Another issue is that there are only two roles for its management users: a full system admin or a help desk role – the latter can’t modify configuration settings, perform system updates or add or remove users. The company will add the ability to customize roles later in the year. Also added to the product after our review is a planned update to include group policy elements. An agent can only belong to a single group but policies can be applied to multiple groups.
SentinelOne’s desktop agent has a system tray icon that, when maximized, will show you what threats it has detected and what processes it is monitoring. This is more verbose than most of the agents of its competitors.
Pricing starts at $45 per endpoint per year, and drops depending on the volume. This price includes all the functionality and various modules of the product.
Stormshield Endpoint Security (SES) is deeply involved in the Microsoft universe: you’ll need a Windows Server (2008 R2 or 2012 R2), IIS and SQL Server, .Net Framework, and several other bits of Microsoft software to get it to work. You will also need to open a series of ports in the 16000 range to communicate with the server. Documentation (including a 400-page administration guide) and software updates are available from a cloud-based portal.
A separate Windows program is used to produce agents for your endpoints. The agents are downloaded directly from the server via a simple Web link. There are three options: Professional, Secure, and Server-Side edition that offer a mixture of security policies, adding local disk and file encryption for the Secure edition and adding Windows Servers (2003-2012) protection for the latter edition. Once these are installed, you can see their status in the system tray and open up logs to determine if there are any issues or infections. You can set a specific parameter in the security policies to prevent agents from being terminated or uninstalled unless allowed by the site administrator, a nice feature.
Note that this Web link is the only thing you can access remotely from the server’s console; everything else happens inside the Windows-based management program. It would be nice if Stormshield opened its product up to a more comprehensive Web access.
When you first launch its management console, there are several window panes on the left, including an environment manager, and various management and monitoring tools. The former includes agent and server configuration information, security certs, and setup for various encryption, anti-virus, file protection and other policies. These are the heart of what SES offers, and these protection policies can get very complex to setup properly.
Sign up for CIO Asia eNewsletters.