- What does Cisco have against Quebec?
- Attrition.org nails another nitwit
- Diary of a deliberately spammed housewife
- Seven cloud-computing security risks
- 20 great Windows open source projects
News | Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
|
|||||||
With the Health Insurance Portability and Accountability Act, Sarbanes-Oxley and Gramm-Leach-Bliley legislation becoming common terms, mandated security and privacy measures are now part of everyday IT life. With that reality, IT security professionals need tools in their repertoire that help them prove their environments comply with these standards when auditors come knocking on the door.
In this Clear Choice Test, we examined products designed to help evaluate system configurations against predefined security and privacy policies, provide reports detailing compliance levels and identified issues, and assist in remediating issues that could result in penalties for noncompliance.
Altiris, Configuresoft, Elemental Security, NetIQ (acquired by AttachMateWRQ during the course of the test), New Boundary and Symantec agreed to participate. We also took a closer look at how Preventsys' Security Risk Management System helps provide a more aggregated view of policy compliance across multiple products. Preventsys was purchased by McAfee last week. IBM, TriSixty, Polivec, Ecora and Cambia declined to be tested.
The good news is that strong options abound in this class of products, with five of the six tested earning an overall rating of at least four out of five possible points.
NetIQ's Vulnerability Manager came out on top as the most well-rounded product. While it did not stand out in any individual area, it performed solidly across the board in policy management, reporting, compliance checks, configuration and remediation.
Symantec's Enterprise Security Manager (combined with agentless technology it picked up recently with its purchase of Bindview) placed a very close second, standing out for its reporting and remediation information components, but losing a bit of ground on ease of use for policy-development. Configuresoft's Enterprise Configuration Manager earned kudos for being the most intuitive product tested, though how it describes identified compliance issues could be improved.
Elemental Security, the new kid on the block, earned high marks for its Elemental Security Platform device-discovery and remediation-action options, which are based on the packet filter embedded in its agent software. Elemental may be an even stronger contender once its reporting functionality and flexibility match the rest of its technology innovation.
Rss FeedRss Feed
superantispywarepro will clean that for you!- Anon
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Comment