Enterprise Assessment Tool Keeps An Eye On Network Vulnerabilities

Printer-friendly version Email this CRN article

Keeping networks secure is one of the most challenging tasks faced by solution providers. With new vulnerabilities appearing with each passing week, businesses are often hard-pressed to keep network operating systems up to date.

With eEye Digital Security's Enterprise Vulnerability Assessment (EVA) system, solution providers now have a comprehensive tool to help enterprise network users detect and remediate vulnerabilities.

In the past, vulnerability assessment was often a manually performed task that could take several hours and, in many cases, generated more questions than answers. Solution providers found that early generation vulnerability assessment tools missed common security problems and offered little or no guidance in solving critical security problems.

EVA's design took direct aim at solving many of the problems encountered when performing vulnerability assessments. The core of the product is eEye's patented Retina vulnerability scanner, a software-based component that provides the muscle for scanning complex networks for both common and not-so-common vulnerabilities.

CRN Test Center engineers evaluated EVA for suitability to task and feature set and found that the product will easily meet the needs of most security professionals. EVA can be installed on Microsoft Windows NT 4 or Windows 2000 Server; users also will need access to an ODBC-compliant database to use the product. Test Center engineers used Microsoft SQL server 2000 as EVA's data repository.

EVA offers key functionality to security professionals and brings needed capabilities to vulnerability assessment chores. Security professionals will use the product's browser-based interface to define authorized users, user groups, scanning scopes and scan schedules. All of those tasks are easily accomplished via EVA's intuitive interface.

Using EVA, administrators define what is to be scanned and who is responsible for the results or remediation. The data gathered during scans drives EVA's reporting and remediation modules.

Solution providers can view one of several types of reports: detailed ones outlining what vulnerabilities have been found and fixed; those listing unremediated vulnerabilities only; and summary reports that represent problems as easily explained events.

> PRODUCT: Enterprise Vulnerability Assessment
> PRICE: Events management component starts at $14,990; enterprise scanning starts at $6,520 (for 256 IP addresses)
> WARRANTY: One year of support
> DISTRIBUTOR: Ingram Micro
> COMPANY: eEye Digital Security
Aliso Viejo, Calif.
(866) 339-3732

The reporting function allows users to drill down into specific vulnerabilities, allowing those researching solutions to quickly see specific details. Solution providers performing remediation tasks will benefit from the integrated ability to instantly look up remediation steps from either the Bugtraqs or CVE vulnerability clearinghouses.

Once vulnerabilities have been identified, administrators have the option of assigning remediation tasks to other users. In short, the Retina scanner can identify vulnerabilities and route that information through EVA to a task grid. That task grid drives who is responsible for remediation and provides much of the information needed to perform remediation and define the status of the remediation process.

That feature alone should greatly simplify security tasks in large enterprise environments. For solution providers performing remediation services, the task grid offers a quick avenue to service profits by helping show users what needs to be done to keep a network safe.

The task grid can be auto-updated by additional scheduled scans: If a vulnerability is remediated, EVA detects the remediation and automatically updates the task-grid database, eliminating a common manual step during auditing.

The Retina can scan a complete range of network ports, simulate hacker attacks and track down common vulnerabilities found on a range of platforms, including Windows, Unix and Linux.

Retina also can identify key elements for judging network loads or gathering account information. Reports from EVA provide information on top users, top operating systems, top remote services and top port usage. That information can be used to scale networks to handle additional traffic.

One of the most important areas with vulnerability assessment is staying up to date on the latest attacks and concerns. EVA automates that process by downloading new vulnerability tests and product updates, which are then integrated into the product and allow new scans to occur with no end-user intervention.

Solution providers will be able to leverage EVA's reports to build remediation contracts. By simply presenting the product's executive view with remediation steps, solution providers can quickly demonstrate complete costs and times to perform a remediation, thus helping to simplify the sales process.

For clients with in-house security personnel, solution providers can assist with installation and training to garner profits.

Solution providers will find that EVA brings profitable services to their fold while looking out for their customers' best interests.

Printer-friendly version Email this CRN article