LANDesk Security Suite v9.5
Strengths: Patching, especially end-of-life product support.
Weaknesses: Understanding the support options was a bit difficult.
Verdict: Very nicely put together.
LANDesk Security Suite v9.5 SP1 manages, assesses and controls security at the endpoint through a single agent and server architecture. This architecture is policy driven and can be configured to change policy based on Active Directory, physical location or IP address ranges. As security events are encountered, they are logged locally on the client and sent to a server for central collation. The suite contains the following layers of protection: patch management, security threat/posture analysis, application control (whitelisting/behavior control), anti-virus, device control and firewall. Patch management is a core competency of LANDesk and is the proactive backbone of security, giving customers the ability to deploy patches to all major enterprise operating systems. It includes one of the largest libraries of third-party patches. Also, LANDesk can detect end-of-life versions of third-party applications for which the manufacturer is no longer providing updates.
The suite is typically installed on Windows Server 2008 R2 and leverages a Microsoft SQL database. The SQL database will either be on the same server or, as the environment grows in size, the SQL Server can be moved to a separate server configured following Microsoft's recommended practices. The Server 2008 R2 should be configured with the application server role. Internet Information Services (IIS) is leveraged by the application and .Net 4.0 is also required on the application server. A wide range of Windows and Linux operating systems are supported.
The dashboard was cleanly laid out, providing a clear picture of the activities, as well as an easy-to-navigate drop-down panel and a typical toolbar at the top. Scan information opened up to a set of tools on one side and a listing of devices on the other. By selecting a device, users can access the device inventory, history, service desk, group membership and more. Each drop-down took us into more options and features. The anti-virus section opened up general, protection, scheduled tasks and advanced settings. The Agent Configuration panel opened up the settings for each item - for example, patch compliance scanning, spyware, application blocker, endpoint security, Agent Watcher 802.1x support, and more. Overall, there were a lot of options, features and settings with which to tune the system and thus address the customer's endpoint security needs.
Customers who purchase a LANDesk maintenance program are awarded "points" according to the level of their investment. The accumulation of points, at initial purchase and throughout the year, determines the level of support for which a customer is automatically qualified. Points expire when the maintenance contract concludes, and the renewal process results in new points being issued. The number of points a customer has been awarded is easily tracked by logging into the Smart Service Portal in the LANDesk Community. Support is offered in four basic options.
Although we found it difficult to understand the costs involved with all the various support options, the overall value of the product is very good.