?
Solved

GFI Languard vs Nessus vs ????

Posted on 2011-04-25
3
Medium Priority
?
3,487 Views
Last Modified: 2013-12-06
I understand that GFI Languard and Nessus are the two big players in the industry and we need a patch management system.  I was wondering if any of you had any insights into which is better overall, all things considered.  I appreciate your time, thank you.
0
Comment
Question by:LB1234
3 Comments
 
LVL 38

Assisted Solution

by:Rich Rumble
Rich Rumble earned 400 total points
ID: 35464340
Nessus doesn't do patch management, it only does auditing/exploitation... WSUS is free and works well, HFNetChk (or Shavlik as they are called now) is another. GFI is good, not free but good. Secunia is new to the market but doing good things. Altiris can do patch management, but as far as I know, only GFI does both auditing and remediation, all the others are either one or the other.
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
http://www.symantec.com/business/theme.jsp?themeid=altiris
http://shavlik.com/
http://technet.microsoft.com/en-us/windowsserver/bb332157 technically M$ does have the MBSA, but it's not much of an auditor... and in fact is derived off of the work Shavlik did for M$ years ago.
-rich
0
 
LVL 4

Assisted Solution

by:mathi28
mathi28 earned 400 total points
ID: 35465324
0
 
LVL 65

Accepted Solution

by:
btan earned 1200 total points
ID: 35480680
Nessus is considered one of the best network scan tools but its more expensive then retina and gfi landguard. probably they would have better costing now. What you could look for Retina is that it allows you to scan in accordance with Department of Defense standards, SAN, and others . Languard also look at the SANS Top 20 report vulnerabilities. In term of vulnerability scanning standard, nessus does provide support for NIST ’s CVSS v 2 scores. a variety of all may be more avail in retina scanner. see link @ http://www.eeye.com/gov
Besides standards described above, gfi languard surpasses in identifying all the hardware and software on the network. is Patching is another remediation to close its deal but typically user may already has some form of patch mgmt in place like WSUS or bigfix etc. see it more of all-in-one, fulfilling a seamless check and remediate fashion.

For nessus, it can ease  network administrators job such that to distribute the nessus software scanners throughout the entire enterprise , inside DMZs (demilitarized zones- - neutral areas that lie between the private network and Internet ), and across physically separate networks . The scanner is a virtual machine software that mimics a real appliance. It serves well in coverage and deployment, but some planning has to be done to deploy in strategic place. Another useful feature is provision of script to facilitate test creation with Nessus Attack Scripting Language ( NASL ) , written for vulnerability testing. Reuse of community contribution can be helpful but you will need some guys to incorporate it too well. However, did hear it can be too aggressive, crashing systems at times...of course each scanner has this tendency, just need to see balance your visibility and continuity needs during test plan.

False positive results and how vulnerable is the tool would be an important factors too. This is an old article but worth reading - no best tool can excel in all areas, depending which is your business priorities

http://www.opus1.com/o/completed/howvulnera.html
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This story has been written with permission from the scammed victim, a valued client of mine – identity protected by request.
The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions? Just ask.
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Suggested Courses

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question