O365 IT Risk & Health Scanner

Risk Assessment of multiple targets

O365 IT Risk & Health Scanner is a robust Execution SubSystem which is designed to do complete health assessment of supported targets. Currently, O365 IT Risk & Health Scanner supports Microsoft Active Directory Forest as the assessment target. O365 IT Risk & Health Scanner can help you minimize the disruption in your business by finding the issues and providing the recommendations to fix the issues.

Dynamic Packs, sometimes referred to as Health Checks can be used to check components of targets. We offer 74 PowerShell-based Microsoft Active Directory Dynamic Packs as part to perform Health Check of multiple Active Directory Forests. All of our Microsoft Active Directory Dynamic Packs follow Microsoft recommendations for Active Directory Health Assessment.

Notable Features

Unlimited Assessment Targets

O365 IT Risk & Health Scanner supports unlimited assessment targets. An Active Directory Forest is a target in O365 IT Risk & Health Scanner terminology. Though different targets are supported by O365 IT Risk & Health Scanner, main target is Active Directory Forest under which all other targets such as Microsoft Hyper-V, Exchange Servers, and SQL Servers, operates. Every Active Directory Forest that needs to be checked via O365 IT Risk & Health Scanner must be registered and discovered in O365 IT Risk & Health Scanner. Active Directory Forests running Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 are supported.

Unlimited Health Profiles

Health Profiles are backbone of O365 IT Risk & Health Scanner. A Health Profile includes Active Directory Forest and Dynamic Packs. In O365 IT Risk & Health Scanner, we can create multiple health profiles containing separate AD Forests and Dynamic Packs of our choice.

Dynamic Solution

One of the benefits O365 IT Risk & Health Scanner provides is that it supports importing new Dynamic Packs from Dynamic Packs Server and/or from Dynamic Pack file. You can design a Dynamic Pack and import into O365 IT Risk & Health Scanner.

Report Issues, Severity and Recommendations

O365 IT Risk & Health Scanner not just performs Health Check, but also reports issue severity and recommendations to fix the issues. The Issue Severity and Recommendations are defined in the Dynamic Packs which can be modified using Packs Manager.

Credential Support

If you are managing multiple Active Directory Forests under O365 IT Risk & Health Scanner, you can add credentials for each Active Directory Forest. Once credentials are added O365 IT Risk & Health Scanner can connect to AD Forest managed by the Health Profile and do the assessment.

Hybrid Dynamic Packs

Currently, O365 IT Risk & Health Scanner ships with Microsoft Active Directory Dynamic Packs. However, once Dynamic Packs for other systems such as Hyper-V, VMWare, Azure, Office 365, Windows Servers, Windows Clients, SQL Servers, and Exchange Servers are available the Dynamic Packs can be imported via O365 IT Risk & Health Scanner.

Design Your Own Health Check or Customize Existing Health Checks

O365 IT Risk & Health Scanner is an Execution SubSystem which supports executing Health Checks (Dynamic Packs) designed using PowerShell. In case you need to perform Health Check of a specific technology component let’s say Azure or VMWare, either you can use Packs Manager to design the Health Check or request us to design for you.

Import More Health Checks (Dynamic Packs) from Server

We design new Dynamic Packs every month. You can import new Dynamic Packs from within the O365 IT Risk & Health Scanner console and use them.

Customize Reporting

Reporting Module can help customize the report based on a Word Template. It supports modifying Severity of the issue and add your own comments against each issue. Reporting Module also supports excluding Health Checks from the report.

Dynamic Packs

A Dynamic Pack consists of PowerShell code. Dynamic Packs can be used to perform Health Check, collect information and maintain health of targets. Currently, O365 IT Risk & Health Scanner provides 74 Dynamic Packs for Active Directory and all of Dynamic Packs are designed by industry experts such as Microsoft MVPs and IT Experts. Active Directory Dynamic Packs can perform a thorough health check of Active Directory Forests.

Here is the list of Microsoft Active Directory Dynamic Packs that ship with O365 IT Risk & Health Scanner:

Category Dynamic Pack Credential Requirement Description
AD Domain Computers Health Checks Domain Computers Operating Systems Test Domain User Domain Computers Operating Systems Test
AD Domain Security Groups Health Checks Domain Duplicate Security Groups Test Domain User Dynamic Pack collects duplicate security groups in each domain.
AD Domain GPO Health Checks Domain GPOs No Override Test Domain User Dynamic Pack checks to see how many GPOs have been configured with.

How It Works

O365 IT Risk & Health Scanner is a unique solution and dynamic in nature. We provide two components as part of the O365 IT Risk & Health Scanner:

  • O365 IT Risk & Health Scanner Execution SubSystem: Execution SubSystem provides execution environment for executing Dynamic Packs.
  • Dynamic Packs: Dynamic Packs are PowerShell-based scripts which are imported into the Execution SubSystem. Once imported Dynamic Packs can be added to a Health Profile which contains an assessment target. When you execute Health Profile, the Dynamic Packs are executed as part of the execution against the assessment target maintained by the Health Profile.

As it shows in the figure above, you will be required to register a target which is always an Active Directory Forest. Multiple Active Directory Forests can be registered. Once registered, create a health profile which contains both Active Directory Forest and Dynamic Packs.

Screenshots

Requirements

Components and Modules

O365 IT Risk & Health Scanner requires following components to be installed:

  • Active Directory PowerShell Modules
  • Group Policy PowerShell Modules
  • DNS Server PowerShell Modules
  • .NET 3.5 Framework
Operating System

O365 IT Risk & Health Scanner must be running on one of the below Operating Systems:

  • Windows 8, Windows 8.1
  • Windows Server 2012 or Windows Server 2012 R2
  • Windows Server 2016
  • O365 IT Risk & Health Scanner can run on a member computer. It doesn’t have to be a domain controller

Important:O365 IT Risk & Health Scanner can run on a member computer. It doesn’t have to be a domain controller.

Antivirus Exclusion

Since O365 IT Risk & Health Scanner executes PowerShell-based scripts on fly, you will be required to whitelist following directory in your Antivirus:

C:\ProgramData\DynamicPacksTechnologies\ADHealthProfiler

Access & Scenarios

Access Requirements for O365 IT Risk & Health Scanner depends as listed below:

Scenario 1: O365 IT Risk & Health Scanner computer is NOT part of Active Directory domain: In Scenario 1 you will be required to add credentials under O365 IT Risk & Health Scanner. This scenario is sometimes referred to as running O365 IT Risk & Health Scanner on an Admin computer which can do assessment of all managed AD Forests from a single computer.

Scenario 2: O365 IT Risk & Health Scanner computer is part of Active Directory domain: In Scenario 2 you can use Locally Logged On Credential to connect to AD Forest.

Resources

Designing Dynamic Packs

Article provides information on various terms used in the O365 IT Risk & Health Scanner.

Registering Active Directory Forest with O365 IT Risk & Health Scanner

Article explains how to register an Active Directory Forest with O365 IT Risk & Health Scanner before you can perform health check of Active Directory.

Creating and Executing Health Profiles

Article explains how to create Health Profiles after registering Active Directory Forests with O365 IT Risk & Health Scanner.

Generating Summary and Reports

Article explains how to generate Summary which shows issues reported by the Dynamic Packs and how to generate HTML Reports for Health Profile.

Generating Report Using AD Profiler Reporter

Article Explains how to generate reports using AD Profiler Reporter.

Exporting/Importing Health Profiles

Article explains why to use Export/Import health profile feature of O365 IT Risk & Health Scanner and how to export and import Health Profiles.

Designing Dynamic Packs

Learn how to design Dynamic Packs using Dynamic Pack Manager.

Using O365 IT Risk & Health Scanner Options

Configure various O365 IT Risk & Health Scanner Options such opening default Health Profile, etc.

Schedule a Demo