Upcoming Events

Cloud Connect
Santa Clara
Feb 13-16, 2012

Cloud Connect brings together the entire cloud eco-system to better understand the transformation we're experiencing and promises to be the defining event of the cloud computing industry. Learn about the latest cloud technologies and platforms from thought leaders in Cloud Connect’s comprehensive conference.

Register Now!

R E V I E W

Policy Enforcers

May 29, 2003
By Mike Fratto

>> continued from previous page

Pedestal Software SecurityExpressions 3.0

	Issue TOC
	Print full article
	Print this page
	Download as PDF
	E-Mail this URL
	Discuss this article
	Flame the author

	In this article
	Introduction
	BindView Development Corp. bv-Control 7.2 and Policy Operations Center 4.2
	Configuresoft Enterprise Configuration Manager 4.0 with Security Update Manager 2.0
	Pedestal Software SecurityExpressions 3.0
	Symantec Enterprise Security Manager 5.5
	PoliVec Security Policy Automation Suite (Builder 2.6, Scanner 3.5, Enforcer 1.1)
	NetIQ VigilEnt Security Manager 4.0
	Computer Associates eTrust Policy Compliance 7.4
	How We Tested
	Report Card

SecurityExpressions was deceptively simple to use compared with the other products we tested--and that's a good thing, provided you stick to the sample scripts and reports. SecurityExpressions, like the products from BindView and PoliVec, doesn't require agents for Windows computers, though agents are available for querying hosts on remote networks. SecurityExpressions is unique among the products we tested, however, in that it doesn't require that you install an agent on Unix hosts--it just needs an account with root privileges and SSH for secure communications.

Reporting and policy definition are top notch, though custom reports and ad hoc queries are a bit difficult to define. SecurityExpressions can install both patches and service packs through custom scripts. Of course, the price is by far the lowest of the products we tested, which, depending on your needs, may offset the costs associated with building custom reports.

SecurityExpressions splits the tasks of policy monitoring and policy enforcement by providing a Web interface, where we could run reports but not make changes to end systems or the SecurityExpressions application. Each report is contained in an individual SIF file: There's no global configuration for computer discovery and grouping, so we had to repeat basic configurations for each individual report. We exported the SIF files as policy guideline documents, which provided high-level descriptions of each check, or as policy standards where a specific configuration setting is detailed. Both reports are appropriate for administrators, not for general users.

Running reports was a snap. We took a predefined report that discovered the patch levels on the destination computers and defined the domain credentials used to authenticate to each target. We saved the report file and ran it. The resulting report showed the missing patches and service packs; we then used this information to bring systems up to code.

Features

click to enlarge

Configuration reports offered a bit more detail and showed the defined settings as "OK" or "Not OK." There is a wizard for creating custom reports. However, we found that you have to know what you're looking for and the required options. Some selections are context-sensitive, but many aren't. However, we caught on quickly, so after gaining some familiarity and experience, most administrators should be able to build reports just fine.

SecurityExpressions is ideal for shops with more chops than cash--though it is more difficult to use out of the box, once you get the hang of it you'll enjoy robust reporting and scripting for a bargain price.

SecurityExpressions 3.0, Pedestal Software, (888) 664-7174. www.pedestalsoftware.com