If you manage security across multiple Windows servers, you know a simple task, like determining exactly what resources a given an employee has access to across all servers, is anything but simple. Permissions management is tedious, time consuming, and prone to errors. And with so many servers, files, and folders, across your enterprise, answering just one question like that can easily take a week of work with native tools.
Hi, my name is Thom Brainard, Product Marketing Manager at Dell Software, and today we'll be discussing a better way to manage permissions in your Windows Server environment. As you know, privileged information resides in many different locations such as shared folders on file servers, or storage devices, SharePoint sites, SQL Server databases, and Exchange mailboxes. Each technology has its own management interface, and relies on complex command line tools to manage permissions.
Fortunately, Dell Software can help. Joining us today is Alexey Korotich, Product Manager for Security Explorer from Dell Software. Hello, Alexey. Thanks for being here today.
Hello Hello, Thom. It's my pleasure to be here.
Can you tell us how most organizations manage permissions across their Microsoft server environments? Is it box-by-box management?
Unfortunately, it is. If you look at the whole design of Microsoft Access control system, it is really resource-centric. So that means that every type of the server, be it Exchange or file server or SQL Server, it has its own access control model. And you have to go through a list of files and folders, or a list of mailboxes, one by one in order to manage permissions of all those things.
Obviously, one could use native tools to manage permissions and access control. What are some of the pitfalls of using native tools?
Well, first of all, there is no one single tool that would let you manage all of the platforms which we are talking about. So you'd have to have fragmented tools. You would have to be switching over between each of them to manage every particular aspect of your network. And secondly, all of your day-to-day tasks that you have to do, they are really not automated with native tools. You have to do a lot of manual work, and all of that, as we know, is error-prone.
Now let's talk about Security Explorer, Dell's single platform for managing Microsoft server security in real time. Alexey, please tell us a little bit about Security Explorer. Why should a systems administrator be interested in this solution?
Sure, I would like to refer to Security Explorer as Windows Explorer on steroids. And what I mean by that is that first of all it's a very powerful tool, kind of all-in-one tool, where you can manage each of those platforms using the same type of experience, the same type of UI. And second of all, it provides a lot of shortcuts. So shortcuts to do your day-to-day tasks, like, for example, cloning permissions, so one user to another, or backing permissions up, in order to restore them later on as part of the migration, for example. So all those things I like to talk about when mentioning Security Explorer.
You mentioned that Security Explorer supports multiple Microsoft server platforms. Could you tell us again what those are?
Absolutely. Security Explorer comes with modules for four major platforms. That would be Windows files and servers. And that module also works with your network filers like NetApp, EMC, and Dell hardware. It also comes with a module for Exchange, letting you manage Exchange mailbox security. Module for Windows SQL Servers and also a Module for SharePoint. We are very recent on all of the versions we support. So we support the latest versions of software from Microsoft available today.
We know Security Explorer has the ability to streamline and simplify management of permissions, so does this product just make life easier for admins, or does it make the network more secure too?
I, personally, think that these two things are related to each other. So if you can keep your Network Access Control policy simple enough, if you can follow it, like word-to-word, then your network will be secure eventually. So in this particular case, our security means simplicity.
How about Security Explorer's reporting capabilities? What insights can be learned from these reports?
I think that you can alert a lot of things by running reports, but the more important thing here is that every search available within Security Explorer can be easily converted into report. And you can search for a lot of things, simple things, like, for example, all the files located in this particular folder, or complex enough things like where disabled accounts have permissions in this particular file share, or where access is granted to this particular user through this particular group. So things like that can be answered quickly and saved as a report, as well.
Great. Can Security Explorer help with governance, risk, and compliance initiatives?
I truly believe that it can help, and it's actually a part of our Dell GRC Life Cycle, so it actually plays into phases of this life cycle which is assessment and management. So assessment usually means that you have to set the baseline and prepare your environment for ongoing use by cleaning up all the unnecessary permissions, or finding some stale accounts. So Security Explorer really helps here. And secondly, for the management component of this life cycle, Security Explorer is just a perfect tool for your day-to-day operations. So if you want to do management of permissions across the entire Windows stack of systems, Security Explorer is the tool to use.
Thanks, Alexey. Good stuff.
Thank you, Thom. Thank you for having me.
Of course. So Alexey, where can our viewers reach you if they have any questions or want more information?
They should start with our Windows Management community website, and you can easily find it by following the link that is currently presented on the screen. Or, you can