We encountered multiple errors after the installation completed. Most of these involved an inconsistency with clock settings. The installation requires a Network Time Protocol (NTP) server to connect and synchronize both the console and the IPS or there can be complications. (The vendor has explained that a newer version of the device does not require an NTP server to function).
Although the installation documentation was effective, the end user documentation was very ineffective. It consists mostly of a glossary of technical terms and does not explain any post-installation verification procedures. Fortunately, the system itself was very user-friendly. Its GUI was easy to navigate.
Without an NTP server, the console and server have two different clock settings. The time difference raised a lot of questions, so we called technical support. We were able to speak to a person only one time. Then we left at least three voicemails with their live answering service. None were returned.
The console is browser-based but we could also run the console directly on the server. The menus are in plain English but there was little online help. Installation documentation is provided but the user manuals are not very informative. This limits progress since there are menu terms which are not defined either online or in hard copy. The net result is that the operator must have a high level of knowledge.
CounterSnipe can generate reports sorted by a variety of fields. It can produce a weekly summary or daily details. Reports can also be customized. Signatures can be specified by certificates or IP addresses, either source or destination.
The CounterSnipe APD 1000 offers very good value if you can live with minimal support and documentation.
Ease of installation, a wide range of functions, and the ability to function in three different modes on either an internal or external network.
The need for an NTP server.
A reasonable product let down by very poor support.