NetIQ Security Manager
November 01, 2005
c£576 per managed device
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Comprehensive functionality, straightforward user interfaces.
- Weaknesses: Implementation could be a little involved in some instances.
- Verdict: A potentially powerful and comprehensive product.
This comprehensive product seems to offer a great deal: event monitoring and management; intrusion detection; comprehensive reporting and analysis. All this, plus three printed manuals, an installation guide, user guide and programming guide.
Installation itself could be a little trying because the software, as is often the case these days, requires a particular platform to work with. Various architectures are catered for and this is well covered in the documentation.
NetIQ Security Manager can be thought of as three primary modules – the Event Manager, the Intrusion Manager and the Log Manager. The general idea is that information is captured and consolidated into a central repository in order to support trend analysis and reports.
The Event Manager collects event-related information from a variety of locations and sources distributed across your network. It will thus interoperate with various firewall and security products as well as distributed agents in order to gather this information.
The Intrusion Manager will help guard against intrusion and attacks by monitoring log files on networked computers. If it spots anything suspicious, it can be configured to email or page support personnel, and generate an alert at the console position. It can do this for Windows, Linux and Unix computers.
The Log Manager is responsible for gathering everything together into a SQL Server database in order to be able to analyze, query and report on the potentially significant amount of data generated. For many, this will be the primary function of such a tool and NetIQ Security Manager does not disappoint in this respect, with an arsenal of built-in knowledge available to assist. Security Manager is also capable of taking action automatically in order to shut down services where appropriate in relation to events.
It also features a degree of event correlation, enabling you to set up rules to cover sequences of events that might be important to you. All this is achieved through intuitive user interfaces that will be familiar to those steeped in a Microsoft environment.
There is more to this tool than can be covered within a short review, but if you are looking for this type of product, it is certainly worth a closer look.
SC Webcasts UK
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry