Re: Qualys

[US Infosec <usinfosec () gmail com>]

exactly

I also prefer to break the A up, it was just a question.   It was
however important for us
to see if they had ever been in a large environment and needless to
say I was shocked by the guy's response.   I am personally not a big
fan of distributed vm systems anyhow even though everyone is trying to
put one out.   I prefer to scan at a max of a class B at a time with
multiple tools for accuracy and effectiveness of the data.



On 2/8/06, Justin Ferguson <jnferguson () gmail com> wrote:
> Everyone seems to have missed what I think was his/her's point. He
> asked the *technical* contact if they had every deployed in a Class A
> environment (aka 16 million hosts), and he/she responded 'sure we've
> supported clients with 60 thousand hosts!' (which isn't even a class b
> btw), and the technical ignorance of their technical person is what
> closed the door for ncircle. Or at least that is what I get out of his
> email, not 'please tell me how i should deploy a vulnerability scanner
> in my network' but rather a dialogue on the technical competence of
> the employee's.
>
>
>
> On 2/8/06, Byron Sonne <blsonne () rogers com> wrote:
> > Greetings,
> >
> > > nCircle came to do a demonstration for my team once.  I work in an
> > > enviornment that has a full routable class A.   I asked the technical
> > > guy there if they had ever deployed their appliances in a Class A
> > > enviornment and he said sure we have supported clients with 60K hosts.
> > >    That was the end of our consideration.
> >
> > How long ago did you give it a demo? That sounds like it must have been
> > a good while ago, or perhaps there was a mis-understanding of some sort.
> >
> > For folks with class A networks, something that big you'd deploy
> > multiple units of our product as per our product architecture and
> > design, as most orgs of that kind of size have done.
> >
> > If you like, I could put you in touch with someone inside the company
> > that could discuss any issues you had. If I may ask, who did you opt to
> > go with instead of nCircle?
> >
> > Cheers,
> > Byron
> >
> >
> >
> >
> > ------------------------------------------------------------------------------
> > Audit your website security with Acunetix Web Vulnerability Scanner:
> >
> > Hackers are concentrating their efforts on attacking applications on your
> > website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> > login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
> > futile against web application hacking. Check your website for vulnerabilities
> > to SQL injection, Cross site scripting and other web attacks before hackers do!
> > Download Trial at:
> >
> > http://www.securityfocus.com/sponsor/pen-test_050831
> > -------------------------------------------------------------------------------

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------