Intro

1
(No Transcript)
2
STEALTHbits Technologies, Inc. Microsoft
Infrastructure Management Solutions
StealthAUDIT Management Platform (SMP)
Microsoft Infrastructure Framework
Analysis Module Framework Action Module Framework
3

• Public Folder Management
• Analyze Aging, Content, Ownership, and Replicas
• Identify the Most Probable Owner of each Public
  Folder
• Clean-up and Migration

• Distribution List Management
• Track stale DLs through Tracking Log and AD
  Correlation
• Contact DL Owners to verify proper membership
• Identify and remediate Large and Dynamic DLs

• Exchange Configuration Validation
• Baseline Server Checklists/Change Detection
• Adhere to Organizational Industry Best
  Practices
• Alert on critical changes and thresholds

• Exchange Metrics Applet Architecture
• Gauge Mail-flow and Delivery Time Statistics for
  SLAs
• Load Balance Identify Top Senders and
  Receivers, Peak Load
• Identify who is accessing Exchange remotely via
  OWA, OMA, and RPC Connections

• BlackBerry Monitoring
• Profile Usage, Stale Resources, Inventory, Growth
• Instantly Identify Affected Users
• Monitor Users, Devices, Providers, SRP, BES,
  Exchange, SQL, MDS

• Exchange Operations
• Application Availability - Monitor overall SLA
  statistics while incorporating planned downtime
• Verify Exchange Health daily/hourly, quickly
  identify urgent issues and prioritize efforts
  with exceptions based reports
• Understand how users are connecting to Exchange
  and identify latency issues (Cached Mode, Classic
  Online, System Mailbox, etc.)

• Complete OS AD Visibility
• Understand Rights, Permissions, Configurations,
  Policies
• Event Logs, Registry, File System, WMI, Services,
  Disk Info, System Info, Patches, Text Logs and
  Files, ODBC, INI Files, PerfMON
• Troubleshoot (i.e. Dup. Display Names SMTP
  Addresses)

• PST Assessment
• Search Workstation and Server Systems to identify
  all PSTs
• Warn users with excessively large PSTs using
  Cached Mode of potential stability issues
• Consolidate PST Files to a central location using
  SMPs File Action Module

• Mailbox Management
• Profile MB Usage, Aging, and Size and create
  Automated Workflow to clean and maintain all or
  particular Mailboxes
• Verify Permissions and Entitlement
• Track store size and growth over time
• Create in-depth MB Search queries

• Additional Competencies
• Chargeback Reporting
• Calculate Mailbox, Public Folder, and Storage
  Costs
• Pre- and Post-Migration Analysis
• Store Sizes, Quotas, Outlook Connections,
  Identify PSTs
• Compliance
• Validate Archiving efforts

• Outlook Client Configuration
• Baseline Outlook Client Security Settings and
  Configuration
• Assess Cache Mode Settings and Status
• Highlight exceptions such as Missing OS Protocols
  and Vulnerable Users

MORE
Outlook
PSTs
SMP for Exchange
Microsoft Infrastructure Framework
Analysis Module Framework Action Module Framework
ltlt Back
4

• Monitoring Diagnostics
• Instantly Pinpoint Affected Users
• Gauge Key Performance Indicators - Services,
  Hung Threads, Pending Messages, SRP
• Connectivity - User, Device, Provider, SRP, BES,
  Exchange, and SQL Status in a single,
  consolidated report
• Exchange/User Mailbox Stats Queues, Outlook
  Folder Count, Mailbox Size

• Server Metrics
• Understand BES Server Activity and Rankings
• Traffic-flow Statistics Forwarded, Sent,
  Pending, Expired, Filtered, Failed Messages per
  Server
• Alert on exceeded thresholds and server
  overutilization

• User Metrics
• Pinpoint problem users/devices/servers
• Understand Top Senders Receivers
• Identify Stale Users according to any time range

• Provider Metrics
• Understand which providers are servicing users
  and where
• Measure SLAs per provider
• Identify Top Providers and associated volume
  statistics

• Growth Capacity
• Track and Trend Growth Users, Mail Volume,
  Storage
• Load Balance Users across Exchange Servers
  effectively

• Inventory
• Devices Model, Configuration, Policy,
  Applications
• Server Hardware, Software, OS Configuration,
  Version
• Users per BES Server/Exchange Server/Storage
  Group/ Mail Store

• Configuration
• Baseline Service Configuration throughout the
  stack (BES, Exchange, OS, IIS)
• Validate Log Location and Sizing configurations
• Monitor Session Info to alert on unauthorized
  connections

• Event Logs
• Aggregate Application, Security, and System Event
  Log Errors for designated time periods
• Set alerts for critical events and thresholds
• Itemize and Prioritize efforts through integrated
  scorecards

• Interactive Web Interface/Helpdesk (coming soon
  in v3)
• Consolidated diagnostic reporting
• Controlled remediation

WEB INTERFACE
SMP for BlackBerry
Microsoft Infrastructure Framework
Analysis Module Framework Action Module Framework
ltlt Back
5

• Advanced Security
• ACLs OUs and Groups
• Identify who can make changes
• Verify and baseline security settings

• Who Made the Change?
• Discover WHO created, deleted or modified
  Accounts, Groups, and Passwords
• Monitor Sensitive groups Security Groups,
  Enterprise, Schema, and Domain Admins

• Compliance
• Alert on configuration changes
• Verify Group Membership
• Track AD permissions Domain, Universal,
  Enterprise, Local Admins

• Infrastructure
• Baseline and validate Schema and Group Policy
  configurations
• Domain Controller DNS configuration
• Site and NTDS configuration

• Bulk Administration/Maintenance Clean-up
• Identify and retire stale computers, users, and
  other objects
• Remediate locked-out accounts, create and modify
  group and user attributes, enforce new password
  creation
• Maintain DL and Security Group membership, track
  usage, and remediate

• Operations
• Set threshold alerts Disk Space, Database
  Growth
• Verify replication and backups
• Maintain Domain and DC Health
• Track and trend Site growth/Load Balance

SMP for Active Directory
Microsoft Infrastructure Framework
Analysis Module Framework Action Module Framework
ltlt Back
6

• Size and Information
• Quickly prioritize efforts by classifying Public
  Folder content
• Assess PF Sizes, Locations, Folder Counts,
  Replicas, and more
• Understand PF Aging, Newest and Oldest Messages,
  Attachments, and other attributes indicating
  stale data

• Permissions, Ownership, Entitlement
• Identify the Most Probable Owner of a Public
  Folder through built-in Business Intelligence
• Pinpoint unprotected Public Folders and
  understand who has access to sensitive folders
• Use the Action Module Framework to initiate
  entitlement reviews and remediate permissions

• Settings Modifications
• Assess and Remediate PF Message, Age, and Size
  Limits
• Analyze PF Settings such as Delivery
  Options/Restrictions, Exceptions, Referrals,
  Accept/Reject, Forwarding, and Storage Limits
• Understand Modification Times to help identify
  potentially stale content

WORKFLOW
SMP for Public Folders
Microsoft Infrastructure Framework
Analysis Module Framework Action Module Framework
ltlt Back
7

• Infrastructure Auditing Policy
• Where does the data reside?
• How much space is the data consuming?
• Are the correct policies being applied?

• Access Deletions
• Who is accessing the data?
• Who is deleting the data?
• How much activity is occurring?

• Content
• What data is old/stale?
• What kind/type of information is present?
• Which folders are the Largest/Newest/Oldest?

• Permissions
• Who has access to the data (AD NTFS)?
• Who owns the data?

SYSTEMS
SMP for Data Governance Compliance
Microsoft Infrastructure Framework
Analysis Module Framework Action Module Framework
ltlt Back
8

• Baseline Configuration Compliance
• Use out-of-the-box templates or design a
  completely customized baseline using Policy
  Center
• Baseline OS, Exchange, AD, BES Configuration and
  more!
• Receive Alerts and Notifications when changes are
  detected or thresholds are met

• Permissions Control
• Who has access to your critical systems?
• Who is utilizing their access privileges?
• Who is granting access to your critical systems?

• Security Compliance
• Configuration drift according to Regulatory (SOX,
  HIPAA, PCI), Organizational, and Industry
  Compliance Standards
• Who is making changes within AD and Critical
  Systems?
• Permissions, Rights, and Access Levels within
  Exchange, AD, Workstations, Servers, Shared File
  Systems, and more.

• Inventory Management
• Hardware
• Software
• Systems
• Implementation and Upgrade Sizing/Readiness
• Unauthorized Programs or Data
• Software License Utilization and Compliance
• Last known physical location of missing assets
• Rogue and/or unauthorized system identification

• Patch Validation
• Validate down to the file level that patches have
  been actually applied (eliminate
  false-positives/negatives)
• Verify provisioning agents are installed and
  operational
• Patch status per Host, OS Type, Region (or
  user-defined)

DATA
Architecture
SMP for Systems Governance Compliance
Microsoft Infrastructure Framework
Analysis Module Framework Action Module Framework
ltlt Back
9
SMP Architecture Complete Visibility
Active Directory
Exchange
Raw SQL Data
Graphical Reports
Tabular Reports
Systems (OS)
ltlt Back
10
SMP for Exchange Complete Visibility
Active Directory
Exchange
BES
Raw SQL Data
Graphical Reports
Tabular Reports
Operating System
ltlt Back
11
SMP for Exchange/BlackBerry Complete Visibility
Active Directory
Exchange
BES
Raw SQL Data
Graphical Reports
Tabular Reports
Operating System
ltlt Back
12
SMP for Active Directory Complete Visibility
Active Directory Server
Operating System
ltlt Back
13
SMP Permissions Data Control Complete
Visibility
Active Directory
Operating System
Raw SQL Data
Graphical Reports
Tabular Reports
Distributed File Systems
ltlt Back
14
SMP Action Module Framework

• Closes out the loop
• Assess, Refine, Resolve
• Works with real-world workflow
• Automates mass operations
• Public Folders
• Mailboxes
• Distribution Lists
• Used when targets exceed practical limits of
  manual operations

ltlt Back
15
SMP Action Module FrameworkExample Public
Folders
Unknown number of stale folders
Examine all 30K folders under top level folder
Clean-up Complete!
Narrowed down to 2500 folders
Take folders offline
Survey folder owners for confirmation
Get approval from legal
ltlt Back