BeyondTrust Retina CS
February 01, 2013
Starts at $8,000 for 256 assets.
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Full vulnerability assessment with risk management functionality.
- Weaknesses: None that we found.
- Verdict: Very good value and a venerable product with a good focus on compliance.
The Retina CS from BeyondTrust offers up quite a few strong features for vulnerability management throughout the enterprise. This solution provides discovery and remediation of security risks and vulnerabilities based on priority and severity. It offers the usual vulnerability scanning and assessment functions, but takes this a step further by adding context to those vulnerabilities, which brings in some risk management functionality alongside vulnerability management.
We found this tool to be simple to set up and deploy. To get the appliance running, we had to connect it to the network and assign an IP address using the buttons on the front panel of the appliance. After we set the IP and network information, we were able to browse to the web-based management console. The first time we logged into the console, we were presented with a short setup wizard, which allowed us to configure some basic appliance settings, such as the administrator password and licensing information. After the wizard was complete, we were taken to the main appliance dashboard. All further management and configuration was done from this web-based administration console, which we found easy to navigate. It also provides many charts, graphs and visuals displaying the overall security and risk assessments of the environment.
Aside from the easy-to-navigate dashboard and web-based management console, we found this product to include many scanning options. The scanning engine provides a number of templates for regulatory compliance scanning right out of the box. Some of these include: PCI Data Security Standards (PCI DSS), Health Insurance Portability and Accountability Act (HIPAA), Sarbanes-Oxley (SOX), Gramm-Leach-Bliley Act (GLBA), National Institute of Standards and Technology (NIST), Federal Energy Regulatory Commission (FERC)/North American Electric Reliability Corp. (NERC), 201 CMR 17 (the Massachusetts Data Protection Law), International Organization for Standardization (ISO), Control Objectives for Information and Related Technology (COBIT) and Information Technology Infrastructure Library (ITIL).
Documentation included a short quick-start guide along with a full user guide. The quick-start guide offered a good amount of detail, along with initial setup instructions to get the appliance up and running. We found all documentation to include clear step-by-step instructions, as well as many screen shots and detailed descriptions and configuration examples.
BeyondTrust offers both eight-hours-a-day/five-days-a-week and 24/7 support options as part of a subscription. Customers must purchase this at an extra cost. It provides access to both phone- and email-based technical assistance. Also available is access to an online portal that includes a knowledge base and many resources, including product downloads and technical documentation.
At a price of $8,000 for management of 256 assets, this product does carry quite the price tag for some environments, but we find it to be a very good value for the money. While expensive, this tool offers a lot in the way of overall vulnerability and risk management functions. Its feature set, combined with the many reporting and assessment options, gives an excellent overview of the enterprise's security.
SC Magazine Articles
- Industry pros react to Cisco, Fortinet advisories after possible Snowden NSA leak
- The Shadow Brokers' NSA hack claim unlikely, say experts
- After the breach: Settlement expected for 50M Home Depot customers
- Don't get caught by the Pokemon Go ransomware
- WikiLeaks postings of Turkish emails included active links to malware
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- CEO sacked after aircraft company grounded by whaling attack
- Microsoft warns of new, self-propagating ransomware in the wild
- Wendy's POS breach 'considerably' bigger than first thought
- After NSA leaks, a renewed interest in vulnerability disclosure
- USAA members hit with multiple phishing attacks
- Saving money on security software by improving cyber posture, report
- Two-thirds of IT security pros surveyed expect a breach to hit their company, report
- Epic hack, thousands of salted logins stolen