IBM Proventia Network Enterprise Scanner

Similar documents
IBM Proventia Network Anomaly Detection System

IBM Proventia Management SiteProtector Sample Reports

IBM Internet Security Systems Proventia Management SiteProtector

Internet Scanner 7.0 Service Pack 2 Frequently Asked Questions

IBM Global Technology Services May IBM Internet Security Systems Proventia Management SiteProtector system version 2.0, SP 7.

IBM Security Services Overview

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

Asset Discovery with Symantec Control Compliance Suite WHITE PAPER

IBM Proventia Network Multi-Function Security MX1004

Symantec Network Security 7100 Series

IBM Proventia Management SiteProtector. Scalability Guidelines Version 2.0, Service Pack 7.0

Reinvent Your 2013 Security Management Strategy

Establish and Maintain Secure Cardholder Data with IBM Payment Card Industry Solutions

Turn-key Vulnerability Management

IBM Proventia Network Multi-Function Security offers security protection at a low cost in a single device

IBM Security SiteProtector System User Guide for Security Analysts

Symantec Security Monitoring Services

NetWitness Overview. Copyright 2011 EMC Corporation. All rights reserved.

Unlocking the Power of the Cloud

Changing face of endpoint security

Host Identity Sources

Technical Review Managing Risk, Complexity, and Cost with SanerNow Endpoint Security and Management Platform

Preemptive security products and services

IBM Tivoli Network Manager Entry Edition

IBM Proventia Management SiteProtector Installation Guide

SailPoint IdentityIQ Integration with the BeyondInsight Platform. Providing Complete Visibility and Auditing of Identities

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Turn-key Vulnerability Management

IBM Proventia Network Multi-Function Security MX0804 and MX1004

IBM Europe, Middle East, and Africa Services Announcement ZS , dated October 6, 2009

Industrial Defender ASM. for Automation Systems Management

Chapter 5: Vulnerability Analysis

McAfee Public Cloud Server Security Suite

IPS-1 Robust and accurate intrusion prevention

Comprehensive Database Security

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

Total Protection for Compliance: Unified IT Policy Auditing

10 FOCUS AREAS FOR BREACH PREVENTION

Vulnerability Management

Symantec Client Security. Integrated protection for network and remote clients.

INTELLIGENCE DRIVEN GRC FOR SECURITY

REMOTE IT MANAGEMENT SOLUTIONS: MANAGE REMOTE OFFICES WITHOUT LEAVING YOURS

Veritas Provisioning Manager

Symantec Discovery. Track hardware/software assets and monitor license compliance throughout a multiplatform IT infrastructure

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

IBM BigFix Compliance PCI Add-on Version 9.5. Payment Card Industry Data Security Standard (PCI DSS) User's Guide IBM

IBM Internet Security Systems October Market Intelligence Brief

Tenable.io User Guide. Last Revised: November 03, 2017

RSA Solution Brief. The RSA Solution for VMware. Key Manager RSA. RSA Solution Brief

SYMANTEC DATA CENTER SECURITY

ENTERPRISE-GRADE MANAGEMENT FOR OPENSTACK WITH RED HAT CLOUDFORMS

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

Penetration testing a building automation system

Continuous protection to reduce risk and maintain production availability

Automating the Top 20 CIS Critical Security Controls

RFP/RFI Questions for Managed Security Services. Sample MSSP RFP Template

Introduction to Network Discovery and Identity

White Paper April McAfee Protection-in-Depth. The Risk Management Lifecycle Protecting Critical Business Assets.

IBM Security QRadar SIEM Version Getting Started Guide

Carbon Black PCI Compliance Mapping Checklist

SecureVue. SecureVue

Introduction to Network Discovery and Identity

How-to Guide: Tenable Nessus for BeyondTrust. Last Revised: November 13, 2018

IBM Security SiteProtector System Configuring Firewalls for SiteProtector Traffic

DS Series Solutions Integrated Solutions for Secure, Centralized Data Center Management

Certified Information Systems Auditor (CISA)

CIS Controls Measures and Metrics for Version 7

TRACKVIA SECURITY OVERVIEW

IBM Security technology and services for GDPR programs GIULIA CALIARI SECURITY ARCHITECT

IBM BigFix Compliance

Symantec Advanced Threat Protection: Endpoint

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

IBM Security. Endpoint Manager- BigFix. Daniel Joksch Security Sales IBM Corporation

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

NETWORKING &SECURITY SOLUTIONSPORTFOLIO

ForeScout CounterACT. Configuration Guide. Version 1.1

The McGill University Health Centre (MUHC)

Device Discovery for Vulnerability Assessment: Automating the Handoff

IBM InfoSphere Guardium Vulnerability Assessment

Network Visibility and Segmentation

During security audits, over 15,000 vulnerability assessments are made, scanning the network IP by IP.

SIEM: Five Requirements that Solve the Bigger Business Issues

Combatting advanced threats with endpoint security intelligence

Meeting PCI DSS 3.2 Compliance with RiskSense Solutions

Increase user productivity and security by integrating identity management and enterprise single sign-on solutions.

Threat and Vulnerability Assessment Tool

Networks with Cisco NAC Appliance primarily benefit from:

IBM Aspera for Microsoft SharePoint

Features. HDX WAN optimization. QoS

IBM services and technology solutions for supporting GDPR program

Symantec Network Access Control Starter Edition

SECURITY FOR SMALL BUSINESSES

IBM Proventia Management SiteProtector Policies and Responses Configuration Guide

PROFESSIONAL SERVICES (Solution Brief)

SECURE 6. Secure64 Appliances Purpose-built DNS appliances for the most demanding environments DNS APPLIANCES DATA SHEET. Appliance Descriptions

CIS Controls Measures and Metrics for Version 7

Title: Planning AWS Platform Security Assessment?

Cisco Security Monitoring, Analysis and Response System 4.2

ITSM SERVICES. Delivering Technology Solutions With Passion

Cisco Network Admission Control (NAC) Solution

Transcription:

Protecting corporate data with preemptive risk identification IBM Proventia Network Enterprise Scanner Identifying risk and prioritizing protection IBM Proventia Network Enterprise Scanner * (Enterprise Scanner) is designed to ensure the availability of your revenue-producing services and to protect your corporate data by identifying where risk exists, prioritizing and assigning protection activities and reporting on results. Benefits Reduce risk to your network s uptime, bandwidth and critical systems with Enterprise Scanner s vulnerability management and protection capabilities. Free up resources by automating the scanning process. Leverage your existing infrastructure components: Enterprise Scanner provides seamless integration with Microsoft Active Directory, asset management databases and workflow systems. Virtually eliminate duplicated effort: Information can be stored once and shared among systems. Reduce emergency patching and follow normal change-control processes: IBM Virtual Patch technology helps protect at-risk systems and segments before the vendor-supplied patch is available. Support regulatory compliance with Enterprise Scanner s superset of audit tools taken from the auditors preferred tool, IBM Internet Scanner software.

Features and capabilities Specifications Identifies 2,691 asset types out-of-the-box, including desktops, servers, routers, switches, applications and operating systems Identifies newly connected devices and previously undiscovered assets on the network Assigns or allows responsibility to be assigned to specific assets to meet corporate governance and traceability standards Is capable of passive/active asset identification with the inclusion of the IBM Proventia Network Anomaly Detection System (ADS) Multisource discovery Active discovery scan Active Directory import Intrusion prevention system (IPS)-based discovery Proventia Network ADS discovery Asset database import Manual input Custom service discovery User-defined Asset identification techniques Ping sweep User Datagram Protocol (UDP) probe Asset fingerprinting Rapid discovery NetBIOS-based discovery Transfer Control Protocol (TCP) discovery UDP port discovery Operating system (OS) fingerprinting Application fingerprinting Integrated Networked Messaging Application Protocol (NMAP) 4.0 database Asset classification Hierarchical group structure that mirrors your organizational structure, providing context for both scanning and reporting Active Directory import and mirroring Asset database import Geographical, organizational, topological or systemlevel classification Vulnerability assessment Discovery-based assessment Efficient, high-performance vulnerability assessment Scripted assessment Allows for new content without updating product binaries Provides smaller content updates (IBM X-Press Update product enhancements) Supports faster time to market with security content Attack emulation Performs specific tests in a nonimpacting manner (posing no danger to your network) to analyze the effects of a real attack Renowned vulnerability database by the IBM Internet Security Systems (ISS) X-Force research and development team recognizes vulnerabilities and programmatic errors that could compromise an asset Host criticality-prioritized scanning Security content updates featuring Virtual Patch technology Preemptive, ahead-of-the-threat coverage, powered by X-Force vulnerability-based research Spyware scanning Detects existence of spyware Trust X-Force option Automatically detects new vulnerabilities based on X-Force expert recommendations Network services identified 2,691

Scan windows Automated scanning during open scan windows Auto-pause/auto-resume automatic scan suspension upon closure of scan windows; resumes when the scan window reopens Scan-window configuration that s designed for ease of use Configurable refresh period refreshes data automatically during open scan window, helping to ensure up-to-date vulnerability information Group-oriented scan windows Workflow Vulnerability prioritization Internal ticketing system Remedy integration Open application programming interface (API), supporting other ticketing systems Ownership assignment and tracking Activity logging and tracking Traditional patch-and-protect remediation Virtual Patch technology, in combination with the IBM Proventia Network Intrusion Prevention System (IPS) portfolio Automatic resolution validation Multiple vulnerabilities per ticket Status monitoring and tracking (eight levels) Scan and block protection Vulnerability protection without deployment of a vendorsupplied patch when combined with IBM Proventia Network IPS Turnkey integration with Proventia Network IPS through the IBM Proventia Management SiteProtector system Detects vulnerabilities and identifies corresponding blocking algorithms within the Proventia Network IPS portfolio Unified management that provides easy configuration of IPS devices for discovered vulnerabilities Reporting Reports that illustrate information in the context of your organization: Group and report on risk in applicable business context using a mirror of your organization Group and report by geography, network layout, business system or any other useful grouping of assets Report risk to the right people at the right time quickly compare risk of different business units, systems or geographies Flexible view-based analysis with more than 1,800 reports Enterprise-level multiscan, multiscanner reports Preconfigured report templates Exportable reports to PDF, CSV, HTML Schedule-driven reports Web-accessible reports FastAnalysis reports Extensive filtering Automation Virtually eliminates manual steps, saving time and money Automatic and continuous scanning Scan prioritization Scan teams (multiple scanners working as one) X-Press Update enhancements of vulnerability information Asset classification and grouping

Easy-to-install appliance based on Linux management Centrally managed by SiteProtector system award-winning management system and the security industry s only platform designed to unify the protection of network, server and desktop assets Emergency scans providing quick, ad hoc scans of your network on request Automated security intelligence updates on the newest electronic threats X-Press Update product enhancements delivered by the globally respected X-Force research and development team User interface options SiteProtector system centralized management interface Web-based Proventia manager local management interface SiteProtector system Centralized command, reporting and analysis for Enterprise Scanner and all IBM ISS products User auditing Flexible event analysis Proventia manager Web-based local management interface (LMI) Device configuration, establishment of SiteProtector communications link Device health monitoring SiteProtector system centralized management interface Web-based local management interface Asset-based management Asset-centric assessment policies associated with assets rather than with scanner Scan policy asset-based scan policy allows policy association with assets or groups of assets rather than with scanners, allowing context-sensitive scanning Assessment refresh cycles Scan windows Assessment credentials for Microsoft Windows and Secure Shell (SSH) technology Assessment policy Discovery policy/scan exclusions Correlation Supports IBM SecurityFusion module SiteProtector FastAnalysis and centralized correlation Independent discovery and assessment Separate policies Separate scan windows Separate refresh periods World-class support 24x7 support, including platform updates

Hardware specifications Model Enterprise Scanner 1500 Enterprise Scanner 750 Physical characteristics Form factor 1-RU Desktop D x W x H Weight 429mm D x 382mm W x 44mm H 16.9" D x 15.0" W x 1.73" H Gross 11.1kg (24.47lb) Net: 6.5kg (14.33lb) 177mm D x 250mm W x 39mm H 6.9" D x 9.8" W x 1.5" H 1.2kg (2.6lb) Emissions FCC Class A FCC Class A Certifications CE/FCC/UL/cUL CE/FCC/UL/cUL Power Power supply unit Operating environment Temperature Full-range 250-watt PSU auto-switching Temp: 5 C 35 C (41 F 95 F) for P4 3.0 3.4GHz processors 600-watt PSU, 100 240 volts AC, 47 63Hz Temp: 0 C 40 C (32 F 104 F) Humidity 20% 90% relative 20% 90% relative Storage environment Temperature -20 C 70 C (-4 F 158 F) -20 C 70 C (-4 F 158 F) Ports Scan ports Five 32-bit gigabit PCI-Express Ethernet ports (one active, four reserved for future use) One 10/100/1,000 PCI Ethernet port Management One 32-bit gigabit Ethernet port One 32-bit gigabit Ethernet port Console Serial port one front-accessible RJ-45 connector Serial port one front-accessible RJ-45 connector USB Two USB 2.0/front accessible Two USB 2.0/rear accessible Front panel LCD display LCD panel 2 x 16 characters LCD module with four buttons (reserved for future use) N/A

Discovery performance specifications Enterprise Scanner 1500 Percentage of populated IP space Full assessment Discovery with pinger enabled (IPs/hr) Discovery without pinger (IPs/hr) 0% 19,794 2,289 20% 6,621 2,713 50% 2,590 2,580 80% 2,008 1,953 100% 1,605 1,648 800 hosts per hour Performance figures based on Firmware 1.3 with the default policy and XPU #1.21. Population density has no effect on assessment because assessment is performed on discovered hosts only. Enterprise Scanner 750 Percentage of populated IP space Discovery with pinger enabled (IPs/hr) Discovery without pinger (IPs/hr) 10% 4,262 2,448 20% 5,885 2,530 50% 7,509 2,612 80% 9,133 2,694 100% 10,757 2,776 Scan-team performance gains Performance features Dynamic check assignment to identify and run OS-specific checks Load balancing (teaming) among multiple scanners Scan-time work distribution Ability to add a scanner at a location, to automatically and transparently load balance Perspective-based load balancing Distributed scanning Performance optimization by adding multiple scanners in multiple network locations Multiple scanners colocated to load balance For more information Proventia Network Enterprise Scanner is also an integral part of IBM Managed Security Services, including IBM Vulnerability Management Service, and IBM Professional Security Services. IBM Managed Security Services provides 24x7x365 expert monitoring and protection for a fraction of the cost of training Full assessment 250 hosts per hour Performance figures based on Firmware 1.3 with the default policy and XPU #1.21. Population density has no effect on assessment because assessment is performed on discovered hosts only.

Scan team performance gains Scan team Percent reduction from base Discovery Assessment Time effect One scanner 0 percent 0 percent (base) 1 hour Two scanners 45 percent 45 percent 35 minutes Three scanners 60 percent 60 percent 24 minutes and maintaining an in-house security staff. Discover how Enterprise Scanner can protect your business from Internet threats. Be sure to ask if your company qualifies for a 30-day evaluation. For an onsite demonstration, contact the IBM ISS office nearest you. For locations and more product information, visit: ibm.com/services/us/iss Four scanners 70 percent 70 percent 18 minutes Five scanners 75 percent 75 percent 15 minutes Six scanners 80 percent 80 percent 12 minutes

Copyright IBM Corporation 2007 IBM Global Services Route 100 Somers, NY 10589 U.S.A. Produced in the United States of America 10-07 All Rights Reserved IBM, the IBM logo, Internet Scanner, Internet Security Systems, Proventia, SecurityFusion, SiteProtector, Virtual Patch, X-Force and X-Press Update are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both. Linux is a registered trademark of Linus Torvalds in the United States, other countries, or both. Microsoft and Windows are trademarks of Microsoft Corporation in the United States, other countries, or both. Other company, product and service names may be trademarks or service marks of others. References in this publication to IBM products or services do not imply that IBM intends to make them available in all countries in which IBM operates. All performance data contained in this publication was obtained in the specific operating environment and under the conditions described above and is presented as an illustration. Performance obtained in other operating environments may vary and customers should conduct their own testing. * U.S. Patent No. 7,093,239 GTD01130-USEN-01

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback