Quest Software InTrust
August 02, 2010
$12 per enabled user for first year and 20 percent maintenance per user every year after
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Provides user activity tracking and alerting.
- Weaknesses: Limited on the types of logs it can handle; cost.
- Verdict: Specialized log analysis tool that can get a bit expensive in large implementations.
InTrust from Quest Software provides users with the ability to manage and analyze logs and events from Windows, Linux and UNIX systems in one integrated application. This product features the tools necessary to collect and analyze suspicious events and to create reports and alerts to help mitigate risk of possible threats.
We found this tool to be quite easy to install and configure. The application itself is installed via a short installation wizard that, after completion, will install all the necessary components needed for the application. After installation is complete, a configuration wizard is launched that helps get a basic configuration in place to start collecting data. All other management is done via the management console, which we found to be quite comfortable to use with an easy-to-browse, through-tree navigation structure.
While this product is designed for native collection of Windows, Linux and UNIX logs, with some addition configuration it can also be configured to handle other log types, such as Cisco and CheckPoint. We also found the correlation engine for this product to provide some nice functionality as well, including UserTrack, which watches user and administrator accounts and automatically alerts on suspicious activity.
Documentation included a quick-start, user and several other supplemental configuration guides. The installation guide provides a good amount of detail on how to get the system installed and up and running, while the user guide provides a deeper look into how to configure and use the product. We found all the guides to include a good amount of detail with many screen shots and step-by-step instructions.
Quest includes the first year of technical support in the purchase price. After the first year, customers can purchase additional support via a support contract. Support includes 5 a.m.-5 p.m. PST phone and email support, as well as an option for 24/7 support at an additional cost. There is also a support area available on the website, which includes a knowledge base, documentation and other product resources.
At a price of $12 per Active Directory-enabled user per year, this product can get quite expensive for large environments. We find this tool to be an average value for the money. While it does have some nice features, it is quite limited in some areas.
Sign up to our newsletters
SC Magazine Articles
- Popular adult website XTube compromised, delivers malware
- Android vulnerability leaves apps open to malicious overwriting
- One in three of the top million websites are 'risky,' researchers find
- Orgs predict $53M risk, on average, from crypto key, digital cert attacks
- Hanjuan Exploit Kit leveraged in malvertising campaign
- Report: 71 percent of orgs were successfully attacked in 2014
- Self-deleting malware targets home routers to gather information
- 'PoSeidon' point-of-sale malware targets payment card information
- Amedisys notifies nearly 7,000 individuals of potential breach
- Report: More than 15,000 vulnerabilities in nearly 4,000 applications reported in 2014
- The best defense is a good offense: The importance of securing your endpoints
- British Airways says rewards accounts hacked, locked down
- Documents on NSA's zero-day policy provide little insight, EFF says
- GitHub on DDoS alert, efforts to curb its largest attack continue
- Shadow data: The monster that isn't just under your bed