McAfee Hercules Policy Auditor | SC Media

McAfee Hercules Policy Auditor

March 1, 2007

The Hercules Policy Auditor and Remediation Manager are the products that were formerly known as the Citadel Hercules product. These products have one very unique feature: they can input the output from popular vulnerability scanners — pretty much any scanner that uses the CVE (common vulnerability exploit) numbering scheme — and use the product to remediate the vulnerability. The Hercules product supports a large number of operating systems, including several variants of Unix, Linux, Microsoft and Mac systems.

Installation of Hercules Policy Auditor and Remediation Manager is quite tricky. The Policy Auditor appears only to install on Windows 2003 Servers with no Active Directory components installed, but the product requires .net, Internet Information Server (IIS) and Microsoft SQL Server. Once the underlying OS is configured, the installation of the Hercules packages can begin. The Policy Auditor has four main components: the download server, the main Hercules server, the channel server and the reporting server. Each component requires some attention to detail, and it is necessary to refer back to the installation and user guides.

There are many PDFs available for this product and all the PDFs are indexed and searchable. Most of the PDFs are pretty lengthy, so having the index is quite handy. We found the installation and the quick-start guides to be the most valuable in this test.

McAfee offers many different levels of paid support for the Hercules product. Options vary from 8x5 phone support to 24/7 support.

The McAfee Hercules Policy Auditor and Remediation Manager is at the upper end of cost when compared with other products tested in this group, but the Hercules product is also quite feature rich and includes support for many different operating systems. It is quite clear that Hercules is aimed at large enterprises. Cost of ownership, of course, must be considered in context with additional cost of support. Taken together this is not an inexpensive product, but considering its target implementation, the value for the money is good.

Product title
McAfee Hercules Policy Auditor
Product info
Name: Hercules Policy Auditor Description: Price: $71.75/node (5,000 or more nodes; pricing varies depending on quantity), plus support
Strength
Support for many operating systems and the ability to take input from vulnerability scanners.
Weakness
The product is difficult to install and very complex to manage.
Verdict
For the largest enterprises, this product might be a fit. It requires a significant time investment from the administration staff to configure and administer the Hercules product.
prestitial ad