Product Information

Trustwave NAC v3.6.0

starstarstarstar

by Michael Lipinski September 01, 2010
Vendor:

Trustwave

Product:

Trustwave NAC

Website:

http://www.trustwave.com

Price

$22,000

RATING BREAKDOWN

  • Features:
    starstarstarstarstar
  • Ease of Use:
    starstarstarstar
  • Performance:
    starstarstarstar
  • Documentation:
    starstarstarstar
  • Support:
    starstarstarstar
  • Value for Money:
    starstarstarstar
  • Overall Rating:
    starstarstarstar

QUICK READ

  • Strengths: Management of dark IP space; full cycle NAC product; nice reporting; good agent flexibility, including an “agentless” Java web service push to scan guest machines.
  • Weaknesses: Management server functionality is not distributed; single point of failure.
  • Verdict: Easy to use and full featured. At $22,000 per appliance, can be pricey in a distributed environment.
Trustwave NAC v3.6.0 is an appliance-based solution that works in a distributed yet centrally managed architecture and includes both sensors and management servers. The appliances run a hardened Linux OS and communicate with each other through a secure SSH pipe. The central management console is responsible for pushing configuration to all sensors, taking status data from the sensors and archiving data for reporting. Sensors are responsible for network traffic monitoring, detection and mitigation.

Configuration of the management appliance and sensors is straightforward. Initial programming to get it on the network is via a terminal program. There are several screens of data that require data entry and once that is done, the Management Operations Console can be launched.

The tool supports comprehensive endpoint compliance scanning of Windows-, Linux-, and MAC-based network devices. Compliance scans can check for known firewall, anti-spyware and anti-virus packages, as well as OS patches, and compare these to configured compliance policies. A basic port scan can be conducted as part of the compliance check. The tool does not perform a full port scan; rather, it scans TCP and UDP ports.

Reporting is good and includes numerous canned reports and custom reporting capabilities. The graphical displays include drill-down capabilities to underlying detail. A useful ad-hoc engine allows users to easily query the MySQL database for information. A full device-level audit trail is included. Alerting is fully configurable and can be sent via email or syslog server.

Standard support includes access to software updates. Premium support options are available for a 23 percent fee based on list price.

Related Group Test

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US