Skip to main content

What's New in Netwrix Auditor v10.9

New Features

State-in-Time for Azure Files

Netwrix Auditor delivers a full suite of State-in-Time permission reports for Azure file shares mounted via Server Message Block (SMB), using the same layout as on-premises file server reports. See State-in-Time Reports for Azure Files for additional information.

The available reports include:

  • Account Permissions
  • Folder and File Permission Details
  • Folder Tree View
  • Excessive Access Permissions
  • Duplicate Files
  • Largest Files
  • Stale Data by Folder

Risk Assessment for Azure Files

Netwrix Auditor extends Risk Assessment coverage to Azure Files alongside on-premises file shares. See Risk Assessment Overview for additional information.

Risk calculations cover:

  • Files and folders accessible by Everyone
  • Potentially harmful files
  • Direct permissions
  • File and folder names containing sensitive data

Hybrid Inactive User Risk: Active Directory and Entra ID Combined

The Inactive Users risk calculation now correlates logon activity from both on-premises Active Directory and Microsoft Entra ID simultaneously. This eliminates false positives where cloud-only authentication didn't register as user activity. See Hybrid Accounts for additional information.

Major Enhancements

Per-Host Visibility in Windows Server Monitoring Plans

The new Monitored Computers tab in Windows Server monitoring plans lists each resolved host individually. See Monitored Computers for additional information.

  • Health status: Per-host status covering Activity Records collection and State-in-Time
  • Filter and search: Search by name, source item, or status (Healthy or Take action)
  • Drill-down: Error messages and agent version for each host

User Activity Monitoring: Computer Exclusion within Organizational Units

User Activity Monitoring plans support item-level exclusion within monitored Organizational Units. See User Activity Data Collection for additional information.

  • Selective exclusion: Exclude specific computer objects from monitored Organizational Units
  • Consistent interface: Uses the same exclusion workflow as in Windows Server Auditing

Workstation Field for Isilon Activity Records

Netwrix Auditor for File Servers (Isilon) extracts and displays the Workstation field from native Isilon/OneFS audit events. See Dell Isilon/PowerScale Configuration for additional information.

The field appears in:

  • Search
  • Reports
  • Subscriptions
  • Exports

gMSA Support for Inactive Users Tracker

Inactive Users Tracker supports group Managed Service Accounts (gMSA) as the data collection account. See Inactive Users Tracker with gMSA for additional information.

  • No manual rotation: Eliminates manual password rotation
  • Least privilege: Aligns with least-privilege security practices