Strengths: Scanning support across many server platforms in the enterprise.
Weaknesses: Documentation lacks visuals and agents must be deployed manually.
Verdict: A very good tool, but it requires extra effort to install and manage.
SummaryThe Assuria Auditor is a security and compliance scanner for enterprise servers. This product features capabilities, such as vulnerability assessment, system change detection, system information and regulatory compliance. The Auditor can actively scan systems using agents deployed across the enterprise network, and these agents report back to the main console.
We found this tool to be an easy install. The initial install of the console application is guided by a setup wizard that is easy to follow. Once the product is up and running, we started to deploy the agents. The only problem we had with this process is the agents are in executable format so they cannot be deployed using Active Directory Group Policy for Windows-based systems. The console itself, with an intuitive tree navigation structure, is fairly easy to use and navigate.
Agents can be deployed across the enterprise via many system and server types. Assuria offers agents not only for Windows-based systems, but also Linux and Unix. Policy and scanning is also easy to set up and scans can be implemented with a number of various properties.
Documentation for this product includes an installation guide, administrator guide and a user guide. The installation guide illustrates the overall installation and setup process for the console and agent deployment. The administrator guide focuses on policy creation and compliance checks. Finally, the user guide details using product features and running scans. All these manuals are well organized and easy to follow with many step-by-step instructions. However, there are no screen shots or diagrams to help further illustrate configuration.
The company offers 24/7 phone and email technical support, as well as product updates, as part of a maintenance contract at 20 percent of the license fee. There is a support area on the website, but it only contains support contact information.
At a price starting at $3,800 for the console and five agents, this product is a good value for the money. While it does have some small deployment hurdles to jump, overall it is quite easy to use and provides a multiplatform vulnerability scanning engine.