A VA scanner geeks will love
Networks are dynamic, constantly changing with the addition of new devices and services--each with vulnerabilities and risky configurations. Vulnerability assessment tools that take snapshots don't reflect this ceaseless flux. That's where Tenable Network Security steps in, taking a completely passive approach to flush out network exposures with its NeVO application.
NeVO passively sniffs traffic at network choke points, performing signature and protocol analysis to update its network map. It fingerprints network device OSes, comparing TCP and IP header information with known OS standards. It can output ad hoc or interval reports on known hosts, system vulnerabilities and client systems connected to the network. And, it provides numerous vulnerability signatures, supporting download updates and custom signatures.
Impressive, yes, but what NeVO lacks is a user-friendly interface. Both the management and output reports are through a command-line interface--it offers no built-in reporting or administration and management functionality. Its fingerprinting of system OSes is less than reliable. And, it only runs on Red Hat/FreeBSD.
[ Read more ]