CounterSnipe Active Protection Software v3.0
August 01, 2007
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: A wide range of deployment options with a learning mode that can be put in place beforehand
- Weaknesses: Difficult to manage and configure, awkward documentation, cost of ownership
- Verdict: Solid features and performance, but setting it up can be quite challenging
This software-only product can be deployed as an inline IDS or IPS or off a tap. It can also provide detailed threat and asset correlation using its comprehensive surrounding asset knowledge module (SAK) to locate potential trouble areas. And it has a learning mode that can be deployed in the network before actually implementing policy.
This solution is challenging to deploy, to say the least. You need a computer to put it on, and the software is only compatible with the exact specifications described in the documentation. We found that if the platform has different hardware the application will not work. We wish that CounterSnipe had stuck with their popular appliance rather than go to a software-only implementation.
The rest of the setup was fairly straightforward, but managing policy on the device is a tangled maze of configuration levels, and it becomes confusing very quickly. The Java-based management interface is slow and awkward to navigate.
The product performed well. It was able to stop most of the bad traffic from our scanners, and we found ourselves unable to penetrate the protected network. The event log also provided near real-time event descriptions that were clear and understandable.
The documentation is light. A two-sheet quick start-guide gives the hardware requirements and steps to install it. There is a small PDF administration guide that can be accessed via the web console once the solution is up and running. This provides a good amount of detail for the initial configuration, but is difficult to understand on policy and many other areas.
CounterSnipe offers 24/7 support, but we had to search for information on these programmes. We found a brief discussion in a PDF file entitled "professional services" buried on the website. Substantive support appears to be an extra-cost item, available in standard and platinum packages. Publicly available help via the website is limited to a few documents, data sheets, and white papers.
On the surface, this product looks to be a bargain for almost any company with a price of less than £3,000, but after a deeper look this deal may not be so sweet. An appliance has to be purchased separately, which, combined with the difficulty of managing this tool, adds to cost of ownership.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Microsoft update left Azure Linux virtual machines open to hacking
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- ICYMI: CEO Sacked; MS Zero-day; Passwords dropped; Ransomware wild, charging hack
- 9.2 million medical records for sale on darkweb
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry