Hercules 4.0 Enterprise Vulnerability Management Suite
Citadel Security Software
Price: Available from vendor
Citadel's Hercules 4.0 Enterprise Vulnerability Management Suite meets enterprise demand for integrated security tools by providing comprehensive control over the entire vulnerability management lifecycle.
With its Compliance Manager, Hercules 4.0 combines compliance and remediation into an integrated suite within a unified console. Hercules enables users to conduct both scanner- and agent-based vulnerability assessments, automate enforcement and audit compliance. With Citadel's library of more than 23,000 vulnerability fixes, Hercules provides comprehensive automated remediation.
Compliance Manager powers the system's inherent ability to create and enforce technical and business policies; noncompliant systems are quarantined until all identified issues are fixed. Compliance Manager is, by default, shipped with policy templates for SOX, GLBA, FISMA and HIPAA.
Remediation Manager executes policy enforcement and automated vulnerability remediation, including compliance and IT security policy enforcement. The agents can analyze malicious file hashes, digital signatures, and registry and system settings. The agents are required for all remediation within the network.
Integration of scanner data is easy; simply select from a list of third-party vendors, and point to the scanner database or XML file. Citadel supports most major VA vendors.
The Hercules suite can manage most Windows and *nix-based systems. The administration console runs atop a Windows platform via a thin client. Hercules offers two optional modules: AssetGuard and ConnectGuard. AssetGuard allows you to track key assets on your network, as well as assign and calculate their business value and risk. ConnectGuard, an endpoint quarantine solution, provides security and policy enforcement for mobile workstations.
Hercules 4.0 provides impressive access to detailed real-time system and vulnerability data, enterprise-wide compliance re-porting and enforcement, and executive reports that even the board will appreciate.
James C. Foster is a technical editor for Information Security magazine, where this review first appeared in the October 2005 issue.