NetIQ Corp.'s Administration Suite 2.0, announced today, offers new management products designed to ease the administration of Active Directory's complex security and Group Policy components.
Directory Security Administrator and Net IQ Group Policy Administrator are two parts of NetIQ's Administration Suite 2.0, said Dave Peterson, senior product manager at San Jose, Calif.-based NetIQ. The suite comes in two editions. Directory Security Administrator is available in the Administration Suite 2.0 standard and advanced editions, while Group Policy Administrator is only available in the advanced edition.
Windows 2000 migrations will increase this year, according to Jonathon Penn, senior industry analyst at Cambridge, Mass.-based Giga Information Group. However, migrations are not projects with quick turnaround rates. "Organizations must plan for an extensive period of coexistence" of NT/2000 and Exchange 5.5/2000 resources. Tools like Administration Suite will be needed, he said. The suite offers "a unified administrative platform with delegated administration and policy-based management capabilities."
Administration Suite seamlessly integrates with Microsoft's core NT 4, Windows 2000/Active Directory, and Exchange 5.5/2000 architectures to increase overall management, Peterson said. The new Administration Suite 2.0 includes the four products that originally comprised version 1.0: Directory and Resource Administrator, File Security Administrator, Exchange Administrator and Configuration Assessor. Administration Suite 1.0 was first released in October 2001.
The first new product of Administration Suite 2.0, Directory Security Administrator, allows Active Directory security to be more easily managed, said Peterson. It allows administrators to manage Active Directory's Access Control Lists (ACLs), which tells which access rights users have. If users should not have rights to a certain organizational unit, Directory Security Administrator lets administrators find and quickly remove them.
"ACLs in Active Directory are simply not manageable without third-party tools," Penn said. "Directory Security Administrator enhances the security provided in Active Directory by giving administrators a centralized interface to easily visualize, search for and modify ACLs."
Group Policy Administrator, the other new product in the suite, is a licensed version of Boston, Mass.-based FullArmor, Corp.'s FAZAM 2000. FAZAM is a group policy management product. Group Policy is tough to manage and implement, Peterson said, so Group Policy Administrator is the "secret sauce administrators need to make Group Policy management more capable." FAZAM 2000 allows for a policy-centric view of Active Directory through reporting, auditing and diagnostics, and back up capabilities. Reports on the group policies can be viewed through the Microsoft Management Console (MMC).
"The Group Policy Administrator helps to manage Group Policy Objects (GPOs), which are a fundamental component of role-based management, affecting access controls, desktop configuration, software distribution and network management," Penn concluded.
The four original Administration Suite products retain their value to the upgraded suite, Peterson said. Directory and Resource Administrator automates the administration of Windows NT 4/2000/Active Directory. File Security Administrator secures file management and reporting. Exchange Administrator eases mailbox management, while Configuration Assessor reports on hardware configurations, security holes, network configurations and more.
Administration Suite 2.0 is available now. A 30-day trial version is also available, Peterson said. Administration Suite 2.0's standard edition is $24 per user. The advanced edition is $30 per user. All the products that comprise the suite are also available individually.
What are your tips for Active Directory security control and Group Policy management? Email assisant news editor Meredith Derby