Solved

netvigilance security assessment scanners

Posted on 2006-12-01
8
502 Views
Last Modified: 2013-12-04
Has anyone heard of netvigilance?  It's a network assessment security scanner.  Was curious to its quality.....
0
Comment
Question by:gopher_49
  • 3
  • 3
  • 2
8 Comments
 
LVL 12

Expert Comment

by:Phil_Agcaoili
ID: 18058682
Nope.

Is this for personal or professional use?

Most professional assessment teams use well-known network scanning tools like Nessus, Metaspliot, WebInspect, Nikto, Canvas, Argeniss, and VulnDisco.

If you have PCI scanning requirements, many companies are using Qualys.

I suggest staying with the pro-tools and not with new fangled and unproven tools.

Maybe, Netvigilance will gain some momentum and credibility, but if you Google them, they are tooting their own marketing horns (aka self-proclaimed VA experts) and no one else even seems to have a review of their assessment software.

My 2 bits
0
 

Author Comment

by:gopher_49
ID: 18058848
thanks for your input.  They showed me an interactive demo and it seemed promising, however, I'm by no means a security expert.  The centralized scanning and scheduling seemed pretty standard, however, they did seem to have a lot of research behind their product.  I think I need to hold off and explore other options...

Thanks for your input.

0
 
LVL 12

Expert Comment

by:Phil_Agcaoili
ID: 18060168
Tenable Security includes Nessus and provides what you are discussing.
For a Windows shop, GFI Languard and eEye Retina also offer competitive solutions.

I suggest exploring recent bake-offs on Vulnerability Assessment tools, scanners.

You also may want to explore the service or outsourced options available from Qualys or Foundstone. They do remote assessment for you if you are new at it.

Other tools and companies that are not as competitive are ISS and Citadel. ISS was one of the original leaders, but they have not maintained their leadership in this field.

The tools posted in my first post are very solid, if you want to go down the DIY route and learn about self assessments. With these options, I suggest going to ethical hacking courses and finding out what the pros use...one or more of all of the tools and services that I've mentioned will be used (except Netvigilance).

Good luck to you.
0
Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

 
LVL 38

Expert Comment

by:Rich Rumble
ID: 18066178
Agreed Phil, while I've not used their netvigilence scanner, their HoneyPotd tool is very good and I've used it several times.
http://www.networkworld.com/news/2006/102506-netvigilance-honeypot.html
I can't speak to the scanner itself, GFI, Nessus, and Retina are all fine products.
-rich
0
 

Author Comment

by:gopher_49
ID: 18069968
I looked into GFI's scanner for I use almost all of GFI's products.  The thing about GFI is that they do not have much of a research team when it comes to vunerability scanning.  They simply rely on other people's research.  I'm wanting to use a company who has their own research team dedicated to vunerability assessment.

Does anyone know about GFI's vunerability research team?  

I'll look into Nessus and Retina for they seem to be liked by a few people.  
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 125 total points
ID: 18073642
GFI's product is less intrusive than most others, it looks for various values returned and doesn't probe too much to figure out any false positives, typically if your missing a patch or three it will trigger, however there are work-arounds to patches that can mitigate the need for the patch and GFI doesn't probe for that so you can get FP's even if GFI is "half right", you are indeed missing the patch, however if mitigation steps have been taken for that vuln GFI can't tell you. Nessus and Retina go a little beyond that without completing an exploit fully. The former two are also code inspectors and can point out some obvious common mistakes in code like possible XSS issues, but that's if they are blatant.
-rich
0
 
LVL 12

Assisted Solution

by:Phil_Agcaoili
Phil_Agcaoili earned 125 total points
ID: 18074441
"I'm wanting to use a company who has their own research team dedicated to vunerability assessment."

Don't buy the marketing hype on this one.
Did NetViligilence sell this concept to you?
If so, it's very 1995 of them.

Research teams exist in all of these scanner companies or else how do they get product updates?
ISS X-Force is one of the most well-known teams since their inception in 1996, but ISS no longer makes the "best" scanner.
Does this make them great?
No longer.

Scanner software is purely based on ability to detect vulnerabilities. Plain and simple.

Getting scanner updates these days is like the AntiVirus world in that all of the AV vendors are about the same in time to market with virus updates. I know, another debately topic...not all AV vendors are equal, but at te end of the day most vendors are "on par" with one another, same with the vulnerability assessment (VA) scanners.

Also, most vulnerabilities are posted via CVE (cve.mitre.org) and all of the scanners are about the same where some are better geared to the beginner versus more professional tools with more options and testing capability.

Again, you sound new to this, so you really will want an easy tool to drive...Nessus is not it.
Qualys, Foundstone, or Retina will work best for a beginner.
GFI Languard is a good entry-scanner, but it's not for a heterogenous network environments.
Nessus, Metaspliot, WebInspect, Nikto, Canvas, Argeniss, and VulnDisco are for intermediate-to-advanced VA testers.
0
 

Author Comment

by:gopher_49
ID: 18088385
Phil,

Why is GFI Languard no good for heterogenous networks?  I've used an older version of their scanner and it seemed to be only geared for Windows servers and/or workstations.  Since then they've added more support for Unix/Linux and Cisco devices.  Due to their change in regards to more support among cross platforms and/or devices I thought they might be an okay solution.  I'm new to this though...  It seems that for me, my best option is Retina....  

Thanks for letting me know about the vast public knowledge in regards to vunerabilities.  I was under the impression that some of these research groups had information quicker, and/or, information that other did not have.

Richrumble,

Thanks for the input in regards to GFI's limitations.  

I'm taking the information from both of your posts and getting Retina.  It seems to be more geared for poeple with less experience in vunerability scanning and delivers more functionality.  

Thanks.

0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, a new law in my state forced us to get a top-to-bottom analysis of all of our contract client's networks. While we have documentation, it was spotty at best for some - and in any event it needed to be checked against reality. That was m…
In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

775 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question