User Manager Pro Suite (UMPS) is a powerful agent-less security management tool that allows IT administrators to report on and make global changes to user credentials, groups, rights, registry settings, policies and more, simultaneously across the servers and workstations in the Windows network.
Interactive Reporting With Real-Time Resolution
One thing systems administrators need is information, and they usually need it immediately. UMPS allows you to report on virtually any aspect of your Windows systems. Reporting covers accounts, groups, event data, installed software and patches, registry values, policy and trusts, and other data available through WMI.
Need to see who is in the administrators group on every system? Want to find NTFS permissions where Everyone has been granted access? Having a problem and need to quickly locate which machines are recording the same error in their event log? User Manager Pro Suite’s reporting capabilities provides all this and more.
Reporting is integrated with User Manager Pro’s management functions, so issues that are found can be resolved interactively right from the report viewer. For example, if you run a Users report to find those users whose passwords are 90 days or older, you can disable those accounts directly.
Security auditors also demand lots of information. With User Manager Pro Suite's Web Reporting, the reports you run or schedule can be accessed from a fully audited and delegated web interface. This allows your auditors to view the reports any time, anywhere and to filter the information that they desire.
Automate Windows Management Tasks
Gain the granular control needed to manage complex IT infrastructures, discover what’s really occurring in your Windows environment and resolve security and systems management problems as they arise.
Have you ever run a script against 5,000 computers, only to have number 1,941 fail and bring the whole script to a screeching halt? Have you ever set a script to run via Group Policy, only to find out that the machines were not rebooted on time and that was the reason your network got infected with a virus?
User Manager Pro Suite (UMPS) addresses all of these issues and more. It's a multi-threaded tool, meaning that if any system(s) should fail during its operation, the failure will not affect the job running. UMPS will tell you the reason for the failure (such as error 53, network path not found) and allow you to retry the operation on those systems.
When you need to schedule and force a reboot, UMPS can do it and log the result. If the operation wasn't successful, it can tell you why. UMPS can also force updates to required systems at any time, meaning you don't have to wait for them to reboot to secure your network.
Local Account and Group Management
Managing local accounts and groups is a critical part of running a secure Windows environment. But visiting all your servers and workstations often enough to verify and maintain proper configuration can be a daunting task.
UMPS manages local accounts and groups across hundreds, even thousands, of machines in a single action. The managed configurations can include group membership, password rotation, removing unauthorized accounts, setting rights and password policies, and more.
With User Manager Pro Suite’s “Move All Except” capability, host-specific exceptions for user accounts, group membership and group membership configurations are easily supported. These Account and Group Management functions can also be performed on Local Systems, as well as Active Directory domain accounts and groups.
With “Move All Except” you can keep some of your users in their current local group and move other users to a new local group that you set up. This is especially useful for moving members of the local administrators group to a less privileged group, to ensure that you're maintaining proper access rights on your network.
Block Unauthorized Applications with File Cratering
When a virus, worm or other type of malicious software hits a network, the standard procedure for remediating the attack is to disable and delete the virus, and then apply the proper Microsoft-supplied Windows patch. However, infected systems can become so overloaded by a virus that they're unable to apply the required patches and hot fixes. IT administrators must remove the system from the network and then manually terminate the virus process and clean the infected system. This procedure often involves a physical visit to each infected machine, which can quickly accumulate into hours spent fighting the attack.
Using patented Access Control List (ACL) management technology called File Cratering, UMPS can identify and block malicious software from executing on client systems, rendering it harmless and preventing propagation throughout the Windows network.
To use Cratering, select any file on a Windows host and set the permissions to Everyone:Deny Full-Control, then automatically reboot the machine. The program - whether it's malware or an application that violates your organization's security policies - won’t be allowed to start when the machine reboots.
IT administrators can even take the proactive step of using Cratering to insert a series of files with known virus names that are ACL locked-out on all machines. If known malware attempts to infect the system, it will be unable to do so because a locked file has already taken its place.
Administrator Password Management
Setting all your local administrator accounts to one common password is not a good security practice. If just one of your machines is compromised and the password discovered, every other machine with that same password can be taken over. UMPS includes two tools to make implementing proper administrator password management easy:
Random Password Generator - Create truly random passwords at a user-defined level of length, complexity and Windows version compatibility. You can schedule the password randomizations to occur as frequently as your security policies require. Random Password Generator provides precise control over the generated passwords, allowing support for different Windows versions as well as your internal standards.
Password Recovery Console - Allow delegated IT Admins the ability to retrieve the administrator passwords set by Random Password Generator through a secure web interface. The tool also maintains a full audit trail of all password recovery operations performed.
Push and Run
The Push and Run feature is an easy mechanism to push out and run simple programs like batch files or scripts, as well as patches and applications. Push and Run Technology enables pushing a series of files to remote Windows hosts, then executing a command. It's especially useful when you need to reconfigure the registry, patch your machines or update virus protection files on every machine - and you need to get it done right now.
Push and Run is a great time-saver for ad hoc systems maintenance tasks, because it lets you avoid the time-consuming process of accessing each remote machine individually. When you have a file that needs to be duplicated to all of your sites, it’s a lot easier to take one copy and send it out to all of your systems.