Critical Watch FusionVM
February 01, 2013
FusionVM SaaS starts at c£280 per month for 100 IPs, including upgrades
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Internal and external scanning ability
- Weaknesses: Web-based support is quite minimal, no knowledgebase
- Verdict: Good functionality, but could use stronger support
FusionVM from Critical Watch offers both vulnerability management and configuration policy auditing in either a physical or virtual appliance or as a full, cloud-based SaaS option. If the SaaS option is chosen, customers can receive external scanning without any additional hardware or software needed. If scanning internally, the customer must install an appliance that connects to the cloud service for scanning.
This product offers many vulnerability and risk assessment options, including web applications, databases, third-party applications, and workstations and many others. It also includes a full compliance module that scans and reports on many compliance standards, such as Sarbanes-Oxley, GLBA, HIPPA, ISO 1779 and PCI DSS.
For our evaluation, we ran the product in the SaaS model with a physical scanner installed in our lab. The setup of the appliance was quite simple and only took a few minutes. We first plugged in the appliance and connected a monitor and keyboard. After the appliance was booted, we were able to login and configure the network and IP settings. Once those were completed, the scanning appliance was up and running with a connection directly to the Critical Watch cloud VPN. To launch a scan, we simply had to log into the Critical Watch web portal and set up a scanning job. We found the web portal to be quite easy and intuitive to navigate with a nicely organised layout. Scanning jobs can be set up to run on-demand or be scheduled to run at specific times.
Overall, we found Critical Watch FusionVM to be quite flexible and to have many features. Built in to the web portal is a remediation manager section, which allows for administrators to assign and track remediation tasks after a scan has completed. Also available are several charts, graphs and reports for viewing scan results based on hosts scanned, risk data and open services.
Documentation included a full PDF user guide that covered how to deploy and use the product. This was well organised and included many screenshots and detailed explanations of features and functions. Also included were many examples that helped illustrate more complex scanning and reporting procedures.
Critical Watch offers full 24/7 phone- and email-based technical support to customers as part of the SaaS subscription fee. Customers also have access to an online FAQ section, but that is about it for online-based support. At the current time, Critical Watch does not provide a web-based knowledgebase.
At a price starting at c£280 per month for 100 IPs for the SaaS service, or around c£26,887 for 1,000 IPs for the on-premise scanner, we find this product to be good value for money. We found the hybrid SaaS/appliance architecture to offer flexibility for deployment while providing a good amount of features and functionality.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry