What is our primary use case?
I use the solution in my company to monitor our security groups, admin groups, and new account creations. In our company, we use the tool for several things that keep us on top of what is happening in our Active Directory.
What is most valuable?
The solution's most valuable feature is the network security offered by the tool. One of the features we use in the tool tells our company if a user has been added to a group, especially a privileged group like domain admins, administrators, enterprise admins, and schema admins. In my organization, we get an email immediately if a user gets added to one of those groups.
What needs improvement?
The solution does not require improvements to meet our company's needs. In our company, we have figured out everything we need with the tool, and my company's support team has played a valuable role in helping us do so.
There is nothing I can see that needs improvement in the tool. It is nice to know that ManageEngine looks at various areas in the product so that it doesn't become a security liability. Our company tracks all the NIST lists for common vulnerabilities, and I have never seen ManageEngine ADAudit Plus show up in any of them. I think it is a pretty secure product.
Measuring the return on investment for a business that uses ManageEngine ADAudit Plus should be a process that must be made easier.
For how long have I used the solution?
I have been using ManageEngine ADAudit Plus for a year.
What do I think about the stability of the solution?
The product has never crashed. The tool has always been up and running. We have never had any error messages. It just does what it does.
What do I think about the scalability of the solution?
I work in a small shop, so I can't speak about the tool's scalability. You need to talk to someone that has thousands of users and multiple domains.
My company has more than 100 users, but we are a small to medium business, as far as any company we deal with would consider us from an IT perspective.
How are customer service and support?
When we had to reach out to the solution's technical support, they were happy to work with us, and you can have a shared session if you need to. The tool's support team can remotely access your box if you allow them and walk you through things. I rate the technical support a ten out of ten.
How would you rate customer service and support?
How was the initial setup?
The product's initial setup phase is very easy.
The product's deployment phase can be managed by one person who is a system admin.
What was our ROI?
The return on investment for ManageEngine ADAudit Plus is very hard to measure. We have not had a security incident in over five years, and adding this to our security stack has given us greater visibility into what is going on with our Active Directory. In my opinion, the return on investment is definitely good. Somebody could go in and change, take over an account, or make it a domain admin, but we wouldn't even know. We would just be in the dark, after which the next thing we would know is that a hacker has encrypted our systems.
What's my experience with pricing, setup cost, and licensing?
The tool is affordable, and our company is very happy with it. If ten is the most expensive and one is the least expensive, I rate the tool a three or four.
Which other solutions did I evaluate?
Our company had been looking for a product like ManageEngine ADAudit Plus for some time, but we had affordability issues. Then, ManageEngine ran some sort of special offer, and we bought a perpetual license where all we have to do is renew the support every year. The tool became affordable, and we grabbed it.
I can't really speak about the differences between ManageEngine ADAudit Plus and other tools. I have tried a few different things, and they are all similar. The bottom line for our company is it does what we want it to do.
What other advice do I have?
The real-time alerting system's benefit to IT security management is excellent. Our company has tested it quite a few times in different environments and strategies, and you just cannot fool it into not triggering an alert. One of the things hackers do when they get into an environment is go for probably a low-level account. If a hacker gets into an environment as user X and if it is just a domain user and that is the only group such a user belongs to, then the next thing they want to do is to increase or elevate that account to an administrative level. Hackers would try to add the domain admin, the local admin, or maybe another higher-end admin like schema admin or enterprise admin to that account of user X. If the hacker is successful in following the process as mentioned earlier, our company will get an alert within ten seconds saying that something has happened, allowing us to disable such an account.
In our company, we don't consider this product an AI product, and we are kind of keeping our toes out of the water of AI, except for with our email filtering, where we are using a product called IRONSCALES, which has its own AI engine for detecting spams and phishing activity.
I recommend the tool to the right-sized company, where it can be an excellent fit. The tool definitely increases visibility in the Active Directory and alerts you if something unusual occurs.
I rate the tool a ten out of ten.
*Disclosure: I am a real user, and this review is based on my own experience and opinions.
