This product is based upon a substantial rack-mount hardware appliance running Linux, and a Windows-based console and reporting capability with which to administer the system. Agents are then placed on target machines across the network and acknowledged at the console.
Trigeo is targeting this product at small and medium-sized enterprises. Such organizations do not always have the luxury of full-time information security staff to analyze developments as reported by conventional SIM tools. So the Trigeo approach is to perform real-time monitoring coupled to automated remediation, based upon a comprehensive set of rules.
In this way, organizations can be protected with a minimum of human intervention.
One should not presume that this product is a plug-and-play device that magically secures your organization from all possible ills. Like any such tool, it will require careful configuration in order to align it to your particular situation and get the best from it.
However, Trigeo make this an easier process than is sometimes the case, with an array of well-considered preconfigured rules and an innovative approach to training. When coupled to comprehensive third-party product support for operating systems, firewalls, routers, anti-virus and intrusion detection systems, you have the basis for a very powerful information management capability.
The appliance supplied for review was based upon a very substantial Dell rack mount server running a version of Debian Linux. This fired up reliably and reassuringly. The Windows-based console installed without a hitch, is attractive and intuitive, and uses the Crystal Reports run-time for reporting duties.
Agent installation was similarly reliable and one quickly gains the impression that the folks at Trigeo have thought things through pretty well in order to ease the implementation of what is, after all, a potentially complex, yet vitally important capability.