NetIQ suite tops test of security compliance wares

With the Health Insurance Portability and Accountability Act, Sarbanes-Oxley and Gramm-Leach-Bliley legislation becoming common terms, mandated security and privacy measures are now part of everyday IT life. With that reality, IT security professionals need tools in their repertoire that help them prove their environments comply with these standards when auditors come knocking on the door.

In this Clear Choice Test, we examined products designed to help evaluate system configurations against predefined security and privacy policies, provide reports detailing compliance levels and identified issues, and assist in remediating issues that could result in penalties for noncompliance.

Altiris, Configuresoft, Elemental Security, NetIQ (acquired by AttachMateWRQ during the course of the test), New Boundary and Symantec agreed to participate. We also took a closer look at how Preventsys' Security Risk Management System helps provide a more aggregated view of policy compliance across multiple products. Preventsys was purchased by McAfee last week. IBM, TriSixty, Polivec, Ecora and Cambia declined to be tested.

The good news is that strong options abound in this class of products, with five of the six tested earning an overall rating of at least four out of five possible points.

NetIQ's Vulnerability Manager came out on top as the most well-rounded product. While it did not stand out in any individual area, it performed solidly across the board in policy management, reporting, compliance checks, configuration and remediation.

Symantec's Enterprise Security Manager (combined with agentless technology it picked up recently with its purchase of Bindview) placed a very close second, standing out for its reporting and remediation information components, but losing a bit of ground on ease of use for policy-development. Configuresoft's Enterprise Configuration Manager earned kudos for being the most intuitive product tested, though how it describes identified compliance issues could be improved.

Elemental Security, the new kid on the block, earned high marks for its Elemental Security Platform device-discovery and remediation-action options, which are based on the packet filter embedded in its agent software. Elemental may be an even stronger contender once its reporting functionality and flexibility match the rest of its technology innovation.

Altiris's SecurityExpressions excelled in its flexibility in defining policy checks and remediation actions. New Boundary does not contain all the features required for a large enterprise with its Policy Commander product, but it would be a great choice for the small-and-midsize-business deployment that requires a Windows-focused, continuous enforcement product.