[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 147
  • Last Modified:

Clientless Network Scan Tool for Preliminary Technology Assessment

Hello,

We are searching for a tool that will allow us to perform a scan of a businesses network from inside their network to help identify trouble spots.

We need to scan approximately 400 devices. Primarily Windows workstations.

The information we’d like to obtain is:
- IP of Device
- Operating System Version (Windows XP vs. Windows 7, for example)
- Manf. Date of Device
- Anti-virus installed?
- Anti-virus out of date?
- NIC Type (Gigabit or 100mbs)


We are performing a preliminary assessment and are thus not yet ready to deploy a remote monitoring tool which is designed to operate on an on-going basis. I know that this tool, complete with clients on each workstation could provide us with the the information we’re seeking.

For our initial assessment - we’re looking for a clientless solution.

QUESTIONS:
#1 Can we get the information we’re seeking without a client?
#2 We will have administrator access to any on-premise servers but are not yet aware of the OS’s. Can we get it using this?
#3 Can you recommend a product or tool that would accomplish our needs?


Thank you for your advice!
0
MPATechTeam
Asked:
MPATechTeam
1 Solution
 
RafaelCommented:
I've done these before as it seems like you want to do an network audit. The first question I have is do you want to use paid tools or freeware tools?   Are you wanting to do an Security audit as well to identify if the workstations have security vulnerabilities ?  Finally, are you looking to also map out their network ?
0
 
MPATechTeamAuthor Commented:
Hi Rafael,

Thank you for your quick reply! Yes, I think a network audit is what we're after I just wasn't sure if that was the appropriate term since we need to focus on the device level.

Here are the answers to your questions:

The first question I have is do you want to use paid tools or freeware tools?  
We are OKAY with FREE or PAID.


Are you wanting to do an Security audit as well to identify if the workstations have security vulnerabilities ?
This is not a requirement if it adds significant time. We have two days and two people authorized and if we can complete it within this time frame, we would want to do this as well.

Finally, are you looking to also map out their network ?
Yes, that would be a great dual benefit.
0
 
RafaelCommented:
Well to get you going you can start with Open Audit. Although, it's Open Source, it's free and does a good job of what you're attempting to do. You can scan a single device or a subnet.

Detail help files can Help Files

I'll get the others posted later on this evening.

Hope This helps for now.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
MPATechTeamAuthor Commented:
Thanks for your response! I had actually looked at Open Audit but found this:
"To audit Windows systems, you will need to run the 'firewall_enable.vbs' script locally on each system you wish to audit remotely."

Since I don't want to touch the clients, this seemed like a deal breaker. What are your thoughts?

Thanks again. I look forward to all of your suggestions.
0
 
RafaelCommented:
Yous shouldn't have to.  Did you check out this link https://community.opmantek.com/display/OA/How+to+use+Open-AudIT+Discovery+on+a+Subnet  ?
0
 
Kamran ArshadCommented:
Hi,

Below are a few options;

Open Vulnerability Assesment System       www.openvas.org
Nessus      www.nessus.org
GFI LanGuard      www.gfi.com
Retina Network Security Scanner      www.eeye.com
SAINT      www.saintcorporation.com
QualysGuard      www.qualys.com
ManageEngine Security Manager      www.securitymanagerplus.com
OutScan      outpost24.com
Vulnerability Scanner      www.scanverify.com
Rapid7      www.nexpose.com
NSAuditor      www.nsauditor.com

I recommend NSAuditor.
0
 
Seth SimmonsSr. Systems AdministratorCommented:
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now