InsightVM is presented as the next evolution of Nexpose, by Rapid7. This Insight cloud-based solution features everything included in Nexpose, such as Adaptive Security and the proprietary Real Risk score, and extends visibility into cloud and containerized infrastructure. InsightVM also offers advanced remediation, tracking, and reporting capabilities not included in Nexpose.
$19
per GB
Symantec Client Management Suite
Score 7.5 out of 10
N/A
Symantec Client Management Suite is designed to automate time-consuming and redundant tasks for deploying, managing, patching, and securing desktops and laptops so organizations can reduce the cost and effort of managing Windows, Mac, Linux, and virtual desktop environments.
Rapid7 InsightVM is perfect for a scenario where IT admin or CISO wants to scan its infrastructure to be sure that there is no vulnerability that could be exploited from outside or inside the company. It also could be used to automate patching and dealing with vulnerabilities. It's also adapted for users that need cloud security management
Whenever you have computers that aren't easily accessible or you have a big site to cover (or multi location), Symantec Client Management Suite (CMS) is really great to manage all your computers, if it's for installation, software, licenses or even status. Setting up all you need from CMS can take some time, especially when you're in a multi-location site. We had to ask the Symantec engineers to help us a couple of times and set things up because even if we followed the documentation, it wasn't an easy task. But at least, the Symantec engineers are people that know what they do and they're really efficient at it.
Being a vulnerability scanner tool, its purpose is to scan the systems to find the vulnerabilities. We can define the assets like IP address for the scans and it also allows to either schedule the scan at a preferred time or start the scan immediately. Upon completion of the scan, this tool can result provide the details like host type, OS information, hardware address, along with the vulnerabilities.
Rapid7 Nexpose has a list of templates to perform the scan. Once the templates are defined then the scans are performed accordingly.
It also contains an option to add credentials/authentication using passwords, usernames, private keys to perform the credential-based scans which I think is a great feature.
Patch Management: We are able to easily deploy patches to all our workstations and accurately report on compliance.
Software Delivery: We do a lot of software deployments to our end users and with CMS we can quickly create policies or tasks to perform these deliveries and get quick results on our success or failures.
Inventory: Ease of use to get reports of what workstations have what software installed, patch levels, or hardware specifications.
More transparency with the roadmap would be a welcome change. New and upcoming features are usually a surprise until a major Symantec Event takes place but little is heard about those features before and even after, in some cases, leading up to a release.
Documentation for some items is poor. Especially around the Workflow product. It was intended that the documentation for the elements in a workflow would be crowd-sourced, which is a good idea, but in order for that to happen, more people need to be using it and taking the time to draw up the documents.
Cost. Its always a big topic, especially in higher-ed, but Symantec could do more to lower its costs for some product lines in order to gain more acceptance and support. If that was done and more institutions could get their student workers to use the product, once they leave college and go into the "real-world" there is a possibility that they would start recommending Symantec products because of their use in College.
I gave it a seven due to the functionality and general ease of use after the initial setup headaches, but compared to Qualys, Rapid7 Nexpose falls short on features and ease of use. Their support drags this rating down a point as well. I have gone weeks with no update on semi-critical issues and typically have to make call after call to get a semi-coherent response.
Support at Symantec isn't that great. Client Management Suite isn't even listed on the Support Portal when trying to open a ticket. Your best bet for support is actually the user groups that Symantec hosts. The members of the groups are usually very responsive. With Broadcom buying Symantec, I've seen a huge jump in personnel leaving Symantec, so I'm assuming the support is just going to get worse. Recently for a simple question, I reached out to 5 people just to find out 4 of the 5 had left the company.
Nessus Pro does scans, but does not maintain an inventory from scan to scan. There is no history for a specific device, you have to look inside the results of each scan. Search across inventory is non-existent. There are no dashboards for data analysis. This is no tracking for remediation
Although there are other tools that can be utilized I don't believe those tools are as robust as Symantec Management Platform. The Symantec Management Platform was chosen because of the value it returns internally and for our customers. You can pull just about any data element from an endpoint and provide detailed reports or great graphs for the C-Level
