Quest Software InTrust
August 02, 2010
$12 per enabled user for first year and 20 percent maintenance per user every year after
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Provides user activity tracking and alerting.
- Weaknesses: Limited on the types of logs it can handle; cost.
- Verdict: Specialized log analysis tool that can get a bit expensive in large implementations.
InTrust from Quest Software provides users with the ability to manage and analyze logs and events from Windows, Linux and UNIX systems in one integrated application. This product features the tools necessary to collect and analyze suspicious events and to create reports and alerts to help mitigate risk of possible threats.
We found this tool to be quite easy to install and configure. The application itself is installed via a short installation wizard that, after completion, will install all the necessary components needed for the application. After installation is complete, a configuration wizard is launched that helps get a basic configuration in place to start collecting data. All other management is done via the management console, which we found to be quite comfortable to use with an easy-to-browse, through-tree navigation structure.
While this product is designed for native collection of Windows, Linux and UNIX logs, with some addition configuration it can also be configured to handle other log types, such as Cisco and CheckPoint. We also found the correlation engine for this product to provide some nice functionality as well, including UserTrack, which watches user and administrator accounts and automatically alerts on suspicious activity.
Documentation included a quick-start, user and several other supplemental configuration guides. The installation guide provides a good amount of detail on how to get the system installed and up and running, while the user guide provides a deeper look into how to configure and use the product. We found all the guides to include a good amount of detail with many screen shots and step-by-step instructions.
Quest includes the first year of technical support in the purchase price. After the first year, customers can purchase additional support via a support contract. Support includes 5 a.m.-5 p.m. PST phone and email support, as well as an option for 24/7 support at an additional cost. There is also a support area available on the website, which includes a knowledge base, documentation and other product resources.
At a price of $12 per Active Directory-enabled user per year, this product can get quite expensive for large environments. We find this tool to be an average value for the money. While it does have some nice features, it is quite limited in some areas.
Sign up to our newsletters
SC Magazine Articles
- Angler Exploit Kit pushed in xHamster malvertising campaign
- Flaw makes Trendnet, D-Link routers vulnerable to remote attack
- Macro malware makes a comeback with BARTALEX attack
- Representatives question FBI and point out fallacies during default encryption hearing
- U.S. Defense Secretary Carter emphasizes culture change needed to hire fresh tech talent
- Cyber attacks to rise, but competent security talent scarce, study says
- Cybersecurity bills move forward on Capitol Hill
- Data possibly exposed for more than 364K Auburn University students
- Banking industry security protocol falters in third-party vendor contracts
- Malicious docs submitted to CareerBuilder job listings distribute malware
- FireEye first cybersecurity firm awarded DHS SAFETY Act certification
- Linux malware 'Mumblehard' has spamming feature, backdoor component
- Vulnerability enables downgrading of MySQL SSL/TLS connections
- Oregon's Health CO-OP laptop stolen, about 15K members notified
- UC Berkeley announces breach, unauthorized access to web server