“User Manager Pro Suite has saved us more man-hours than just about any other product in our organization.”

Don C. Webb | Manager of Support Services
– Our Lady of the Lake Regional Medical Center
 

User Manager Pro Suite is a Windows security management solution that provides the granular control and oversight needed to effectively control the Windows systems dispersed throughout the enterprise.

With User Manager Pro Suite organizations can efficiently manage the daily operations of the IT infrastructure, minimize the threat of security breaches in the network, and rapidly resolve system problems as they arise.

The Suite consists of five products that each contribute an element of security, management, and reporting into one comprehensive solution:

  1. User Manager Pro – Modify and report on groups, users, passwords, registries, policies, audit settings, rights, and more en masse.

  2. Random Password Generator – Secure your systems by generating complex, unique local administrator passwords for each machine on the network.

  3. Password Recovery Console – Allow authorized users to access and recover current local administrator passwords via a secure and audited web interface.

  4. NTFS Permissions Reporting – View the permissions of all files and folders across every system in the enterprise in one comprehensive display.

  5. Web Reporting – Permit authorized users to access, sort, and filter detailed reports through an audited web interface.


Key Features:

  1. Modify and report in real-time on all accounts, groups, memberships, rights, policies, registries, and settings

  2. Report in real-time on all shares and share permissions, NTFS permissions, group memberships, WMI, and much more

  3. Generate unique local administrator passwords for every system and securely recover them on demand with the password recovery console

  4. Access Windows system security and configuration reports via an audited web interface


Key Features:

  1. Identify and remediate systems issues across all of your Windows machines simultaneously, reducing downtime and boosting productivity

  2. Maintain compliance with Sarbanes-Oxley, HIPAA, PCI, KonTraG, the Combined Code and other security auditing requirements by frequently changing local passwords and generating detailed security configuration reports

  3. Increase security by preventing unauthorized programs and malicious software from running


Block Malicious Software

When a virus, worm, or other type of malicious software hits a network, the standard procedure for remediating the attack is to disable and delete the virus, and then apply the proper Microsoft-supplied Windows patch.

However, infected systems can become so overloaded by a virus that they are unable to apply the required patches and hot fixes. In this situation, IT administrators must remove the system from the network and then manually terminate the virus process and manually clean the infected system. Only then will system activity subside enough to accept the patch. This procedure often involves a physical visit to each infected machine, which can quickly accumulate into hours spent fighting the attack on just one system.

Using patented Access Control List (ACL) management technology called Cratering, User Manager Pro Suite can identify and block malicious software from executing on client systems, rendering it harmless and preventing propagation throughout the enterprise. Cratering removes the existing default permissions on the virus file and replaces them with a single ACL "Deny" entry set to "Everyone:Full." This locks out all access to everyone, including the operating system. The virus is unable to start and a new infection does not take hold since the disabled virus file cannot be overwritten.

IT administrators can even take the proactive step of using Cratering to insert a series of files with known virus names that are ACL locked-out on all machines. If known malware attempts to infect the system, it will be unable to do so because a locked file has already taken its place.

Cratering does not apply only to malicious software. It can also prevent any unauthorized applications from running on clients, helping organizations ensure compliance with their own internal IT security policies.

Identify and Disable Stale Computer Accounts

Stale computer accounts likely exist in most large organizations. But the existence of these accounts is not merely an IT nuisance. Left unmanaged, these accounts are potential security threats that can be exploited to gain unauthorized access into the network.

Fortunately, User Manager Pro Suite can remedy this risk with its handy Computer Accounts Report. This report displays all computer accounts and the system password ages.

Computer accounts exist on domain controllers and there is one account for each machine on the domain. Computer accounts are just like user accounts in that they have passwords, rights, and permissions, and must be authenticated to gain network access. The management of the passwords is automatically handled by the computer and the domain. In an Active Directory domain with default security settings, computer account passwords are automatically changed every 30 days.

The security threat arises when domain controllers have old computer accounts that are still valid. Just because a machine has been removed from its domain does not mean that the computer accounts are automatically removed. Therefore you may very well have valid, unmanaged domain accounts that can be used to access your network. These stale accounts should be disabled for security integrity and to help maintain compliance with regulatory mandates.

The Computer Accounts Report will show you all of the computer accounts in your domain, as well as their password ages. If an account has a password that is 90 days or older, it is typically an indication of a stale account which may become a security concern. Just remember that it is always best to validate that the computer no longer exists, or is no longer a part of your domain, prior to deleting its account.

User Manager Pro

User Manager Pro is the core component of the User Manager Pro Suite that provides mass management and reporting of Windows configuration settings.

User Manager Pro allows system administrators to report on and make changes to local user credentials, groups, rights, registry settings, and more across all Windows systems in the network in a single operation.

You’ll have convenient access to real-time reports on all of the system data collected by User Manager Pro, with the ability to modify settings directly from the interactive reports. These extensive reports can be provided to security auditors to verify that you are in compliance with regulatory standards.

User Manager Pro is multi-threaded, giving it the ability to work quickly in environments with distributed sites, and it operates without having to install agents on clients.

This product is certified for use on and with Windows Server 2008 R2. Support is available to customers who deploy the product on Windows Server 2008 R2 during their evaluation and who are under a current support agreement.


Key Features:

  1. Modify and report on all users, groups, memberships, shares, auditing, and more

  2. Block malicious software and other unauthorized programs from executing on client systems

  3. Locate and remove all rogue users, groups, files, shares, and permissions

  4. Secure and report on all Windows groups, including the administrators group
Random Password Generator


Frequently changing administrator passwords is a daunting task, but Random Password Generator, in the User Manager Pro Suite, simplifies the process. The product automatically updates every built-in local administrator account with a unique password that conforms to your organization’s security policy.

You’ll be protected against unauthorized users gaining peer-level access to your enterprise, and the potential exposure of vital corporate resources. You’ll also maintain compliance with Sarbanes-Oxley, HIPAA, PCI DSS, and other regulatory mandates that require reasonable controls against the compromise of local account credentials.


Changing Administrator Passwords

Random Password Generator can change the administrator passwords for every Windows system on your network in just a few minutes, without the need for scripting or any customizations. The frequency of randomization can be scheduled according to your organization's security best practices. Password changes are audited, and failed changes are automatically retried. The cryptographically complex passwords can be set for up to 127 characters, and are secured within the host system. Delegated users can also retrieve current passwords on demand using the Password Recovery Console component of the User Manager Pro Suite.

Random Password Generator, first released in 2001, is the most mature product in the privileged account password management market.
Password Recovery Console


When your administrators and Help Desk staff perform common systems maintenance tasks, they may require access to administrator credentials. Password Recovery Console, included in User Manager Pro Suite, lets delegated users retrieve the current local administrator password through a secure web interface.


Recovering Administrator Passwords

This web-based application can be accessed from any networked system and configured to allow your delegated users to retrieve the local passwords that have been set and stored by Random Password Generator. With Password Recovery Console’s granular control, administrators can delegate access for recovery of particular accounts, or groups of accounts, to appropriate staff. Authorized users can quickly retrieve the local administrator passwords for their managed accounts via any web browser. A full audit trail of all password recovery operations helps verify your organization’s compliance with security regulations.
NTFS Permissions Reporting

One aspect of a secure network is knowing which accounts have access to which files and folders. NTFS Permissions Reporting, part of User Manager Pro Suite, generates this information for all of your Windows servers and workstations, in one comprehensive display.


Access Permissions

Once you view the permissions assigned to users or groups, you can edit them to remove unwanted or incorrect entries and guarantee appropriate access.

NTFS Permissions Reporting queries your servers and records the NTFS permissions information into a SQL Server database which can be displayed directly through User Manager Pro or the Suite's Web Reporting component.

NTFS reports, like all reports generated by User Manager Pro Suite, can be stored indefinitely, allowing you to track trends and changes over time.


Generating Reports

Generating NTFS security reports requires only a few simple steps:

1.

Create an NTFS Security Report
The first step is to select the list of systems to report on. Next, specify the directory paths to enumerate (list) and those to exclude. Note that complex wildcard options are available for both inclusion and exclusion.

2.

Review the Retrieved Data
NTFS data retrieval can be done on a scheduled basis or immediately via a manual report through the user interface. In the manual case, we see the result as a pop-up dialog that appears as soon as the data has been retrieved.

3.

Export Formatted Data
The data immediately returned can be sorted and exported. Reports can be emailed, an arbitrary program can be run on the data, or the data can be analyzed using our Web Reporting module.

4.

Report on NTFS Data Dynamically, Ad-Hoc
Because the data sets collected are large and complex, you would normally use the scheduled report generation option. In this case, your large permission data sets would populate your SQL Server database overnight while your systems are lightly loaded. During the day, you can select any of the data sets via a web interface and do ad-hoc queries on the collected data from the previous night, or any previous security data capture.
Web Reporting
Your administrators and auditors require convenient access to information about the status and configuration of the Windows systems in your enterprise. At the same time, you need to secure this data from unauthorized sources.

Web Reporting, included in User Manager Pro Suite, lets you balance these two initiatives. It allows all reports generated by User Manager Pro to be viewed through a delegated and audited web interface, ensuring that only appropriate staff has access to sensitive information. The constant, real-time stream of system and security data created by User Manager Pro are stored in your current SQL Server or MSDE database. From there, the data can be instantaneously accessed by Web Reporting though any browser.


Compliance Reports

All logons, logoffs, and report retrievals are audited. Access to the web portal is controlled by Windows group memberships, and access to the reports is controlled by group memberships and report type. The stored reports generated by User Manager Pro can be exported into Excel spreadsheets to share with security auditors, or sorted and filtered so that specific information can be located quickly.