Critical Watch FusionVM
Strengths: Internal and external scanning ability.
Weaknesses: Web-based support is quite minimal; no knowledge base.
Verdict: Good functionality, but could use stronger support.
FusionVM from Critical Watch offers both vulnerability management and configuration policy auditing in either a physical or virtual appliance or as a full, cloud-based SaaS option. If the SaaS option is chosen, customers can receive external scanning without any additional hardware or software needed. If scanning internally, the customer must install an appliance that connects to the cloud service for scanning. This product offers many vulnerability and risk assessment options, including web applications, databases, third-party applications and workstations, among many others. This tool also includes a full compliance module that scans and reports on many compliance standards, such as Sarbanes-Oxley (SOX), Gramm-Leach-Bliley Act (GLBA), Health Insurance Portability and Accountability Act (HIPAA), ISO1779 and PCI.
For our evaluation, we ran the product in the SaaS model with a physical scanner installed in our lab. The setup of the appliance was quite simple and only took a few minutes. We first plugged in the appliance and connected a monitor and keyboard. After the appliance was booted, we were able to login and configure the network and IP settings. Once those were completed, the scanning appliance was up and running with a connection directly to the Critical Watch cloud VPN. To launch a scan, we simply had to log into the Critical Watch web portal and set up a scanning job. We found the web portal to be quite easy and intuitive to navigate with a nicely organized layout. Scanning jobs can be set up to run on-demand or be scheduled to run at specific times.
Overall, we found the Critical Watch FusionVM to be quite flexible and to have many features. Built in to the web portal is a remediation manager section, which allows for administrators to assign and track remediation tasks after a scan has completed. Also available are several charts, graphs and reports for viewing scan results based on hosts scanned, risk data and open services, among others.
Documentation included a full PDF user guide that covered how to deploy and use the product. We found this guide to be well-organized and to include many screen shots and detailed explanations of product features and functions. Also included were many examples that helped illustrate more complex scanning and reporting procedures.
Critical Watch offers full 24/7 phone- and email-based technical support to customers as part of the SaaS subscription fee. For customers with the on-premise version of the product, assistance can be purchased as part of a contract at about 10 percent of the product price. Customers also have access to an online FAQ, but that is about it for online-based support. At the current time, Critical Watch does not provide a web-based knowledge base.
At a price starting at $416 per month for 100 IPs for the SaaS service, or around $40,000 for 1,000 IPs for the on-premise scanner, we find this product to be a good value for the money. We found the hybrid SaaS/appliance architecture to offer flexibility for deployment while providing a good amount of features and functionality.