Pau Lo
asked on
vuln scanner performance
Sorry to sound naive but networking and performance arent my area of expertese.
But what advantages are there running a corporate vuln scanner like nessus from a server as opposed to a workstation?
Can you please answer is management speak.
Plus any downsides of isntalling it on a server as opposed to an admins workstation.;
But what advantages are there running a corporate vuln scanner like nessus from a server as opposed to a workstation?
Can you please answer is management speak.
Plus any downsides of isntalling it on a server as opposed to an admins workstation.;
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
The only difference is the system resources. However, you can have a powerful workstation which is much cheaper than an actual server. In addition, you may have some difficulty to use Nessus on Windows server 2003 and 2008 due to the OS configuration and services.
In addition, you should not share a hardware (server) for the vulnerability scanning and other critical services. Further, the security engineers can write exploit codes or import them to the vulnerability scanners. This might be an issue when you have other services running on the same system in terms of information security governance.
I do recommend to use an isolate system with an up-link to the switch.
In addition, you should not share a hardware (server) for the vulnerability scanning and other critical services. Further, the security engineers can write exploit codes or import them to the vulnerability scanners. This might be an issue when you have other services running on the same system in terms of information security governance.
I do recommend to use an isolate system with an up-link to the switch.
Dear pma111 and artsec,
please beware that Nessus in the "Nessus 4.4 Installation Guide" pages 8 and 76(http://static.tenable.com/documentation/nessus_4.4_installation_guide.pdf) as well as on the FAQ "Is there a difference in running Nessus Windows on Windows Server (2003) versus Windows XP (Home & Pro)?" (http://www.nessus.org/products/nessus/nessus-faq#anchor56) state:
*quote BEGIN*
For increased performance and scan reliability, it is highly recommended that Nessus Windows be installed on a server product from the Microsoft Windows family such as Windows Server 2003.
Back to Windows Specific FAQ
*quote END*
Kind regards,
Soren
please beware that Nessus in the "Nessus 4.4 Installation Guide" pages 8 and 76(http://static.tenable.com/documentation/nessus_4.4_installation_guide.pdf) as well as on the FAQ "Is there a difference in running Nessus Windows on Windows Server (2003) versus Windows XP (Home & Pro)?" (http://www.nessus.org/products/nessus/nessus-faq#anchor56) state:
*quote BEGIN*
For increased performance and scan reliability, it is highly recommended that Nessus Windows be installed on a server product from the Microsoft Windows family such as Windows Server 2003.
Back to Windows Specific FAQ
*quote END*
Kind regards,
Soren
ASKER
Can you have a portable liscence for nessus, and run it wherever you want.
Say if you were a pen test company and had 20 external clients each with their own network - how would they use that tool then, and how many liscences would they need.
The external customer may not be happy with them installing this tool on one of their corporate servers?
How does it work that way , ie a portable liscence?
Say if you were a pen test company and had 20 external clients each with their own network - how would they use that tool then, and how many liscences would they need.
The external customer may not be happy with them installing this tool on one of their corporate servers?
How does it work that way , ie a portable liscence?
Dear pma111,
Please post that as a new question, as it does not directly relate to the above about performance/server (or simply refer to the Nessus "Deployment options" http://www.nessus.org/products/nessus/deployment-options).
Kind regards,
Soren
Please post that as a new question, as it does not directly relate to the above about performance/server (or simply refer to the Nessus "Deployment options" http://www.nessus.org/products/nessus/deployment-options).
Kind regards,
Soren
the only reasons for running a vulnerability scanner from a server I can think of off hand, are:
1. A server may/will most likely have higher performing hardware than a PC (e.g. in terms of multiple CPU's/cores, amount of RAM a server can be spec'ed with, disk array for eventual local database).
2. It may be the vulnerability scanner requires a locally installed/running database, based upon a specific database application/software (such as SQL Server), which requires a specific OS (such as Windows Server 2008).
P.S. Nessus is available for (a.o.) both Window PC and Server OS's so that itself doesn't require a "server".
Kind regards,
Soren