Tag Archives: reporter

Product Review – Lepide Exchange Reporter Tool

Exchange 2003, Exchange 2007, Exchange 2010, Exchange 20131 Comment

Lepide Exchange Reporter Tool is the proactive tool for the Exchange administrator. It provides some good reports to monitor the exchange environment and proactively helps administrators to keep the environment healthy and secure. Let’s delve deep into understanding some of the greatest features it offers.

The trial version of Lepide Exchange Reporter tool can be downloaded from the Lepide Website, which supports all legacy versions right from Exchange 2000, Exchange 2003, Exchange 2007, Exchange 2010 and to the latest version of Exchange 2013. It is a simple installable tool which can be installed on any server or client OS with the mandatory requirements demanded of outlook and SQL server. The requirement of the Outlook and SQL server versions needed to suit Exchange environment can be found at the download link given above.

The Lepide Exchange Reporter Tool generates various reports and has been divided as follows:

· Dash View

· Report View

· Mailbox Folder

Let’s get into each of these reports in detail to understand what it is able to provide its Exchange Administrators.

DASH VIEW

The Dash View provides some quick summary view for the administrator to get the following information:

1. Top 5 senders by number of the messages.

2. Top 5 receivers by number of messages.

3. Information Store by EDB and STM Size.

4. Information Store by Mailbox store and Public folder size.

5. Top 5 mailboxes by size.

6. Top 5 OWA users by usage count.

Figure 1. Dash View

REPORT VIEW

The Report View provides detailed information about the exchange environments, which we may need to focus more here. This report view is further divided into three parts: Email flow, OWA Report and General Report.

Email Flow

The Email Flow report is generated from the message-tracking logs and archives all the history log information into the SQL database. The email flow information queries can be filtered on the basis of the required time stamp.

It has mail flow information based on the user, subject, receivers’ and senders’ messages from within and outside an organization. This information can be sorted based on their date and size. Shown below is a reference snap shot.

OWA Report

The OWA Report is one of the important components of Exchange since many of the remote clients can connect OWA through Web browser in order to access their emails. Since these OWA connections majorly come from the internet, it is important to closely monitor them. For instance, sometimes, cyber attaches can happen over OWA, which in turn can adversely affect a user’s access.

The OWA Reports includes information of heavy OWA users, clients and server computers sending high OWA request and download the maximum data.

General Report

The General Report has a lot of information, which is necessary for day-to-day activities and can also be used for upgrades or transitions. It generates many reports, such as:

Directory Reports

It has detailed information of every user’s mailbox, distribution group and other directory objects in the organization.

Message Delivery Reports

It has detail information on every message sent/received in an organization. It also keeps track on the time taken for the message delivered to the target recipient.

Mailbox Information Reports

It provides detail information about every mailbox in an organization. It has information on each and every mailbox’s permission, rules, folder size, item age graph, item size graph, attachment per mailbox, etc.

I found this part to be informative, and hence it is imperative for users to take note on this. Shown below is the reference snapshot.

Mailbox Traffic Reports

It has detailed information on the daily traffic, mailbox-traffic growth, traffic between users and other such useful data.

Shown below is a reference snapshot.

Outlook Web Access

Outlook Web Access has important information to perform the strategic decision on the usage. It has information on the hourly and daily usage and also has information based on every OWA user.

Public Folder Reports

Monitoring public folders is very important to keep them in control. Many organizations do not monitor public folders and these folders grow enormously over a period of time. Public folder reports provide vital information like growth graph, along with the size, content, permission and restriction of the public folder.

Server Traffic Reports

Server Traffic Reports help to understand an email sent from and received of every domain based on the count and also has the traffic comparison graph between the domains.

Given below is the reference screen shot.

Storage Reports

Storage Reports have the most important report to keep the storage growth under control. Generally after the initial build of an Exchange server, expansion of storage is not easy. Sometimes there can be limitation of expansion slots or companies may not have the budget for expansion. Sometimes database grow enormously over a period of time for various reasons. Storage reports helps to provide information on Mailbox size growth graph and Information store size growth graph. Monitoring these reports will help to predict the data growth to plan for the expansion. They also help in identifying abnormal mailbox growth.

Mailbox Folders

Mailbox folders are the last report on Lepide Exchange Reporter tool which help administrators to access public folders and content of various mailboxes. It allow administrators to review the details of every mailbox folder and generate a report in the easy understandable format. For instance, report can be filtered on the basis of its date; and exported in various standard formats like CSV, PDF, and DOC etc. These reports are great helpful when huge amount of data needs to be tracked and it’s generate the report with all the minute change in the exchange mailboxes. For example sometimes we may wanted to get the report of mailbox size and its growth or unused mailboxes.

Majority of the reports from this tool are generated from the SQL Server, which is installed along with this tool. This help to generate various history report, where logs are no longer available on the Exchange servers. It scans all the necessary logs from the Exchange servers on the regular basics or based on the schedule time and updates into the SQL servers. Logs Scan schedule can be configure to run “Full Scan” once and incremental scan for the next consecutive runs.

Various logs it scans from the Exchange servers are:

· Messaging Tracking logs

· IIS Logs

· Information Store

· Mailbox Information

In my opinion, Lepide Exchange Reporting tool (http://www.lepide.com/exchange-reporter/) is an excellent tool which can help administrators to keep the environment under control and help in generating various reports for the management, as and when required, without writing any complex scripts. This is a tool that needs to be configured once and schedule it to collect reports on a day-to-day basis in order to generate a customized report, whenever needed. The reports, thus generated, can also be used for sizing, when you are upgrading your Exchange environment to a higher or to the latest versions of Exchange.

Netwrix Active Directory Change Reporter

Exchange 2007, Exchange 2010, Exchange 2013Leave a comment

Auditing is one of the most complex activities of the Windows Active Directory. Monitoring the changes and reporting immediately makes it very challenging for administrators. I would say that Netwrix Active Directory Change Reporter is one of the best tools available in the market with comprehensive collection of features to audit changes in Active Directory and report on them. It has a very robust way of checking, if any modification/change was done to Active Directory objects. It uses both Active Directory event logs and also takes the Active Directory snapshot to compare the data and get a consolidated report on who made the changes, what was changed, when and where exactly. These changes are logged into a local database and are stored in the SQL server for reporting purposes. It is a unified solution for a complete Active Directory auditing, reporting and monitoring.

The Latest version of Netwrix Active Directory Change Reporter is 7.2.721 and it is available in two flavors, Freeware and the fully loaded Enterprise Edition. Free version has limited functionality features and can be used for an unlimited time period. Enterprise version has lots of auditing and reporting options which will make the life of an Active Directory administrator easier and allow him to get necessary data right in the finger tips. It can be evaluated free of charge for 20 days.

Netwrix Active Directory Change Reporter tool supports Active Directory starting from Windows 2000, Windows 2003, Windows 2008 and even the latest Windows 2012 Active Directory environment.

Requirements:

It has other basic technical requirements to function.

1. Intel or AMD Processor with Minimum of 2 GHz for 32 bit processor or 3 GHz for 64 bit    processor is recommended

2. Memory 2 GB and above

3. Minimum of 50 GB disk for installation and an addition space for user, event and other necessary logs.

4. Active Directory permission to query an Active Directory

5. SQL server – SQL server 2005 Express Edition or above with an advanced service of SQL server, SQL server reporting tool and permission to generate reports.

6. Group policy management console to audit Active Directory Group Policy.

Required details of the tool can be found below link.

http://www.Netwrix.com/download/QuickStart/Active_Directory_Change_Reporter_Quick_Start.pdf

Native Active Directory tools do not provide a great flexibility to audit Active Directory changes and to report immediately. Raw data generated by the Windows native tools are always difficult to understand, analyze and it is an extremely time consuming process to analyze tons of logs. Most the times it is too late to analyze the logs as they would be overwritten. Netwrix solution for Active Directory Auditing overcomes these problems by saving the data in the SQL server.

There are also agents available for installing on the domain controller and these agents are optional. It helps to compress the data across the network and it is necessary if a change reporting tool is collecting data over the slow network but it should not make much of a difference if you are on a high speed network. Definitely it would be recommended to have agents installed in order to make the best utilization of all available networks.

Netwrix Active Directory Change Reporter also has some supporting tools like Group Policy Change reporter and Exchange Change Reporter. These two go very well with the Active Directory Change Reporter. Group Policy changes are critical and must be executed very carefully. Any mistake in Group Policy changes can have a big impact and not everyone in the organization has permission to modify the Group Policy. Netwrix Group Policy Change Reporter comes in handy to get complete details of the GPO with the details like who made the change, when was it made and also has details about “before and after” values more modified settings.

Exchange Change Reporter is another additional great component. Exchange is one of the business critical application and any downtime will have a major impact on an organization. Exchange Change Reporter keeps track of any addition, deletion, modification of the exchange attributes and generates reports on the changes. It also provides details about “before and after” values. The tool supports the earlier version of an exchange like the Exchange 2003, 2007 and 2010. The latest version of the Exchange Change Reporter supports Microsoft Exchange Server 2013 environment, which is one of the latest promising product of Microsoft.

­­­­­­Let’s understand some of the features of Netwrix Active Directory Change Reporter and what it can do for us.

It provides in-depth change details about every Active Directory object, its attributes and also includes security changes. Changes can be addition, deletion or modification of Active Directory objects and It includes complete details like, who made the changed, what was changed and where.

It provides a real time reporting where an administrator or the security team can be notified with an email or SMS immediately after the change is detected. It also integrates with Microsoft SCOM using SCOM Management pack which captures Active Directory data and feeds into the SCOM for reporting and alerting. It also provides flexibility to integrate with other third party reporting tools available in your organization.

All reporting information is stored in SQL Server, where an administrator can manually query, generate custom and automated reports. Reporting is one of the key features and it can generate some predefined reports for the purpose of compliance regulations like SOX, HIPAA, GLBA, and FISMA. As these regulations require storing the data for later review the tool provides the long-term storage option. These long-term storages can be also at different servers other than the SQL server. By default, the long-term audit archiving is done for 24 months and these settings can be changed, if required. It can also generate daily reports with all the change details performed during the previous day. The product provides an administrator with a console view and gives a great flexibility to query and generate reports with ease.

Any kinds of accidental changes have to be rolled back immediately and this tool provides option to roll back all accidental or unwanted changes using roll back wizard. Performing this kind of roll back/restore operation using native windows tool is cumbersome and has many limitations. This tool performs a smooth, quick and an easy roll back from all kinds of accidental or unwanted changes. This overcomes any downtime, security risk or ill effects caused due to accidental changes.

It can be easily installed on any workstation with latest Windows OS like Windows 8 or on a server OS like windows 2012. It just has to be setup once and it runs forever. It can query and manage multiple domains from a single installed machine and can even manage multiple domains with its own unique settings. This gives lot of flexibility to manage and modify the settings based on the business requirement.

It provides an easy option to query and generate default and custom reports from the management console. It has got all necessary filters like timelines (from-date and to-date), types/kind of changes, where the changes were made and it also provides an option to specify an individual domain and individual forest. It has a great flexibility, which helps to get any data from any domain and any forest within no time. Finally, once you have all the data in the report then it can be easily exported into CSV, Excel, PDF, Word or even a Tiff format.

Reports come in an easy understandable format with color coding. Actions like adding, removing, modifying all highlighted with different colors. Most importantly, it gives clear information on who made these changes, when they were made and what was done. With this you can find all the necessary data/reports from one location and you really don’t have to depend on multiple logs or have in-depth knowledge to analyses and understand the logs from different locations.

Active Directory snapshot is one of the best features of this tool. It takes Active Directory snapshot at multiple points and keeps it in the database. It helps to look back at a specific AD object and what settings were in the past. These details can be viewed through reporting custom queries and these come under an advance reporting tool that requires some configuration before using it.

Real-time altering is one of the key components for any reporting tool to notify on any critical changes. By default Netwrix Active Directory Change Reporter provides the real-time alerts option for the below mentioned groups and you can also add more users or groups, if necessary.

· Changes to Admin Group

· Changes to Domain Configuration

· Changes to any Active Directory Object

These real-time alerts can be sent via email or a text message right to the mobile device.

Netwrix Active Directory Change Reporter is very easy to install and configure. It needs some necessary configurations to function as required and these configurations can be made easily using wizards. Supported by other tools like Group Policy Change Reporter and Exchange Change Reporter it provides a great management option for IT administrators and security team. It will save a lot of time and energy of the administrator helping to avoid writing custom scripts or manual/LDAP queries to get the data for auditing or management purposes.

With this, I would like to finish my article saying that “Netwrix Active Directory Change Reporter is a great tool which is helpful for IT administrators and security teams”.

Use this link download Netwrix Active Directory Change Reporter: http://www.netwrix.com/active_directory_change_reporting_freeware.html