SolarWinds Acquires 8MAN for Access Rights Management

Building on its promise to broaden its security portfolio, SolarWinds has acquired access rights management provider 8MAN, bringing auditing functionality to its enterprise and managed service provider (MSP) customers.

SolarWinds isn’t revealing the price of the deal, announced Thursday, but 8MAN, also known as Protected Networks, was an early-stage startup based in Germany that officials claimed was having success with its access rights management tool, especially in its home market of Europe.

The new SolarWinds Access Rights Manager (ARM) is server-based software that monitors Microsoft’s Active Directory, Exchange Server, SharePoint resources and file shares. It also provides auditing user management and permission analysis reporting.

“We now have the ability to impact how tens of thousands of organizations throughout the world who need better visibility into what people have access to, and even more importantly, what they are actually touching,” said Jim Hansen, SolarWinds’ VP of security products.

The software generates reports and allows an administrator to revoke or grant permissions based on what information employees need access to, Hansen added. Administrators and MSPs can also use the software to provision new user accounts using templates that assign role-based access to file servers.

SolarWinds ARM is available immediately to the company’s enterprise customers that manage IT and security operations. Hansen said the company, which sells its various management and security offerings to enterprises directly and through channel partners, will offer it to MSPs in the first quarter of next year through its SolarWinds MSP subsidiary.

“We are also having conversations with a number of our MSPs to see how this would fit into their businesses,” he said.

Hansen believes it will appeal to traditional MSPs whose customers are seeking added managed security and auditing services, as well as managed security service providers (MSSPs).

SolarWinds MSP has increased its emphasis on building out security tools this year, having acquired Threat Metrics this summer, which is now the basis of its threat-management offering. While that product targets malware and other external threats, unauthorized activities by insiders is a critical issue for customers as well.

In addition to providing reports, SolarWinds ARM can offer customers and MSPs alerts when it detects anomalies in behavior.

“There is an alerting mechanism built into the product, which generates alarms if there’s something that looks suspicious or something that violates policy,” Hansen said.

The software gathers user permissions and Group Policy settings in Active Directory, and by extension, Azure AD, which manages Office 365 and SaaS-based environments. A perpetual SolarWinds ARM software license is priced at $2,995 per server.

SolarWinds ARM joins a crowded field of solutions that audit and monitor user activity correlated to Active Directory policies from BeyondTrust, CyberArk, ManageEngine, Netwrix, Varonis and others.