Re: Scanners Nessus versus ISS.

[Roger Safian <r-safian () NORTHWESTERN EDU>]

At 03:01 PM 5/22/2006, David Grisham put fingers to keyboard and wrote:
> We are looking at going to Nessus from ISS.  Are there any ISS users out
> there that have made the comparison and not gone to Nessus one another
> supported systems scanner?

We've done just that.  I terms us their actual results, I think it's
pretty hard to distinguish one from the other.  ISS does have a better,
IMHO, interface though while Nessus seems to get their new plugins
out a bit sooner.  I'd say make the switch wand use those resources
for other uses.

All that being said, I'm not sure how much life either of these products
have left in them.  As more and moire machines have personal firewalls,
the tests just fail to find most things.  That's not bad in and of it
self.  If you have a large Windows domain you could create accounts,
and allow Nessus to log in, which would produce, I hope, more accurate
results.  We're not in a position to do that though.

Good Luck.


--
Roger A. Safian
r-safian () northwestern edu (email) public key available on many key servers.
(847) 491-4058   (voice)
(847) 467-6500   (Fax) "You're never too old to have a great childhood!"