vuln scanner performance

Posted on 2011-09-12
Last Modified: 2012-05-12
Sorry to sound naive but networking and performance arent my area of expertese.
But what advantages are there running a corporate vuln scanner like nessus from a server as opposed to a workstation?
Can you please answer is management speak.
Plus any downsides of isntalling it on a server as opposed to an admins workstation.;
Question by:pma111
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
LVL 11

Expert Comment

ID: 36524287
Dear pma111,

the only reasons for running a vulnerability scanner from a server I can think of off hand, are:

1. A server may/will most likely have higher performing hardware than a PC (e.g. in terms of multiple CPU's/cores, amount of RAM a server can be spec'ed with, disk array for eventual local database).

2. It may be the vulnerability scanner requires a locally installed/running database, based upon a specific database application/software (such as SQL Server), which requires a specific OS (such as Windows Server 2008).

P.S. Nessus is available for (a.o.) both Window PC and Server OS's so that itself doesn't require a "server".

Kind regards,
LVL 11

Accepted Solution

slemmesmi earned 500 total points
ID: 36524328
Dear  pma111,

sorry submitted the above before also adding:

3. A "server" in IT perspective is seen as a computer running and delivering services or performing a certain set of services "all the time". In regards of Windows, a Windows PC OS is inherently not designed to function as such, whereas the Windows Server OS' are. Hence "server". Also (following the same track), the IT department will most likely apply a completely different set of maintenance procedures for a "server" than a "PC", e.g. manually installation of software updates (e.g. Microsoft Sercurity Updates) on a "server", rather than automatic installation of such (e.g. through WSUS) on a "PC". Also backup/restore/DRP is a topic for "servers" for sure managed differently than for a "PC".

4. If the vulnerability scanner is running a service which allows (IT security administrators) access to a "webpage" or similar, then it makes much more sense to have such on a server.

Kind regards,

Expert Comment

ID: 36533355
The only difference is the system resources. However, you can have a powerful workstation which is much cheaper than an actual server. In addition, you may have some difficulty to use Nessus on Windows server 2003 and 2008 due to the OS configuration and services.

In addition, you should not share a hardware (server) for the vulnerability scanning and other critical services. Further, the security engineers can write exploit codes or import them to the vulnerability scanners. This might be an issue when you have other services running on the same system in terms of information security governance.

I do recommend to use an isolate system with an up-link to the switch.
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

LVL 11

Expert Comment

ID: 36547817
Dear pma111 and artsec,

please beware that Nessus in the "Nessus 4.4 Installation Guide" pages 8 and 76( as well as on the FAQ "Is there a difference in running Nessus Windows on Windows Server (2003) versus Windows XP (Home & Pro)?" ( state:

*quote BEGIN*
For increased performance and scan reliability, it is highly recommended that Nessus Windows be installed on a server product from the Microsoft Windows family such as Windows Server 2003.
Back to Windows Specific FAQ
*quote END*

Kind regards,

Author Comment

ID: 36548742
Can you have a portable liscence for nessus, and run it wherever you want.

Say if you were a pen test company and had 20 external clients each with their own network - how would they use that tool then, and how many liscences would they need.

The external customer may not be happy with them installing this tool on one of their corporate servers?

How does it work that way , ie a portable liscence?
LVL 11

Expert Comment

ID: 36553589
Dear pma111,

Please post that as a new question, as it does not directly relate to the above about performance/server (or simply refer to the Nessus "Deployment options"

Kind regards,

Featured Post

Enroll in June's Course of the Month

June’s Course of the Month is now available! Experts Exchange’s Premium Members, Team Accounts, and Qualified Experts have access to a complimentary course each month as part of their membership—an extra way to sharpen your skills and increase training.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to security, close monitoring is a must. According to WhiteHat Security annual report, a substantial number of all web applications are vulnerable always. Monitis offers a new product - fully-featured Website security monitoring and pr…
Recovering from what the press called "the largest-ever cyber-attack", IT departments worldwide are discussing ways to defend against this in the future. In this process, many people are looking for immediate actions while, instead, they need to tho…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…

689 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question