Netwrix Threat Prevention 7.5 delivers advanced AD event filtering, streamlined alerting, and broader platform support—empowering teams to reduce noise, respond faster, and stay resilient.
Want to be notified of future product updates?
Are you subscribed to this category? If not, or if you're not sure, expand me to see how!
What’s Changed in Netwrix Threat Prevention 7.5
Advanced Policy Filters for AD Events
Take event filtering to the next level with precise, per-event include/exclude rules based on event data values, including old/new attribute values. Supports simple to complex logic, similar to GPO advanced filters.
For example, you can collect from “DC1” only events with event names starting with “a” and collect from “DC2” only events with event names starting with “b”.
Agent Upgrade Improvements
- Minimize downtime by replacing only the AD Monitor DLL instead of upgrading the entire agent. This simplifies updates and supports strict change control policies, enabling quicker compatibility fixes, such as for Microsoft’s Patch Tuesday changes.
- Eliminate reliance on NTLM/NetBIOS during upgrades for a more secure and efficient process.
Repeat Alert Suppression
Prevent alert floods that impact system responsiveness by setting suppression intervals for repeat alerts, ensuring smoother operations and improved stability.
SYSLOG Output Viewer
Streamline troubleshooting & validation by testing SYSLOG output natively, reducing dependency on third-party tools and ensuring seamless data flow.
Email Alerts for License Expiration
Avoid service disruptions with automated email notifications, allowing proactive renewal and uninterrupted security monitoring.
Database Maintenance for Archive DB
Improve system performance and ensure compliance by managing database size and retention policies, preventing excessive storage growth and performance slowdowns.
(Optional module) Enterprise Password Enforcer (EPE) Updates
Passphrases
Enhance user flexibility by allowing longer passwords to be treated as passphrases, simplifying compliance without weakening security.
“X of Y” Rule Enforcement
Simplify policy complexity by allowing enforcement of only a subset of password rules.
Multi-Language REST API Support
Enable localized password policy feedback in the EPE API, ensuring seamless enforcement across different languages.
Miscellaneous Updates and Bug Fixes
Windows Server 2025 Agent Support
The 7.5 release introduces agent support for Windows Server 2025.
Jumpbox Support
Improve threat visibility by accurately attributing events to the actual source host, eliminating confusion caused by domain controllers in Jump Box environments.
New NAS Devices Support
Strengthen coverage across modern storage environments with added support for Qumulo, Nutanix, Dell PowerStore, and CTERA.
Bug Fixes
| Build | Fixed Issue |
|---|---|
| 7.4.0.176 | 377758: SUVP (MS Patch Tuesday) 25-03 support 378015: Don’t keep Adtrace log by default 378689: ADWS log level is “DEBUG” by default |
| 7.4.0.164 | 374941: Exchange 2019 CU15 support |
| 7.4.0.163 | 374172: SUVP (MS Patch Tuesday) 25-02 support |
| 7.4.0.159 | 369357: Upgrade from StealthINTERCEPT Server 7.3.9 to (NTP 7.4) Netwrix Threat Prevention Server 7.4.0 |
| 7.4.0.157 | 369897: Update to 7.4 preventing PowerShell scripts from referencing groups with special characters in name 371447: Exchange: 25-01 .NET updates support 372415: NTP is missing computer deletion events 373486: LDAP trace log grows even with disabled trace when LDAP Bind policy is Enabled |
| 7.4.0.149 | 342815: PWNED Database is not downloading automatically (via Schedule) works manually 365125: Brute force attack not ignoring failed logins with expired password 370069: SUVP (MS Patch Tuesday) 25-01 support |
| 7.4.0.127 | 367335: SUVP (MS Patch Tuesday) 24-12 support 365219: Exchange: 24-11 .NET updates support 364959: Exchange: KB5044062 for 2016 CU23 and 2019 CU13-14 support 366313: Exchange: KB5049233 for 2016CU23 and 2019 CU13-14 support |
| 7.4.0.102 | 364047: NTP - Install package is not signed properly with the certificate: Content type: Cert. |
| 7.4.0.95 | 342078: NTP Policy - Not adhering to exclusions for NTDS.dit BLOCKING- Ignore SYSTEM Account set but Events still coming in |
| 7.4.0.94 | 360662: Agent is enabling LDAP Interface Diagnostic Logging |
| 7.4.0.90 | 359550: SUVP (MS Patch Tuesday) 24-10 support 354845: CSR Requests getting Denied due to Missing Fields |
| 7.4.0.77 | 354789: NTP - AD Attributes Filter - User Account Modifications monitoring |
| 7.4.0.71 | 342078: NTP Policy - Not adhering to exclusions for NTDS.dit BLOCKING- Ignore SYSTEM Account set but Events still coming in 351057: NTP - DC win 2012 R2 continues reboot after agent upgrade from 7.3 356344: SUVP (MS Patch Tuesday) 24-09 support 356486: Issue – Some events are being captured and some are not – All users are being added to the group 356581: Authentication lockdown policy does not save ‘allow’ filters settings in some cases |
Plan Your Upgrade
Netwrix Threat Prevention 7.3.9 will reach its end of support life on October 15, 2025. To learn more, please read the Netwrix End-of-Support Policy.
Need help with this update?
There are many different ways to get help with our products!
| Situation | Action |
|---|---|
| If you feel the product is broken and not working as intended… | Contact Support |
| If you have a question you’d like to ask other experts… | Create a discussion in the community: Threat Prevention > Discussions & Questions |
| If you have a feature request… | Let our product team know directly: Threat Prevention > Ideas |
| If you have something cool to show… | Show everyone what you built: Threat Prevention > Show & Tell |
What are your thoughts?
We are always happy to hear from our users on what you like, and what you hope to see in the future. Please, share your thoughts below!