McAfee Hercules Policy Auditor
March 01, 2007
From £37.37 per node (11-25 nodes)
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Support for many OS, can take input from vulnerability scanners
- Weaknesses: The product is difficult to install and very complex to manage
- Verdict: For the largest enterprises this product might be a fit, but it would require a significant time investment to configure and administer it adequately
The Hercules Policy Auditor and Remediation Manager were formerly known as Citadel Hercules. These products have one very unique feature in that they can process the output from popular vulnerability scanners, pretty much any scanner that uses the CVE (common vulnerability exploit) numbering scheme and use the product to remediate the vulnerability. The Hercules product supports a large number of operating systems including several variants of Unix, Linux, Microsoft and Mac systems.
Installation of Hercules Policy Auditor and Remediation Manager is quite tricky. The Policy Auditor appears only to install on Windows 2003 Servers with no Active Directory components installed, but the product requires .net, Internet Information Server, and Microsoft SQL Server. Once the underlying OS is configured, the installation can begin.
The Policy Auditor has four main components: the download server, the main Hercules server, the channel server and the reporting server. Each component requires some attention to detail, and you need to refer to the documentation frequently.
There are many PDFs available for this product, all of them indexed and searchable. We found the installation and quick-start guides to be the most valuable in this test.
McAfee offers many different levels of paid support for the Hercules product. Options vary from 8-to-5 to 24/7 phone support. The website offers primarily PDFs and white papers for download. Typically, we like to see some level of free support as well as forums, FAQs and other self-service support capabilities.
The McAfee Hercules product is at the upper end of cost when compared with other tools tested in this group, but it is also quite feature-rich and includes support for many different operating systems.
It is quite clear that Hercules is aimed at very large organisations. Cost of ownership, of course, must be considered in context with additional cost of support. This is not an inexpensive product, but, considering its target implementation, the value for the money is good.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Interim CISO (Chief Information Security Officer) - Cyber Security Director
CYBER EXECS - London (Central), London (Greater)
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry