Group Policy Auditing

Given the risks associated with Group Policy changes, we think it’s important that organizations have a structured and proactive approach to Group Policy auditing. We believe that, due to how busy and stretched the modern IT department is, the solution should be easy to install, simple to use and realistically priced. With this in mind, we created LepideAuditor for Group Policy. We’ve made it easy to instantly see who, what, where and when changes are made, and even allow you to roll back the entire Group Policy Object to its previous ideal state. It comes with more than 40 predefined Group Policy audit reports and real-time alerts that make light work of what would otherwise be a very manual process.

Over 5,000 Organizations Use LepideAuditor to Protect Their Businesses Against Data Breaches

How We Help to Audit Group Policy Changes

Our Group Policy auditing solution can help you monitor every change made to your Group Policy objects in real time. You can easily track any changes made to security setting policies, password policies, software restriction policies and much more with their before and after values.

  • Intuitive DashboardThe Radar is the first screen that appears upon starting LepideAuditor for Group Policy Objects. It displays all changes made to group policies in an easy-to-understand format. Our solution shows the top 10 modified GPOs, GPO modification trends, top active administrators who have made the most changes and other trending graphs. In addition to this, you can view the all changes by trend, changes by criticality, top active admins and more for the entire domain (Active Directory, Group Policy and Exchange Server). The LiveFeed also shows real-time updates about changes made to Group Policies.
  • Granular ReportsWe keep track of all Group Policy changes as they happen, showing you all changes made to specific policies, links, states and more. We offer a single log for a single change displaying simply who, what, where and when the changes were made. We then provide this data through over 40 Group Policy audit reports to help you address all manner of security, IT operations and compliance challenges. All of our reports are easy to search, filter, customize and save as needed. You can customize any of the modification reports to focus only on specific policies or operations. These reports can be saved on the disk and delivered at scheduled intervals through email or by saving at a shared location in CSV, PDF or MHT formats. You can also delegate access to selected reports and users through a secured Web Console. Read more
  • Real Time Alerting To fully complement your reporting, it’s vital that you get notifications of changes as they happen. Using our real-time alerting feature, we can alert you based on the condition of a single event or operate on threshold conditions determined from time and event-based criteria. We deliver these alerts either direct to the console, as updates in the LiveFeed, as emails or as push notifications to the LepideAuditor App. The threshold feature allows you to send a single alert for similar types of changes occurring in the defined interval. You can further enhance the alerting mechanism with our script execution feature that lets you execute your customized script to perform automated actions upon detecting critical events.
  • Rollback Changes It’s inevitable that at some point a change will occur within your Group Policy that you did not intend for or want. Using our solution, we enable you to instantly restore an entire Group Policy Object to a previous ideal state whilst leaving all other Group Policy Objects intact. This feature lets you maintain the security of your IT environment. Read more
  • Compliance Reports Concerned about meeting compliance mandates? LepideAuditor offers numerous inbuilt reports dedicated to helping you satisfy multiple compliance mandates, including HIPAA, PCI, FISMA, GLBA, SOX, GDPR and more. Specific predefined reports for Group Policies are also included in the solution to enable you to satisfy these difficult mandates quickly and easily. Read more
  • Mobile App To enable IT teams to keep track of Group Policy changes while on the move, we introduced a mobile app for LepideAuditor. This App is available for any Apple device (such as an iPhone or iPad) or to any Android phone or tablet. It provides a live feed of Group Policy changes, such as modifications in user configuration policy, audit policy, password policies and more. Read more

Want to see the award-winning LepideAuditor in action? Schedule a Demo
What We Audit in Group Policy

Track All Modifications Made to Group Policy Objects

Our solution enables you to track all modifications made to Group Policies such as created, deleted, modified, renamed, linked and more. Whether a group policy is applicable only an organizational unit or entire domain, we help you audit it. The audit data is displayed in the predefined audit reports, which you can create a long-trail of the changes to identify the anomalies in the modification trend.
Read more

See Both the Before and After Values of Changes

Naturally, you need to know whether a Group Policy has changed, but the real value comes from the context. Our solution shows you the before and after values for every change to improve the level of detail in every report. This will help enable IT teams to make quicker decisions and resolve IT issues faster through improved systems management.

See Changes Made in Security Setting Policies

Security group policies include the policies for IP security, network settings, auditing, registry, wireless networking, event log and more. These policies come in handy to ensure the security settings in the IT environment. Any unwanted or unplanned change can damage the IT security of the organization. LepideAuditor lets you undo such changes over time with its real-time detection and alert mechanism.

See All Changes in Password Policies

Numerous password policies are enabled and configured to maintain IT security. Any unwanted changes in such policies can lead to a security breach. LepideAuditor tracks such changes, records them, shows them in audit reports and generates real-time alerts to notify you before it is too late.

Audit Changes in Software Restriction Policies

Software restriction policies are used to block users from installing unwanted software applications; including ransomware or malware. If any such policy is modified, the chances for installation of unwanted applications, especially a malware, are increased greatly. LepideAuditor tracks all changes made to software restriction policies and notifies you in real time.

See the State of Group Policy Objects on any Selected Date

Lepide GPO Auditor periodically captures backup snapshots to save the state of Group Policy Objects. In addition to restoring entire Group Policy Objects, our solution also generates reports to show the state of Group Policies on selected dates. It shows a historical view of common settings, delegation settings, values, link status and other information regarding the group policies.

Prepare an Incident Response Mechanism

At Lepide, we know the cost of an unwanted change made in the Group Policies. Such changes have to be detected and reversed before it is too late. The inbuilt alerting mechanism lets you execute your own custom script to perform any automated action. For example, if a software restriction policy has been changed, you can execute a script to re-enable it or you can disable the user who has changed it. The inbuilt Object Restoration feature lets you restore the entire Group Policy Object to a previous ideal state.

Securely Delegate the Viewing of Audit Reports

To allow for separation of duties, we also enable IT teams to determine which reports could be delegated to which users. The administrator can create accounts for different users, who will then be able to logon at a secured based Web Console to view their authorized set of reports. No reports other than delegated ones will be displayed.

Read all reviews

Read all stories

More from Lepide

What is UPnP and is it Safe?

UPnP is something that all of us have probably come into contact with without even realizing. It automates the process of device discovery and connectivity across a network.

Learn More ->
Why Visibility is the C-Suite’s Greatest Security Risk

This whitepaper will help you to understand where you are vulnerable in terms of cyber security risk and what you can do to fix the problem.

Learn More ->
“On the Fly” Classification Introduced into LepideAuditor 19.1

The latest version of LepideAuditor introduces key new functionality to help users with data discovery, classification and user/entity behavior analytics.

Learn More ->
  • +1(0)-800-814-0578
  • |