Content

Quest Software InTrust

InTrust from Quest Software provides a server-based log collection and analysis tool for Windows and Linux/Unix systems, as well as syslogs, applications and databases. Right out of the box, this product can natively collect, correlate and analyze Windows event logs, as well as a few other common types of logs, such as custom device types.

We found this solution to be a reasonably simple install. The installation is guided by a wizard that will help not only in installing the product but also ensuring a proper database connection is made and all features are installed. At the completion of the wizard, all further configuration is done through the management console. When the console is run for the first time, a short getting-started wizard is shown, which helps get a base configuration in place to start collecting and analyzing logs.

This tool offers some robust functionality outside of log collection. The UserTrack capability allows for the collection of both user and administrator account access, and correlates them with other security events to provide a greater view of potential security risks. This functionality then uses real-time alerts to notify - through email or other monitoring programs - that suspicious activity has occurred.

Documentation included quick-start, installation and user guides, as well as several other pieces of supplemental documentation, all in PDF format. We found all documentation to be well-organized.
Quest Software includes the first year of standard support with the purchase of the product. After the first year, customers can purchase additional support by way of a contract.

At a price of $15 per enabled user and $995 per server, this product can be quite expensive for larger environments. We find InTrust to be an average value for the money as it does have some nice features, but overall cost of ownership can become pricey.
Product title
Quest Software InTrust
Product info
Name: InTrust Description: InTrust from Quest Software provides a server-based log collection and analysis tool for Windows and Linux/Unix systems, as well as syslogs, applications and databases. Price: $15 per enabled user, or $995 per server
Strength
UserTrack system correlates user activity to events.
Weakness
Expensive.
Verdict
Match your needs and budget carefully to this one. If user correlation is important to you, this is well worth a close look.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.