Can Netwrix Endpoint Protector (NEP) view detailed file metadata information, such as the document owner of Word files and other document properties?

We need to understand if NEP’s eDiscovery or Content-Aware Protection modules can extract and display file metadata attributes, including but not limited to:

• Document owner/author
• Creation date and modification date
• Document properties (title, subject, company, etc.)
• File system attributes (created by, last accessed, etc.)
• Office document metadata (last modified by, revision number, etc.)

Specifically, we want to know:

Which module (eDiscovery vs Content-Aware Protection) provides metadata visibility?
What specific metadata fields can be viewed and reported?
Can this metadata information be used for policy creation and enforcement?
Is there a way to export or report on file metadata for compliance purposes?

Could you please provide detailed documentation?

Hi Calvin,

Nice to meet you, and thank you for your interesting question.

I can confirm that Netwrix EPP is capable of handling MS Office metadata (Document Properties). You can define a custom dictionary with the strings you are looking for, and this should apply to most of the attributes listed in the “Summary” or “Custom” tabs of Office Properties. This functionality is available in both the CAP and eDiscovery modules. To report these attributes, you need to define them in a custom dictionary and attach it to your policy. Any triggered EPP-associated events will then include these details, and they can also be exported in a report or sent to the SIEM.

Unfortunately, file system attributes like NTFS attributes cannot be used to describe file context.

I hope this helps.

Best regards,
Krzysiek

Hi Sir,

I have verified that there is no problem. Thank you for your reply