Citadel’s Hercules 4.0 keeps systems safe and in compliance

Despite the complex infrastructures large organizations require, vulnerabilities inevitably slip through. To protect against those invaders, Citadel Security Software’s Hercules EVM (Enterprise Vulnerability Management) Suite 4.0 helps patch security holes faster than bad guys can exploit them.

Free IT resource Virtualization Insights from Top Experts - Learn how virtualization gets real! Sponsored by Dell Free IT resource TechNet: More ways to know it, share it, and keep it running. Sponsored by Microsoft Citadel Hercules 4.0 EVM Suite Citadel Security Software, citadel.com Very Good  8.6 criteria score weight Accuracy 9 20% Management 9 20% Reporting 8 20% Ease-of-use 9 15% Performance 8 15% Value 8 10% Cost: Perpetual license, $60 to $80 per device for all modules; Security-on-Demand hosted service, $2,000 to $5,000 per month; optional Enterprise Reporting module, $50,000 plus $2,500 per server Platforms: Windows 2000 Server or Windows Server 2003 with SQL 2000 Server; manages Windows, Linux, Unix clients Bottom Line: Hercules 4.0, a vulnerability management suite, audits systems for security policy and compliance violations. The nifty Remediation Manager aggregates and fixes problems identified by the compliance module and third-party scanners. Includes risk analysis features to check for dangerous configurations and calculate risk ratings so key devices get priority remediation. About our Reviews and Scoring Methodology

Hercules 4.0 makes assessing weaknesses and applying fixes more efficient. At its core is a library of more than 24,000 possible system weak spots and corrections. Workflows permit managers to review, prioritize, and schedule remediation. Plus, the new version adds a Remediation Manager module that aggregates problems it finds with those reported by third-party scanners.

Meanwhile, the Compliance Manager module examines networks for badly configured systems that could cause your organization to fail Sarbanes-Oxley, HIPAA, and other audits. The compliance module integrates with Remediation Manager, and any compliance problems get fixed as part of scheduled system repairs. A set of very usable reports and enhanced end point security complete this solid solution.

I installed the Windows software version of Hercules 4.0 with all four main modules, which allow problem auditing as well as repair. Alternately, you may license individual modules depending on your needs and budget. Hercules also ships as an appliance.

The setup wizard bypassed almost all manual configuration steps; I had a functional Windows 2000 Hercules server in less than an hour. My clients were a mix of ten Windows and Red Hat Linux workstations. (Hercules 4.0 also includes agents for AIX, HP-UX, Solaris, and Tru64 Unix.)

Hercules is a deep product that will likely require some staff training to use. However, enterprises should see initial benefits in short order thanks to the wizard-style QuickStart. QuickStart helped me locate devices on my network, inventory each system, identify and patch basic vulnerabilities, and monitor workstations for new problems.

QuickStart front-ends a single “Operations Center” admin console. Here, more experienced professionals take full control over how the system scans, reports, and handles security problems. Then, using predefined policy templates for various regulations, Compliance Manager reports which systems didn’t meet minimum security requirements.

Hercules checks for software defects, unnecessary services, unsecured accounts, misconfigurations, and back doors as appropriate within company policies. I was impressed with its accuracy; it found missing patches on my systems that other solutions missed.

Once the checks are run, AssetGuard  pulls together reports that compare technical risk with business impact. You rank which systems are the most critical to your organization; the overall risk ratings help prioritize security actions.

That’s where Remediation Manager takes over. With this module, I created and managed ActionPacks: collections of in-house remedies, and Citadel-collected (and tested) patches and updates. Citadel automatically delivers updated policy packages, such as HIPAA templates, to the Hercules server; administrators choose and schedule the policy to apply. You may then edit policies to meet special requirements.

The final piece of the suite, ConnectGuard, provides network access control. Hercules 4.0 checks that systems are properly patched, configured, and running the latest virus software. If not, it quarantines the device and applies the proper defenses.

If there’s a caution with this solution, it’s scalability and associated costs. Hercules can support maximum of 4,000 devices per server, but you can also configure multiple Hercules servers, and the optional but pricey Enterprise Reporting module aggregates data from multiple servers for enterprise-level reports.

Hercules 4.0 goes well beyond traditional patch management by integrating compliance auditing, risk analysis, and end point security. With all of these features, it’s a strong answer to security management.