Review: Intelligent Wave CWAT, v3.1a

By on
Review: Intelligent Wave CWAT, v3.1a

CWAT (cybercrime, warning, alert, termination, pronounced see-wat) is an extremely comprehensive insider threat management system. It is equally complicated to install and understand.

This is a product that has taken insider threat monitoring to extremes, and the results are a system that covers all the bases and is scalable to 12,000 users. Deployment of user machine agents is a snap and can be automated. We thought that we had seen just about every approach to extrusion prevention until we opened this box.

A few minutes with the documentation reveals an alphabet soup of acronyms. The system, a set of software modules, is comprised of an endpoint monitor (the OPDC, or operational defense controller), server-based network access control (the segment defense controller — SDC), and the unknown terminal defense controller — UDC), and a central management system (organisational monitor — OM).

There is nothing this product cannot do in terms of extrusion prevention. It covers content, files, email, peripherals and pretty much any extrusion vector you might have on your enterprise. Additionally, it supports its own encryption and digital rights management capabilities. To think of CWAT as just an extrusion prevention product would be to sell it way short. However, all of this power comes at the price of complexity. Intelligent Wave addresses that with pre-made batch files to install each nodule, including the SQL database.

Documentation is extensive. Intelligent Wave generally provides an engineer to assist in setup of a newly purchased system. Even with the setup batch files, this suite has a lot to do to get it working. But when it is working, it is a solid performer.

As much as we liked this product, we were disappointed with the weakness of the web site. There is very little beyond sales material on the site, and we could not find the usual customer support portal. Customer support is available, according to Intelligent Wave, during the work day in the U.S., but the web site is unclear about how to obtain this support, which is priced at 15 percent of installed system cost.

The product is priced reasonably starting at US$5,000, plus US$100 per end-user in the United States (perpetual license).

For: If this product doesn't provide an insider threat management capability, you probably don't need it
Against: A bit difficult to deploy (get the support engineer to come on site and help you) and web support is very weak
Verdict: For mid-sized organisations, this is as good as it gets feature-wise

Tags:

Most Read Articles

Log In

Username:
Password:
|  Forgot your password?