Hercules Vulnerability Management 4.0
- By Carlos A. Soto
- Oct 04, 2006
We found the Hercules Enterprise Vulnerability Management Suite to be one of the best programs on the market, particularly for large enterprise deployments. It was easy to use and learn. After a short time with the Citadel staff, we were able to find our way around the interface without trouble. This included the ability to execute auditing features as well as fix problems. Network administrators could spend an extra week or more getting up to speed on the suite's advanced features, but most of the basics can be covered in a single training session if you already know network protocols and a bit about your network's setup.
Hercules 4.0 comes with a lot of logically constructed features, such as ConnectGuard, which quarantines vulnerable systems to keep them from affecting the rest of the network. The way ConnectGuard works is simple. When a device joins the network, ConnectGuard blocks that device from transmitting to any other network device except the Hercules server. Once that device meets all the safety protocols and is updated with proper patches, ConnectGuard allows it to fully join the network.No snooping allowed
Along the same lines, Hercules 4.0 has a sophisticated permissions feature that insulates it and other devices from internal attacks by nosy employees. Most important, Hercules makes it easy for the admin to initiate these permissions and establish operational guidelines through a well-constructed graphical user interface.
Citadel has greatly improved the ability of Hercules to monitor and control the network by detaching the auditing and remediation features and providing several avenues to actively fix vulnerabilities. Hercules Compliance Manager scans the network for vulnerabilities. Once a vulnerability is detected, the Hercules Remediation Manager is used to fix the problem.
One advantage of separating the tasks of finding and fixing problems is that you can schedule each task to run independently of the other and conserve bandwidth. We were able to easily schedule the Compliance Manager to scan the network during certain hours of the morning, and we scheduled the Remediation Manager to fix any problems in the evening.
There was no problem we created that Hercules couldn't fix. The Remediation Manager includes more than 24,000 distinct remediation actions, including configuration errors, out-of-date patches, and removing contraband software or services.
But perhaps the most impressive feature was how well Hercules played with others. Hercules 4.0 auditing and remediation tools work with Windows, Mac OS, Solaris, HP-UX and Red Hat Enterprise Linux. So even on a mixed network, it works without a hitch.
In the past, Hercules had a reputation for being difficult to get up and running. To address this, Citadel created the Hercules Security Appliance, which is a plug-and-play device for administrators, and a Quick Start administration panel, found in the latest version of Hercules 4.0, which takes the admin through network inventory, client discovery, remediation and reporting in a few simple steps.
Technically speaking, this makes it possible to deploy the suite without training, though with something this important we'd still recommend admins get training.
Hercules 4.0 comes with an impressive volume of reporting analysis tools. The keystone is an interactive reporting display that provides users with a quick, up-to-the-minute glance at the network. Admins then have the ability to further drill into performance and vulnerability status for manager and upper management reports.
The only downside we found with Hercules 4.0 was the steep sticker price. For a small enterprise of 5,000 clients, Citadel charges $10,000 up front plus $13,500 monthly for subscription services. For a large network of 25,000 workstations, the base charge would be $25,000 and the monthly cost, factoring in volume discounts, would be $60,000. That's a lot to pay, but you get peace of mind for the price