Forget CyberArk, Lieberman, Thycotic, Manage Engine & MS LAPS!
Up to 1,000 Free Licenses of ADCE* !
*Call Sales at +1 908 988 4688 Ext. 123 for offer details!
Local Administrator Password Management
Pass-the-Hash (PtH) attacks against the Windows operating systems are becoming common. Microsoft wants organizations to assume that a breach has already occurred in order to highlight the need for a more mature defense. In most organizations, the Local Administrator Password is shared amongst many administrators and is a small set of static strings. This raises major security concerns specially when it comes to Pass-the-Hash attacks.
Password Expiration Notification
Default Domain Policy, specifically the Password Expiration policy, can cause resource access issues to VPN users who typically login with cached credentials. When their password is about to expire, they do not receive password expiration notification, which ultimately results in their account being locked out. This typically gets resolved by the users having to call the help desk to have their password reset, adding to the help desk cost. This translates into lost productivity and potential disruption of services to business users. Although sending EMail notifications is an option, it is not as effective solution. The users learn to treat it as spam and start ignoring such repetitive messages.
Group Policy Updates
On remote Windows computers, the default Group Policy update mechanism is very unpredictable, leaving the systems administrators guessing whether the GPOs have applied or not.
Synchronize cached credentials
When the domain password is reset by the administrator or by the user using a password reset portal, the cached credentials immediately becomes obsolete and can cause subsequent account lockouts.
VPN Client Agnostic
VPN Client applications from different vendors may implement propretiary methods to overcome specific issues.
Secure Network Connections
Computers that are left powered on and unattended by the user may become vulnerable to data theft and other unwanted activities.
Duplicate DNS Records
Domain computers connecting to the corporate network from multiple locations via VPN, WiFi and LAN dynamically update multiple DNS A record entries in the domain DNS zone. With the DNS Server and Zone scavenging option generally set to several days, stale records exist for an extended period of time causing DNS name resolution errors. It significantly impacts the SLA established for desktop support software that heavily relies upon DNS name resolution of client computers.
No DC in Branch Offices
Secure your Branch Office Infrastructure by deploying no DC, not even RoDC ! All users logon fast with cached credentials. Foreground synchronous processing of Group Policies, logon scripts and home drive mapping are deferred to background processing.