ManageEngine AD360 is an integrated identity access management (IAM) and IT security solution for managing user identities, governing access to resources, enforcing security, and ensuring compliance. From user provisioning, self-service password management, change auditing, to single sign-on (SSO) for enterprise applications and multi-factor authentication, AD360 helps organizations manage identities and achieve a strong security posture across their on-premises and cloud IT infrastructure. AD360 can be deployed on-premises.
Alsid, founded in 2016, is a cybersecurity solution intended for Active Directory teams. Alsid can be deployed on-premises or in the cloud.
While Alsid focuses solely on the security aspect of Active Directory, ManageEngine AD360 helps organizations with both security and IAM aspects of Active Directory as well as cloud applications, and other platforms such as Exchange.
|Identity life cycle management|
|User provisioning and deprovisioning||Supports provisioning and eprovisioning of users to various directories and applications|
|Automated provisioning||Automatically creates account for users in the target directory or application|
|CSV-based bulk user provisioning||Provisions accounts for multiple users in a single click by importing their details from a CSV file|
|Template-based bulk user provisioning||Uses pre-defined and customizable templates to provision multiple user accounts in a single click|
|Provision users with entitlements||Allows you to provide access to resources such as groups, mailbox, etc., at the time of account provisioning|
|Entitlements management, approval workflow, and delegation|
|Entitlements assignment||Allows you to assign entitlements to resources in your IT environment||
(supports entitlements in AD, Exchange, Office 365, and file servers)
|Access certification||Automatically assigns, reassigns, or removes entitlements based on an identity’s lifecycle status|
|Multi-level approval workflow||Enables admins, managers, and resource owners to review entitlement changes and approve it|
|Delegation||Helps delegate routine IAM tasks to help desk technicians through pre-defined or user-defined roles|
|Single sign-on (SSO)|
|SSO to enterprise applications||Provides secure, one-click access to enterprise applications|
|Pre-integrated apps||Supports SSO to hundreds of pre-integrated apps|
|Multi-factor authentication (MFA)|
|MFA for cloud application login via SSO||Supports MFA for cloud applications while logging in via SSO|
|Endpoint MFA||Adds an extra step of authentication to Windows, macOS, and Linux logons|
|Supported factors||Authentication factors supported||
|Self-service password reset||Allows users to reset their AD passwords|
|Self-service account unlock||Allows users to unlock their AD accounts|
|MFA for password reset||Number of authentication methods supported for password reset and account unlock||15||None|
|Password reset and account unlock for cloud and on-premises applications||Allows users to reset passwords and unlock accounts across cloud applications and on-premises systems other than AD||
(supports IBM iSeries, Oracle DB, Office 365, G Suite, Salesforce, and more)
|Real-time password synchronization||Automatically synchronizes users’ Active Directory passwords with cloud applications and other on-premises systems|
|Real-time password synchronization||Password complexity requirements: Requires a specified number of lower case letters, upper case letters, numbers, and symbols in the passwords|
|Password should not contain part of the username.|
|Other character requirements for passwords: Must begin with a letter, Unicode character, etc.|
|Disallow use of palindromes, repeating characters, and part of old password.|
|Dictionary rule to block common and weak passwords.|
|Pattern rule to block keyboard patterns (asdf, qwerty, etc.) in passwords.|
|Cached credential update for AD passwords.||Allows remote users who are not connected to the AD domain to reset passwords, and login to their machines|
|Password expiration notification||Sends periodic password expiration reminders to AD users||
(supports email, SMS, and push notifications)
|Account expiration notification||Sends periodic account expiration reminders to AD users|
|Password reset from login screen||Allows users to reset their passwords right from the login screens of their Windows, macOS, or Linux machines||
(supports Windows, macOS, and Linux)
|Mobile app for password reset||Allows users to reset their passwords using a mobile app|
|Help desk-assisted password reset||Allows help desk technicians to reset passwords on behalf of users after verifying their identity|
|Self-service group management||Allows users to request membership to AD groups, and get the request approved by admin or group owner|
|Self-service for updating AD attributes||Allows users to update AD attributes such as address, mail, mobile, etc., on their own.|
|Approval workflow for self-service||Allows admins, technicians, and managers to review users’ self-service actions before approving it.|
|Privileged account tracking||Tracks all the activities of privileged account holders including their logon/logoff activities|
|Privileged group tracking||Tracks changes to privileged groups|
|File permissions report||Helps identify which users have access to critical files in your file servers|
|File permission management||Manages the NTFS and Share permissions of files and folders in your Windows environment|
|Active Directory management|
|User management||Allows you to disable or enable user accounts, modify user attribute values, reset passwords, unlock accounts, and do much more in bulk, manually and also automatically.|
|Computer management||Allows you to create and manage computer objects; modify their attributes in bulk|
|Group management||Allows you to create and manage groups; modify group memberships in bulk|
|GPO management||Allows you to create and link GPOs to OUs; modify GPO settings|
|Management of other objects||Allows you to create and manage contact objects, home folders, terminal services profile folder, passwords, and more in AD|
|Office 365 management|
|User management||Allows you to create users with or without license, enable MFA settings, reset passwords, modify naming attributes, and do much more in bulk|
|Group management||Allows you to create and manage distribution groups, security groups; modify group memberships; modify group properties such as Send As permissions; all in bulk|
|Contact management||Allows you to create and manage contacts in bulk; modify contact attributes and properties in bulk|
|License management||Allows you to assign, remove, or replace licenses of selected users or groups|
|Mailbox, shared mailbox, and public folder management||Allows you to manage Exchange Online mailboxes, configure settings, enable or disable features; modify public folders, and do much more in bulk|
|Mobile device management||Helps clear mobile device data and remove mobile devices|
|Calendar management||Lets you modify or remove calendar permissions|
|On-premises Exchange management|
|Mailbox management||Allows you to create and modify mailboxes, shared mailboxes, room mailboxes, equipment mailboxes, and more in bulk|
|Reporting and compliance|
|Prebuilt reports||Provides reports to track user activities in the product|
|State-in-time reports for AD||Offers over 150 reports on various aspects of your AD environment, including reports to find out inactive users, recently created users, last logon of users, etc.|
|State-in-time reports for Exchange Server||Offers over 100 reports on various aspects of your Exchange on-premises environment, including reports to find out non-owner mailbox permissions, mailbox storage growth, distribution lists members, etc.|
|State-in-time reports for Office 365||Offers over 150 reports on all aspects of various Office 365 services, including Azure AD, Exchange Online, OneDrive for Business, Skype, Microsoft Teams, etc.|
|Prebuilt reports for IT compliance||Provides report templates for various compliance mandates such as SOX, HIPAA, PCI DSS, GDPR, etc.|
|Active Directory change auditing||Audits every single change happening in Active Directory|
|On—premises Exchange and Exchange Online change auditing||Audits every single change happening in your hybrid Exchange environment|
|Office 365 auditing||Audits changes happening in Office 365, including Exchange Online, Azure AD, OneDrive for Business, and Microsoft Teams.|
|File server auditing||Audits file and folder read, modify, create, delete, DACL, SACL, and other changes||
(supported environments: Windows, Windows failover cluster, NetApp, EMC, and Synology)
|Windows Servers and workstation auditing||Audit local logon activity, AD FS logons, PowerShell processes, etc.|
|Logon/Logoff auditing and account lockout analysis||Audit logon and logoff events; analyze account lockout source, time, etc.|
|Technician activity audit reports||Audits technicians’ activities (who did what, and when) using the product’s various modules|
|Real-time alerting||Sends email and SMS alerts in real time for important security-related changes in your IT environment|
|Remediation plan||Shows a remediation plan for each event or alert that contains instructions of what to do next|
|Detect abnormal user behavior and changes||Helps detect, investigate, and mitigate threats like malicious logins, lateral movement, privilege abuse, data breaches, etc.|
|Active Directory backup and recovery||Takes full or incremental backups of AD objects. Lets you restore them granularly at object or attribute level|
|Office 365 backup and recovery||Takes full or incremental backups of Exchange Online mailboxes, SharePoint sites, and OneDrive for Business files and folders. Lets you restore them granularly at object or attribute level|
|Exchange backup and recovery||Takes full or incremental backups of Exchange mailboxes. Lets you restore them granularly at mailbox or item level|
|ITSM solutions||Integrates with ITSM and ITIL solutions for user provisioning, identity management, password sync, etc.|
|SIEM solutions||Integrates with SIEM solutions to provide network -wide deeper analytics|
|HRMS solutions||Integrates with HRMS solutions to automate user lifecycle management|
|Database servers||Integrates with databases to automate user lifecycle management|
|PAM solutions||Integrates with a privileged access management (PAM) solutions for password vaulting and other PAM capabilities|
* - self-service, SSO, auditing, and other components cost extra.
As you can see from the above table, ManageEngine AD360 is a comprehensive solution that does it all—identity governance, access management, password management, multi-factor authentication, security auditing, reporting, alerting, and disaster recovery. AD360 also supports multiple platforms in addition to Active Directory, including Office 365 and Exchange.
Alsid, on the other hand, focuses only on security auditing and alerting, and that too, only for Active Directory.
CAMH will be able to save close to $26,000 a year on service desk calls related to Active Directory password resets and locked accounts, and will see a return on investment within the first six months of product implementation.
Judy OlivierProject Manager, CAMH
This tool helps me be in command of the technical environment in my Active Directory network. It is easier to find logs and manage more effectively. The cost for the many features got our attention.
Diego PontesTecnisa SATecnisa SA
Just about the best piece of security software that would put a smile on any security administrator
Jacinto GodinhoAdministrator: Quality Assurance and IT Security, Al-Ahli Bank of Kuwait
AD360 is an identity and access management (IAM) solution for managing user identities, governing access to resources, enforcing security, and ensuring compliance. AD360 provides all these functionalities for Windows Active Directory, Exchange Server, and O ce 365. With AD360, you can choose the modules you need and start addressing IAM challenges across on-premises, cloud, and hybrid environments—all from a single console.
For more information about AD360, please visitwww.manageengine.com/ad360.
Your download should begin automatically in 15 seconds. If not, click here to download manually.
Thank you for your interest in ManageEngine AD360. We have received your request for a personalized demo and will contact you shortly.
Disclaimer: ManageEngine does not guarantee the accuracy of any information presented in this document, and there is no commitment, expressed or implied, on ManageEngine’s part to update or otherwise amend this document. The furnishing of this document does not provide any license to patents, trademarks, copyrights or other intellectual property rights owned or held by ManageEngine.