Quest Software InTrust
August 02, 2010
$12 per enabled user for first year and 20 percent maintenance per user every year after
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Provides user activity tracking and alerting.
- Weaknesses: Limited on the types of logs it can handle; cost.
- Verdict: Specialized log analysis tool that can get a bit expensive in large implementations.
InTrust from Quest Software provides users with the ability to manage and analyze logs and events from Windows, Linux and UNIX systems in one integrated application. This product features the tools necessary to collect and analyze suspicious events and to create reports and alerts to help mitigate risk of possible threats.
We found this tool to be quite easy to install and configure. The application itself is installed via a short installation wizard that, after completion, will install all the necessary components needed for the application. After installation is complete, a configuration wizard is launched that helps get a basic configuration in place to start collecting data. All other management is done via the management console, which we found to be quite comfortable to use with an easy-to-browse, through-tree navigation structure.
While this product is designed for native collection of Windows, Linux and UNIX logs, with some addition configuration it can also be configured to handle other log types, such as Cisco and CheckPoint. We also found the correlation engine for this product to provide some nice functionality as well, including UserTrack, which watches user and administrator accounts and automatically alerts on suspicious activity.
Documentation included a quick-start, user and several other supplemental configuration guides. The installation guide provides a good amount of detail on how to get the system installed and up and running, while the user guide provides a deeper look into how to configure and use the product. We found all the guides to include a good amount of detail with many screen shots and step-by-step instructions.
Quest includes the first year of technical support in the purchase price. After the first year, customers can purchase additional support via a support contract. Support includes 5 a.m.-5 p.m. PST phone and email support, as well as an option for 24/7 support at an additional cost. There is also a support area available on the website, which includes a knowledge base, documentation and other product resources.
At a price of $12 per Active Directory-enabled user per year, this product can get quite expensive for large environments. We find this tool to be an average value for the money. While it does have some nice features, it is quite limited in some areas.
SC Magazine Articles
- Yahoo breach; State-sponsored actors suspected, at least 500 million accounts affected
- Cybercriminals already able to hack ATM biometric readers
- Education sector bullied by ransomware and can barely defend itself, report
- IoT assault, connected devices increasingly used for DDoS attacks
- Cisco warns of exploitation of new flaws linked to Shadow Brokers exploits
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Hard Rock Hotel & Casino Las Vegas hit with POS breach
- X-ray and MRI machines among devices used as springboards for data breach attacks
- Hacker purportedly selling over 650,000 stolen medical records on dark web marketplace
- Wi-Fi warning! Study finds U.S. unaware of public Wi-fi risks
- RIG EK rigged to steal tricks from Neutrino in fight to fill Angler's void
- SWIFT adds additional protective measures for members to ensure cybersecurity compliance
- 185M incidents bypassed perimeter defenses - report
- Pagers found leaking patient health information
- OVH suffers massive 1.1Tbps DDoS attack