Most organizations have more group documents than they have person documents. This occurs due to uncertainty whether or not an existing group can be used, let alone changed. Instead of re-using existing groups, new ones are created over and over.
Taking not only a vast number of groups into account, but also how deeply they are nested, a company’s current security configuration is difficult – if not impossible – to see through.
Not so with panagenda GroupExplorer! Its most popular features include:
Not only can panagenda GroupExplorer tell you who has access to which databases across all of your servers, but it can also tell you:
This enables you to instantly check whether end users, who are promoted or switching departments or changing roles within the organization, have all relevant access rights and group memberships as expected.
Security assessments and compliance audits are also a breeze, because with panagenda GroupExplorer all the necessary security insights are always readily available.
Altogether, GroupExplorer is the perfect companion for administrators and security officers, ensuring full transparency across your databases and security infrastructure.
Knowing all the members of a particular group – including all nested groups and certifiers – is already very valuable on its own.
Often the real question, however, is through which sub groups a user effectively becomes a member of a parent group. panagenda GroupExplorer tells you just that: Through which group path(s) is a user member of a particular group?
The following pictures show the example for an end user, who is a member of the group “#-cronus-RCA” through his membership in “LocalDomainAdmins”, as well as by being a direct member of “#-cronus-RCA” itself – in essence, removing the user from the group would not have any effect as the user is also a member of the group LocalDomainAdmins.
Through such insight, administrators and security officers are finally in the know. Even better, by knowing about all dependencies, existing groups can be cleaned up, changed and re-used, and questions can be answered instantly and reliably.
GroupExplorer’s knowledge of who has access to what is even more powerful, time- and money-saving in combination with panagenda MarvelClient: GroupExplorer Automate.
Together, MarvelClient and GroupExplorer can:
In essence, GroupExplorer Automate reduces administration efforts that are otherwise necessary to ensure that end user configurations are in synch with your database catalog – across all of your servers, groups, and Access Control Lists (ACLs) – to near zero.
GroupExplorer is avaliable in three different editions (Light, Analyze, Automate) to meet your exact needs:
|Synchronisation of Group and Certifier membership changes with MarvelClient||YES||YES||YES|
|Visualization of Group structures||Limited to 25 groups||YES||YES|
|Analysis of Groups (views in GroupExplorer)||Limited to 25 groups||YES||YES|
|Analysis of ACLs (views in GroupExplorer)||Limited to 25 ACL s per server||YES||YES|
|Endpoint Analysis (views in GroupExplorer)||–||YES||YES|
|Synchronisation of your database landscape, groups and ACLs with MarvelClient||–||–||YES|
|Automated deployment and undeployment of Databases in synchronisation with database creation, removal, moves and ACL changes||–||–||YES|