August 01, 2007
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Great IDS appliance with built-in vulnerability assessment and available firewall and routing modules
- Weaknesses: IPS is not very effective at all, documentation needs improvement
- Verdict: A bargain priced appliance that is missing a few important capabilities while adding a few non-standard ones
This device is like a slightly stripped down version of a unified threat manager (UTM). The SecurityMetrics offering not only includes IDS/IPS functionality, it is also a vulnerability assessment tool and can be configured to work as a firewall and router. Furthermore, this appliance is capable of protecting the network from viruses, pornography, backdoors, cross-site scripting attacks and many other threats.
This device was shipped almost completely preconfigured specifically for our environment, so setup was a breeze. It took just a few minutes to plug it in, update it and look over the policy for any tweaking required and we were good to go.
Once the SecurityMetrics box was up and running, we found the web GUI to be simple and intuitive to navigate. Policy configuration was equally straightforward and quick.
While this appliance was easy to configure, it did not perform well during our test. The IDS part worked very well and identified all the attacks.
However, the IPS failed to stop most of the attacks and the protected network was compromised quickly by our penetration tool. The IPS did manage to stop a few attacks, but it only takes one serious hole to have a serious problem.
The documentation for this product is insufficient at best. The installation guide is a basic three-page document that does an average job of describing installation, but it fails to explain the deployment in any useful detail. The rest of the documentation is built into the appliance as a simple help file. While this information is well organised and easy to read, it lacks substantial detail and has no screenshots or diagrams.
Security Metrics offers support free for the first year on hardware/software maintenance. The second year of support comes at a cost of £505. The support area of the website offers a support contact, but that is all. Relative to virtually all other products we test in just about all categories this is a very weak showing.
At a price of just over £3,000, we thought this product would be great value, but as an IPS it falls flat. However, the good news is that it is a good IDS and does have a built-in vulnerability assessment tool. In this case, value really depends upon what you are looking for.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry