Quest Software InTrust
August 02, 2010
$12 per enabled user for first year and 20 percent maintenance per user every year after
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Provides user activity tracking and alerting.
- Weaknesses: Limited on the types of logs it can handle; cost.
- Verdict: Specialized log analysis tool that can get a bit expensive in large implementations.
InTrust from Quest Software provides users with the ability to manage and analyze logs and events from Windows, Linux and UNIX systems in one integrated application. This product features the tools necessary to collect and analyze suspicious events and to create reports and alerts to help mitigate risk of possible threats.
We found this tool to be quite easy to install and configure. The application itself is installed via a short installation wizard that, after completion, will install all the necessary components needed for the application. After installation is complete, a configuration wizard is launched that helps get a basic configuration in place to start collecting data. All other management is done via the management console, which we found to be quite comfortable to use with an easy-to-browse, through-tree navigation structure.
While this product is designed for native collection of Windows, Linux and UNIX logs, with some addition configuration it can also be configured to handle other log types, such as Cisco and CheckPoint. We also found the correlation engine for this product to provide some nice functionality as well, including UserTrack, which watches user and administrator accounts and automatically alerts on suspicious activity.
Documentation included a quick-start, user and several other supplemental configuration guides. The installation guide provides a good amount of detail on how to get the system installed and up and running, while the user guide provides a deeper look into how to configure and use the product. We found all the guides to include a good amount of detail with many screen shots and step-by-step instructions.
Quest includes the first year of technical support in the purchase price. After the first year, customers can purchase additional support via a support contract. Support includes 5 a.m.-5 p.m. PST phone and email support, as well as an option for 24/7 support at an additional cost. There is also a support area available on the website, which includes a knowledge base, documentation and other product resources.
At a price of $12 per Active Directory-enabled user per year, this product can get quite expensive for large environments. We find this tool to be an average value for the money. While it does have some nice features, it is quite limited in some areas.
Sign up to our newsletters
SC Magazine Articles
- APT operation 'Double Tap' exploits serious Windows OLE bug
- 'DoubleDirect' MitM attack affects iOS, Android and OS X users
- Android malware 'NotCompatible' evolves, spawns resilient botnet
- The Internet of Things (IoT) will fail if security has no context
- Regin: nation-state possibly behind the stealthy modular spying malware
- Operators disable firewall features to increase network performance, survey finds
- DDoS attacks cost organizations $40,000 per hour, survey finds
- Waste no time patching Windows Schannel, OLE bugs, experts warn
- Study: 68 percent of healthcare breaches caused by loss or theft of devices, files
- Spin.com redirects to Rig Exploit Kit, infects users with malware, Symantec observes
- Study: 'High priority' issues hamper endpoint security solution implementation
- Researchers identify POS malware targeting ticket machines, electronic kiosks
- Pirated Joomla, WordPress, Drupal themes and plugins contain CryptoPHP backdoor
- DDoS attacks grew in size, threats became more complex, Q3 reports say
- Man gets 18 months in prison for accessing Subway POS devices, loading up gift cards