SekChek Local

Infobox Software
name = SekChek



caption =
developer = SekChek IPS
latest_release_version = V1.2.6
latest_release_date = 19 September 2008
operating_system = Windows, MS-SQL
operating_system_desc =
size = 2.0MB
genre = Computer Security and Audit
license = Proprietary
website = [http://www.sekchek.com SekChek.com]

SekChek Local is defined as a set of automated computer security analysis and benchmarking tools. The product was developed by SekChek IPS and released in March 2008. The product analyses security controls on Hosts or domains across an organisation’s LAN and produces reports relating to the security on the network. The reporting engine is based on a portable Microsoft Access database. The product comprises of 3 built-in security analysis tools: "SekChek SAM", "SekChek AD" and "SekChek for SQL".

Platforms

SekChek Local supports Microsoft platforms: Windows NT4, 2000, 2003, XP, Vista, 2008 and Microsoft SQL Server 2000, 2005 and 2008.

Features

The tool benchmarks Windows OS security policies against data points contained in a statistics database. The statistics database contains over 25 million anonymous security measures retrieved from over 50,000 analyzed systems. The developers of the software designed the built-in reports to assist IT & Audit professionals answer questions on the state of security. The tool provides tailored reports via Microsoft Access. Access assists in sorting, filtering, querying and manipulation of the data.

The SAM tool analyses security policies and objects defined on Windows member computers. These include all versions of Windows servers from Windows NT 4.0 The company states that the SAM tool was designed to analyze security on multiple member Servers and Workstations running any version of Microsoft Windows. The product analyses the hosts details, User and Group accounts, Group memberships, Account Rights, Administrative privileges, Security policies, Security properties, Services, Audit Events, Network Shares, Disks and Host Properties.

The SekChek AD tool analyses the domain-wide security policies and security objects defined in an Active Directory domain. The product analyzes the Domain account policies, Group Policy Objects (GPO)and links, User and Group accounts, Group memberships, Sites and Organizational Units, trusts, Domain_controllers and FSMO role owners.

The SekChek for SQL tool analyses database security settings, access rules and objects defined in Microsoft SQL Databases and supports versions of Microsoft SQL Server from SQL 2000. The product analyzes MS-SQL Server Settings, Logins, Server Roles, Database Users, Database Roles, Database Application Roles, Databases and Permissions.

Distinguishing features

The tools do not have an installation procedure.
The product does not depend on agent software.
Security Data is imported into Microsoft Access, analysed and benchmarked locally.

References

[http://www.clickpress.com/releases/Detailed/38496005cp.shtml ClickPress - Unique Security Assessment Tools]
[http://www.networkworld.com/newsletters/nt/2006/0508nt1.html Script Logic]
[http://www.earthtimes.org/articles/show/computer-security-evaluator-sekchek-announces-brand-new-product-for-on-site,317272.shtml Earth Times - On-Site Security Assessments]
[http://www.darkreading.com/document.asp?doc_id=96430 Jennifer Bosavage - New Service Seeks Out Security Gaps - Techweb]
[http://www.itsecurity.com/security.htm?s=17825 Independent Reality Check of OS Security - ITSecurity]
[http://www.sekchek.com/downloads/Product%20Specification%20-%20SekChek%20Local%20AD.pdf AD Product Specifications]
[http://www.sekchek.com/downloads/Product%20Specification%20-%20SekChek%20Local%20SAM.pdf SAM Product Specifications]
[http://blogs.msdn.com/oldnewthing/archive/2006/04/13/575739.aspx Where did the name for Microsoft Access come from?]

External links

[http://www.sekchek.com SekChek Home Page]
[http://www.sekchek.com/SekCheklocalsw.htm SekChek Local]
[http://www.sekchek.com/downloads/SekChekLocal.zip SekChek Local Download]