introduced a network-based and host-based vulnerability assessment tool
Enterprise information security is the biggest challenge of the modern 99v staff, many emerging security weaknesses and vulnerabilities exist in the enterprise network environment, through vulnerability assessment tool, just efficiently assist 99v personnel quickly identify problems and carry out remedial and preventive measures.
Which in this paper, we illustrate the individual strengths of the network type and host-based vulnerability assessment tool, provides 99v to assess the reference direction.
of vulnerability assessment tool the Vulnerability Database vulnerability assessment tools unsung heroes ...
- network type
Network-based vulnerability assessment tools through the network during the weaknesses of audit operations, the main features are:
- can scan exists in any device on the network and the host, to explore some unknown or unauthorized devices on the corporate network and the host. the
- can detect exactly which service operation on the network, check whether there should not open the communication port in operation.
- quickly detect possible weaknesses or security vulnerabilities.
- message with patches of each weaknesses, to help 99v personnel to facilitate follow-up system fixes.
- complete inspection report, to provide efficient the enterprise overall security risk information.
Must be noted that the deployment:
- scan detection through a firewall, blocking communication ports due to the majority of the firewall will do, this way, that will affect the test results.
- whether sufficient permissions for the host is detected, due to some Windows-related vulnerabilities need to read the system registry file (Registry), if there is no sufficient permissions, you also can not detect the weaknesses.
Advantages: flexible deployment, centralized management/report facilitate complete safety assessment.
Disadvantages: can detect weaknesses in the number of limited vulnerability assessment tool permissions on the target host.
- host type
Vulnerability assessment tool execution vulnerability scan job, whether it is network-based or host-based, in fact, their procedures are the same, but the biggest difference is that the architecture is different, due to host-based vulnerability assessment tool is installed in detection host, it has full permissions detection, can compensate for the network-based vulnerability assessment tools to examine the lack of security of the system through the network only from the outside.
The main features are:
- can detect incorrect host file permissions set.
- can detect improper software configuration problems (such as: too simple password setting).
- (such as: self-installation remote management program can detect security weaknesses and vulnerabilities caused by the vulnerability of the corporate network).
99v install host-based vulnerability assessment tool can consider some of the more important on the server or host to detect high risk vulnerabilities and install patches to determine the user within the enterprise can be safe and secure use of these network services .
Advantages: more scan mode, can be detected more weakness.
Disadvantages: not easy centralized management.
Whether it is a network-based or host-based vulnerability assessment tools, need the latest vulnerability database by the weaknesses database to collect all kinds of vulnerability information, auditing tools can help to quickly discover system vulnerabilities and security holes, and at any time to maintain the latest vulnerability database , in order to ensure that test results are correct.
the solutions provided in DragonSoft
In DragonSoft established since been committed to the development and research of network security vulnerability assessment tools, in order to provide complete enterprise solutions, we provide the network type and host-based vulnerability assessment tools, and enterprise 99v can choose need assessment tools , both have their advantages and disadvantages, the flexibility to use with each other to make up for the inadequacies, to provide the most complete enterprise organization security risk assessment.
DragonSoft Secure Scanner (DSS): belonging to the network-based vulnerability assessment tool, can detect related weakness of the network services, and provide complete security risk report let the 99v personnel overall enterprise vulnerability assessment and subsequent improvement plan.
DragonSoft System Security Manager (DSSM): is a host-based vulnerability assessment tools currently available for the host system security settings detect vulnerabilities mining, account number and password and backdoor detection, and patch download The host can directly be downloaded and patched, future versions will join host 99v centralized management of test results for each host.
- DragonSoft Secure Scanner Products
- DragonSoft System Security Manager Products
Note: The post you are reading maybe a machine translation copy from qqread.com: Introduction of network-based and host-based vulnerability assessment tools, if you found it valuable or it is important to you. Please rate it by clicking the "Rate" button below, when an article got over 20 votes of rate, we will put it into our queue for Manual Translation. Thank you for your support.