Home      Order overview      Newsletter      Authors      About      Contact


BTSoftware BV



  Desktop Tools

  File Managers





  PDF Tools



  Remote & Telnet

  Network Tools



  Multi Media






  System Tools












Buy / Order



Version: Latest

Date: 2015

CPTRAX for Windows


Real-Time Change Auditing for Active Directory, Group Policy, Server File System and Server Authentication Events

CPTRAX for Windows provides real-time enterprise-wide alerting and auditing for your Windows and Active Directory environments.

Functionality is provided in four separate modules (you select those modules critical to your needs):

  • Active Directory Auditing including schema changes
  • Group Policy Objects (both those portions stored in Active Directory and Sysvol)
  • Windows Server File System change (file, folder, permission changes plus share level activity) and who accessed files (when and from where)
  • Windows Server Authentication tracking including login and failed login activity

Use CPTRAX to advance your IT compliance efforts relating to:

  • Sarbanes-Oxley (SOX)
  • Gramm-Leach-Bliley Act (GLBA)
  • Financial Services Authority (FSA)
  • Payment Card Industry (PCI) Compliance
  • Health Insurance Portability and Accountability Act (HIPAA)

Auditing for Active Directory | Group Policy | Server File System | Server Authentication
CPTRAX for Windows has four separate auditing and reporting modules that enable you to purchase only the modules that you need:

  • Active Directory Real-Time Auditing and Alerting
    - By object class for create, delete and modify
    - By attribute for add value, remove value and modify value (includes before and after values plus rollback ability)
    - By specific object or by wildcard including path
    - By schema definition changes including new object classes and attributes created
    - Real-time alert examples:
    + Any change to administrative groups
    + Any time a user's account is locked out
    + Any change to designated admin or non-admin accounts
    + Alert based on event thresholds being reached such as too many users being created

Windows Server File System Real-Time Auditing and Alerting

  • Server File and Folder changes, optionally including name of Share used
  • Server File and Folder permission changes and ownership changes
  • Server File access including open, create, rename (move) and delete
  • Real-time alert examples:
    - Any time designated "sensitive" data is deleted, renamed, or moved
    - Any time a file with a specified file extension is created, opened, deleted, renamed or moved
    - Any time permissions are modified on designated "sensitive" data
    - Trigger alerts on high levels of activity such as excessive file deletes

Windows Server Authentication Real-Time Auditing and Alerting

  • Server Authentication activity for Terminal Server and Citrix sessions, Kerberos, NTLM, NTLMSSP and FTP sessions
  • Server Authentication Failures for Kerberos, NTLM, NTLMSSP and FTP sessions
  • Reports include IP address where request originated and login name used and/or attempted (for failed authentications)
  • Real-time alert examples:
    - Any time a designated admin account enters a bad password or is locked out
    - Any time there is a failed login within a specified IP or IP Range
    - Any time a user logs into a specified IP or IP Range
    - Threshold alerting of excessive activity such as logon failures

Group Policy Real-Time Auditing and Alerting

  • By existing GPOs and newly created GPOs
  • By gpLink and gpOptions attributes including changes to link priority
  • By status changes (enabled, disabled including version number revisions)
  • By actual granular level changes made including separate core and non-core files auditing
  • By comparison to predetermined baseline GPO(s) or previous version compare
  • Real-time alert examples:
    - Any change to the Default Group Policy Object
    - Any change to any specified Group Policy Object
    - Activity pattern alerting such as changes to Group Policy Objects over a period of time

Pattern alerts based on event thresholds being reached
You can set boundaries that guard acceptable behavior so you get a warning when something abnormal occurs. Thresholds can be set for any indicator in combination with a time series and/or elements of a breakdown including user, source IP address and object affected (file, folder, Active Directory user or group, GPO and so on). After a threshold is activated, the system generates "pattern alert" which is a message and posts it to your defined alert email addresses.

Purchasing CPTRAX for Windows
CPTRAX for Windows Modules are licensed by the total number of enabled user objects. We also offer alternate per server pricing for the File System Auditing, GPO Audting and Logon/Logoff Auditing modules. To receive a custom quote for CPTRAX for Windows we will need to know the number of enabled user objects or the number of Windows Servers\Domain Controlers where you will be installing CPTRAX.

Please contact BTSoftware for pricing!

Trial Download

Price information

Trial Download Request

Select Product / License Count / Delivery type




Pricing is based on prepayment and excluding VAT / BTW / MwSt / TVA.

Please contact BTSoftware for pricing!

To send in an order at BTSoftware,
please enable Javascript in your browser.

Buy / Order

Last updated : 25-09-2020


BTSoftware BV is now partner of Unified Compliance

BTSoftware BV and Unified Compliance are now partners

BTSoftware BV has partnered up with IronSoftware

BTSoftware BV and Iron Software are now partners

More ...