Cenzic Hailstorm Enterprise ARC 5.5
April 01, 2008
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Integration with VMWare is a unique and useful feature, great configuration and control over scanning environment
- Weaknesses: Nothing we found
- Verdict: A true enterprise-class product with impressive options and customisations. Best Buy
Cenzic Hailstorm Enterprise ARC (Application Risk Controller) 5.5 is a centrally managed web-application assessment product. It consists of a web-based dashboard and a separate, stand-alone desktop application component for customising projects, scan settings and policies.
The product installed easily on our test server. It is compatible with Windows 2000/XP/2003 and requires at least IIS 5.0 for its web server. It also installs a copy of MySQL for its backend database. Although Cenzic recommends that main components be installed separately, they can all be installed on the same machine, albeit with some small challenges. From an activation perspective, we would have preferred a simpler method, since receiving a valid licence from Cenzic requires first sending them a machine ID and waiting for the licence to be emailed.
The web interface is well designed and easy to navigate. Overall, the product's enterprise-class features are apparent and administrators can control user access through roles and customised central management. The product performed adequately in our scanning tests and discovered all the vulnerabilities we expected it to.
From an administration perspective, the solution really shines. Policy and configuration edits are typically done by power users, while scanning tasks can be performed by developers or quality-assurance staff through role-based access control out of the box. Reports and dashboard views are slick and intuitive. Administrators will welcome the ability to mirror their production applications using a VMWare sandbox, which eliminates any impact to production. An option to integrate reports from competitors is an interesting feature that some organisations may find useful.
The web-based documentation is thorough and well-organised, with well-placed and evenly distributed screenshots.
Support for the Hailstorm is adequate. Cenzic offers office-hour support included with the base subscription, or a 24/7 option for ten per cent of the subscription price. The company's website features a support phone number, a request form and a handful of technical white papers.
Pricing is based on an annual subscription and starts at £13,000.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Russian intelligence claims to bust up pending banking cyber-attack
- Presidential commission calls for collaborative action to combat cyber-threats
- Russia's banks will be hacked today, apparently
- Met Police grab suspect with phone unlocked to get hold of data
- Researchers hack Visa cards in six seconds