Product review: RedSeal Security Risk Manager
RedSeal SRM gathers far-flung network configuration data to help identify, measure, and manage large-network risksFollow @infoworld
Testing in two environments
I tested Security Risk Manager in two environments. The first was a small test infrastructure in my lab. The second used a large test database that RedSeal provided at my request from its test lab. My purpose in testing this second database was to review the impact of size and complexity on SRM's ability to deliver its benefits.
I ran SRM on my 2.33GHz Intel Core 2 Duo MacBook Pro with 3GB of memory under a Windows XP guest operating system using Parallels with 1GB of memory allocated to it. Although SRM is a Java application, it is currently available only for Windows XP and Vista.
When you first launch RedSeal SRM, you capture a license request file that you then send to RedSeal. By return e-mail, you receive a license text file that you input into the SRM. Given all of the options available for licensing software, this was one of the more awkward methods that I have seen. Systems like The Blue Technologies Group's license or other Internet-based interactive licensing systems are much more user-friendly and easy to move around. This seems especially important for applications such as the SRM.
That said, this license issue is one of only two complaints I have about the system, and it's a relatively minor one. My second complaint, also not major, is that SRM runs only on Windows.
Managing large infrastructures
Once licensed, the system is ready for use. I pointed it at my devices with my SNMP read-only strings, and it quickly captured the configuration information for all of them. It drew a map of the network, outlined the devices most at risk, gave me a table of the devices, and created the network risk map. The SRM quickly determined which of the devices warranted configuration changes and which related systems were impacted, and it gave me the insights I would need to further protect the environment. It was able to find some implications that I hadn't considered, as well.
The real test was the large database, however. When an infrastructure exceeds more than a handful of devices, the interactions become too complex and dynamic for effective analysis. Using SRM, though, I could quickly see where I need to concentrate my efforts. The different views allowed me to drill in on the most vulnerable, highest-risk zones, and decide my most effective path to reducing the overall risk of the infrastructure. In other words, I could quickly narrow my focus to the area where remediation would have the highest impact. That is one of the biggest challenges in security management, and RedSeal addresses it well.
A solid service
Business has learned that visualization tools enable rapid analysis for assessment and decision-making. Applying these technologies to the analysis of security risk and mitigation is a high-return area of technology management, and RedSeal's Security Risk Manager performs the service extremely well. Although the RedSeal product isn't cheap, organizations with networks large enough to take advantage of SRM should find it an affordable way to add critical security management functions to their administration suite. Any organization with more than a few devices, and sufficient means, would be well served to implement it as a core to its overall security management infrastructure.