Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Vulnerability scanners - what do you use? What seems to be successful for your environment?

From: John Ladwig <John.Ladwig () CSU MNSCU EDU>
Date: Wed, 26 May 2010 13:30:34 -0500
From the big-system perspective (2007-22008 full-time credit headcount 250k, total headcount 384k, 32 institutions at 
54 campuses and 100 physical  locations)...  I think it'd be nice if more people said something about how big they 
are, since products don't work the same for all sizes...


MnSCU has been using nCircle IP360 at most campuses for a couple of years now.  They have a *very* nice reporting 
interface and database setup in the base product, and we look forward to our partner organization's work on developing  
an enhanced reporting portal based on the nCricle Security Intelligence Hub.  Scan definition and scheduling is pretty 
flexible, and it has a very workable delegation and access model which allows us to assign responsible parties to 
various network object collections across campuses and scanning probes.

We currently have 54 scanning probes statewide, and recent scans show between 10k and 20k hosts scanned per day.   We 
also do monthly Internet-basis inbound scans from an off-campus scan appliance.

I expect we have more work to do enrolling networks and endpoints, and we should be a factor of 2 or 4 larger than what 
we're currently scanning, which should fit into one of their medium-large management systems with at least 90 days of 
scan-data retention.

   -jml



"Di Fabio, Andrea" <adifabio () NSU EDU> 2010-05-26 12:57 >>>

We have been using OpenVAS since Nessus became commercialized.  We are in
the process of integrating it with metasploit autopwn.  So far the only
drawback we have is the lack of built in automated comparison of previous
scans with the current one.

 

 

From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Ullman, Catherine
Sent: Tuesday, May 25, 2010 11:13 AM
To: SECURITY () LISTSERV EDUCAUSE EDU 
Subject: [SECURITY] Vulnerability scanners - what do you use? What seems to
be successful for your environment?

 

Greetings!

 

I am beginning to do some research into vulnerability scanners to be used in
assessing infrastructure weaknesses here at the University at Buffalo.  I'm
wondering if folks out there might be willing to share with us what they're
using, if anything, and any experiences (good or bad) you've had with any of
these products.

 

Many thanks in advance for your assistance.

 

Sincerely,

Cathy

 

Catherine J. Ullman

Information Security Analyst

Information Security Office

University at Buffalo

cende () buffalo edu
Previous By Date Next
Previous By Thread Next

Current thread: