Many administrators are aware of the security threats posed by unused or stale AD (Active Directory) accounts - both the user accounts and computer accounts. In order to keep the AD environment safe and secure, it is essential to disable and remove them. For this reason, IT auditors lay special emphasis on stale or inactive accounts. Also, removing such accounts is necessary to meet security compliance in many industries and to keep your company secure.
Important questions to ask yourself:
- How do you know if an account is inactive or not?
- How do you identify such accounts easily?
- And what do you do with such accounts once they are identified?
Active Directory (AD) for many is the main hub for authentications and authorizations for an organization's IT infrastructure. The AD can become difficult to manage due to many reasons. For example, a migrated directory is inherited or no defined process for day-to-day operations were established and documented. To those involved in managing AD, cleaning it up may sound like a novel idea, but the potential to introduce unknown problems into the equation prove to be a great barrier in beginning the process.
What does a messy Active Directory actually mean to you?
- Lots of stale resources
- Little insight into group permissions and access ('group grants')
- Lack of an established, good process for provisioning and de-provisioning accounts
- No defined owners identified or involved
- Problems with operations and monitoring
Why should you clean up Active Directory
- Security - Understand who has access to what, how they received that access, and what they are doing with it
- Group Transformation - Drive consistency across groups for easier management and compliance
- Audit & Compliance - Pass internal and external audits to remain compliant
- Identity Management - Better secure structured and unstructured data with a clean Active Directory integrating with an Identity Access Management (IAM) solution
- Migration & Consolidation - Clean-up Active Directory to facilitate a merger with another organization
ProSight Network Audits - What do you get!
ProSight Network Audit Basic: $500 - for maximum 3 network devices** (more devices available for an additional cost)
- ProSight WAN Watch monitoring only.
- ProSight will collect basic server/workstation info and detailed device info.
- Ongoing ProSight WAN Watch Monitoring for 1 year
- Progent provides you with all documents and details collected by ProSight WAN Watch and the Reports generated by ProSight WAN Watch.
- Progent will provide the Client with the ProSight Spring Cleaning AD Review document completed by a Progent Microsoft Consultant. This includes identified errors or misconfigurations and recommended remediation.
ProSight Network Audit Advanced: Additional $150 + $9 per server and $5 per workstation
- Customer receives all items in the ProSight Network Audit Basic, plus additional reports.
- Software Inventory, Hardware Inventory and patch level per machine.
- Asset and Health reports for each site.
Sample Reports from ProSight Network Audit Advanced
The following links allow you to download PDF versions of sample reports available with ProSight Network Audit Advanced. These reports are all generated by the ProSight LAN Watch remote monitoring and management platform.
- Asset Summary Report: Displays a summary of all network assets, followed by detailed lists grouped by each monitored device type.
Click here to view or download the sample Asset Summary Report. (PDF, 351 Kb, 6 pages).
- Client Health Standards: Lists a summary of your current health status, recent asset activity, and a concise asset analysis. Includes a graph of devices that are currently operating within standards.
Click here to view or download the sample Client Health Standards Report. (PDF, 188 Kb, 3 pages).
- Computer Audit: Displays a detailed overview of a computer.
Click here to view or download the sample Computer Audit Report. (PDF, 509 Kb, 7 pages).
- Computer Health Standards: For each monitored computer, displays details about the latest scans for standards and health checks.
Click here to view or download the sample Computer Health Standards Report. (PDF, 632 Kb, 10 pages).
- Patch Compliance: Displays the patch compliance of your systems, and details each device and patch that is non-compliant.
Click here to view or download the sample Patch Compliance Report. (PDF, 199 Kb, 3 pages).
- Software List Displays a list of applications installed on each monitored computer.
Click here to view or download the sample Software List Report. (PDF, 1,581 Kb, 17 pages).
- Ticket Summary: Displays Progent's client ticket statistics and charts for the past 30 days, followed by a list of ticket activity.
Click here to view or download the sample Ticket Summary Report. (PDF, 380 Kb, 5 pages).
* Maximum of 3 network devices, 5 servers or 50 total devices monitored free for the first year, normal costs apply after the promotional period ends. Additional devices can be added to this promotion for larger organizations for an additional cost. All results will be presented within 10 business days of an executed agreement.
** Network devices are defined as: Routers, Switches (Layer 3, VOIP, and Switch Stacks), Firewalls and Controllers