Review: McAfee Hercules Policy Auditor

By

The Hercules Policy Auditor and Remediation Manager were formerly known as Citadel Hercules. These products have one very unique feature in that they can process the output from popular vulnerability scanners.

For: Support for many OS, can take input from vulnerability scanners
Against: The product is difficult to install and very complex to manage
Verdict: For the largest enterprises this product might be a fit, but it would require a significant time investment to configure and administrate it adequately.

Review: McAfee Hercules Policy Auditor
Pretty much any scanner that uses the CVE (common vulnerability exploit) numbering scheme and use the product to remediate the vulnerability. The Hercules product supports a large number of operating systems including several variants of Unix, Linux, Microsoft and Mac systems.

Installation of Hercules Policy Auditor and Remediation Manager is quite tricky. The Policy Auditor appears only to install on Windows 2003 Servers with no Active Directory components installed, but the product requires.net, Internet Information Server, and Microsoft SQL Server. Once the underlying OS is configured, the installation can begin.

The Policy Auditor has four main components: the download server, the main Hercules server, the channel server and the reporting server. Each component requires some attention to detail, and you need to refer to the documentation frequently.

There are many PDFs available for this product, all of them indexed and searchable. We found the installation and quick-start guides to be the most valuable in this test.

McAfee offers many different levels of paid support for the Hercules product. Options vary from 8-to-5 to 24/7 phone support. The website offers primarily PDFs and white papers for download. Typically, we like to see some level of free support as well as forums, FAQs and other self-service support capabilities.

The McAfee Hercules product is at the upper end of cost when compared with other tools tested in this group, but it is also quite feature-rich and includes support for many different operating systems.

It is quite clear that Hercules is aimed at very large organisations. Cost of ownership, of course, must be considered in context with additional cost of support. This is not an inexpensive product, but, considering its target implementation, the value for the money is good.
Got a news tip for our journalists? Share it with us anonymously here.
Tags:
auditormcafeepolicysecurity

Sponsored Whitepapers

Service Over Signatures: The Truth About No Lock-In IT
Service Over Signatures: The Truth About No Lock-In IT
Wasabi Reveals Hidden Costs and Cloud Storage Shifts in ANZ for 2025
Wasabi Reveals Hidden Costs and Cloud Storage Shifts in ANZ for 2025
Datacom + Microsoft Azure: Turn Ideas Into Impact in Just 4 Weeks
Datacom + Microsoft Azure: Turn Ideas Into Impact in Just 4 Weeks
Protect APIs. Protect Your Business.
Protect APIs. Protect Your Business.
KnowBe4 Benchmark Report: Reducing Human Risk & Phishing Vulnerability in ANZ
KnowBe4 Benchmark Report: Reducing Human Risk & Phishing Vulnerability in ANZ

Events

Most Read Articles

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack
Home Affairs officer accessed data on "friends and associates"

Home Affairs officer accessed data on "friends and associates"
Qantas contacted by "potential cyber criminal"

Qantas contacted by "potential cyber criminal"
SA Power Networks tackles IAM, cloud security under five-year strategy

SA Power Networks tackles IAM, cloud security under five-year strategy
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?