This time of year is always exciting. The seasons change (depending on where you live), commercial buying season ramps up, and shopping lines resemble those of an amusement park in summer. The year is coming to an end, and we are busy shopping, making holiday preparations, traveling, and coming together with family to eat, exchange gifts, and be merry.

 

I’d wager access rights management doesn’t have a top spot on your holiday list. That’s ok. The topic doesn’t exactly exude that cozy holiday feeling. On the contrary, it might make you slightly uncomfortable. 

 

Most IT environments consist of tens, hundreds, or even thousands of servers. Those servers have thousands to tens of thousands of folders, groups, and paths. How can you really know who has access to what? Is your data safe? You have, no doubt, installed security monitoring and protection solutions to help protect the data in those folders and files. You’ve done everything you can, right? Despite all those protections, you still have users with access—but you don’t know who. You don’t know what. In fact, if someone asked you who has access to what, you probably couldn’t answer. It’s a hard question to field unless you have a solution in place giving you the visibility you need. Of course, if an auditor does ask you to answer these questions, your holidays could be spent digging through folders and directories to compile information and provide answers.

 

 

SolarWinds® Access Rights Manager (ARM) helps solve these challenges and more:

 

  • ARM provides a detailed overview of your users’ access rights, allowing you to easily visualize and show where access to resources has been granted erroneously
  • ARM enables standardization and automation of access rights, so you can easily apply the appropriate rights to users through templates
  • ARM helps demonstrate compliance and prevents insider data leakage by helping you achieve the principle of least privilege and giving you full auditability of user access over time

 

Let’s dig into this further.

 

 

ARM gives a detailed overview of your users’ access rights

 

The Active Directory group concept is essential for every administrator. These groups grow organically, and after years of existence and use, they often build up to complex group nesting structures. ARM gives you back control over these group structures.

 

The ARM AD Graph visualizes group structure and depth. Structural problems with these groups become transparent through this visualization.

 

 

 

In addition to the visualization provided by the AD Graph, the ARM dashboard allows a detailed analysis of the group nesting structures and circular nested groups. This enables administrators to work on the weak spots in the AD group structure, establish a flat group structure, and meet Microsoft best practices for group management.

 

With ARM, the issues related to lack of identifiable structures—or giving permissions to too many or the wrong people/groups—belong to the past. Once the group structure has been optimized, ARM allows you to compare any recorded access rights period with your current structure, and shows changes along with documented reasoning.

 

 

ARM enables standardization and automation of access rights

 

Compliance regulations, such as FISMA, GDPR, SOX, PCI DSS, BSI, and others, require administrators to adopt a high level of responsibility to ensure data is protected. Insider data leakage can cost companies large monetary sums in addition to lost customer, vendor, and reseller trust if data gets into the wrong hands. But it’s not always the headline-making data leak issues that harm companies. Employees leaving a company and taking valuable data with them is almost guaranteed without a cohesive access rights strategy to manage, control, and audit user rights—for users throughout the whole company.

 

ARM standardizes access rights across users and gives administrators a comprehensive tool to define, manage, monitor, and audit user access to resources across Active Directory, Exchange, SharePoint, and all your file servers.

 

 

 

ARM empowers administrators to predefine certain roles within the company, efficiently grant or deny rights with one click, and display all higher-level permissions in an easy-to- monitor overview. These different roles can be assigned a data owner (e.g., for department heads) to distribute control for managing access to resources the data owner is responsible for. In addition, this establishes a mindset of distributed access rights control to help ensure users with accurate access rights knowledge are granting and/or denying access appropriately.

 

Data owners, team leads, and IT professionals can be granted access to change personal information about a user, create or delete user accounts, reset passwords, unlock user accounts, or change group memberships centrally from within ARM. This allows the duties and tasks around access rights management to be shared while following standards to ensure full auditability.

 

ARM helps demonstrate compliance and prevents insider data leakage

 

Threats can emerge from the outside as well as the inside. Insider abuse can be a leading cause of data leakage. Of course, it’s not always a malicious insider; in many cases, data leakage is caused by negligent users who have access to resources, and are either compromised or take actions that inadvertently lead to data leakage. ARM takes special care to audit all changes within the ARM Logbook. The Logbook report enables admins and auditors to report on events and persons as needed to support investigations or auditor questions.

 

ARM also includes automated reports designed to meet regulatory compliance initiatives, such as NIST, PCI DSS, HIPAA, and GDPR. The flexible reporting views allow you to ask questions to quickly generate a report, which can be exported in an audit-ready format.

 

As mentioned earlier, ARM allows access rights management to be delegated to assigned staff members—placing control of the access rights assignment with the data owners that know their data. Changes made by these data owners are also audited so nothing goes unmonitored. ARM is designed to make your job easier—it helps you answer the questions you need to answer.

 

ARM is our gift to you this holiday season. It aligns with the SolarWinds mission to make your job as an IT technology professional easy. With Access Rights Manager, we make security easier too; we call it security simplified. If you are thinking of what you can do for yourself this holiday season, consider SolarWinds Access Rights Manager. It could turn out to be the gift that keeps on giving.

Have you adopted Azure cloud services into your IT infrastructure? And do you know how much you paid last month and for what? And what about forecasting? Are you able to forecast your Azure spending in the current month? If the answer is no, don’t worry, you are not the only one. Unfortunately, Azure billing is really complicated with more than 15,000 SKUs available, and each have their own rate. But SolarWinds is here to help you! We’re proud to introduce a brand new free tool in our portfolio!

Cost Calculator for Azure is a standalone free tool that can help you discover how much you are paying for your Azure cloud services. It is as easy as it could be – you put the credentials of all your Azure accounts into the tool, so it can do all the work for you, telling you how much you really pay and for what specifically. This tool is designed to help all budget holders and SysAdmins of any sized-business who are responsible for cloud resources in their companies.

 

Cost Calculator for Azure at a glance:

  • No installation
  • Support
  • Show cost of all assigned Azure accounts and their subscriptions plans. There is no need to have more instances and work with Excel spreadsheet to have an overall number.
  • Show spending in current month, last month, last quarter, or year? Still not enough? You can set up your own timeframe that fits you.
  • Find orphaned objects
  • Consolidate all spending and show the final expense in users‘ preferred currency.
  • Filter spending

As you can see, Cost Calculator for Azure is a lightweight and easy to use tool that can help make your IT professional life a little bit easier thanks to better forecasting of your Azure cloud spending. And the best thing comes at the end – Cost Calculator for Azure is available completely for FREE!

So, why don’t you give a try? Click the link below to download your Cost Calculator for Azure free tool by SolarWinds. No installation needed.

 

Cost Calculator for Azure – Download Free Tool

Did you ever dream you had a Ferrari® parked in your garage? How about a Porsche®? Or perhaps a finely engineered Mercedes-Benz®?

 

When I was eight years old, my father briefly flirted with the idea of buying a Ferrari. He was 38. I don't believe additional explanation is needed. However, as the oldest child, it was my privilege to accompany Dad to the showroom. And there, right next to the 308 GTB was a Ferrari bike. No, not a motorcycle. A regular pedal-with-your-feet bicycle. And I knew at that moment that this car was my destin... I mean my Dad's destiny. And that bike leaning beside it was mine, Mine, MINE!

 

You may be asking yourself why Ferrari would bother making a bicycle?

 

The obvious answer is "marketing." With a cheeky smile, Ferrari can say "anyone can own a Ferrari." But there's more to it.

 

Before I dive into the OTHER reason why, I just want to point out that car-manufacturer-bicycles is not just a thing with Ferrari. The trend started in the late 1800s with European car maker Opel® and includes Peugeot, Ford®, Mercedes-Benz, BMW®, and Porsche.

 

So what's the deal?

 

Some companies, like Opel, started with bicycles (they ACTUALLY started with sewing machines) and built up their mechanical expertise in sync with the rise of automobile technology. But most decided to build bikes as a side project. I imagine that the underlying message went something like this:

 

"Our engineers are the best in the world. They understand the complex interplay of materials, aerodynamics, maneuverability, and pure power. They are experts at squeezing every possible erg of forward thrust out of the smallest turn of the wheel. While we are used to operating on a much larger scale, we want to showcase how that knowledge and expertise translates to much more modest modes of conveyance. Whether you need to travel across the state or around the corner, we can help you get there."

 

I was thinking about that Ferrari bicycle, and the reasons it was built, as I played with ipMonitor® the other day.

 

For some of you reading this, ipMonitor will be an old and trusted friend. It may even have been your first experience with SolarWinds® solutions.

 

Some quick background: ipMonitor became part of the SolarWinds family in 2007 and has remained a beloved part of our lineup. ipMonitor is nimble, lightweight, and robust. A standalone product that installs on any laptop, server, or VM, ipMonitor can help you collect thousands of data points from network devices, servers, or applications. It's simple to learn, installs in minutes, and even comes with its own API and JSON-based query engine. Users tell us it quite literally blows the doors off the competition, and even reminds them of our more well-known network monitoring software like Network Performance Monitor (NPM) and Server & Application Monitor (SAM) server monitoring software.

 

Which is exactly why I remembered that Ferrari bicycle. It also was nimble, lightweight, and robust—a standalone product that could be implemented on any sidewalk, playground, or dirt path. It installed in minutes with nothing more than a wrench and a screwdriver, and epitomized the phrase "intuitive user interface."

 

And, like comparisons of ipMonitor to NPM, my beloved Ferrari bike was amazing until it came time to add new features or scale.

 

Much like the Ferrari bicycle, ipMonitor was designed by engineers who understood the complex interplay of code, polling cycles, data queries, and visualizations. Developers who were used to squeezing every ounce of compute out of the smallest cycle of a CPU. While used to creating solutions on a much larger scale, ipMonitor let us showcase how that knowledge and expertise translated to much more modest system requirements.

 

ipMonitor is designed to perform best in its correct context. For smaller environments with modest needs, when more feature-rich monitoring tools aren’t viable, it can be a game-changer. That Ferrari bicycle was an amazing piece of engineering—until I needed to bring home four bags of groceries or get to the other side of town. Likewise, ipMonitor is an amazing piece of engineering, but, as I said, in its correct context.

 

When you need "bigger" capabilities, like network path monitoring; insight into complex devices like load balancers, Cisco Nexus®, or stacked switches; application monitors that run scripted actions in the language of your choice; monitoring for containers and cloud; and so on, that's where the line is drawn between ipMonitor and solutions like NPM and SAM. It's not that we've deliberately limited ipMonitor, any more than Ferrari "limited" their bicycle so that it didn't have cruise control or ABS breaking. Of course, this isn't an either-or proposition. No matter your monitoring needs, we've got a solution that fits your situation.

 

So, consider this your invitation to take ipMonitor for a spin. Even if you own our larger, luxury models, sometimes it's nice to get out and monitor with nothing but the feel of the SolarWinds in your hair.

SolarWinds uses cookies on its websites to make your online experience easier and better. By using our website, you consent to our use of cookies. For more information on cookies, see our cookie policy.