creation of custom reports.
  • Take advantage of the full featured trial license of Netwrix to learn about the product and its potential use case.
  • Implement Netwrix Auditor as an auditing tool, emphasizing its affordability.
  • Avoid using Netwrix Auditor if frequent server reboots are not desired and be aware that some users have found the GUI difficult to use.

Attribute Ratings


(1-19 of 19)
Companies can't remove reviews or game the system. Here's why
Score 9 out of 10
Vetted Review
Verified User
We use Netwrix Auditor to inspect and get alerts and daily reports of our technology environment, specifically in regards to servers, network switches, accounts locked out, file-level accesses, etc. Other features include things like logging users logging on to the domain, logging and sending email alerts regarding Active Directory changes, and much much more.
  • Sends alerts via email.
  • Sends scheduled log reports.
  • Keeps track of changes in Active Directory.
  • So far, we haven't experienced any issues with Netwrix Auditor.
Netwrix Auditor is highly recommended for businesses of all sizes, even small ones since they have certain free features that even the smallest of businesses can take advantage of. It will certainly be beneficial for medium to large businesses when they take advantage of the paid features. In a real sense, Netwrix Auditor alerts and reports are an invaluable asset in our environment.
May 06, 2022

Netwrix Necessity

Luke Kuhlow | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Netwrix Auditor is being utilized for current compliance standards, it is a good product that allows for accurate reporting of our active directory events. We use the program to scan across our whole organization, which allows IT a greater look into trends and occurrences. This program has been instrumental in our monthly reporting and analysis of activity in our domain.
  • Great reporting.
  • Easy setup for scheduled deliveries.
  • Easily readable reports.
  • Better alerting for errors in system.
  • Better alerting for occurrences that flag attention.
  • Better consistency checks to ensure data is current.
Useful in medium to large sized businesses where activity should be monitored and cannot be managed through normal personnel operations. Good for smaller IT departments that need to monitor for compliance, but can be a task to configure. Netwrix is not quite necessary for small businesses with few computers and/or managed service providers.
Score 9 out of 10
Vetted Review
Verified User
We use Netwrix Auditor for GDPR and ISO 27001 compliance analysis. Netwrix has pre-configured reports to match company data to ISO 27001 requirements which simplifies the detection and remediation of potential issues.
  • Data Tagging and Auditing
  • Identify the sensitive information
  • Ensure regulatory compliance
  • Better or more pre-defined incident response decisions
Netwrix Auditor is a great product, really easy to deploy and agentless. Pre-defined reports and analysis are really useful, and the product is overall very well designed and understandable.
Waqas Asghar Sipra | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
We are using it in ICT department only and following features are being used:
  • Active Directory Auditor
  • File Server Auditor
  • Windows Servers Auditor
  • VMware Architecture Auditor
  • User Activity Auditor
Through all above we are basically auditing systems administrator and their work over the systems. And specially housekeeping of AD and all other servers to fit with compliance.
  • Full Domain Controller activity monitoring.
  • Video recording of system admins without and limit.
  • VMware user activity monitoring and auditing.
  • Audit user activity over network devices.
  • Windows File Server access monitoring and audit.
  • Cisco with IOS 16 and above is not supported under Network Devices.
  • System Up and Down Status.
  • Reporting.
Best Suited:
If you want audit your systems which are Windows then this tool is best and it also provide details on SQL and Oracle database and also provide good info for AD.

Not Suited:
If you want to audit Linux, Suse or ubuntu or any other operating system other than Windows then don't go for it. It only supports Microsoft Architecture.
Sam Livermore, MCP, iTIL | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Netwrix Auditor is a primary tool used for auditing the who, what, when and where a change was made to the infrastructure. This greatly reduces the time going through logs on different systems and increases productivity. We also employ User videos to get a real view into what was being don one our monitored systems.
  • Collecting logs
  • Providing alerts to email distribution list
  • Showing User videos
  • Collector service failures
  • Better GUI
  • best practice training
Netwrix [Auditor] is a great tool for any SysAdmin no matter the company size. Licensing is determined by users, not employee count, and that makes it a great product from a small business to an enterprise application. The time savings coupled with the increased productivity is a key factor is determining this tool over other products.
Robert Ross | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
We wanted to automate and improve our manual processes for reporting on objects within our active directory environment. Our needs were for internal reporting and for providing reporting as part of our annual audit processes for compliance. The product allowed for us to leverage canned reporting as well as creating scheduled custom reports to provide the information that would have take hours or days to gather by hand without a tool such as this
  • Custom Reporting
  • Canned Reports
  • Customer Support
  • Extending to Other Aspects of Microsoft Environment
  • Custom Reporting Features
  • Stream line of the user interface
  • more depth on One Drive Reporting
Anyone who needs to report on actions taken within active directory or azure and you don't have PowerShell skills this is the product for you. I have used this product to produce reports that auditors have asked for and allow the data to be presented consistently and quickly We have also been able to provide real-time up to minute reports in the event of a security-related event that required to view access or changes to ad objects
Kyle Michelli, CIA | TrustRadius Reviewer
Score 3 out of 10
Vetted Review
Verified User
We used Netwrix primarily for my IT access rights audits, but my understanding is that our IT department also used it. It allowed me visibility into many different aspects of network access and use to prevent unauthorized activity and provide assurance to management. It allowed both a single deep dive and ongoing monitoring.
  • The website trial shows off the features of the software while also teaching how to perform a user access audit.
  • The user interface is very clean, user-friendly, intuitive, and snappy.
  • The software comes with a lot of explanations for the built-in reports to help users understand what the report is used for.
  • The software also makes it really easy to monitor the organization, with alerts for unacceptable actions or for unusual behavior above thresholds.
  • Our IT department spent a long time working on getting some of the features and reports working, with some success, but many reports and features were never fixed after a whole year of working with support. Apparently Netwrix support was responsive, but their fixes often failed to work.
  • My experience with customer support was very negative. I had several instances of emails going unanswered, sometimes but not always because my contact left the company and our account was never handed over appropriately.
  • Technical issues can be time-consuming to diagnose because it's hard to tell if a report is loading slowly, or failing. I don't think this problem is unique to Netwrix, though.
Netwrix is great in situations when the user isn't already strongly familiar with the systems being audited (Active Directory and File Server, in my case). Netwrix was very helpful in explaining the use cases of many reports.
Netwrix might not be helpful for organizations that don't have the spare resources to support it. Be prepared to plow IT staff time into supporting the back end, and also put user time into customizing the software for your particular risk profile and network usage.
Score 8 out of 10
Vetted Review
Verified User
Netwrix Auditor is used mainly by the Security department. However, we often pull information from Netwrix Auditor for other IT departments. It addresses problems relating to figuring out who made specific changes and security problems. Being able to view login failures, changes to users privileges, and so much more information helps us stay on top of things.
  • Provides accurate information
  • Easy to generate reports
  • Easy to filter, after initial learning curve
  • Challenging to learn filter options when first using the product
  • Not much video training provided online for the product
  • Could have better training available (additional guides, videos)
Netwrix Auditor is great for reviewing events that occurred and tracking down the root cause of who/what made specific changes. It also works well for audits revolving around security and user accounts. The only situation I need to use a secondary product for is when I need to track down a specific IP or system. But that is only because of the licenses we have, if we purchased more we could get additional information out of the product.
Score 10 out of 10
Vetted Review
Verified User
Being in the cutting-edge technological industry - visibility into what is happening in the IT environment is a core component of a solid security strategy for any research/innovation-oriented organization. With the implementation of Netwrix Auditor throughout the organization, we keep our entire information data secure and confidential and maintain the accessibility of that data from our branches.
  • Detect security threats.
  • Prove compliance.
  • Bit finicky at times.
Netwrix Auditor is a fantastic product that audits all of the items we need to audit. It will audit file servers, database server, Active Directory Servers, SharePoint servers and a whole lot more. We use it for all of these items and the price did not go up because we added more machine types.
Score 9 out of 10
Vetted Review
Verified User
It is used by two departments, the User Department where I belong and the Security Team along with our Manager and CIO. It addresses auditing who did a change and what changes accounts are privileged do and can review a session of a user who logged into a server at maybe odd hours which could be suspicious.
  • Who has done the changes on systems
  • Password lockouts where it will tell you exactly where a person is locking which can be frustrating if it occurs too many times for one user.
  • It can show you things we rarely look at in our environment e.g on Active Directory things like duplicate group policy settings, empty security groups, computers which have not logged in in a long time thus helping you with your computer inventory.
  • Being able to get the actual device a user is locking in from Exchange Server because if a user is found to be locking out from an Exchange Server we have to look at Exchange Server IIS logs and parse through them using other tools like Log Parser looking for wrong password report. We need to use one product and that is Netwrix Auditor.
  • The software could also show when a server was restarted or rebooted.
When there have been changes to server configuration (User Activity logs this too) you are able to tell who has done them and where the changes were made. It is less appropriate in situations where there is an email missing in one's mailbox and they claim mail has been deleted as this is not captured.
Glenn Jones | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Netwrix Auditor is used by my company to audit all of the systems we use. These include file servers (both Windows and NetApp), SQL servers, web servers. SharePoint servers, Active Directory and many other types of servers. We use it to make certain that staff do not access files that they are not permitted to access, and that they are not attempting to log in into a server that they should not be logging into. This information has come in very useful in the past and will do so in the future. It is also often used by projects to find out what files users who are allowed to access certain files are actually accessing.
  • Netwrix Auditor performs the audit collection process in a method that does not burden the systems it is auditing. It usually just pulls the log and event logs data from the machine it is auditing and then performs the extraction of the information in these files on the Netwrix Auditor server. This reducing the audit processes to only pulling log data from the server but does not keep the server busy processing the data.
  • Once the log data has been pulled from a server being audited, Netwrix will store the log data in a compressed form in its Long Term Archive. This allows the database to be kept smaller than the all the data being kept in the Log Term Archive and therefore makes creating reports much faster since the database is not as big as it could be.
  • Since Netwrix Auditor uses standard Microsoft SQL Server and SQL Server Reporting Services (SSRS) to perform reporting, working with the results of the audit is much easier. Anyone who knows SQL Server and SSRS can work with the data and create their own reports.
  • The predefined reports that come with Netwrix Auditor cover most of the items required to properly report on the status of a system. They have many predefined reports for FedRamp, PCI, HIPPA, and other compliance regulations.
  • Netwrix Auditor needs to improve its loading of Long Term Archive (LTA) data back into the database. I have been trying to load one month of LTA data back into the database for a few months now, but it can take a few days to successfully load just a few weeks of data. I have now started to attempt to load only two weeks of data at a time in the hopes that it will not destroy the data already loaded. I'm still working on this attempt. Netwrix Support told me that the only designed the reloading of LTA to work on a few days worth of data, but I need to be able to possibly seven years of data in the future. They are currently working on a solution to allow me to perform this task.
  • Netwrix needs to simply their database structure so it is easier to create your own reports. If they can't make the database structure any easier, they need to document it much more. The database documentation is very sparse and doesn't really state how you can use the database. There are many items I can find in the database but some items I have just given up on since it can be quite a task to find the data in the database.
  • Netwrix needs to release some form of internal documentation so clients can see what is happening during the audit data collection. I have specialists in certain areas of our systems, such as NetApp file server, ask me how it performs some of the auditing, and all I can say is "I'm not sure, I can ask but they probably won't be able to tell me."
Netwrix Auditor is well suited to perform audit data collection on many types of servers that require audit data to be collected. It runs fairly quickly and usually informs you if something went wrong in the data collection. They do need to have better documentation and some form of internal documentation to help the users who understand what is happening in their system to help them through the process of figuring out when something went wrong.
Score 9 out of 10
Vetted Review
Verified User
We use Netwrix Auditor for auditing of Active Directory and Group Policy changes. It is used by our IS Access and IS Server Support teams. We needed a tool to track changes for our auditors.
  • Notifications on changes to sensitive accounts.
  • Detailed record of Group Policy changes.
  • HTML email reports
Finding changes to security groups and group policy is quick and easy.
Matt Rogers | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Since we are a small organization, my supervisor and I are responsible for all information technology needs. We both use Netwrix Auditor to monitor any suspicious activity and get reports on failed logins, expiring passwords, and Windows file server activity. This gives us great peace of mind knowing that if something goes wrong or someone gains unauthorized access to our systems, we'll be able to respond immediately.
  • Netwrix Auditor sends out warnings to users when their passwords are close to expiring. This saves us some headache, because if they have any problems with changing their password, we can help them before they get locked out.
  • The notifications for multiple failed logons is a lifesaver. Very useful for spotting suspicious activity!
  • I love the way that you can create your own custom notifications and reports through the "Search" function. You can pick the "What", "Where", and "When" for the event you want to monitor and set up email email reports for them.
  • There is a bit of a learning curve. The interface is fairly intuitive, but I think there is room for improvement.
  • There is a LOT of functionality which can be quite overwhelming at first, but in and of itself, not a bad thing.
  • I think this software would benefit from a "Simple" mode and "Advanced" mode. This would ease the learning curve a bit.
I think this software has something for any organization small or large. I think the best scenario to use this software would be if you wanted to keep an eye on suspicious activity. This software gives users the peace of mind that if someone were to gain access (assuming the software is configured correctly) to their systems, that they would be notified.
Kyle Reyes | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
We currently use Netwrix Auditor in our Infrastructure department for a multitude of tasks. We utilize Netwrix Auditor for changes to files, updates to passwords, Databases changes, GPO changes, etc. One major use of Netwrix is for monitoring of access to ITAR files and giving us an amazing tool for reporting on all of the above mentioned uses.
  • The reporting features within Netwrix Auditor are by far the best feature, with a wide range of "pre-built" reports. The ability to create/generate your own reports makes it quite easy to look into the various items being monitored in the environment.
  • The set-up & ease of use of Netwrix is hard to match, not to mention the upgrades. To date, we've only had to contact support for one issue and it was an easy fix once we found the detailed information in their Knowledge Base.
  • Automation features within Netwrix help our daily tasks by ensuring we are not having to constantly monitor Netwrix, this is a huge time saver!
  • The only con I have is that sometimes technical support can be a bit delayed in getting back to us for issues, but it is only slightly so not a huge con by any means.
Netwrix Auditor is a great tool for monitoring a multitude of environments, settings, changes, etc. We currently use Netwrix Auditor for use to monitor Active Directory, File Servers, SQL Servers, and various other items. Netwrix however does not seem to fill any needs for monitoring our VMware environment that I have found to date.
Barry Goldstrom | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
It was used on the law enforcement servers. It provided the information to prove chain of custody of any related files on the file server.
  • Ease of setup
  • Accurate reporting
  • Set and forget automated reporting
  • I can't honestly think of areas of improvement
This is well suited to audit files on a file server to keep track of who is doing what on the file servers. This is a feature that is lacking in a windows server environment.
July 25, 2018

Keeps me honest!

Jose Rodriguez | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Netwrix is used to by our organization to audit network accounts. It provides us visibility into who is making modifications to our internal AD.
  • Auditing account changes
  • Anomaly tracking
  • Easy setup
  • No areas at this point.
It's a perfect product for auditing and keeping the system admins honest. It's easy to use and reporting is incredible. The system to me is flawless because it keeps the admin honest by doing exactly as it's billed. The system performs well and the database integration makes reporting fast and provides all the mechanisms to support our organization.
December 01, 2017

Netwrix Saves Time

Jon Gabriel Bolland II | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Netwrix Auditor is being used across our whole company. Netwrix allows us to audit file use and access, changes to Active Directory, failed logins on SQL, AD, file servers, and email. It gives us visibility and accountability to what is going on in our infrastructure. It helps solve security and accountability problems.
  • It alerts us to account lockouts and helped discover a firewall issue on one of our servers. The alerts and single interface have been very helpful.
  • I get a report on expired passwords and accounts which help me keep my directory tidy.
  • We can get access reports on files and folders which let us know when users are trying to access items they are not authorized to.
  • They have a screen capture function that I have never been able to get to work properly. However, I have never called their support on this issue so it is not necessarily a big ding against them. I am only mildly interested in this feature. We have enough network monitoring so I already know what my users are doing I don't need a capture.
It would not be appropriate for a very small organization that has less than 25 Users. It is great for keeping an eye on larger environments, you can get fairly granular with the reporting and know exactly who changed files, AD accounts, mailboxes, and policies. It is great for visibility into your data and accountability. It is also a useful security tool.
Steven Hiersche, Jr. | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Netwrix Auditor is being used only by the IT department. The primary use was to track active directory changes but it is now also very useful for auditors. During yearly tech audits, we are able to hand over audit logs very easily.
  • The UI is very strong
  • Plenty of reports to generate
  • You can audit many applications including Active Directory, file server, SQL and Exchange/O365
  • We are very pleased with Netwrix
If you need to track who is making changes in your environment and/or provide audit logs to auditors, this is your program!
Score 4 out of 10
Vetted Review
Verified User
Netwrix auditor is being used by our IS security team to monitor and manage changes to our AD security setup. It was chosen to simplify some of the tasks that they need to do, as well as automating alerts and increasing our level of understanding for change within the AD environment.
  • Automated alerts for changes to security within AD. It is able to sends alerts for just about any change within AD.
  • Tracing who changed what within AD. This can be found with AD, but Netwrix auditor makes it a lot more simple to find.
  • Enabling less technical people to have access to the auditing and security information that they need to manage the AD security model effectively. This product frees our technical teams from numerous minor requests for audit logs, tracking, investigations etc.
  • Stability is a concern. Despite running this for over one year, we have had issues with processor utilisation on several business critical servers including SQL servers that have meant that we have had to deinstall the product on those servers. No resolution, despite this being logged with the supplier for some 2 months.
  • Support from the US for UK clients is not up to standard, for the cost of the product and the cost of support we expected better. We are reconsidering our use of this product, despite its good level of reporting and automation of alerts.
Good for IT teams where you lack technical knowledge to properly manage the AD security environment. Poorer value for those teams that already have skilled technical tools and scripts or other tools that automated security alerts. This is the sort of tool that Microsoft should supply as part of AD. What it does, it foes quite well, buy with hindsight, it would have been better to automate using our own skills and other tools.
Return to navigation