ManageEngine AD360 is an integrated identity and access management (IAM) solution for managing user identities, governing access to resources, enforcing security, and ensuring compliance. From user provisioning, self-service password management, and Active Directory change monitoring, to single sign-on (SSO) for enterprise applications, AD360 helps you perform all your IAM tasks with a simple, easy-to-use interface.
CyberARK-Okta is an enterprise-grade, identity management service, built for the cloud, but compatible with many on-premises applications. With CyberARK-Okta, IT can manage any employee's access to any application or device.
|User provisioning and deprovisioning||Supports provisioning and deprovisioning of users to various directories and applications.||
(Supports AD, Office 365, Exchange, Skype for Business Server, and G Suite)
(Supports AD, LDAP directories, and cloud applications through SCIM)
|Automated provisioning||Integrates with HR applications and external databases for user provisioning.|
|Single sign-on (SSO)|
|SSO to enterprise applications||Provides secure, one-click access to enterprise applications.|
|SSO to custom applications||Option to configure SSO to in-house applications.|
|Supported factors||Number of authentication factors supported.||14|
|MFA for cloud application login via SSO||Supports MFA for cloud applications while logging in via SSO.|
|Windows login MFA||Adds an extra layer of authentication method to the local interactive and RDP Windows login.|
|macOS login MFA||Adds an extra layer of authentication to macOS login.|
|Privileged account discovery||Continuously scan your IT environment to detect privileged accounts.||
(supports only AD accounts)
(supports local, domain, SSH keys, root accounts, and local accounts on NIX)
|Attack detection||Detect credential theft and harvesting attempts on domain controllers.|
|Password vaulting||Store privileged credentials in a central vault and control access to them.|
|Session management||Record and store privileged sessions with video playback.|
|Secure privileged accounts||Identify inactive privileged accounts and disable them immediately||
(supports only privileged accounts in AD)
|Privileged account tracking||Tracks all the activities of privileged account holders including their logon/logoff activities.|
|File permissions management and report||Identify which users have access to critical file in your file servers.|
|Self-service password reset and account unlock||Allows users to reset passwords and unlock accounts in Active Directory, Office 365, Salesforce, and other cloud applications on their own.|
|Real-time password synchronization||Automatically synchronizes users’ Active Directory passwords with cloud applications and other on-premises systems.|
|Password Policy Enhancer||Password complexity requirements: Requires a specified number of lower case letters, upper case letters, numbers, and symbols in the passwords|
|Password should not contain part of the username.|
|Other character requirement for passwords: Must being with a letter, Unicode character, etc.|
|Disallow use of palindromes, repeating characters, and part of old password.|
|Dictionary rule to block common and weak passwords.|
|Pattern rule to block keyboard patterns (asdf, qwerty, etc.) in passwords.|
|Cached credential update for AD passwords.||Allows remote users who are not connected to the AD domain to reset passwords and log in to their machine.|
|Password expiration notification||Sends periodic password expiration reminders to AD users via email, SMS and push notifications.|
|Password reset from login screen||Allows users to reset their passwords right from the login screens of their Windows, macOS or Linux machines.|
|Mobile app for password reset||Allows users to reset their passwords using a mobile app.|
|Active Directory Management|
|User management||Disable or enable user accounts, modify user attribute values, reset passwords, unlock accounts, and do much more in bulk.|
|Computer management||Create and manage computer objects; modify their attributes in bulk.|
|Group management||Create and manage groups; modify group memberships in bulk.|
|GPO management||Create and link GPOs to OUs; modify GPO settings.|
|Management of other objects||Create and manage contact objects, home folders, terminal services profile folder, passwords, and more in AD.|
|Office 365 management|
|User management||Create users with or without license, enable MFA settings, reset passwords, modify naming attributes, and do much more in bulk.|
|Group management||Create and manage distribution groups, security groups; modify group memberships; modify group properties such as Send As permissions; all in bulk.|
|Contact management||Create and manage contacts in bulk; modify contact attributes and properties in bulk.|
|License management||Assign, remove, or replace licenses of selected users or groups.|
|Mailbox, shared mailbox, and public folder management||Manage Exchange Online mailboxes, configure settings, enable or disable features; modify public folders, and do much more in bulk.|
|Mobile device management||Clear mobile device data and remove mobile devices.|
|Calendar management||Modify or remove calendar permissions.|
|On-premises Exchange management|
|Mailbox management||Create and modify mailboxes, shared mailboxes, room mailbox, equipment mailbox, and more in bulk.|
|IT security and compliance|
|Prebuilt reports||Reports to track user activities in the product.|
|State-in-time reports for AD||Over 300 reports on various aspects of your AD environment, including reports to find out inactive users, recently created users, last logon of users, etc.|
|State-in-time reports for Exchange Server||Over 300 reports on various aspects of your Exchange on-premises environment, including reports to find out non-owner mailbox permissions, mailbox storage growth, distribution lists members, etc.|
|State-in-time reports for Office 365||Over 300 reports on all aspects of various Office 365 services, including Azure AD, Exchange Online, OneDrive for Business, Skype, Microsoft Teams, etc.|
|Prebuilt reports for IT compliance||Report templates for various compliance mandates such as SOX, HIPAA, PCI DSS, GDPR, etc.|
|Real-time audit reports for AD, Office 365, and on-premises Exchange.||Audits who did what, when, and from where using realtime audit reports.|
|Real-time alerting||Sends email and SMS alerts in real time for important security-related changes in your IT environment.|
|Exchange and Office 365 monitoring reports and dashboard||Monitors all the service availability and performance of Exchange servers and Office 365.|
|User behavior analytics||Helps detect, investigate, and mitigate threats like malicious logins, lateral movement, privilege abuse, data breaches, and malware.|
|SIEM integration||Integrates with SIEM solutions for improved event analysis.|
|Active Directory automation||Automate hundreds of user, group, computer, and contact management tasks in Active Directory||
(Supports automation of 100s of tasks)
|Office 365 automation||Create powerful automations and automation policies to automatically carry out hundreds of routine Office 365 tasks, such as password reset and blocking users, without human intervention.||
(Supports automation of 100s of tasks)
|Active Directory backup and recovery||Take full or incremental backups of AD objects. Restore them granularly at object or attribute level.|
|Office 365 backup and recovery||Take full or incremental backups of Exchange Online mailboxes, SharePoint sites, and OneDrive for Business files and folders. Restore them granularly at object or attribute level.|
|Exchange backup and recovery||Take full or incremental backups of Exchange mailboxes. Restore them granularly at mailbox or item level.|
* - and basic privilege management capabilities.
As you can see from the above table, AD360 is a much more powerful solution that solves multiple challenges faced by enterprises including identity governance, access management, IT security, compliance, and disaster recovery. For enterprises that run on Microsoft’s technology, such as Active Directory, Exchange, Office 365,etc.., AD360 is without a doubt the right choice.
Start your evaluation of AD360 with a 60-day free trail: Download now.
CAMH will be able to save close to $26,000 a year on service desk calls related to Active Directory password resets and locked accounts, and will see a return on investment within the first six months of product implementation.
Judy OlivierProject Manager, CAMH
This tool helps me be in command of the technical environment in my Active Directory network. It is easier to find logs and manage more effectively. The cost for the many features got our attention.
Diego PontesTecnisa SATecnisa SA
Just about the best piece of security software that would put a smile on any security administrator
Jacinto GodinhoAdministrator: Quality Assurance and IT Security, Al-Ahli Bank of Kuwait
AD360 is an identity and access management (IAM) solution for managing user identities, governing access to resources, enforcing security, and ensuring compliance. AD360 provides all these functionalities for Windows Active Directory, Exchange Server, and O ce 365. With AD360, you can choose the modules you need and start addressing IAM challenges across on-premises, cloud, and hybrid environments—all from a single console.
For more information about AD360, please visitwww.manageengine.com/ad360.
Your download should begin automatically in 15 seconds. If not, click here to download manually.
Thank you for your interest in ManageEngine AD360. We have received your request for a personalized demo and will contact you shortly.
Disclaimer: ManageEngine does not guarantee the accuracy of any information presented in this document, and there is no commitment, expressed or implied, on ManageEngine’s part to update or otherwise amend this document. The furnishing of this document does not provide any license to patents, trademarks, copyrights or other intellectual property rights owned or held by ManageEngine.