Version: Workstations with Windows 10 LTS (version 10.0.17763) or newer, Servers with 2016 LTSC (version 10.0.14393) or newer.

Netsurion Open XDR allows you to effectively manage your systems and provides operational efficiencies – reducing IT costs and freeing resources for other duties that increase the business value of your organization. Netsurion Open XDR built-in knowledge base enables you to gather business intelligence providing increased security, performance, availability, and reliability of your systems.

Netsurion Open XDR can monitor all of your Microsoft Windows from a single view. It checks the status and availability of Windows critical processes and it centrally consolidates all the event logs. Through consolidated logging you can monitor the performance, availability, and security of Windows, alerting you to events that have a direct impact on system availability while filtering out events that require no action. Through alerts, knowledge base solutions, and reports, Netsurion Open XDR helps you correct problems long before a catastrophic failure occurs. It also includes reports that allow you to summarize Windows availability.

Once Windows is configured to deliver events to Netsurion Open XDR; alerts, dashboards and reports can be configured into Netsurion Open XDR.

Netsurion Open XDR monitors all the Windows critical events, some of them are given below.

  • Monitoring Windows task scheduler actions such as task finished successfully, task scheduler starts the task and task scheduler failed to start the task.
  • Monitoring Windows firewall activities like port binding permitted or blocked, connection allowed or blocked, allowed and blocked application etc.
  • Monitoring Windows time service events like system time changed, synchronization error, time advertisement service starts or stopped, NTP client fails to send request or does not received response.
  • Monitoring backup and restore operations which are completed, failed, cancelled or started.
  • Monitoring security actions such as remote user logons, user account password reset or changed, user account creation, deletion, changed, enabled, disabled or added to a group.
  • Monitoring certificate requests which are changed, denied or received, certificate service stopped, started, restore and certificate published to active directory.
  • Monitoring Windows active directory object access.
  • Monitoring Windows user logons.

To take advantage of this data source integration and to learn more about alerts, reports, and dashboards, contact your Technical Account Manager (TAM). If you are not currently a Netsurion customer or partner, contact us to learn more.