Manage Learn to apply best practices and optimize your operations.

Hercules 4.0 Enterprise Vulnerability Management Suite

Information Security magazine's contributing editor, James C. Foster , reviews Hercules 4.0 Enterprise Vulnerability Management Suite from Citadel Security Software.

Hercules 4.0 Enterprise Vulnerability Management Suite
Citadel Security Software
Price: Starts at $63 per workstation; $199 per server

Citadel's Hercules 4.0 Enterprise Vulnerability Management Suite meets enterprise demand for integrated security tools by providing comprehensive control over the entire vulnerability management lifecycle.

With its Compliance Manager, Hercules 4.0 combines compliance and remediation into an integrated suite within a unified console. Hercules enables users to conduct both scanner- and agent-based vulnerability assessments, automate enforcement and audit compliance. With Citadel's library of more than 23,000 vulnerability fixes, Hercules provides comprehensive automated remediation.

Compliance Manager powers the system's inherent ability to create and enforce technical and business policies; noncompliant systems are quarantined until all identified issues are fixed. Compliance Manager is, by default, shipped with policy templates for SOX, GLBA, FISMA and HIPAA.

Remediation Manager executes policy enforcement and automated vulnerability remediation, including compliance and IT security policy enforcement.

The agents can analyze malicious file hashes, digital signatures, and registry and system settings. The agents are required for all remediation within the network.

Integration of scanner data is easy; simply select from a list of third-party vendors, and point to the scanner database or XML file. Citadel supports most major VA vendors.

The Hercules suite can manage most Windows and *nix-based systems. The administration console runs atop a Windows platform via a thin client.

Hercules offers two optional modules: AssetGuard and ConnectGuard.

AssetGuard allows you to track key assets on your network, as well as assign and calculate their business value and risk.

ConnectGuard, an endpoint quarantine solution, provides security and policy enforcement for mobile workstations.

Hercules 4.0 provides impressive access to detailed real-time system and vulnerability data, enterprise-wide compliance reporting and enforcement, and executive reports that even the board will appreciate.

About the author
James C. Foster, Fellow, is the Deputy Director of Global Security Solutions at CSC. Foster has contributed to more than 15 books and has held executive positions at Foundstone, Guardent and the U.S. Department of Defense.

This review orginally appeared in Information Security magazine.


This was last published in October 2005

Dig Deeper on Risk assessments, metrics and frameworks