Product Group Tests
Policy Management (2007)March 01, 2007
If you are looking for a desktop policy management program for Windows users that will not introduce needless administrative overhead, FullArmor GPAnywhere is a product to look into. This one gets our best buy.
The BigFix Enterprise Suite is long on features and supports more desktop operating systems than any other product. BigFix Enterprise Suite is our Recommended product for its features and value for the money.
Enforcing organisational and legislative rules while monitoring mobile devices is a challenging and constantly changing task. Justin Peltier looks at some solutions offering to make life easier.
System configurations are getting more complex as devices such as smart phones, wireless access points and printers, along with traditional workstations, are all capable of storing a security configuration. Another common feature these pieces of hardware share is the potential to introduce vulnerabilities or other security weaknesses into an environment. When new clients or endpoints are combined with the constantly moving target of fresh vulnerabilities and additional organisational directives being released, ensuring policy compliance can become a challenge for organisations.
Policy compliance is a wide-ranging area, in terms of the different tasks it requires as well as in relation to the types of configuration that may need to be performed. Common device configurations can include network settings such as IP address, subnet mask, and virtual local area network membership. Devices may also use security settings such as encryption keys, firewall rule sets, registry settings and permissible network locations for access. In addition, there may even be peripheral configurations regarding which types of devices may be accessed via a device's USB ports.
However, configuration management is just part of the whole process. Policy management also includes tasks such as vulnerability assessment, device audit and inventory, configuration reset, centralised logging and reporting functions.
Many of the products we reviewed used unique approaches to tackle the problem of device policy management. Some focused on specific types of hardware, such as firewalls or routers, while others were geared towards more traditional systems, for example workstations and servers. We also looked at solutions that examined the type of network traffic generated from a device to ensure configuration compliance.
Compliance is a big topic for most security administrators, so many products draw attention to their ability to comply with current legislation. A number of entries in this group featured pre-existing templates to help an enterprise ensure compliance with many standards and common pieces of legislation.
The two appliance-based products we looked at in this category monitored a network segment for non-compliant traffic, while most of the software-based offerings made use of proprietary network communication to ensure compliance.
Solutions also differed in the approach of how to manage the clients. Most products created a client application that would reside on the device to be managed while other appliance devices used VLANs and 802.1X-like functionality to remove the offending devices from the normal network flow. Regardless of the mechanism used to look for anomalies, support for many different types of operating systems were apparent. Most software-based tools included support for Windows-based devices, as well as Linux, Unix, Mac and, in the case of NetIQ's Security Configuration Manager product, even AS/400 devices.
How we tested
For the software-only product distributions, we tested using Windows 2003 Advanced Server Service Pack 1 with IIS, .net, and ASP installed. We varied the installation to include Active Directory for the product that required it. The server hardware we used was an Intel Pentium 4 3.00 GHz machine with 512 MB of RAM and a 100 GB hard drive installed. All of the latest hotfixes were applied and several Microsoft components were present to facilitate the installation of the software packages.
For the client we used a Windows XP Professional machine with Service Pack 2 installed and the latest hotfixes deployed. The client machine was a desktop model with an AMD 64 3300+ processor with 768 MB of RAM.
The same hardware was used for the Linux client for products that offered Linux client solutions. For Mac product testing, we used a MacBook dual core 1.8 GHz machine with 512 MB of RAM and an 80 GB hard drive. We tested the performance impact on the client machine by using the PassMark Performance Test version 6.0 on the Windows machine.
In all performance tests a difference of less than two per cent was classified as no impact on performance. The network was based on gigabit switches with differing configurations based on the need of the product being tested.
For the testing of the SolSoft product, a Check Point NGX firewall was used as well as Cisco router with the Firewall IOS.
All products in this group test
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Information Security Risk Manager, £45-55k + bens
Infosec People - West Midlands, England, Coventry
SOC Analyst, Aldershot, £55-63k + benefits
Infosec People - England, Aldershot, Hampshire
Security Architect, Cardiff - to £70k Basic
Infosec People - Cardiff, Wales
Interim CISO (Chief Information Security Officer) - Cyber Security Director
CYBER EXECS - London (Central), London (Greater)
Sign up to our newsletters
SC Magazine UK Articles
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Met Police grab suspect with phone unlocked to get hold of data
- Cyber-security must reflect risk not just regulation
- Data centres are on the move - where will they end up?
- The information security implications of M&A deals
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Over 400,000 phishing sites have been detected each month in 2016
- TalkTalk customers urged to get routers swapped over hacker fears
- Report: Mirai 'is just the tip of the iceberg'
- Avalanche takedown involved searches in 40 countries
- India Supreme Court calls on tech giants to curb sexual assault, cyber-crime