Scanners

Nessus is one of the most famous products in the sphere of vulnerability scanning. The number of downloads of this system is 5 million a day. Nessus ProfessionalFeed fuels Nessus. The highly qualified research team supports the development of the product. Nessus scales to serve the largest organizations and is easy to deploy. The period of subscription for the system varies from one to three years.

1.1  Key features:

• Easy customization for the organization: flexible deployment, scanning, and reporting;
• Rapid, comprehensive assessment of the security posture: easily identifies patch status conflicts between Nessus and patch management systems, or among deployed patch managers, quickly deploys vulnerability and patch management processes across organization;
• Lowers the cyber risks, vulnerabilities, and compliance/audit citation risks;
• Nessus subscriptions include software updates, access to Tenable’s compliance and audit files, and support;
• Daily update of vulnerability and configuration checks with automated installation;
• Anytime, anywhere access from any Internet browser for improved efficiency;
• A possibility to receive daily plug-in updates and vulnerability and configuration checks;
• Licensed per installation.

1.2  Operating system

Red Hat ES 4,5

Fedora Core 10,11,12

Debian 5

FreeBSD 7

Ubuntu 8.04, 8.10, 9.10

Mac OS X 10.4\10.5

Windows XP, Vista, Windows 7, Server 2003, 2008

SuSE 9.3, 10

1.3  Mobile devices

Nessus integrates with different mobile devices such as Apple Profile Manager and Microsoft Exchange.

1.4  Ease of use

Nessus implements an HTML5 web interface.

1.5  Vulnerability assessment

The Tenable Nessus helps to identify the vulnerabilities with ease for the customer. The user can complete audits of networks with fewer than 100 hosts in a few minutes using a laptop or a medium-powered server. Nessus can scan with or without administrative credentials. It leverages information from management systems as well as different external repositories.

1.6  TCO reduction

Low total cost of ownership: scan unlimited number of IPs as often as the customer wants.

1.7  Patch management

Nessus provides unique integration with patch management systems – IBM® Tivoli® Endpoint Manager (TEM) for Patch Management, Microsoft® System Center Configuration Manager (SCCM), Microsoft® Windows Server Update Services (WSUS), Red Hat® Network Satellite Server, and VMware® Go – to retrieve status information for devices managed by those systems.

Nessus can also automatically compare its local patch status results for Windows hosts with those from patch management software and report discrepancies in a single report. It enables easy scanning of devices that are otherwise difficult to assess due to missing credentials or limited network connectivity and simplifies audit and compliance checks by incorporating patch information in standardized Nessus reports. It helps resolve confusion between network security and IT operations teams on the status of patched systems and identifies conflicts between the results of Nessus’ local patch status checks for an asset and an organization’s patch management products. The system compares multiple patch management system results against one other, reporting discrepancy.

2.1  Key features:

• Comprehensive network security;
• Automated patching for Microsoft®, Mac OS® X operating systems and third-party applications;
• Over 50,000 vulnerability assessments carried out across the network, including computers, printers, routers, switches, and even virtual environments;
• Network-wide deployment of custom software and scripts;
• Automated options that help to retain a secure network state with minimal administrative effort;
• Minimal disruption and downtime of computers on the network;
• Assistance with PCI DSS compliance and other security regulations;
• Reduced total cost of ownership (TCO) with incredibly competitive pricing;
• Centralized patch management, vulnerability assessment, and network auditing;
• Powerful dashboard that processes security audits to provide a summary of network security status;
• Extensive reporting, including technical, managerial, and compliance standard-specific reports.

2.2  Operating system

GFI LanGuardcan be installed to the machines with theWindows XP (SP2), 2003, Vista, 2008, 7/2008 R2 Windows 8 (beta), Microsoft .NET, Framework 3.5, Mac OS X version10.5 or greater required for Apple Mac-based targets. Secure shell (SSH) – required for UNIX-based scan targets.

2.3  Antivirus auditing

The best way to maintain a secure network over time is to know exactly what is happening on your network - changes to configurations that could have security implications, new installed applications etc. GFI LanGuard provides a complete history of network changes that are relevant to the security of the network and sends notifications when these occur.

2.4  Network and software audits

GFI LanGuard is a useful tool to detect network analyses. It helps detect what elements break down the work of the system. GFI LanGuard helps to detect quickly and freely what installed applications people have on the machine, on which state the security of the machine is, and provides all necessary information as for the hardware.

2.5  Vulnerability assessment

Over 50,000 vulnerability assessments, including the virtual environments users, meet across their common network. GFI LanGuard helps to check the system, starting from the platform through the Internet environments to applications installed. This checking helps find the drawbacks in the system and the weak sides of security.

2.6  TCO reduction

The total cost of this scanner works at the centralized principle, and that is why it is reduced.

2.7  Patch management

GFI LanGuard helps to manage the risks in the security system.  An automated detection is the best way to it. The patches that are missing are the biggest problem for the security breaches.

3.    Assessment criteria and evaluation

For the analyses, we have taken the following criteria: installation, configuration, and the ease of use. We differentiatedsystem requirements\mobile device auditing, botnet\malicious process\antivirus auditing, sensitive content auditing, vulnerability assessment, TCO reduction, and patch management. These entire criteria characterize the system fully and show all pros and cons of using a definite system.

3.1  Operating Systems

As examples of the platforms, we used Red Hat ES, Fedora Core, Debian, FreeBSD, Ubuntu, Mac OS X, Windows XP, Vista, Windows 7, Server 2003, 2008, SuSE, Solaris, Mac OS X. Whereas Nessus has provision for multiple or extensive operating systems, the opposite can be said of GFI LanGuard. GFI LanGuard only has vulnerability checks against Windows and Mac OS X-based platforms. Both systems can be installed in the mobile devices.

3.1  Privacy

Nessus uses agentless content audits of Windows- and UNIX-based systems to audit and enforce policies that lower the organization’s risk of breach or data loss; GFI LanGuard provides a complete picture of the applications installed, the hardware on the network, the state of security applications, the opened ports, and of any existing shares and services running on the machines.

3.2  Speed of vulnerability testing

Nessus is three minutes faster than GFI LanGuard. The difference in speed is based on the internal scanning, as GFI LanGuard is unable to scan external or physically separate networks.

Summary

“The goal of running a vulnerability scanner is to identify devices on your network that are open to known vulnerabilities. Different scanners accomplish this goal through different means. Some work better than others” (Bradley). The outcomes of the comparison based on the criteria that we had selected are gathered in the table. These are the most important criteria, which ultimately determine whether consumers/end-users will use the tool. I would advise to use Nessus Scanner System, if the customer is looking for a reliable scanner.

Though both systems have their pros and cons, Nessus is easier in use. Nessus displays scan results in real time. The installation of Nessus is quicker than that of GFI LanGuard; the administrator would not have to wait for the scan to complete the results. Nessus Security Scanner is a more robust scanner, with scalable and extensive vulnerability assessment capabilities compared, the updates of the pluggins of Nesssus occur daily. Nessus scanner always helps identify where sensitive information is located. It helps lower the organization’s risk of breach or data loss. If the company’s aim is to find a vulnerability assessment tool, then Nessus Security Scanner is the best choice.