Strengths: Overall concept, documentation, support for third-party products.
Weaknesses: Actually, very little.
Verdict: An obvious choice for open source advocates, but eminently useful in mixed environments as well.
The open source philosophy is still gaining ground. But for some, it still smacks less of enterprise-level IT than the enthusiast working alone in their shed at night.
This might be undeserved, but can sometimes be a hurdle to acceptance. Recognizing this, Applied Watch has created a decision-support command center that builds upon open-source tools such as Snort intrusion detection, Nessus vulnerability scanning, Syslog and others. Agents collect information from these tools and pass them, via 256-bit AES encryption, to the Applied Watch Server, to which the Command Center can provide various views.
The Command Center uses a browser-less console based upon the Java runtime and can thus operate in most environments. Overall, it has the makings of a comprehensive and scalable capability that can be deployed at reasonable cost.
The Applied Watch Command Center wraps everything into a cohesive whole, providing the ability to update and manage the remote agents with new rules, and so on, at the click of a mouse, as well as providing analysis and comprehensive reporting.
The Applied Watch Agents will run in all major Unix operating environments and have extensive capabilities to interact with Snort, Nessus and other modules in order to provide a degree of remote management as well as activity monitoring. Also, the agents are heartbeat monitored and alerts will be generated if they disappear from view.
The Applied Watch concept has much to commend it. The overall presentation is good, and the documentation is clear and comprehensive. A range of hardware appliances is available to embody the various open-source modules. The Applied Watch Command Center can also be deployed as software modules to interact with existing open-source tools.