Maintain network security and compliance by tracking critical Group Policy Object (GPO) changes, monitoring user logins, analyzing account lockouts, spotting malicious insiders, and more.

Features and benefits

  • Receive Active Directory alerts and monitor changes in real time: Record any change in Active Directory, 24×7. Get instant notifications when changes occur, including who did what, from where, and when.
  • Monitor user logon activity: Get a detailed report of users’ logon and logoff activity, whether they happen via workstations or terminal services.
  • Get a complete audit trail for privileged user activity: Track what administrators do. Get details about activities carried out by other privileged accounts as well.
  • Audit file access activity: See what files and folders users are accessing. Track every activity they carry out on a file, including reading, deleting, copying, or moving files.
  • Detect anomalies instantly: Get alerted about unusual events—such as logons during non-business hours or dubiously high invalid logon attempts—before they lead to catastrophe.
  • Perform context analysis of events: Leverage profile-based event trackers, filters, and event fetching rules to view every change and event from a broader perspective and easily detect incidents.


Other salient aspects

  • Report & alert profiles: Configure your own event trackers and alerts
  • Printer auditing
  • File integrity monitoring
  • Dedicated privileged account monitoring
  • Organized data archiving
  • Removable storage auditing (Win 8 & above)
  • “Before and after” picture for every change (for Windows 2008 & above)
  • Pre-packaged IT compliance reports for SOX, HIPAA, PCI, FISMA, and GLBA