| Network
Vulnerability Assessment (Intranet ) FAQ
1.
What is Automated Penetration Scanning (APS)?
APS is a network vulnerability assessment tool that
determines whether internal firewalls are vulnerable
to attacks, and recommends corrective action for identified
vulnerabilities.
[TOP]
2.
What is unique about APS?
Most vulnerability assessment solutions are single
point devices designed to scan individual or multiple
remote IP hosts. APS provides a distributed console-agent
architecture which allows multi-level, multi-segment
scanning of all subnets behind the firewall and a complete
evaluation of the firewall filtering rules in place
between the scanning agent and the console. This multi-level,
multi-segment scanning enables assessments of any size
networks and is more efficient than other solutions
in the marketplace.
[TOP]
3.
Why would a customer need to run a vulnerability assessment
tool inside the network?
IT systems are getting more complex over time. More
applications and features result in more bugs and risks
due to configuration mistakes. Out-of-the-box configurations
are based on sound choices that ease installation. However,
these default choices are often less secure. Security
assessment inside the network reduces these business
risks.
[TOP]
4.
How should an organization evaluate and compare security
assessment offerings?
According to some vendors, the quality of a security
assessment solution is based on its number of test cases,
i.e., the number of vulnerabilities it can detect. This
is only partially true.
An organization should also ask the following about
the implemented test cases:
- How many are obsolete, testing for outdated versions
of systems and servers?
- How many are disguised redundant tests and not network
tests?
- How many are NT4 or Windows specific (an organization
may have heterogeneous networks to scan) ?
Other important questions to ask are:
- Is the test case implementation accurate?
- How complete is the test analysis?
- How frequently are the test cases updated?
With APS, the focus is on adding test cases that are
relevant to current configurations. SecureNet Solutions
ensures the implementation is accurate by testing a
large number of configurations and adding new test cases
for relevant vulnerabilities as they are discovered.
[TOP]
5.
What are the invaluable features of APS that are not
available with other network security assessment solutions?
The unique and valuable features of APS include the
following:
- Faster Assessment: All activities are centrally
managed in one single location enabling faster assessment
of medium to large enterprise-wide networks.
- Consolidated Reporting: A single APS report can
include results from one or more network segments.
- Low Network Overhead: Test cases are played locally
and real-time reports are buffered to optimize network
transmission.
- Efficient Testing: WAN performance or packet filtering
mechanism never affects a Remote Test Engine's activities.
- Easy Scheduling: Sessions with remote engines can
be scheduled via regular OS features.
- In-depth Firewall Configuration Testing: includes
reverse engineering filtering rules with active probing
on all types of firewalls.
- Automated On-line Updates: Test cases and dynamic
report generation are updated daily.
The traditional approach for network vulnerability
assessment has reached its limits. Point-in-time and
segment-by-segment scanners are extremely time consuming
for security professionals, as they generate only snapshots
and unrelated per segment reports. The new APS distributed
architecture combines consoles, remote test engines
and proactive probes, and introduces a real technological
breakthrough designed to meet the security assessment
needs of any size organization.
[TOP]
|
