We are very happy to announce the release of the newest member of our Group Policy product family–Change Manager for Group Policy 1.0! CMGP, as we call it around here, brings GPO change control into the modern era, by providing a friendly, web-based user interface to allow organizations to quickly and securely manage Group Policy change within their environment.
As our founder, Darren Mar-Elia, has blogged about in the past, Group Policy is a powerful tool for configuring the security of your Windows systems. But it can also be misused, accidentally or maliciously, to take over or otherwise impact your environment. Having a good change control system in place that also takes control of who can edit and link GPOs is vital to ensuring the integrity of your Windows network.
CMGP allows you to lock down your Group Policy environment to ensure that only designated editors can change GPOs or link GPOs. You can set that delegation at the GPO or OU/AD container level and ensure that any changes are approved by an authorized approver prior to being deployed to production. Approvers can even schedule changes so that they don’t need to be there when a change is deployed after hours. CMGP lets you implement a tiering model for Group Policy management, as described here, that ensures that malicious actors can’t easily take over and use GPOs to deliver malware to your end users.
CMGP is a critical component to getting control of your Group Policy environment, and play a key role in our Group Policy Modernization model:
If you are currently using Microsoft Advanced Group Policy Management (AGPM) today, you know that it hasn’t been meaningfully updated by Microsoft in 6 years, and is winding it’s way towards end of life. CMGP can not only be a replacement for AGPM but it can also provide you with a more comprehensive and secure solution for managing Group Policy change. You can download a free 30-day trial of CMGP by visiting our website and selecting the “Download Free Trial” button.