This product is based upon a substantial rack-mount hardware appliance
running Linux, and a Windows-based console and reporting
capability with which to
administer the system. Agents
are then placed on target machines across the network and acknowledged at the console.
Trigeo is targeting this product at small and medium-sized enterprises. Such organizations do not always have the luxury of
full-time information security
staff to analyze developments
as reported by conventional
SIM tools. So the Trigeo
approach is to perform real-time monitoring coupled to automated remediation, based upon a comprehensive set of rules.
In this way, organizations can be protected with a minimum of human intervention.
One should not presume that this product is a plug-and-play device that magically secures your organization from all possible ills. Like any such tool, it will require careful configuration in order to align it to your particular situation and get the best from it.
However, Trigeo make this an easier process than is sometimes the case, with an array of well-considered preconfigured rules and an innovative approach to training. When coupled to
comprehensive third-party
product support for operating
systems, firewalls, routers,
anti-virus and intrusion detection systems, you have the basis for a very powerful information
management capability.
The appliance supplied for review was based upon a very substantial Dell rack mount server running a version of Debian Linux. This fired up reliably and reassuringly. The Windows-based console installed without a hitch, is attractive and intuitive, and uses the Crystal Reports run-time for reporting duties.
Agent installation was similarly reliable and one quickly gains the impression that the folks at Trigeo have thought things through
pretty well in order to ease the implementation of what is, after all, a potentially complex, yet vitally important capability.