CionSystems Active Directory Tools

Active Directory Tools from CionSystems

CionSystems provides an array of turnkey identity, access, and authentication Active Directory tools for the IT environment that supports Microsoft Azure, Office 365, Microsoft Exchange and Active Directory (AD) and other non-Microsoft LDAP/Directory, OpenLDAP, Linux, Google, Salesforce, IaaS clouds, and SaaS application. CionSystems Active Directory tools deliver easy to use systems management application suite with a focus on automated provisioning and de-provisioning, access control, multifactor authentication for application and server logins, attestation, workflows, delegation, simplified management, disaster recovery, group policy management, web application identity APIs, password management, security, monitoring, reporting, management, analysis, diagnostics, and auditing.

Enterprise Identity Manager

Single Pane of Glass for Enterprise Identity Management

Enterprise Identity Manager is A Complete Suite For Managing Identity Access And Authentication For Enterprises.

Over 74% of all breaches involve Access to Privileged Accounts. The mass migration to Remote Workforce enterprise operations has created more Security Gaps and Risks than ever before. Enterprise Identity Manager is an “out of the box” solution to dramatically Harden, Simplify, and Secure enterprise Active Directory deployments – NO SCRIPTS OR CODE required. Enterprise Identity Manager enables swift transition of Active Directory to handle large Remote Workforces, with Real-Time Tracking of ALL changes with Defined Notifications.

Enterprise Identity Manager provides ALL aspects of active directory management and operations management, including:

> Delegation and Workflow
> Self-Service Password Reset (SSPR)
> Deep Insight into complex Active Directory Information
> Disaster Recovery
> Group Policy Objects (GPO’s)
> Real-time Tracking of All Changes with Defined Notifications

Active Directory Manager Pro

Manage your AD seamlessly with a web-based Solution

Active Directory Manager Pro provides full management of the data and information contained within an enterprise’s Active Directory environment. Unlike the Microsoft Management Console (MMC) snap-in for AD, Active Directory Manager Pro provides a rich, web-based graphical user interface that can be securely accessed using any browser from anywhere on the network: on-premise or via secure remote access methods, such as HTTP/S or virtual private networking (VPN).

AD Manager Pro allows IT staff to delegate administration across various security administrators, business units, or other delegation models, which is a key gap in Microsoft’s rudimentary tools. In addition, it supports workflows and approval processes for provisioning and access requests in Active Directory Management. The combination of secure browser access, delegated administration, and workflow capabilities solves several key problems in Active Directory Management that are not addressed by native AD tools:

Minimize human interaction (and therefore, human error) for repetitive, routine, or complex tasks using built-in automation, all without the requirement of heavy coding, customization, or scripting Create, read, update, and delete all objects managed within AD (users, organizations, resources, groups, policies, etc.) using single operations via the browser user interface, or in bulk operations by the batch import Control by role what objects and functions various delegated administrators are allowed to access and invoke within AD Manager Pro Securely manage users, their group memberships, their attributes, and their permissions to applications, SharePoint, files, printers, etc. across multiple domains.

Support for complex, multi-stage workflows and approvals Automated provisioning of AD accounts, including Microsoft Exchange mailboxes, and SharePoint and file/print permissions using the optional provisioning module Better security by providing a centralized application for managing administrative access without requiring complex cross-domain trust agreements or direct console access that are required when using native AD tools Built-in dashboard to view AD health 300 plus built-in reports covering General User Reports, Account Status Reports, Logon Reports, Group Reports, and Service Account Reports, satisfying audit and compliance requirements such as HIPAA, SOX, GLBA, and others.

You can download the Active Directory Manager Pro datasheet here

Active Directory Reporter

Comprehensive, easy-to-use, and cost-effective Active Directory reporting Tool with over 200 out-of-the-box reports

Active Directory Reporter is a simple, easy-to-use, centralized, and cost-effective Active Directory management & reporting Tool. This active directory management application quickly extracts vital data from Microsoft Windows Server 2000+ infrastructure and displays it in an easy-to-understand format. You can easily generate advanced or general reports on Users, Objects, Contacts, Domains, OUs, Groups, GPOs, Computers, exchanges, Files, Printers, and other objects.

Active Directory Reporter has an extensive list of Active Directory Reports with over 200 out-of-the-box reports on the AD infrastructure resources. The web-based interface enables users with no scripting or command-line knowledge to generate reports on AD according to the specific needs of the organization. The Dashboard view helps you and other IT staff to quickly view the AD object status.

Adherence to various external and internal policies can be monitored by periodically generating and analyzing the policy-related reports for Active Directory Management. The scheduled reports and notifications (such as password expiration and email inbox size limit) can be sent to one or more email addresses as needed.

• Over 200 reports for immediate deployment and reporting
• Lower the cost of your regulatory compliance to SOX, PCI, HIPAA, etc.
• Increase visibility into all aspects of Active Directory
• Seamless installation between all Windows Server editions

Active Directory Change Notifier

Proactively tracks and reports on any changes that occur within your AD domain

The Active Directory Change Notifier provides invaluable help to administrators wanting to implement proactive policies by notifying in real-time of all Active Directory changes on one or more domains.

The Active Directory Change Notifier is a flexible, easy-to-use Active Directory Management solution that reports changes to the Directory Services in real-time. Your Active Directory evolves throughout the day, and being aware of all the changes when they happen should be part of any IT Optimization strategy. The Active Directory Change Notifier application enables you to work more efficiently and have the detailed knowledge necessary to make critical decisions.

Once you configure the active directory management application you can rest assured that no changes will occur in the domain’s Active Directory without you knowing about it. The Active Directory Change Notifier offers real-time help so you can detect, troubleshoot, and quickly resolve Active Directory management issues by outlining what has changed and when.

This Active Directory Management application issues comprehensive reports that outline the object, type, date/time, and details of what changed. The Active Directory Change Notifier will give you the full picture and eliminate a lot of the guesswork and headaches that come with not knowing when something was modified.

Multi-factor Authentication – 2FA Authentication

Protect your Windows servers, desktops, laptops, tablets, virtual systems in enterprise and cloud 

Multi-factor authentication assures your data and accounts are protected and significantly reduces the chance of being hacked. It is an additional security layer for your Windows Machines that is designed to prevent anyone from accessing or using your computer, even if they know your username and password. Multi-factor authentication verification reinforces privacy, security, and data protection even when the password is compromised. Imagine unauthorized access to your computer that has everything in it locally or remotely. If the password is compromised then the following may happen:

> The hacker will have access to all your data, critical files, email, contacts, photos, etc.
> Login to all of your internet accounts
> Pretend to be you and send unwanted or harmful emails to your contacts
> Use your account to reset the passwords for your other accounts (banking, shopping, etc.)

One of the most significant security weaknesses in any information system is the password-based single-factor credential that is commonly used to authenticate a user to a system. Security experts widely advocate for replacing single-factor credentials with multi-factor authentication (MFA) or two-factor authentication methods. MFA solutions are dramatically more secure due to their ability to withstand brute force, keylogger, man-in-the-middle, and other common attacks.

Multi-factor authentication is an extra layer of security that requires not only a password and username but also something that only, the user has, something only they should know or have immediately on hand, such as a physical USB disk or a mobile phone to receive OTP (One time Password), Quiz questions or an OTP to external email address. Multi-factor authentication assures your data and accounts are protected and significantly reduces the chance of being hacked by all intruders.

Active Directory Recovery Manager

Quickly and Accurately Backup and Recover Your Active Directory objects

Disasters can occur at any time, such as unwanted schema extensions or irreversible failures in your AD. Any disaster can result in lengthy unplanned downtime causing business-critical applications (Exchange, ERP, financial systems, etc) to be unavailable. If the damage to your AD is extensive, restoring your entire Domain is the fastest alternative.

Implementing the right active directory management tool for comprehensive deletion protection is critical to turning major problems into minor restores. CionSystems offers an easy-to-use, fast, online Active directory backup & restore solution. Accurate backups and recovery quickly after an outage enable you to reduce the time and costs associated with AD disasters and minimize or eliminate the impact on users throughout your enterprise.

Active Directory backup and restore automates the domain backup and recovery process enabling you to restore your AD to a point in time before the directory corruption occurred.

Active Directory Recovery empowers you to recover from inadvertent deletions or changes to your AD data in seconds, not hours. With its remote, online, granular restore capability, you can recover entire sections of the directory, selected objects, and individual attributes.

• Granular or Full Recovery of Active Directory
• Schedule Active directory backup
• Configure your backup source
• Server backup history
• On-Demand Backup

Enterprise Self Service

Active Directory Tools for Password Reset

It is the easiest, most efficient way to manage your organization’s users, computers, resources, and accounts using the Active Directory.

CionSystems Enterprise Self Service – Active Directory Password Reset tool is a state-of-the-art solution for identity administration and access control. The Enterprise Self-Service delivers the functionalities of web access policy creation and enforcement, user self-registration, self-service delegated administration, password management, multi-factor authentication, audit, and reporting. Having 3 access levels provides the flexibility and reach necessary in today’s complex business environment.

Enterprise Self Service – Active Directory tools for Password Reset also expose a web service API for proxy Authentication that can allow you to reuse the existing ID store and also achieve multi-factor authentication. Additionally, you get complete auditing out of the box, no need to write additional code. This web service API is exposed to external clients to authenticate users with Enterprise Self-service applications. The external client just needs to provide the User Name, and password as the first factor of Authentication, and the Second factor to authenticate will be to validate using Security Questions with Answers, OTP over Email  & OTP over Mobile. It supports Active Directory, OpenLDAP, Other LDAP compliant directories, Azure AD, Office365, Salesforce, and Google apps. Control the directory users from the admin portal, set user policies, password dictionary, white list email address, multi-factor authenticator for the device, and access management.

Cloud Identity and Minder

Azure Active Directory (Azure AD) & OpenLDAP Management

Cloud Identity Minder is a cloud-based identity, authentication, and self-service user life cycle management solution and API. Extends existing enterprise Identity store to the cloud and allows SaaS applications to integrate. You can also manage your on-premise Active Directory and OpenLDAP accounts. Cloud Identity and Minder support Microsoft Azure AD and Microsoft Office 365 is a part of CionSystems Active Directory tools.

Cloud Identity Minder is a cloud-based identity, authentication, and self-service user life cycle management solution. Azure Active Directory (Azure ad) & OpenLDAP management tool make your application work with any Identity store located anywhere with simple and easy integration to your SaaS, web, or traditional application. You no longer need to add a special code for each Identity store. The solution provides auditing and workflow as well. Additionally, the application doesn’t need to be aware of the Identity store thereby allowing Identities to stay within the confinement of the existing location (on-premise or cloud). The solution can be deployed in enterprise DMZ or in the cloud.

Supports Microsoft Azure Active Directory (Azure AD), Office 365, Microsoft AD, Red Hat Open LDAP Management Tool, and Centos Open LDAP Management Tool. Empower your end-users to securely reset their own passwords and unlock accounts Track all password activity to support full auditing and reporting Maintain stronger password policies Lower your Help Desk workload and reduce operating expenses Two-factor authentication system Self-signup of users Supports Microsoft AD, Red Hat Open LDAP Management, and Centos Open LDAP Management Easy integration to web application

GPO Manager

The easiest, most efficient way to manage your organization’s Active Directory Group Policies

GPO Manager provides a much easier, more efficient, and more secure way to manage Group Policies, including workflow to manage Create, Modify, and Delete GPO requests, backup/restore, migration, versioning, compare, and much more.

Group Policy Objects (GPOs) are constructs that are stored within Active Directory which allow IT Administrators to control a wide variety of security settings and access permissions. Active Directory Group Policy Management allows user administrators to implement specific configurations for users and computers. Group Policy settings are contained in Group Policy objects (GPOs), which are linked to the following Active Directory service containers: sites, domains, or organizational units (OUs).

Group Policy Objects (GPOs) are at the forefront of an organization’s ability to roll out and control functional security. Core aspects of the user life cycle such as password policies, logon hours, software distribution, and other critical security settings are handled through GPOs. It is paramount for organizations to have proper methods to control the settings of these GPOs and to deploy GPOs in a meaningful and safe manner with confidence, easily backup and restore GPOs when they are either incorrectly updated or corrupt.

CionSystems Active Directory Group Policy Management (GPO Manager) offers a mechanism to control this highly important component of Active Directory tools. GPOs, Scope of Management links, and WMI filters are backed up in a secure, distributed manner and then placed under version control. It is part of CionSystems Active Directory tools.

Microsoft Office 365 and Azure AD Management

Data migration and archiving solution to Manage your Cloud Office365 and AD Azure objects with an on-premises directory

CionSystems Office365/Azure enterprise self-service and cloud identity management simplify and speed up onboarding, migration, compliance reporting, and management for cloud and hybrid environments. It is a bundle of 2 products DirSync O365 and enterprise self-service.

Azure Active Directory Services – Cloud Identity Management Tool (Management of AD Azure and Ofice 365 Objects) is a cloud-based Identity and Access Management (IAM) Solution, It is a centralized on-premise enterprise to Microsoft Office 365, Azure AD cloud identity integration, access management solution. It automates user provisioning, and de-provisioning, and collects auditing data for compliance. Active Directory tools enable migration to the Microsoft cloud in stages via all or a subset of user/group migration from the on-premise directory(Active Directory, OpenLDAP) to the Microsoft cloud. Leverage powerful secure self-service option for password resets, account unlocks for both premise Office 365, and Azure Active Directory Services. Keep the passwords in sync between the on-premise domain to Office 365 and Azure AD cloud.

Automate the Microsoft Office 365, and Azure AD user provisioning/de-provisioning Ties into the on-premise directory. Any on-premise changes are automatically synchronized Bi-directional and it will sync up on a regular schedule or on-demand in order to capture any changes either on the active directory or in the cloud March to the cloud via phased approach deployment/migration Provides compliance reports Tracks all changes Provides a history of all modifications Either on the local network or in the cloud via the tool Supports email migration for on-premise exchange, hosted exchange, POP3 & IMAP CionSystems centralized management for common action from the on-premise tool (no need to login to the portal for common day-to-day functions) Functions performed from this application are tracked as an audit log CionSystems Active Directory tools provide administrator Password reset, email management, and reporting.

CionSystems Active Directory tools are included as part of AD Guardian offerings.