REM Security Management Console
- By Carlos A. Soto
- Oct 04, 2006
eEye Digital Security has a strong product in its REM Management Console. Just as its name suggests, REM is a console that lets network admins see the status of their enterprise and address any issues that may arise. With good pricing, it's a great solution for smaller networks that need to get a leg up on security.
At first glance, the REM console can be a little intimidating because it looks like the dials and gauges you would find in an airplane cockpit. However, the design is actually fairly intuitive, plus you can customize the controls to display information about whatever you feel is most important.
The only issue is that to work effectively, the organization must make a commitment to eEye and implement some of eEye's other products such as Retina and Blink to protect their network, or outsource some of these capabilities to other companies. It would be better to have all the capabilities bundled together and less fragmented. Segmentation can create confusion for your staff and complicate the network security architecture. You might think you are protected by buying the core eEye product, only to find out later that for true lockdown, you need to purchase another software module from another company.
Despite this limitation, the REM console has some capabilities not commonly found in its competitors. REM allows security team members to work together to manage threats and reports, regardless of their physical location. Team members can work remotely from any Web portal by logging in to determine the threats and status of the network.
One problem common to most vulnerability management software is the inability to auto-prioritize emergencies or effectively track remediation processes. REM, however, has an intuitive rules-based wizard that lets administrators proactively delegate tasks. Additionally, REM lets admins filter problems based on severity, type and location.
This feature puts REM ahead of the pack in automation and ease of use.
REM is also effective at categorizing and organizing large infrastructures into manageable compartments. This feature is crucial in mid-size organizations, where a single vulnerability can often get lost in the crowd of servers and divisions. This also enables IT organizations to establish roles and responsibilities to better monitor the network and fix problems.
More important, this organizational bent allows administrators to establish permissions guidelines on where certain personal can and can't go. Likewise, security events can be automatically routed to the team member responsible for that business group, subnet, etc.
Another important feature of REM is its open database compliancy for high-capacity storage of network security events. REM goes a step further by allowing querying directly into its data storage area.
Additionally, the executive reporting capabilities are among the best in the market. An admin can generate an at-a-glance report of a network threat level assessment and the progress made in correcting various security issues with just a few clicks.
We found REM a cost-effective solution, particularly for small or mid-size enterprises. A small installment of around 500 assets is approximately $5,000, with a medium installment of 5,000 assets reaching around $16,500. A large installment of 10,000 assets would cost about $26,250.
One significant thing to note is that eEye doesn't carry the heavy monthly subscription fees that Citadel places on its customers. This could prove to be a tie-breaker at agencies that are feeling a dollar crunch.Carlos A. Soto is a former GCN Lab technology analyst. He currently lives and works in Houston.