AD Change Happens on DCs

Change Happens. Users come and go, their properties change, policy needs are revised, and groups have their memberships updated. Changes are made all over your organization, and they eventually find their way to your Domain Controllers where objects are modified and the changes replicate throughout your organization. Keeping tabs on all of these changes is a tricky proposition, but it’s our job to make it simple here at STEALTHbits.

We all know that changes actually happen on DCs, and when the change happens the actual source DC is stamped on the object, so that's easy to figure out. The much trickier part is understanding where the change request is coming from. It's only on rare occasions that the application making the request is actually on the DC itself, so the vast majority of the time the changes come from elsewhere - and this is where a good product will give you that leg up on the standard change events that Microsoft provides. Armed with the workstation that the change originated from, the protocol used, and the port bound to for the change, you can answer questions like:

• Which of the services that this service account is running on actually made the change? What machine is it on?
• Where does Bob the Administrator make most of his changes?
• Bob just made 250 changes from CindyWorkStation. Is this an intended set of changes, or is someone getting access to Bob's account to make an out-of-bounds change?
• Are my admins making their changes on machines in the same site, or are they reaching outside of site boundaries to make changes on DCs that aren't best for them? Are my sites misconfigured somewhere?

Clearly, this is valuable information and it's annoying that you can't get it from Microsoft's native event logging for AD Changes. Luckily there’s an alternative, and that alternative is StealthINTERCEPT Directory Authority. Direct, in-line integration within the Active Directory event stream itself allows StealthINTERCEPT to elevate hidden change event details to the surface, such as the machine or application a change originated from, providing that missing piece of information that can be critical to making not just good, but informed decisions in the management of your Active Directory implementation.

STEALTHbits Introduces Free Tool to Manage SharePoint Versioning

Glen Rock, NJ – February 23, 2012 – STEALTHbits Technologies, the provider of the industry’s most comprehensive IT management and compliance platform for Microsoft-based systems, applications, and data repositories, today announced the release of StealthTOOLS™ Library Advisor for SharePoint, a free utility designed to quickly identify content versioning issues within SharePoint Document Libraries. Library Advisor for SharePoint empowers data custodians to take part in proactively reducing cost for their organizations while promoting a greater level of security and operational integrity within the SharePoint environment itself by pinpointing which document libraries are causing capacity and other issues.

The task of managing content within SharePoint implementations is daunting for administrators and data custodians, due in large part to the often incorrectly configured SharePoint feature of versioning. STEALTHbits’ Library Advisor for SharePoint, the second product available in the StealthTOOLS freeware product portfolio, is a “plug-n-play” utility designed for anyone who populates, administers, or monitors SharePoint Document Libraries. It aims to solve the versioning dilemma, providing deep insight into Document Library configuration issues, stale documents and versions, best-practice violations, and capacity metrics, allowing technical and non-technical audiences to proactively manage the growth and stability of the Libraries they own.

“Users may not realize that they have hundreds of versions of the same document in their SharePoint environment. When you multiply this by the number of documents created within an organization, it adds up to a significant waste of space,” said Adam Laub, vice president of global product management at STEALTHbits. “With Library Advisor for SharePoint, STEALTHbits allows administrators to quickly and easily identify and eliminate stale or improperly versioned documents to free up space. Our ultimate intention is to help maintain a steady rate of data consumption – or even a decline in data usage – within a SharePoint environment so space can be used most efficiently.”

 The StealthTOOLS Library Advisor for SharePoint includes a robust set of features that enable users to:

• Pinpoint versioning configuration issues such as Libraries with no document version limit
• Identify stale documents and versions as candidates for deletion
• Determine the location of non-Office files consuming space within SharePoint
• Follow Best Practices through the identification of issues with folders, content types, and document metadata
• Gauge capacity limitations and thresholds proactively to avoid potential losses in productivity

Availability
StealthTOOLS Library Advisor for SharePoint is available for download immediately at http://www.stealthbits.com/download-library-advisor-sharepoint

STEALTHbits will showcase its new StealthTOOLS Library Advisor for SharePoint solution at RSA Conference 2012 in San Francisco, February 27th – March 2nd, Booth # 2736. To schedule a meeting at the show, please contact Jordan Bouclin or Bree Bolognese at (401) 490-9700.

About STEALTHbits

STEALTHbits Technologies, Inc. offers the industry’s most comprehensive IT management and compliance platform. Built from the ground up to collect, analyze, remediate, and report on data and systems critical to compliance success, STEALTHbits’ technology platform provides a single, unified framework for the management of Microsoft infrastructure and beyond, truly bridging the ever-widening gap between IT Management & Compliance groups within organizations large and small. Since 2001, STEALTHbits Technologies, Inc. has delivered powerful solution sets that address specific business problems across Active Directory, Exchange, Public Folders, SharePoint, Data and Access Governance, Systems Governance, and BlackBerry and ActiveSync. Learn more at www.stealthbits.com and follow STEALTHbits on Twitter.

# # #

STEALTHbits and StealthAUDIT are registered trademarks of STEALTHbits Technologies, Inc. The STEALTHbits logo and all other STEALTHbits product or service names and slogans are registered trademarks or trademarks of STEALTHbits Technologies, Inc. All other trademarks and registered trademarks are property of their respective owners.

Press Contacts:

Bree Bolognese or Jordan Bouclin

SVM Public Relations

(760) 754-7025 or (401) 490-9700

This e-mail address is being protected from spambots. You need JavaScript enabled to view it or This e-mail address is being protected from spambots. You need JavaScript enabled to view it

STEALTHbits Introduces StealthINTERCEPT™ Directory Authority for Active Directory

New Product Line Offers Precision, Real-Time Control over Directory and File System Activity

Glen Rock, NJ – February 14, 2012 – STEALTHbits Technologies, the provider of the industry’s most comprehensive IT management and compliance platform for Microsoft-based systems, applications and data repositories, today announced the release of StealthINTERCEPT^™ Directory Authority, a new product line solving critical problems related to compliance, data leakage and insider control by providing real-time, in-line analysis of and controls over any directory and file system changes.

Designed to work in concert with STEALTHbits’ award-winning StealthAUDIT^® Management Platform (SMP) or as a standalone solution, StealthINTERCEPT Directory Authority connects directly to directory and server processes to provide in-line activity analysis and subsequent event consolidation, archiving, reporting and response, including alerting and blocking, thus avoiding all of the debilitating limitations of relying on event logs. Guided by a revolutionary rules engine that enables the modeling of any organization’s security processes and concerns, StealthINTERCEPT dramatically streamlines administrator oversight, operational change control and compliance. StealthINTERCEPT provides the same level of control over Group Policy Objects to offer another critical security control to IT professionals.

“The need for more comprehensive security around AD is a growing requirement for most organizations, but mid-size organizations often struggle to keep tabs on changes to their AD environment,” said Scott Crawford, managing research director, Enterprise Management Associates. “With solutions like StealthINTERCEPT, which allow you to discover changes as they’re happening and provide the ability to proactively lock down objects to reduce unauthorized changes before they occur, mid-size organizations have access to more advanced solutions that are appropriately priced.”

 “As a company looking to gain better insight and control over access to our data assets, we were pleased to find STEALTHbits is offering an affordable solution on a single platform to help us more easily pinpoint what changes are being made and by whom so we can protect our AD environment to ensure compliance and security,” said Donald Cordner, assistant director, Computer Services at Temple University. “There’s tremendous peace of mind in having the ability to know not only who made changes, but also what that change was and where it came from, plus the ability to lock down critical AD objects to prevent malicious or accidental changes to critical places in our AD environment.”

StealthINTERCEPT Directory Authority includes a robust set of features that enable IT professionals to:

• Provide forensics and control over improper insider activity.
• Rapidly identify accidental changes detrimental to IT operations, saving time on investigation, remediation and preventing future occurrences.
• Utilize a single point of control for network directories and file systems, including Active Directory, eDirectory, Windows file servers and filers, and Novell File Systems.
• Easily ensure that organizational security policies are appropriately enforced.
• Dramatically reduce time invested in demonstrating compliance.
• Reduce the risk of data leakage.

“StealthINTERCEPT is all about the changes that have an impact in your Active Directory environment – who made the change, where the change came from, and what the changed object looked like before and after,” said Dave Bullas, Active Directory product manager at STEALTHbits Technologies. “Unlike point solutions or event logs that provide only a singular view or answer about these events, StealthINTERCEPT contains a powerful rules engine that provides users the ability to easily capture AD changes and prevent undesirable changes to critical objects using a single, integrated platform. With this new product line, we’re providing an affordable solution that makes it easy to pinpoint what changes were made and by whom to enable greater visibility for AD administrators.”

Pricing & Availability

StealthINTERCEPT Directory Authority is available immediately through STEALTHbits and through select channel partners. Pricing starts at $12 per network user for Active Directory. For more information, visit http://www.stealthbits.com/, email This e-mail address is being protected from spambots. You need JavaScript enabled to view it or call +1-201-447-9300. 

STEALTHbits will present its new StealthINTERCEPT Directory Authority solution at RSA Conference 2012 in San Francisco, February 27^th – March 2^nd, Booth # 2736. To schedule a meeting at the show, please contact Jordan Bouclin or Bree Bolognese at (401) 490-9700.

About STEALTHbits

STEALTHbits Technologies, Inc. offers the industry’s most comprehensive IT management and compliance platform. Built from the ground up to collect, analyze, remediate, and report on data and systems critical to compliance success, STEALTHbits’ technology platform provides a single, unified framework for the management of Microsoft infrastructure and beyond, truly bridging the ever-widening gap between IT Management & Compliance groups within organizations large and small. Since 2001, STEALTHbits Technologies, Inc. has delivered powerful solution sets that address specific business problems across Active Directory, Exchange, Public Folders, SharePoint, Data and Access Governance, Systems Governance, and BlackBerry and ActiveSync. Learn more at www.stealthbits.com and follow STEALTHbits on Twitter.

# # #

STEALTHbits and StealthAUDIT are registered trademarks of STEALTHbits Technologies, Inc. The STEALTHbits logo and all other STEALTHbits product or service names and slogans are registered trademarks or trademarks of STEALTHbits Technologies, Inc. All other trademarks and registered trademarks are property of their respective owners.

Press Contacts:

Bree Bolognese or Jordan Bouclin

SVM Public Relations

(760) 754-7025 or (401) 490-9700

This e-mail address is being protected from spambots. You need JavaScript enabled to view it or This e-mail address is being protected from spambots. You need JavaScript enabled to view it

Glen Rock, NJ (Marketwire.com 9/1/2011) – STEALTHbits Technologies, a leading provider of IT Compliance, Security, and Operational Management solutions for the Microsoft computing platform, today announced the release of a new solution designed to analyze and consolidate Active Directory Security Groups. As an extension to the award-winning StealthAUDIT Management Platform (SMP) for Active Directory, STEALTHbits’ solution aims to reduce the complexity associated with managing and provisioning access to environmental resources through Active Directory, while at the same time increasing customers' security and compliance stature through the reduction of access to data overall.

Despite having spent millions on costly Identity and Access Management (IAM) solutions to prove compliance and increase protection of critical data and resources, many organizations have begun to realize that the underlying issue of inappropriate and often excessive access privileges continues to proliferate. IAM solutions are a must for many organizations today, and while they help to streamline and ease the burden of provisioning access upon their instantiation, they fail to address the decade or more of access that already exists due to Active Directory Groups across both structured and unstructured data repositories like the File System, SharePoint, SQL, and Exchange.

STEALTHbits Technologies’ Active Directory Group Clean-up solution helps organizations of any size to determine where toxic group conditions exist such as circular, deep-level, and improper nesting, as well as duplicate, similar, single-member, and empty groups. Additionally, in-depth analysis of group memberships and other available metadata allows organizations to obtain information such as stale groups no longer in use or who should be designated group ownership through the solution’s “Most Probable Owner” algorithm. Furthermore, all group data can be fed into fully customizable end-user attestation workflows through SMP’s integrated survey engine to verify group necessity, memberships, and configurations, helping to solve the problem now and prevent the problem from occurring again in the future.

“The beautiful thing about this solution is how simple we’ve made it for our customers to do something so difficult,” said Sean Bergman, Product Engineer and Solution Architect for STEALTHbits. “We’re seeing that many of our customers have more Active Directory Groups than User Accounts, which speaks to the magnitude of this issue and the obvious difficulty organizations are having managing Groups on a day-to-day basis. The analysis we’re providing takes all of the complexity out of the equation for our customers and the information we’re bringing to light appeals to multiple groups within organizations, from Operations to Security and Compliance. The price-to-value ratio is off the charts.”

The StealthAUDIT Management Platform is designed to address the toughest business problems across the entire Microsoft ecosystem – from Active Directory to the File System, SharePoint, SQL, Exchange, BlackBerry and ActiveSync, Desktops, Servers, and beyond. Unlike “point solutions” that address only a single issue or area of management, SMP is a truly integrated framework containing all the data collection, analysis, remediation, and reporting facilities needed to address thousands of requirements through a single application, across multiple system and application types, and IT management disciplines.

For more information about STEALTHbits’ Group Clean-up and other Active Directory management solutions, visit http://www.stealthbits.com/directory-services/active-directory

About STEALTHbits Technologies, Inc.

STEALTHbits Technologies, Inc. is an innovative technology leader in the Microsoft Infrastructure and Application Management space. STEALTHbits’ StealthAUDIT Management Platform bridges the gap between IT Management and Compliance, providing a unified framework for organizations large and small to measure, manage, and maintain their critical systems and applications. STEALTHbits Technologies can be found online at www.stealthbits.com.

Editorial Contact:

Adam Laub
VP, Marketing
STEALTHbits Technologies
This e-mail address is being protected from spambots. You need JavaScript enabled to view it
201.447.9308

So, in the "new and upcoming news" category, StealthINTERCEPT is due out shortly here at STEALTHbits. With a name like that, we're not suprisingly referring to it as SI internally right now. And since I'm sitting up here in Canada going through some webpage design for the roll-out, I think of it as CSI. And then I get to thinking - CSI - well, it may not be bones and blood tests, but it's sure useful for Corporate System Investigation. Some poor OU goes missing? Get CSI on the case. Got a bad one, Tony - three critical users were just deleted. Better get CSI.

And from talking to a few of our friends/customers out there let me tell you - people need CSI. I heard from one guy how he discovered as part of an ad-hoc cleanup process that the permissions on the CEO's mailboxes had "acquired" several different unwarranted security principals. After a quick panic lockdown, and the removal of all of the unwanted access, everything seemed fine - until the CEO couldn't log on to his mailbox either. Then the stuff really hit the fan. Worst of all, they couldn't find out who had made the unwanted changes in the first place. The only guy they had a name for was the guy who tried to clean it up. Guess who got in trouble? Bleah.

Another of our clients has a problem where OUs keep moving around. They think it's caused by accidental drag-and-drops by admins using ADUC, but they don't really know for sure. They're looking for a tool to tell them who is making changes to their OU names. And what they'd really love is to be able to stop them *before* it happens. Moving OUs causes all kinds of messy ripple effects with DNs changing and applied GPOs getting mis-applied, they'd like to prevent all that before it hits.

So, look for [C]SI coming out soon from STEALTHbits. It may not be as sexy as Jorja Fox (what a name!), but it's just as good for finding out the whodunnit and making sure those responsible pay for their (electronic) crimes. And it can do some prevention too - so unwanted changes to critical objects don't happen in the first place. Pretty cool stuff.

If there were an award for Supersleuth Marketing Team of the year, STEALTHbits' would be on the short list. We've crept around corridors and hid out in conference rooms to bring you the latest buzz on groundbreaking products that'll be out soon. Earlier this year, we brought you a first look at StealthINTERCEPT, a game-changing real-time Active Directory solution. Now, we've cornered Dave Bullas, Product Manager for Active Directory, and convinced him to answer just a few questions about the latest thing to be coming through STEALTHbits' doors in the near future.

Daria: We saw "StealthMAINTAIN for Active Directory" written on a whiteboard in Conference Room B the other day. What can you tell us about it?

Dave: Absolutely nothing. It's classified, eh?

Daria: But the blogosphere wants to know! Is it a new product?

Dave: I can't give you a lot of details, but if you think about the name, StealthMAINTAIN, maybe it'll become a little clearer.

Daria: Maintain – like maintenance? Maintenance and clean-up?

Dave: Exactly – this product will be an extension to our existing SMP for Active Directory solution, and will allow users to perform remediation and provide them with insight into AD groups, users, and computers.

Daria: How is that different from what we have today?

Dave: It will give admins information from across their environments, allowing them to make decisions about changes much quicker. Since AD is a critical part of the File System, Exchange, SharePoint, and more, this solution will really provide visibility beyond what they can currently see, like effective rights and circular nesting across various data repositories.

Daria: Sounds cool!

Dave: We think so. But I have to head to meeting now.

Daria: But we have more questions!

Dave: This conversation never happened.

Glen Rock, NJ (Marketwire.com 6/8/2011) – STEALTHbits Technologies, a leading Data and Access Governance software vendor, today announced the release of a new SQL Server Management solution. As an extension to the award-winning StealthAUDIT Management Platform (SMP) for Data & Access Governance, the SQL Solution Set leverages the powerful core technologies available within SMP to provide holistic insight into Microsoft SQL databases – from effective access and permissions to resource allocation.

SMP for SQL boasts comprehensive reporting on SQL infrastructure, objects, operations, and permissions, and allows administrators to take full inventory of their SQL instances through discovery. The new solution's key features include the ability to detect and reduce permissions sprawl, discover rogue databases to curb security threats, uncover effective access and detect non-compliance, and retire stale and unnecessary databases. The SQL Solution Set can also secure custom applications leveraging SQL within organizations, as well as collect custom data based on queries written in SQL by leveraging SMP's core data collection capabilities.

"Data is an organization's biggest asset, and, in today's world, a tremendous amount of it lives in digital format in databases," said Chris Olsen, CISM, VP of Product Management at STEALTHbits. "It is vitally important to secure and safeguard that data across the entire environment, but SQL is an often overlooked repository. STEALTHbits' new solution not only addresses this governance hole, but does so by further extending a platform complete with ten years of customer requirements, feedback, and insight already built into it."

The StealthAUDIT Management Platform for Data & Access Governance spans the entire Microsoft computing environment – from Active Directory and the File System to Exchange, SharePoint, SQL and beyond. Detailed data collection combined with built-in business intelligence make SMP ideal for detecting and locking down data access vulnerabilities. STEALTHbits Technologies plans to expand the existing functionality across other common data repositories in future releases.

About STEALTHbits Technologies, Inc.

STEALTHbits Technologies, Inc. is an innovative technology leader in the Microsoft Infrastructure and Application Management space. STEALTHbits' StealthAUDIT Management Platform bridges the gap between IT Management and Compliance, providing a unified framework by which to measure, manage, and maintain. STEALTHbits Technologies can be found online at stealthbits.com.

Editorial Contact:

Adam Laub
VP Marketing & Technical Operations
STEALTHbits Technologies
This e-mail address is being protected from spambots. You need JavaScript enabled to view it
201.447.9308

We keep our eyes and ears peeled on your behalf here at STEALTHbits Headquarters, and we recently overheard some really cool news about an Active Directory project that’s under way (and under wraps). We convinced Adam Laub, VP of Marketing, to sit down with us for just 5 questions about this mystery solution.

Daria: Word on the street has it that there's something called "Interceptor" technology that's coming. What is it?

Adam: How do you guys hear about these things?! I can't say much at this point, but I can tell you that StealthINTERCEPT is a hot new technology that will allow our customers to lock-down Active Directory from unauthorized changes, and to get real-time notifications.

D: What business benefits can users expect?

A: This is part of our larger data governance initiative, which helps our customers take back control of their unstructured data. Active Directory is a key and often overlooked piece of the puzzle. If you're not securing AD, then all you're leaving a door wide open.

D: So when can we expect to see this?
A: Soon! We have test sites running it already. You'll have to stay tuned for details.

D: Is this part of an upgrade to the StealthAUDIT Management Platform?
A: Yes and No. StealthINTERCEPT technology is new and stands on its own, but also integrates with the StealthAUDIT Management Platform.

D: Do you guys practice these vague answers?
A: Absolutely.

D: So how is this real-time technology going to work?
A: Sorry, that's five questions!

We're certainly intrigued. We'll be sure to keep you posted on this blog and in our monthly newsletter as this develops, so stay tuned. This is gonna be big.

GLEN ROCK, NJ--(November 10, 2010) - STEALTHbits Technologies today announced that its StealthAUDIT Management Platform (SMP) was chosen as a winner in the Best of Connections 2010 awards program in the "Best Windows Product" category by Penton Media's DevConnections. SMP is a comprehensive framework featuring audit, reporting, compliance, and remediation capabilities across the Microsoft computing platform, including solutions for Exchange, ActiveSync, BlackBerry Enterprise Server, Active Directory, SharePoint, Windows Desktop and Server Operating Systems, Windows File Systems, and beyond.

"We are thrilled to have received the 'Best Windows Product' award recognizing StealthAUDIT's ability to answer the toughest IT questions across the Microsoft landscape," said Adam Laub, VP of Marketing and Technical Operations at STEALTHbits. "We're excited to have had the opportunity to showcase our unique approach to Microsoft infrastructure and application management which our customers have found so valuable, and are grateful to the Penton Media team for their acknowledgement of our achievement in this field."

The Best of Connections awards recognize companies based on their innovation, strategic importance to the market, competitive advantage and exceptional value to customers. The winners were chosen from more than 80 nominated products in six (6) categories. The field was narrowed to three finalists in each category. Finalists were interviewed at the DevConnections 2010 conference in Las Vegas, Nevada, November 2-3 to determine the winners in each category. Winners were announced live from the DevConnections 2010 exhibitor's floor at 2 pm on Thursday, November 4.

"Narrowing down the list of nominees to 18 finalists in the six Connections categories was a challenge, considering that we were faced with so many top-tier products and services," said Amy Eisenberg, Executive Editor for Windows IT Pro, "but in the end, we came up with six very deserving winners. We're proud of our selections, and we believe all our finalists and winners represent the best of the best in their categories."

About STEALTHbits Technologies, Inc.
STEALTHbits Technologies, Inc. is an innovative technology leader in the Microsoft Infrastructure and Application Management space. STEALTHbits' StealthAUDIT Management Platform bridges the gap between IT Management and Compliance, providing a unified framework by which to measure, manage, and maintain. STEALTHbits Technologies can be found online at stealthbits.com.

Editorial Contact
Adam Laub
VP, Marketing
+1.201.447.9308

Related Articles
Congratulations to the Best of Connections 2010 Winners! by Jason Bovberg, Windows IT Pro Magazine

We wanted to take a minute and discuss some of the key business problems that Systems and Data Administrators face on a daily basis. Hopefully, bringing them to light will help you to examine what's going on in your organization's environment, and will help you to preempt some potentially costly situations.

There are three main areas that, in the places that they intersect, form the basis for data with real Business Value:

When you look at your environment, the areas of biggest concern can be broken down even further.

Permissions
Starting with Active Directory, users and groups form the foundation of control over what resources can be accessed on the Domain. Windows and distributed file systems extend the boundary of where users and groups can be created and have access to the resources that reside on those systems. Digging even deeper, users and groups can be granted access to shares, folders, and even to individual files. In order to assess and/or secure your data, all of those points and inheritance spots must be evaluated and considered in the equation of determining a userÌs effective level of access to resources on the Domain. Care must be taken before removing users from any of those permission points, as the removal or deny action could break their access to other valid and business critical resources across the domain.

Changes
Knowing who has what level of access to resources is important. Knowing who gave out that access or who is using their access to interact with resources is critical, especially when something goes wrong.

Content
On average, storage costs organizations $55/GB of data per month to maintain. Gartner estimates that 70% of unstructured data goes untouched 90 days after creation. That translates into gigabytes to terabytes of stale data, depending on the size of your user base. Archiving data to lower cost storage tiers can help or slow the capacity demands, but deleting the data will actually free up valuable storage resources.