Network Computingwww.networkcomputing.com

	Issue TOC Print full article Print this page Download as PDF E-Mail this URL Discuss this article Flame the author     In this article Introduction BindView Development Corp. bv-Control 7.2 and Policy Operations Center 4.2 Configuresoft Enterprise Configuration Manager 4.0 with Security Update Manager 2.0 Pedestal Software SecurityExpressions 3.0 Symantec Enterprise Security Manager 5.5 PoliVec Security Policy Automation Suite (Builder 2.6, Scanner 3.5, Enforcer 1.1) NetIQ VigilEnt Security Manager 4.0 Computer Associates eTrust Policy Compliance 7.4 How We Tested Report Card

To test policy monitoring applications, we used a mix of our production and test machines in a live environment. We installed agents, where applicable, remotely from a central point or through start-up scripts. We used two Microsoft Windows 2000 Active Directory Forests, three Windows NT 4.0 Domains, several Windows standalone production servers, five Windows XP desktops and more than 50 Windows 2000 Professional desktops. We also monitored our production Sun Solaris 2.7 and 2.8 servers, and Red Hat 7.3 and 8.0 computers. In all, we had more than 100 computers in the test. Most interesting was the sheer disarray of our patch status and configuration. While we don't exactly run an ultra-secure shop, we found, using all the products, that several key servers were woefully out of date--a problem we rectified.

We used the predefined policies that came with each product to run initial discoveries and reports. That gave us time to learn each application. Once we got comfortable, we tailored reports to our needs. We also created an informal policy based on ISO 17799 statements and modeled that policy within each product. As we patched systems and made configuration changes, we monitored systems in each application to see how changes were reflected in each product.