MAAS360 eval

Last month, I mentioned that was doing an eval of MAAS360.   This month I”m providing a postscript on that.

MAAS360 is a software/security as a service product from Fiberlink.   In its basic ‘visibility’ mode, it provides hardware /software inventory, patch management, antivirus/firewall reporting, Windows 7 readiness reports, encryption reports and information on VPN and other network connections.  Additional components deploy patches and perform enforcement.

Are Users Connecting Securely?
Built-in reports show details of Wi-Fi connections.  (Computer Name, OS Username, SSID, Network Authentication Type, Data Encryption, EAP Type, IP, Subnet Mask, AP MAC, Start Time, End Time). 

Using open access points or even WEP encrypted access points is not a good idea.   Although I wondered how that would go over, “Hey Ted, I noticed that you used the wireless at Panero Bread last thursday”.   I don’t know how many places have a policy against using public wi-fi connections. 

The VPN report could then be used to compare the amount of time off-network to the time VPNed into the network.   If the VPN is set to always tunnel, then using the Panero Bread wireless isn’t as bad.

Do they really need that data plan?
EVDO/3G/4G cards have very expensive data plans.   Many people say they need them and often they are given out as perks.   In our case, we already get usage reports broken down by phone number.   I’m told some mobile venders do not provide that.   MAAS360 provides detailed usage reports to prevent costs from getting out of control.

How many licenses do I have deployed?
Provides a count of installed products.

With the enforcement add-on you can prevent unwanted applications from running.  

Is it Windows 7 Ready?
This report seemed to focus on disk space and ram.  

Maintaining Security Posture when off lan
This provides reports on the antivirus and personal firewall status.   Because of the in-the-cloud nature of MAAS360, it is able to provide information even when the computer is off network.

Patch Reporting when off LAN
MAAS360 offers the most actionable reporting I’ve seen.  I really got a lot out of this and wondered what I was doing wrong with my other security products that I wasn’t getting information organized this way.   

I found one computer with a lot of missing vulnerabilities.   Because it was on the network, I could check it.   I found the Windows Update service disabled.  I found have run across that many missing updates sooner or later.   It was easier to spot in MAAS360.  

MAAS360 can report on and patch 10 of the most vulnerable Windows applications.   This includes Adobe Reader and Acrobat, Quicktime, iTunes, JAVA, Firefox, Winamp and Skype.

Conclusion
We currently have SCCM deployed.   I have a hard time seeing MAAS360 displacing a working implementation of a patching/inventorying product.   We get so much heat about having too much security software, so I really can’t see purchasing it as a “backup” for when people are off the network.

It is true that you have to stand on your head to use SCCM to patch non-vpned external computers.   It also tends to break frequently due to its reliance on WMI.   However it can do a lot and there are communities of users helping users.    I like the idea of getting more and more into the cloud, but this is a case where for me you are giving up to much.  

Overall I found MAAS360 to be an interesting product.   Worth looking at.   But not for us right now.