TechValidate Research on Quest Microsoft Platform Management


Quest InTrust Case Study

Federal Government Agency

Introduction

This case study of a federal government is based on a February 2018 survey of Quest InTrust customers by TechValidate, a 3rd-party research service. The profiled organization asked to have their name blinded to protect their confidentiality.

“We use InTrust for quick log gathering and aggregation”

Challenges

The business challenges that led the profiled organization to evaluate and ultimately select Quest InTrust:

  • Limited visibility into workstation and privileged account activity
  • Collecting large volumes of event log data from different systems, devices and applications
  • Native event log data is cryptic and hard to interpret
  • Need to respond quickly to security incidents

Use Case

The key features and functionalities of Quest InTrust that the surveyed organization uses:

  • Uses the following SIEM tools in their environment:
    • ManageEngine
  • Is collecting data from the following systems:
    • Windows (servers and workstations)
    • Linux/Unix (HP-UX, IBM AIX, Solaris)
    • Web Servers
    • DB Server (SQL Server, Oracle)
  • Uses the following systems to analyze InTrust data:
    • Quest InTrust Repository Viewer (Searches and Reports)
    • Quest Knowledge Portal
    • SQL Server Reporting Services

Results

The surveyed organization achieved the following results with Quest InTrust:

  • Realized the following benefits with InTrust:
    • Collected and stored all client workstation logs in one place
    • Stored massive volumes of data in a highly-compressed repository to reduce costs
    • Increased the speed of security investigations and audits with full-text search on all native logs
    • Protected event log data from tampering or erasure
  • Reduced storage costs by 21-40% with InTrust’s highly-compressed repository.
  • Collects 15,000 events per day using InTrust.
  • Sends 7,000 events per day to their SIEM solutions.




About This Data

This data was sourced directly from verified users of Quest Microsoft Platform Management by TechValidate.

TechValidate verifies the identity and organizational affiliation of all participants that contribute to published research data. When research participants so desire, we also guarantee their anonymity so that they may share information honestly and freely.


More Research on Quest Microsoft Platform Management