Quest Compliance Suite: Follow The Rules
Quest Software's Compliance Suite for Windows helps your customers meet both their compliance obligations and IT performance benchmarks.
- By Joanne Cummings
- May 01, 2007
Your customers are stuck between a rock and a hard place when it comes
to meeting their obligations and having the resources to do so. IT budgets
are tight, yet they still have to maintain compliance with a slew of regulatory
mandates, including Sarbanes-Oxley (SOX) and the Health Insurance Portability
and Accountability Act (HIPAA). Many are also trying to adhere to best
practices initiatives like those from the IT Infrastructure Library (ITIL)
and Control Objectives for Information Technology (COBIT). All of that
leaves few dollars available to buy any new products or services you may
be offering.
What if they could purchase just one relatively inexpensive product and
ensure both regulatory compliance and adherence to IT best practices?
They might just have some budget dollars left for that Windows Vista upgrade
or the move to Office 2007.
Enter Quest Software Inc.'s Compliance Suite for Windows. Through a secure
Web-based management portal, these tools give companies a consolidated
view of their IT compliance status by baselining the IT infrastructure,
tracking all events related to the security of information, and alerting
users to violations of established corporate data security procedures -- all
from one spot.
There are four components that make up the suite: the Compliance Portal,
InTrust, InTrust for Active Directory and Reporter. Together, these tools
help your customers monitor, track, report and alert on various user,
data-access and change-management activities across an entire IT infrastructure.
In October, Quest also added support for reporting from Microsoft Exchange
via Quest's ArchiveManager and MessageStats tools. Adding e-mail tracking
and reporting further increases the suite's usefulness, not just for regulatory
compliance, but for legal evidence and discovery purposes, as well.
In Data We Trust
The Web-based Quest Compliance Portal is the most important component
of the suite. It gives your customers a single-screen view of an organization's
IT compliance and framework status. It supports scheduled and ad hoc reporting,
and a range of user-defined business views into IT -- both at a summary
and granular level.
Quest
Software Inc. |
Quest Compliance Suite for Windows
Release Date: October 2006
Suite includes Quest Compliance Portal, InTrust, InTrust
for Active Directory and Reporter. Pricing starts at
$995 per server or $109 per workstation. Pricing for
Reporter begins at $8 per user.
www.quest.com
|
|
|
Because of its hooks into the other components of the suite, the portal
can report on and correlate data from numerous activities. For example,
users can track configuration changes via Quest Reporter, user activity
via Quest InTrust, AD domains in Quest InTrust for Active Directory, mailbox
usage in Quest MessageStats and e-mail storage management statistics via
Quest Archive Manager.
Your customers can customize their Portal reports to meet their specific
needs. Once logged into the portal, their users can view only the reports
and associated data to which they have been assigned access. They can
set up different profiles for management, IT personnel and auditors, for
example, so business users simply interested in regulatory compliance
issues can receive high-level reports. IT users can drill down into specific
operational performance metrics. They can also configure the portal to
handle subscriptions, which let each user receive an updated report via
e-mail or a notification when a new report is available.
Still, the portal would be useless without data. That's where the second
component comes in. InTrust monitors access to critical systems, to let
your customers detect inappropriate or suspicious access-related events
across the IT infrastructure. Each system InTrust supports requires a
separate Knowledge Pack. To date, Quest provides Knowledge Packs for the
following systems:
- Windows
- Solaris
- Linux (Red Hat and SuSE)
- Firewalls (Checkpoint Firewall-1 and Cisco PIX)
- Active Directory
- Microsoft Exchange
- Microsoft Excel
- SQL Databases
- Oracle Databases
- Microsoft Internet Security and Acceleration (ISA) Server
- Microsoft Internet Information Server (IIS)
- Microsoft Identity Integration Server (MIIS)
- AIX 5L
Each Knowledge Pack monitors, stores, reports and alerts on access-related
events. Users can set up alerts to monitor for suspicious access activity,
such as when a user has several failed log-on attempts and is then suddenly
successful. They can also use it to ensure that corporate data access
policies are followed correctly, so a sales user isn't accessing data
stored on critical finance department servers.
Once it sends an alert, InTrust stores a secure log of the event for
forensic and legal purposes. According to Quest, all event data is compressed
prior to storage.
InTrust for Active Directory
Another key aspect of any bulletproof Windows-compliance solution is tracking
and monitoring domain controller activities, and any changes made to AD
and Group Policy. That's where the third component of Quest's suite comes
in.
[Click image to view larger version.] |
Quest Reporter lets your customers gather
data on a variety of configuration issues, such as installed software,
patch status and Active Directory group membership.
|
InTrust for Active Directory tracks, reports and alerts on critical information
about directory changes, including who made the change, where they made
the change from and the before-and-after values. On the IT operations
side, this tool helps troubleshoot AD problems. It also helps on the compliance
side by tracking changes and underscoring how they may have strayed from
the approved configuration. It can then notify users of undesired changes,
roll them back or simply prevent the changes from occurring in the first
place.
For example, your customers can configure InTrust for Active Directory
to prevent changes to critical AD objects, such as preventing users from
accidentally deleting organizational units or modifying Group Policy Object
settings.
The tool also audits all events on domain controllers, including unusual
user and suspicious administrator activity or elevated privileges.
The final piece of Quest's Compliance Suite for Windows is the Quest
Reporter. Quest Reporter lets IT users collect, store and report on AD
and Windows-based configurations and resolve configuration problems. This
is an important part of a strong compliance program, especially because
configuration management and change management are key building blocks
for ITIL.
Quest Reporter also automatically discovers and reports user privileges.
This eases periodic account reviews and ensures that assigned privileges
comply with established policies.
Competitive Landscape
The market for compliance tools is heating up. Two key competitors for
Quest Compliance Suite for Windows include NetIQ Corp.'s Security Compliance
Suite and Symantec Corp.'s Control Compliance Suite for Windows.
Like the Quest suite, NetIQ's Security Compliance Suite is focused on
Windows environments and combines configuration management, change management
and security information management capabilities to provide a quick overview
of an IT infrastructure and its compliance posture. The suite includes
the NetIQ Secure Configuration Manager and the NetIQ Security Manager
tools.
Secure Configuration Manager audits system configurations and compares
them to corporate policies, previous snapshots or other systems. It also
leverages the configuration information to help users identify vulnerabilities
and exposure within their environment.
Security Manager consolidates event management from various security
products into a central security console, enabling real-time notification,
automated response and workflow management for suspicious activities.
A key to its compliance capabilities is that it comes with templates that
help users readily benchmark their compliance stance against well-known
regulatory mandates such as SOX, HIPAA, the Gramm-Leach-Bliley Act (GLBA)
and others.
NetIQ Security Compliance Suite is sold in sets of 25 server licenses.
The Standard Edition costs $800 per server and the Enterprise Edition
is priced at $1,120 per server.
Symantec's Control Compliance Suite for Windows is expected to receive
a big boost once it completes its acquisition of Altiris, expected in
the second quarter of this year. Symantec is known for security, while
Altiris' forte is in change and configuration management. Once integrated,
the combined offering should provide some stiff competition to both Quest
and NetIQ.
The current Symantec suite handles Windows and AD environments. The suite
is agentless, so it doesn't require software on each managed server or
system. Like NetIQ's product, the Symantec suite supplies regulatory content
for Sarbanes-Oxley, HIPAA, GLBA and others, then validates the configuration
of Windows systems against corporate information security standards and
those regulations. The suite makes it easy for users to discern their
compliance posture because it displays pass/fail scores against industry
regulations and governance frameworks based on technical checks against
the data. It also lets users baseline their IT infrastructure so that
they can receive a report on the level and extent of access to sensitive
corporate assets.
Like Quest's tool, the Symantec suite provides a single console for viewing
compliance data, and can be set to send e-mails notifying users of new
reports. It integrates with HP and Remedy change-management tools, as
well as Bindview Policy Manager to ensure security compliance policies
are met. Symantec also provides separate tools designed for Exchange,
Novell NetWare/NDS, Unix, and Oracle and SQL databases.
Marketing and Sales
Quest provides a wealth of information aimed at getting users and partners
up to speed on the benefits of implementing its suite in a complex Windows
environment. In addition to the three white papers the company provides
on its Web site, partners can download a PowerPoint presentation that
steps customers through the process of determining the need for a combined
compliance/best practices framework solution and how the Quest suite can
provide a cost-effective alternative to buying point products. There are
also case studies, data sheets and trial software on the Compliance Suite
homepage.
Microsoft provides a highly detailed "Regulatory Compliance Management
Guide" on its site. You can use this as a way to introduce your customers
to the needs and challenges inherent in ensuring compliance in a Windows
environment.
Spotlight
Highlights |
Key Features
- Secures Web portal tracks multiple data sources
from one screen
- Generates customized reports for business users
or IT staff
- Provides real-time, automated, customizable alerts
from multiple sources, including Windows, Linux
and Solaris systems, Oracle and SQL databases, and
firewalls from CheckPoint and Cisco
- Supports Active Directory, Group Policy and now
Exchange
Competition
- NetIQ Security Compliance Suite
- Symantec Control Compliance Suite for Windows
Opportunities
- Reduces cost and complexity of complying with
regulatory mandates like SOX and HIPAA
- Improves IT operational and management efficiency
- Reduces total cost of ownership
|
|
|
The Final Word
Your customers are facing budget pressures as they strive to comply with
complex regulatory mandates as well as new initiatives to ensure their
organizations adhere to IT best practices. A tool like Quest Compliance
Suite for Windows can help them meet those challenges while keeping financial
investments manageable.