ManageEngine AD360 is an integrated identity and access management (IAM) solution for managing user identities, governing access to resources, enforcing security, and ensuring compliance. From user provisioning, self-service password management, and Active Directory change monitoring, to single sign-on (SSO) for enterprise applications, AD360 helps you perform all your IAM tasks with a simple, easy-to-use interface.
SailPoint IdentityIQ is an identity governance and administration solution that helps enterprises manage access, streamline compliance, empower users with self-service, and do much more.
| Capability | Description | ManageEngine AD360 Try now |
SailPoint IdentityIQ |
|---|---|---|---|
| Lifecycle Management | |||
| User provisioning and deprovisioning | Supports provisioning and deprovisioning of users to various directories and applications. | ||
| Automated provisioning | Integrates with HR applications and external databases for user provisioning. | ||
| Applications/directory services supported for provisioning | Number of directories, applications, and systems supported for direct provisioning. |
5 |
100+ |
| Entitlements management, access certifications, and SoDs | |||
| Entitlements assignment | Allows you to assign entitlements to resources in your IT environment |
(supports only entitlements in AD, Exchange, Office 365, and file servers) |
|
| File permissions management | Manage permissions to files and folders. | ||
| Access certification | Allows managers or resource owners to periodically review who has access to what resource and certify the access entitlement. | ||
| Access policies | Allows you to define who can govern access to resources and how long a access assignment should last | ||
| Automation | Automatically assigns, reassigns, or removes entitlements based on an identity’s lifecycle status. | ||
| Separation of Duty (SoD) | Define SoD policies to detect entitlement violations | ||
| Access request | |||
| Self-service access requests | Allow users to request access to IT resources. |
(applies only to AD groups) |
|
| Approval workflow | Implement approval workflow rules to accept or reject access requests. | ||
| Single sign-on (SSO) | |||
| SSO to enterprise applications | Provides secure, one-click access to enterprise applications. |
(available only in SailPoint Identity Now) |
|
| SSO to custom applications | Option to configure SSO to in-house applications. | ||
| Multi-factor authentication | |||
| Supported factors | Number of authentication factors supported. |
14 |
|
| MFA for cloud application login via SSO | Supports MFA for cloud applications while logging in via SSO. | ||
| Windows login MFA | Adds an extra layer of authentication method to the local interactive and RDP Windows login. | ||
| macOS login MFA | Adds an extra layer of authentication to macOS login. | ||
| Password management | |||
| Self-service password reset and account unlock | Allows users to reset passwords and unlock accounts in Active Directory, Office 365, Salesforce, and other cloud applications on their own. | ||
| Real-time password synchronization | Automatically synchronizes users’ Active Directory passwords with cloud applications and other on-premises systems. |
- |
|
| Password Policy Enhancer | Password complexity -- requirements: Requires a specified number of lower case letters, upper case letters, numbers, and symbols in the passwords |
- |
|
| Password should not contain -- part of the username. |
- |
||
| Other character requirement for passwords: Must being with a letter, Unicode character, etc. |
- |
||
| Disallow use of palindromes, repeating characters, and part of old password. |
- |
||
| Dictionary rule to block common and weak passwords. |
- |
||
| Pattern rule to block keyboard patterns (asdf, qwerty, etc.) in passwords. |
- |
||
| Cached credential update -- for AD passwords | Allows remote users who are not connected to the AD domain to reset passwords and log in to their machine. |
- |
|
| Password expiration notification | Sends periodic password expiration reminders to AD users via email, SMS and push notifications |
- |
|
| Password reset from login screen | Allows users to reset their passwords right from the login screens of their Windows, macOS or Linux machines. |
- |
|
| Active Directory Management | |||
| User management | Disable or enable user accounts, modify user attribute values, reset passwords, unlock accounts, and do much more in bulk. | ||
| Computer management | Create and manage computer objects; modify their attributes in bulk. | ||
| Group management | Create and manage groups; modify group memberships in bulk. | ||
| GPO management | Create and link GPOs to OUs; modify GPO settings | ||
| Management of other objects | Create and manage contact objects, home folders, terminal services profile folder, passwords, and more in AD. | ||
| Office 365 management | |||
| User management | Create users with or without license, enable MFA settings, reset passwords, modify naming attributes, and do much more in bulk. |
(supports only provisioning) |
|
| Group management | Create and manage distribution groups, security groups; modify group memberships; modify group properties such as Send As permissions; all in bulk. | ||
| Contact management | Create and manage contacts in bulk; modify contact attributes and properties in bulk. | ||
| License management | Assign, remove, or replace licenses of selected users or groups. | ||
| Mailbox, shared mailbox, and public folder management | Manage Exchange Online mailboxes, configure settings, enable or disable features; modify public folders, and do much more in bulk. | ||
| Mobile device management | Clear mobile device data and remove mobile devices. | ||
| Calendar management | Modify or remove calendar permissions. | ||
| On-premises Exchange management | |||
| Mailbox management | Create and modify mailboxes, shared mailboxes, room mailbox, equipment mailbox, and more in bulk. | ||
| IT security and compliance | |||
| Prebuilt reports | Reports to track user activities in the product. | ||
| State-in-time reports for AD | Over 300 reports on various aspects of your AD environment, including reports to find out inactive users, recently created users, last logon of users, etc. |
- |
|
| State-in-time reports for Exchange Server | Over 300 reports on various aspects of your Exchange on-premises environment, including reports to find out non-owner mailbox permissions, mailbox storage growth, distribution lists members, etc. |
- |
|
| State-in-time reports for Office 365 | Over 300 reports on all aspects of various Office 365 services, including Azure AD, Exchange Online, OneDrive for Business, Skype, Microsoft Teams, etc. |
- |
|
| Prebuilt reports for IT compliance | Report templates for various compliance mandates such as SOX, HIPAA, PCI DSS, GDPR, etc. | ||
| Real-time audit reports for AD, Office 365, and on-premises Exchange. | Audits who did what, when, and from where using realtime audit reports. | ||
| Real-time alerting | Sends email and SMS alerts in real time for important security-related changes in your IT environment. | ||
| Exchange and Office 365 monitoring reports and dashboard | Monitors all the service availability and performance of Exchange servers and Office 365. | ||
| User behavior analytics | Helps detect, investigate, and mitigate threats like malicious logins, lateral movement, privilege abuse, data breaches, and malware. | ||
| SIEM integration | Integrates with SIEM solutions for improved event analysis. | - | |
| Disaster recovery | |||
| Active Directory backup and recovery | Take full or incremental backups of AD objects. Restore them granularly at object or attribute level. | ||
| Office 365 backup and recovery | Take full or incremental backups of Exchange Online mailboxes, SharePoint sites, and OneDrive for Business files and folders. Restore them granularly at object or attribute level. | ||
| Exchange backup and recovery | Take full or incremental backups of Exchange mailboxes. Restore them granularly at mailbox or item level. | ||
* - self-service, SSO, auditing, and other components cost extra.
Start your evaluation of AD360 with a 60-day free trial: Download now
AD360 is an identity and access management (IAM) solution for managing user identities, governing access to resources, enforcing security, and ensuring compliance. AD360 provides all these functionalities for Windows Active Directory, Exchange Server, and O ce 365. With AD360, you can choose the modules you need and start addressing IAM challenges across on-premises, cloud, and hybrid environments—all from a single console.
For more information about AD360, please visit
www.manageengine.com/ad360.Your download should begin automatically in 15 seconds. If not, click here to download manually.
Thank you for your interest in ManageEngine AD360. We have received your request for a personalized demo and will contact you shortly.
Disclaimer: ManageEngine does not guarantee the accuracy of any information presented in this document, and there is no commitment, expressed or implied, on ManageEngine’s part to update or otherwise amend this document. The furnishing of this document does not provide any license to patents, trademarks, copyrights or other intellectual property rights owned or held by ManageEngine.
