Go Up
You are here: DeploymentDeployment PlanningNetwrix Auditor Server and Client

Netwrix Auditor Server and Client

Physical or Virtual?

It is recommended to deploy Netwrix Auditor Server on the virtualized server – to simplify backup and facilitate hardware configuration updates. Netwrix Auditor client can be deployed on a physical or virtual workstation, as it only provides the UI.

You can also consider virtual and cloud deployment options provided by Netwrix.

Domains and Trusts

You can deploy Netwrix Auditor on servers or workstations running supported Windows OS version. See system requirements for details.

NOTE: Installation on the domain controller is not supported.

If you plan to have the audited system and Netwrix Auditor Server residing in the workgroups, consider that in such scenario Netwrix Auditor Server cannot be installed on the machine running Windows 7 or Windows Server 2008 R2.

Domain trusts, however, may affect data collection from different data sources. To prevent this, consider the recommendations and restrictions listed below.

If Netwrix Auditor Server and the audit system reside... Mind the following restrictions...

In the same domain

No restrictions

In two-way trusted domains

No restrictions

In non-trusted domains

  • The computer where Netwrix Auditor Server is installed must be able to access the target system (server, share, database instance, SharePoint farm, DC, etc.) by its DNS or NetBIOS name.

  • For monitoring Active Directory, File Servers, SharePoint, Group Policy, Inactive Users, Logon Activity, and Password Expiration, the domain where your target system resides as well as all domain controllers must be accessible by DNS or NetBIOS names—use the nslookup command-line tool to look up domain names.

  • For monitoring Windows Server and User Activity, each monitored computer (the computer where Netwrix Auditor User Activity Core Service resides) must be able to access the Netwrix Auditor Server host by its DNS or NetBIOS name.

In workgroups

  • The computer where Netwrix Auditor Server is installed must be able to access the target system (server, share, database instance, SharePoint farm, DC, etc.) by its DNS or NetBIOS name.

  • For monitoring Active Directory, File Servers, SharePoint, Group Policy, Inactive Users, Logon Activity, and Password Expiration, the domain where your target system resides as well as all domain controllers must be accessible by DNS or NetBIOS names—use the nslookup command-line tool to look up domain names.

  • For monitoring Windows Server and User Activity, each monitored computer (the computer where Netwrix Auditor User Activity Core Service resides) must be able to access the Netwrix Auditor Server host by its DNS or NetBIOS name.

In the next sections you will find some recommendations based on the size of your monitored environment and the number of activity records (ARs) the product is planned to process per day.

NOTE: Activity record stands for one operable chunk of information in Netwrix Auditor workflow.

Simple Deployment

In this scenario, you only deploy Netwrix Auditor Server and default client, selecting Full installation option during the product setup.

This scenario can be used for PoC, evaluation, or testing purposes. It can be also suitable for small infrastructures, producing only several thousands of activity records per day.

If you plan to implement this scenario in bigger environments, consider hardware requirements listed in the Netwrix Auditor documentation.

Distributed Deployment (Client-Server)

In this scenario, multiple Netwrix Auditor clients are installed on different machines.

For distributed deployment:

  1. First, install Netwrix Auditor Server and default client, selecting Full installation during the product setup.
  2. Then install as many clients as you need, running the setup on the remote machines and selecting Client installation during the setup. Alternatively, you can install Netwrix Auditor client using Group Policy – see Install Netwrix Auditor Client through Group Policy for more information.

NOTE: Default local client will be always installed together with the Netwrix Auditor Server in all scenarios.

Go Up