AMT Banner ADMINISTRATION SOFTWARE SITE MAP AMT SOFTWARE CONTACT AMT SOFTWARE PURCHASING FROM AMT SOFTWARE SEARCH AMT SOFTWARE SOFTWARE PRODUCTS LISTINGS AMT SOFTWARE HOME TOOLS AND UTILITY SOFTWARE DATA REPLICATION AND FAIL-OVER PRINT MANAGEMENT SOFTWARE NETWORK MANAGEMENT SOFTWARE EXCHANGE SERVER SOFTWARE SECURITY SOFTWARE DEPLOYMENT AND UPDATING SOFTWARE ACTIVE DIRECTORY SOFTWARE MANAGEMENT SOFTWARE FOR WINDOWS SERVERS BY AMT SOFTWARE

DESCRIPTION  -  DOCUMENTATION  - SCREENSHOTS  -  FAQ's  -  DOWNLOAD   -   PRICE-ORDER  -  LICENSING

SECURITY EXPLORER

Security Explorer

Security Explorer

Security Explorer is a powerful and intuitive utility to search for and modify Windows NT/2000/XP security on NTFS drives, the Registry, and Shares.

Search across sub directories for permissions. Grant, revoke, and clone permissions across subdirectories without affecting any other user's permissions. Select multiple shares on a server and grant permissions to multiple users and groups simultaneously. Export permissions to a database for further analysis and reporting. Back up file permissions and restore them if necessary. Set ownership on files and directories. Seamless integration with the Windows NT 4.0 Desktop (right-click just about anywhere). Security Explorer makes finding security holes and filling them a snap!


Key Benefits

Provides user-friendly interface to file, share and registry security

  • Easier to use than native ACL editor.
  • Fully integrated into the Windows NT/2000/XP shell, including Windows Explorer.
  • Administrator override functionality allows an administrator to view and set permissions to any file on your network. You will never see "Access is denied" again when setting permissions down a tree, no more "taking ownership".

Tighten Security on Folders, Files, and the Registry

  • Simplified view of permissions (no more "special" permissions).
  • Grant, Revoke, and Clone permissions across subdirectories without affecting any other group or user's permissions.
  • Use the search function to find and report where a group or user has access down the entire directory tree.

Fault Tolerant Permissions

  • Backup a volume's NTFS permissions to a file using the GUI or the "SXPBackup.exe" command line interface.
  • Quickly restore NTFS permissions from your backup file. Granular restore allows you to
  • restore permissions for the entire volume or choose the folders you would like to restore manually.

Enables precise assessment of NTFS and share security

  • Export your NTFS permissions to any ODBC database for a quick assessment of security.
  • Search down a directory tree for a group or user's permissions. Find out where the "Everyone" group has explicit NTFS permission entries quickly and easily.


Key Features

Easy to Use Interface
Provides an easy to use graphical interface to NTFS, Share, and Registry permissions. Fully integrated into the Windows NT/2000/XP shell, including Windows Explorer.

Safe and Effective NTFS
Permissions Management Grant, Revoke and Clone permissions across subdirectories without affecting any other group or user's permissions. Force permissions down the tree, including folders “protected” from inheritance if necessary.

Administrator Override
Allows an administrator to view and set permissions to any file on the network, including those you have been denied access. You will never see "Access is denied" again when setting permissions down a tree, and no more "taking ownership".

Fault Tolerant Permissions
Backup a volume's NTFS permissions to a file using the GUI or the "SXPBackup.exe" command line interface. Quickly restore NTFS permissions from your backup file, including all folders, or only folders you select.

Search for Permissions
Search for permissions on a particular group or user across your network. Find out precisely where a group has access to files on your network. Export the results for quick reporting capabilities.

“Clone” Permissions to a New Group or User
Clone permissions to a new group based on the permissions from an existing group. This is a great tool to clean up Local Group access and when migrating to Active Directory.

View Open Files
View open files on an entire server or only files opened under a specific path on your network. Sort by user or filename and close the connections one at a time, or all at once. Much easier to use than the built-in open file management tools.

Command Line Support
Full command line support for the "Clone", "Export", "Grant", and "Backup" functions. Write a batch file to set home directory permissions for new users. Schedule backups of your most sensitive NTFS permissions quickly and easily.


Other Features

Fully supports the new NTFS inheritance model found in Windows 2000.

Auto-detect the operating system making permissions changes on remote servers, so you can use Security Explorer safely in a mixed (Windows NT / Windows 2000) environment.

Allows you to override protected objects, and allow the permissions modifications to propagate down to all subdirectories, files, and folders, including protected objects.

Fully supports Windows 2000's set of extended permissions.

International support for all multi-byte languages.

Rename any group and/or user. Renaming a group in this way will not modify it's Security Identifier (SID).


SCREEN SHOTS

Security Explorer 1
NTFS Permissions (Files and Directories): Security Explorer has an all-new tabbed interface to easily switch between NTFS permissions, Registry permissions, Share permissions, and Open Files on your servers. As of version 3.0, it is now possible to grant, revoke, and clone permissions to the registry and shares.
Security Explorer 2
Registry Permissions (Local and Remote Servers): As of version 3.0, it is now possible to grant, revoke, and clone permissions to the registry. As with the NTFS permissions, if you grant, revoke, or clone permissions across subkeys, Security Explorer WILL NOT affect any other group's or user's security.
Security Explorer 3
Share Permissions (Local and Remote Servers): As of version 3.0, it is now possible to grant, revoke, and clone permissions to one or many shares on any server on your network. Just grab a few shares and click "Grant", "Revoke", or "Clone" to easily and powerfully modify security on multiple shares at once. Even print out the current permissions on any share with a click of the mouse.
Security Explorer 4
Enterprise Scopes (apply changes to multiple servers with one operation): You can now target multiple drives and servers for a single operation. For example, instead of being limited to search a single drive for a user's permissions, you can now set up a scope to search across your entire domain. Clone permissions across multiple servers in one step.
Security Explorer 5
View Open Files (on Local and Remote Servers): View and/or Close open files on any computer, in any directory, or on a single file in this dialog! Have you missed the "Opened by..." button in File Manager? If you have ever used Server Manager to view and/or close open resources on your servers, you will appreciate this new functionality. View open files on your entire server or just the files opened under a specific basepath. Resize the window to view the entire path, and close one, some, or all resources.
Security Explorer 6
The current user (the administrator) has no access to the directory d:\user\johndoe\ However, Security Explorer has used the administrator's user privileges to override the security so the current owner and access control list may be shown and modified. Whenever user rights are in use, the 'User Right in Use' indicator will be red.
Security Explorer 7
From this dialog box, you can modify, delete, copy,grant, revoke or clone permissions across subdirectories without affecting any other group or user's permissions. You can also print the security permissions for documentation purposes.
Security Explorer 8
One of the most powerful features of Security Explorer is the ability to grant, revoke, and clone permissions across subdirectories without affecting any other group or user's permissions.
Security Explorer 9
One of the most powerful features of Security Explorer is the ability to grant, revoke, and clone permissions across subdirectories without affecting any other group or user's permissions.
Security Explorer 10
You can revoke all permissions or specific permissions from a user. Revoke "O"(take ownership) and "P"(modify permissions) permissions from "Full control" to get "Change" permissions. Again, you can revoke permissions across subdirectories without affecting any other group or user's permissions.
Security Explorer 11
Have you ever wanted to rename a group without having to setup the new group's permissions? Have you ever wanted to copy a user's permissions to a new group? You can do this and more with Security Explorer's Clone function. Microsoft has added a new global group called "Authenticated Users" (available in Service Pack 3). Now you can easily get rid of the "Everyone" group by cloning it with "Authenticated Users" and revoking the "Everyone" permissions.
Security Explorer 12
Have you ever wondered what directories the "Everyone" group has delete access to? Simply use Security Explorer to Search for Permissions across subdirectories. The list of directories and/or files will be returned in a search results listing. From this list, you can further Show any item's permissions.
Security Explorer 13
Displayed after performing the Search action. From this list, you can view, modify, delete, copy, grant, revoke, and clone any group or user's permissions.
Security Explorer 14
View and/or Close open files on any computer, in any directory, or on a single file directly from within Windows NT Explorer. Have you missed the "Opened by..." button in File Manager? If you have ever used Server Manager to view and/or close open resources on your servers, you will appreciate this new functionality. View open files on your entire server or just the files opened under a specific basepath. Resize the window to view the entire path, and close one, some, or all resources.
Security Explorer 15
You may export permissions to an ODBC database. Either export an entire drive, or just a few subdirectories. Once you have this information in a Database form, you can use your favorite reporting package to generate complex reports on the file security on your network.
Security Explorer 16
Administrators can set the owner of an object, with the option of recursing across subdirectories. This feature is very helpful when manually setting up home directories, etc.
Security Explorer 17
You can back up the security manually, using the GUI interface of Security Explorer, or you can schedule a command line 'SBackup.exe' to run at specific intervals for regular backups. Once the security is backed up properly, Security Explorer gives you extensive control on what you would like to restore, and where to restore it. You can now restore the security to another server, and preview the restore before applying any changes.



DOCUMENTATION, WHITE PAPERS and OTHER FILES

Security Explorer Data Sheet
Security Explorer Executive Overview
NTFS Permissions Help - Manipulating NTFS Permissions.
Registry Permissions Help - Manipulating Registry Permissions.
Share Permissions Help - Manipulating Share Permissions.
Enterprise Scope Help - Setting up an Enterprise Scope.
Open Files Help - Options available when viewing Open Files.
Revoke Permissions Help - Options available for revoking Permissions.
Grant Permissions Help - Options available for granting permissions.



 

CUSTOMERS

Some users of Security Explorer include:
Shell, Duetsche Financial, Intel, EDS, Lucent Technologies, Federal Reserve Bank, Siemens, Pepsi Cola, the IMF


LICENSING

Security Explorer is licensed on a per server basis. Each server that is to be administered by Security Explorer must have a license purchased for it. Security Explorer may be installed on the server itself, as well as on one remote workstation per server.


MAINTENANCE

Maintenance and support is available for Security Explorer


 

HARDWARE/SOFTWARE REQUIREMENTS

Supported Platforms:
Windows NT 4.0 Workstation
Windows NT 4.0 Server
Windows NT 4.0 Server Enterprise Edition
Windows 2000 Professional
Windows 2000 Server
Windows 2000 Advanced Server
Windows XP Professional
Windows .NET Standard Server
Windows .NET Enterprise Server

Minimum Hardware:
x86 Pentium class or equivalent processor, 128 MB RAM

Recommended Hardware:
Intel Pentium III/AMD Athlon or equivalent or higher, 256 MB RAM, 25 MB Free Hard Disk Space

Auxiliary Software:
Microsoft Access 97 or later and/or Microsoft Excel 97 or later (For Export functionality)

Security Explorer

DOWNLOAD EVALUATION

FAQ's

Why do I need Security Explorer?
Security Explorer® is a must-have program for any NT/2000 administrator dealing with file permissions. When using Microsoft’s Windows NT/2000 operating system, you will notice a lack of crucial file security capabilities. For example, when administrators add or remove permissions across subdirectories, this affects the permissions of other users. Security Explorer allows you to change the permissions of just the parent directory, the parent and the child directory, or just the child directory. Furthermore, Security Explorer allows you to view and modify permissions on the files without having access to the file. Security Explorer makes finding security holes and filling them a snap!

I have Windows 2000 and Windows NT 4.0 servers on my network. Can Security Explorer modify permissions on both operating systems?
Yes, Security Explorer 4 will auto-detect the operating system on the target server where you are viewing/modifying permissions. This powerful feature allows you to run Security Explorer 4 on your Windows NT or Windows 2000 desktop to properly modify permissions on remote servers which, are running either Windows NT 4.0 or Windows 2000.

Is Security Explorer 4 safe to use on Windows NT 4.0?
Yes, Security Explorer 4 is completely backwards compatible with Windows NT 4.0

What are these new Windows 2000 "extended permissions" and does Security Explorer support them?
Microsoft split the six NT 4.0 permissions (RWXDPO) into thirteen permissions. Actually, these 13 permissions have always been there, but Microsoft combined similar permissions to make the 6 generic permissions you see in Windows NT 3.51 and 4.0 – below you will find a chart mapping the NT4 permissions to the new Windows 2000 permissions. Windows 2000’s ACL editor forces you to use the extended permissions set, where Security Explorer 4 gives you a more user-friendly option of using either the generic permissions or the extended permissions.

 

Windows NT

Windows 2000

Generic Read (R ) List Folders (Lf ) (for folders)
Read Data (Rd ) (for files)
Read Attributes (Ra )
Read Extended Attributes (Rx )
Read Permissions (Rp )
Generic Write (W ) Read Permissions (Rp )
Create Subfolder (Cs ) (for folders)
Write Data (Wd ) (for files)
Create Files (Cf ) (for folders)
Append Data (Ad ) (for files)
Write Attributes (Wa )
Write Extended Attributes (Wx )
Generic Execute (X ) Read Attributes (Ra )
Read Permissions (Rp )
Traverse Folders (Tf ) (for folders)
Execute File (Ex ) (for files)
Delete (D ) (same as Windows NT)
Change Permissions (P ) (same as Windows NT)
Take Ownership (O ) (same as Windows NT)
Full Control (All ) (All permissions as seen above,
plus Delete subfolders and files (Ds )

 

Does Security Explorer allow me to backup and restore permissions?
Yes. In order for an administrator to have a fault tolerant network, he/she must have the ability to backup and restore permissions. Windows NT/2000 does not have this function built in. Security Explorer allows users to back up and save permissions to file, and restore them when necessary from the click of the mouse.

Can I search for a specific user or group’s permissions?
Yes. Windows NT/2000’s native tools do not allow an administrator to search through subdirectories for a specific user or group’s permissions. This inadequacy results in the inability for the administrator to obtain an over all depiction of file security. Finding information like this is a snap with Security Explorer(tm). Simply choose a group or user, and a set of permissions to search for, and begin your search. A dialog box will pop-up with your search results. At that point, you can click on any file or directory in your search results to modify its permissions immediately! This is a very powerful tool to analyze your user's permissions and close hard-to-find security holes.

Do I have to have access to a file to view or change the permissions as an administrator?
No. You can view and modify permissions on files without having access to the file as long as you are an administrator. Regular users cannot override security using our products.

Do I have to take ownership of a file or group to change the ownership like I do with Windows NT/2000?
No. Security Explorer enables you to set ownership of any file to any user or group without taking ownership. Again, this is for Administrators only.

Can I print a hard copy of the security for a specific file?
Yes. Security explorer has built in functionality that will allow you to print the permissions of a file, as well as a directory. This is a great feature to help document security.

What is the Enterprise Scope feature, and how do I use it?
Before this feature, Security Explorer was limited in the fact that you can only target one drive at a time for any given function (Grant, Revoke, etc.) This has all changed with the introduction of Enterprise Scopes. You can now target multiple drives on one or many servers located across your network. For example, you can group together all home directories – even if they span several drives on several servers. It can also be used for 'quick access' of complicated paths. You can create a scope called 'Quick Access' and add frequently accessed paths to the scope. The scope data is contained in three text files 'NTFSScp.dat', 'REGScp.dat' and 'ShareScp.dat' – you can edit these files in any text editor, or use our GUI to add paths to your scopes. At any time, you can use the tool bar, or right-click menu to Grant, Revoke, etc.

How do I report on permissions?
You can use Security Explorer to export all file and directory permissions on a volume to any ODBC compliant database. We provide an MS Access 97 database as a sample with all versions of Security Explorer. For more enhanced reporting including NTFS permissions, groups, group memberships and many more, see our latest product Enterprise Security Reporter.

Can I back up permissions of file that I don’t have access to?
Yes. You can now backup permissions on files that you don't have access to. As long as you are an administrator, or have the specific user right 'Backup files and directories', you can backup all files' permissions. If you have the specific user right 'Restore files and directories', you can restore permissions on files that you do not have access to. This feature is very helpful when backing up and restoring user's home directories.

How does the licensing work?
Security Explorer is licensed on a per server basis. Each server that is to be administered by Security Explorer must have a license purchased for it. Security Explorer® may be installed on the server itself, as well as on one remote workstation per server.

Can I change the security of my Registry keys?
Yes. This feature allows you to easily browse permissions on registry keys across your network. Browse for, or type in, a Windows NT/2000 Server or Workstation name, and you can modify registry security on your network. Select a registry key and click on any of the tool bar items seen below to modify permissions. As you are selecting registry keys, the currently selected object's security is shown on the right side of the screen.

Can I revoke permissions of certain groups or users without effecting the permissions of others?
Yes. This tool will be used when you would like to revoke access to a specific file or directory. Let's say that you would like to revoke all or 'some' permission on all files and directories for the user 'Everyone'. This would normally be very difficult to do (especially without affecting any other user's permissions); however, with Security Explorer(tm) it is very easy. Simply go to the root directory (or any other directory where you would like to start) and Choose 'Tools | Revoke Permissions'. Then select the user 'Everyone', and the permissions that you would like to revoke '(All)' or just the 'Delete' permission. Select that you would like to modify all files and directories, and recurse subdirectories. Click 'OK' and your all finished! The group Everyone's rights have been removed without affecting anyone else's permissions.

Can I use the features of Security Explorer in Windows Explorer?
It has never been easier to use Security Explorer's functions. Security Explorer's functions can now be accessed through the context menu (right-click menu) on Windows NT/2000 Explorer, Network Neighbourhood, and "My Computer" dialogues.

Why would I use the search feature included with Security Explorer?
For example: Have you ever wondered just which files and directories on your network the group 'Everyone' has delete permissions on? Finding information like this is a snap with Security Explorer(tm). Simply choose a group or user, and a set of permissions to search for, and begin your search. Dialogue boxes will pop-up with your search results. At that point, you can click on any file or directory in your search results to modify its permissions immediately! This is a very powerful tool to analyse your user's permissions and close hard-to-find security holes.

How do I set the owner of a file from Security Explorer?
A nice feature of Security Explorer allows an administrator to set the owner on a file or directory structure. This feature is very helpful when setting up home directories. Simply choose the user or group you would like to be the owner of the file or directory, and set the ownership of the file by clicking 'Apply' or 'OK'.

What about Share Permissions, can I set those with Security Explorer?
This dialogue screen allows you to easily browse permissions on shares across your network. Browse for, or type in, a Windows NT/2000 Server or Workstation name, and you can modify share security on your network. Select one or more shares and click on any of the tool bar items seen below to modify permissions. As you are selecting shares, the currently selected object's security is shown on the right side of the screen. A nice new feature is the ability to document any object's security by selecting the 'Print' option.

What other features does Security Explorer have?
Security Explorer has the ability to allow administrators to close open files on servers throughout a network.

 

 

DESCRIPTION  -  DOCUMENTATION  - SCREENSHOTS  -  FAQ's  -  DOWNLOAD   -   PRICE-ORDER  -  LICENSING

All trademarks are property of their respective owners or holders. Information subject to change without notice
Copyright © 2000 - 2015 AMT Software. All rights reserved.