The BindView Compliance Control Suite includes bv-Control for Windows, bv-Control for Internet Security and Compliance Center. This is a very complex suite of products and is part of a complete compliance and assessment toolkit that offers virtually every view necessary of the security compliance status of an enterprise. This very strength makes configuration and use of the product difficult at first.
Documentation is on several CDs, but there is no separate quick-start guide to assist in installation and you must copy the manual(s) off of the CD because you will need it and others to install – an awkward arrangement. The documentation, although voluminous, did not help us much in solving some sticky installation problems. It gives a clear description of what to do, but does not help when things go wrong.
BindView handles the product’s complexity by providing a Microsoft-like tree structure. On the surface, this seems a good approach, but we found the tree contained a lot of functions that were difficult to figure out. Some appeared to do nothing (but were not grayed out) until we probed the documentation a bit deeper. Installation, likewise, was difficult and occasionally convoluted.
The Suite is a very large product that needs a serious computer on which to install it. We started with a PC that had 512MB of physical memory and found it was not enough. The program had so much difficulty installing that we opted for one of our larger machines, a dual processor Windows 2000 computer with 2GB of RAM. The program installed well on that platform and performed acceptably.
One of its primary strengths is that it is feature-rich. It offers not only broad views of the targets it is assessing, it can assess a wide range of platforms and applications in Windows and Unix environments. This was the only software product we tested that compared with the appliances in our product suite, but unlike the appliances, it was difficult to install and use. BindView might benefit by offering the product pre-configured as an appliance.
Reporting is flexible and extensive.
For: Feature rich, integrates with a wide variety of other BindView products; reporting is excellent.
Against: Extremely complicated to implement, documentation is awkward.
Verdict: A thorough compliance and assessment tool kit providing views on enterprise security compliance status.
