Hercules 4.0 Enterprise Vulnerability Management Suite
Citadel Security Software
Price: Starts at $63 per workstation; $199 per server
Citadel's Hercules 4.0 Enterprise Vulnerability Management Suite meets enterprise demand
With its Compliance Manager, Hercules 4.0 combines compliance and remediation into an integrated suite within a unified console. Hercules enables users to conduct both scanner- and agent-based vulnerability assessments, automate enforcement and audit compliance. With Citadel's library of more than 23,000 vulnerability fixes, Hercules provides comprehensive automated remediation.
Compliance Manager powers the system's inherent ability to create and enforce technical and business policies; noncompliant systems are quarantined until all identified issues are fixed. Compliance Manager is, by default, shipped with policy templates for SOX, GLBA, FISMA and HIPAA.
Remediation Manager executes policy enforcement and automated vulnerability remediation, including compliance and IT security policy enforcement.
The agents can analyze malicious file hashes, digital signatures, and registry and system settings. The agents are required for all remediation within the network.
The Hercules suite can manage most Windows and *nix-based systems. The administration console runs atop a Windows platform via a thin client.
Hercules offers two optional modules: AssetGuard and ConnectGuard.
AssetGuard allows you to track key assets on your network, as well as assign and calculate their business value and risk.
ConnectGuard, an endpoint quarantine solution, provides security and policy enforcement for mobile workstations.
Hercules 4.0 provides impressive access to detailed real-time system and vulnerability data, enterprise-wide compliance reporting and enforcement, and executive reports that even the board will appreciate.
About the author
James C. Foster, Fellow, is the Deputy Director of Global Security Solutions at CSC. Foster has contributed to more than 15 books and has held executive positions at Foundstone, Guardent and the U.S. Department of Defense.
This review orginally appeared in Information Security magazine.
This was first published in October 2005