Quest Software InTrust
August 02, 2010
$12 per enabled user for first year and 20 percent maintenance per user every year after
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Provides user activity tracking and alerting.
- Weaknesses: Limited on the types of logs it can handle; cost.
- Verdict: Specialized log analysis tool that can get a bit expensive in large implementations.
InTrust from Quest Software provides users with the ability to manage and analyze logs and events from Windows, Linux and UNIX systems in one integrated application. This product features the tools necessary to collect and analyze suspicious events and to create reports and alerts to help mitigate risk of possible threats.
We found this tool to be quite easy to install and configure. The application itself is installed via a short installation wizard that, after completion, will install all the necessary components needed for the application. After installation is complete, a configuration wizard is launched that helps get a basic configuration in place to start collecting data. All other management is done via the management console, which we found to be quite comfortable to use with an easy-to-browse, through-tree navigation structure.
While this product is designed for native collection of Windows, Linux and UNIX logs, with some addition configuration it can also be configured to handle other log types, such as Cisco and CheckPoint. We also found the correlation engine for this product to provide some nice functionality as well, including UserTrack, which watches user and administrator accounts and automatically alerts on suspicious activity.
Documentation included a quick-start, user and several other supplemental configuration guides. The installation guide provides a good amount of detail on how to get the system installed and up and running, while the user guide provides a deeper look into how to configure and use the product. We found all the guides to include a good amount of detail with many screen shots and step-by-step instructions.
Quest includes the first year of technical support in the purchase price. After the first year, customers can purchase additional support via a support contract. Support includes 5 a.m.-5 p.m. PST phone and email support, as well as an option for 24/7 support at an additional cost. There is also a support area available on the website, which includes a knowledge base, documentation and other product resources.
At a price of $12 per Active Directory-enabled user per year, this product can get quite expensive for large environments. We find this tool to be an average value for the money. While it does have some nice features, it is quite limited in some areas.
Sign up to our newsletters
SC Magazine Articles
- Long list of devices believed to be affected by NetUSB vulnerability
- Scammers target oil companies with sneaky attack
- CareFirst BlueCross BlueShield breached, more than one million individuals notified
- Study: Employees acknowledge risky security behavior, continue to engage in it
- Hack of airplane systems described in FBI docs raises security questions
- Hackers exploit Starbucks auto-reload feature to steal from customers
- Study: Nearly all SAP systems remain unpatched and vulnerable to attacks
- Former Nuclear Regulatory Commission employee arrested for alleged spear phishing campaign
- Millions of WordPress websites vulnerable to XSS bug
- FireEye first cybersecurity firm awarded DHS SAFETY Act certification
- Thousands of Bellevue Hospital Center patients notified of data breach
- Study: 86 percent of websites contain at least one 'serious' vulnerability
- Investigation ongoing in reported multimillion member Adult FriendFinder breach
- Report: $19M breach settlement between MasterCard, Target terminated
- FTC gives thumbs up to companies that cooperate during breach probes