Product Information

Cenzic Hailstorm Enterprise ARC 5.5

starstarstarstarstar

by Nathan Ouellette April 01, 2008
SC Magazine Best Buy
Vendor:

Cenzic

Product:

Cenzic Hailstorm Enterprise ARC 5.5

Website:

http://www.cenzic.com

Price

From £13,000

RATING BREAKDOWN

  • Features:
    starstarstarstarstar
  • Ease of Use:
    starstarstarstarstar
  • Performance:
    starstarstarstar
  • Documentation:
    starstarstarstar
  • Support:
    starstarstarstarstar
  • Value for Money:
    starstarstarstarstar
  • Overall Rating:
    starstarstarstarstar

QUICK READ

  • Strengths: Integration with VMWare is a unique and useful feature, great configuration and control over scanning environment
  • Weaknesses: Nothing we found
  • Verdict: A true enterprise-class product with impressive options and customisations. Best Buy

Cenzic Hailstorm Enterprise ARC (Application Risk Controller) 5.5 is a centrally managed web-application assessment product. It consists of a web-based dashboard and a separate, stand-alone desktop application component for customising projects, scan settings and policies.

The product installed easily on our test server. It is compatible with Windows 2000/XP/2003 and requires at least IIS 5.0 for its web server. It also installs a copy of MySQL for its backend database. Although Cenzic recommends that main components be installed separately, they can all be installed on the same machine, albeit with some small challenges. From an activation perspective, we would have preferred a simpler method, since receiving a valid licence from Cenzic requires first sending them a machine ID and waiting for the licence to be emailed.

The web interface is well designed and easy to navigate. Overall, the product's enterprise-class features are apparent and administrators can control user access through roles and customised central management. The product performed adequately in our scanning tests and discovered all the vulnerabilities we expected it to.

From an administration perspective, the solution really shines. Policy and configuration edits are typically done by power users, while scanning tasks can be performed by developers or quality-assurance staff through role-based access control out of the box. Reports and dashboard views are slick and intuitive. Administrators will welcome the ability to mirror their production applications using a VMWare sandbox, which eliminates any impact to production. An option to integrate reports from competitors is an interesting feature that some organisations may find useful.

The web-based documentation is thorough and well-organised, with well-placed and evenly distributed screenshots.

Support for the Hailstorm is adequate. Cenzic offers office-hour support included with the base subscription, or a 24/7 option for ten per cent of the subscription price. The company's website features a support phone number, a request form and a handful of technical white papers.

Pricing is based on an annual subscription and starts at £13,000.

Reviews For This Vendor

Related Group Test

SC Webcasts UK

Sign up to our newsletters

FOLLOW US