DE EN
Product Page Shop
Who is it for?

The right tool for everyone working with GPOs

ISW GPO Analyzer Pro replaces time-consuming manual reviews with automated analysis and delivers immediately actionable recommendations – for everyone who works with Group Policy Objects.

🖥️ AD Administrators

Clean up orphaned GPOs, identify conflicts and optimize the processing order.

🔐 IT Security Officers (CISO/ISO)

Check compliance against BSI IT-Grundschutz, CIS Benchmarks and NIST SP 800-53 – instant reports for audits.

📋 Auditors & Reviewers

Documented evidence of GPO configuration as HTML, PDF or CSV report in corporate design.

🏢 IT Consultants & MSPs

Accelerate GPO assessments at client sites – presentation-ready results without manual effort.

Product Scope

All features at a glance

ISW GPO Analyzer Pro is a standalone application requiring no installation – simply unpack and run. It automatically detects the Active Directory domain and the available domain controller.

📦

Complete GPO Inventory

All GPOs with status, links, WMI filters, owner and versions. Automatically identifies empty, unlinked and disabled GPOs.

🔤

ADMX Decoder

Automatically translates cryptic registry paths into readable policy names. Uses Central Store or local PolicyDefinitions in the system language.

OU-Based Conflict Analysis

Detects contradictions, overrides and redundancies – scope-based, accounting for inheritance, Enforced links and Block Inheritance.

Multi-Standard Compliance

Checks against BSI IT-Grundschutz (25 rules), CIS Benchmarks (34 rules) and NIST SP 800-53 (19 rules) – no re-query when switching baseline.

❤️

Health Check with Score

Automatic check for misconfigurations and best-practice violations. Score scales relative to environment size for fair assessment.

🔄

LSDOU Processing Order

Calculates the exact GPO processing order for any target OU following the Local-Site-Domain-OU principle with precedence numbers.

🔑

Permission Analysis

Detects missing Apply permissions, dangerous trustees (Everyone, Anonymous), excessive permissions and Deny ACEs.

🔀

GPO Comparison

Side-by-side comparison of two GPOs with color-coded diff view: Modified, Only GPO 1, Only GPO 2, Identical.

🌐

Visualization

Network diagram of each GPO with color-coded connection lines: links, security filtering, WMI filters and link order.

📄

Professional Reports

Tab-specific HTML, PDF and CSV reports. Email dispatch with formatted message and HTML attachment directly from the tool.

  • AD vs. SYSVOL version comparison – instantly detects replication issues
  • CheckSysVol – checks SYSVOL share, GPT.INI, ADMX/ADML consistency and DFSR status
  • GPO Backup in native GPMC format – restore via Restore-GPO
  • Real-time filtering and search in all tabs
  • Keyboard shortcuts: F5 Analyze, Ctrl+E HTML, Ctrl+S CSV, Ctrl+P PDF
Security Standards

Compliance against three international standards

Switch the baseline at any time using the dropdown – recalculation happens immediately without re-querying Active Directory. Checked areas: password policies, account lockout, audit policies, security options and user rights.

BSI IT-Grundschutz

25
Rules

German standard by the Federal Office for Information Security. SMB signing, NTLM level, UAC and more.

CIS Benchmark

34
Rules

International standard with stricter requirements: password length ≥14 characters, account lockout after 5 attempts.

NIST SP 800-53

19
Rules

US standard. Focus on core controls for access management, monitoring and system integrity.

Quality Assurance

Health Check & Scoring

The Health Score evaluates the GPO infrastructure relative to the environment size – larger environments are not automatically rated worse. Each finding includes a concrete recommendation for action.

Severity Weight Examples
🔴 Critical × 15 Security risk or loss of function – immediate action required
🟠 High × 8 Important issue to be resolved promptly
🟡 Medium × 3 Best-practice recommendation for optimization
🟢 Low × 1 Informational hint, low risk
💡 Formula: Score = max(0, min(100, 100 − (Penalties / MaxPenalty × 100)))  |  MaxPenalty = GPO count × 8
Technical Details

System Requirements

Operating System

  • Windows 10 / 11
  • Windows Server 2016 or higher
  • .NET 10 Desktop Runtime+

Active Directory

  • Domain member with GPO read rights
  • Read access to SYSVOL share
  • Domain Admin recommended

Installation

  • No installation required
  • Unpack archive & run
  • Automatic DC detection

Display & DPI

  • Minimum 1280 × 720
  • Recommended: 1920 × 1080+
  • PerMonitorV2 DPI awareness
Licensing

One-time investment, lasting oversight

No subscriptions, no hidden costs. The ISW GPO Analyzer Pro is available as a site license – pay once, use forever.

ISW GPO Analyzer Pro
€99.00
incl. 19% VAT · Site license · one-time fee
  • Complete GPO Inventory
  • Health Check & Scoring
  • Compliance: BSI / CIS / NIST
  • Conflict Analysis, LSDOU, Visualization
  • ADMX Decoder, GPO Comparison, Backup
  • HTML, PDF and CSV Reports
  • Technical support via email
Buy now in the Shop →
After purchase you will receive your license key and download link by email.
Questions? support@it-service-walter.com
✅ No subscription, no risk: The site license is valid without time limit for one company location. Includes updates to bugfix releases.