Review: Secure Computing’s SecurityReporterby Steve Ragan - May 20 2008, 21:40
SecurityReporter adds data management to SnapGear devices. (IMG: Steve Ragan)
SecurityReporter is a flexible, scalable, one-stop Security Event Manager (SEM). During the review of the SnapGear SG565, Tech Herald was also able to use and review SecurityReporter as it is licensed for each SnapGear unit. SecurityReporter is tricky to manage at first, but once you get it running, compliance reports and general monitoring are a cinch.
Getting started requires that you use your my Secure Computing portal to download the SecurityReporter files. This portal is granted to any Secure Computing customer and is where you license and manage value added services. The installation is simple to follow and you are guided through most of the parts. After the initial install is done, you need to license the device, in this case a SnapGear SG565, and after that, you are finished.
As simple as it seems, all you have left at this point is to make sure the SnapGear device is sending data, and that SecurityReporter sees the device, both of which are explained in the administration manual for SecurityReporter.
SecurityReporter as an SEM offers detailed monitoring and reporting, and is customizable to pretty much any environment. There is the ability for monitoring of alerts, built-in compliance reports, and forensics analysis. As detailed in the images below, there really is very little SecurityReporter will not tell you. During the testing of the SG565, SecurityReporter was used to tell if SNORT and Webwasher (Secure Web) were working properly.
The trick is to learn how to create the reports you want. That is the one downside to SecurityReporter. It can be tricky to learn all of the various functions and master the art of report creation. However, once you learn how to make the needed reports, shifting through countless logs is something you will remember with fondness, and you will never go back.
The one thing that stands out is the compliance reports. You can get an audit report on the fly for SOX, PCI, HIPAA, GLBA, and FISMA in HTML or PDF format. There is also a glance feature that you can use for daily checks without the need for printing. These options are located in the Security Center.
Overall, SecurityReporter is a great addition to the SnapGear lineup. It takes all the information that would normally be scattered across several devices and places them in one central location that is easily manageable.
The rank for this is hard to nail down to just one or two things. SecurityReporter earns a solid 9 out of 10. The only draw back is the learning curve, once that hurdle is beaten, the application is easy to use.