Features

Entercept is an intrusion prevention system (IPS). In common with traditional host-based intrusion detection systems (HIDS), Entercept resides on the host itself, but it works at a much lower level than a normal HIDS system.

TOS stands for 'trusted operating system.' It can also be used to protect servers that are providing DNS, as well as file servers, database servers, proxy servers and mail servers. TOS can protect any static files, including whole directories, drives, Windows registries and, of course, web pages.

This inventory application uses a technology called Lanprobe to meter software usage and discover devices on a network.

GASP is probably most famous for being the auditing software of choice for the Business Software Alliance. A free download of a version of this software is available on its web site. However, it can only audit up to 100 PCs and is time-limited. The version we reviewed is very much angled at the enterprise managing thousands of systems.

A complete Tripwire system consists of two components: Tripwire for Servers, which is an agent that must be installed on all servers that are to be protected; and Tripwire Manager, which provides central management for any number of Tripwire for Servers agents. Communications between server agents and management workstation are secured using the secure sockets layer (SSL) protocol.

Applock/Web works for web servers based on Microsoft IIS running on Windows NT/2000. It locks down both operating system and web server application. It auto-discovers which files are associated with web server functions (this may include web content and web scripts) and locks them down. It works within the operating system at the kernel level.

The software we received for this test was a pre-release of version 8, but initial observations tell us that any tweaks before the final version will probably be very minor ones.

This solution offers a suite of products under an asset management banner, comprising inventory, app- lication metering, asset control, contract management and TCO management. Support for Mac OS has recently been added.

iInventory is the latest version of LANauditor, which was launched back in 1990. This package can audit not only Windows-based PCs but also Macs and Linux systems. However the console that runs the whole show must be installed under Windows. The vendors recommend installing the software on a workstation instead of a server as it is claimed it is more secure, offers greater data throughput and clients do not need to access any part of the main program or data.

K2 builds upon KeyServer's success as a desktop management application to include auditing, in effect integrating software auditing and metering into one package. The client end can run on Windows, Macs and thin-clients, while the server can be hosted from any Windows-based PC as well as Macs, Novell Netware and Linux/ Unix.

PC-Duo from Vector Networks has now reached version 2.0. The suite comprises of modular components that can be bought in when needs dictate. Like other desktop management systems PC-Duo includes modules such as Inventory Management, Remote Control, Software Distribution, Diagnostics, Software Metering, and web-based helpdesk tracking.

This software is very much aimed at the auditing and information security industry and those that work within that field. It is basically a tool to audit information security in an automated fashion.

Tally Systems comes back with a number of improvements to its inventory software. The package can provide a one-stop shop for data that can be tied into various helpdesk systems that work with the software.

The SmartFilter product from Secure Computing was one of the earliest products to perform category-based URL filtering. Now in version 3.2, the basic principles of the product remain, with performance and management improvements aimed at making the task of controlling web access as simple as possible.
SmartFilter is intended to sit on a web proxy behind a firewall, or on the firewall itself. The product comprises agents that reside on the gateways, a management server that runs on Windows, Solaris and Linux servers, and a management console which can run on the same platforms. The server and console components are both Java based.

The Sybari Antigen suite consists of components that cover Exchange, SharePoint and Domino, the first of which was submitted for this Group Test. The software includes the Central and Quarantine Managers and Job Scheduler.

F-Secure's offering includes several components: a Policy Manager (the hub of the suite), an Anti-Virus Management Wizard and the Policy Manager Reporting Option.

The Gordano Message Suite is not an anti-virus solution per se, it is a complete web-based messaging system with email, instant messaging, calendar feature and message filtering. The whole lot is managed from a central web console which is clean and consistent, with the exception of a Windows utility to add users to the database.

The LANDesk Management Suite, previously owned by Intel, is the only product in this Group Test which is not in fact an anti-virus solution at all. It offers network management and software deployment, which is basically what anti-virus management is all about anyway.

McAfee is one of the best-known names in anti-virus, and we expected impressive results from testing ePolicy Orchestrator 2.5. The product is capable of managing several anti-virus solutions, including McAfee's own and Symantec's Norton, with support for others in the pipeline. Although policies for separate products are configured individually, the integrated management interface will immediately be useful to large enterprises with multiple anti-virus solutions.

Sophos sent us the Sophos Enterprise Manager suite, which really consists of two components. SAVAdmin controls client activities, and the Enterprise Manager collects updates and software packages for deployment.