|
Tools Included
|
|
Intrusion Detection System
|
Simplifies management of intrusion monitoring, analysis and remediation.
|
|
Intrusion Prevention System
|
Stops attackers by IP address in real-time 24x7x365.
|
Network Check
(Internal Vulnerability Assessment)
|
Reduces administrator time and efforts in identifying and fixing internal security weaknesses.
|
|
Port Scanner
|
Allows complete port scanning of all internal devices.
|
|
IP Research Tool
|
Expedites communication with other IP administrators when attacks occur.
|
|
General
|
|
Interface
|
Easy to use browser interface. No operating system knowledge required.
|
|
Setup & Installation
|
Appliance comes preconfigured. No software installation is required. To begin, connect to network and boot the machine.
|
|
General
|
|
IDS Type
|
Network Sensor
|
|
Capacity
|
100 Mbps - 1Gbps network traffic capacity depending on purchased model
|
|
Attack Detection & Prevention
|
|
Attack Recognition
|
4400
+ attack signatures and growing constantly
|
|
Updates
|
An automated process will update your system daily through a secure connection to SecurityMetrics Servers.
|
|
Attack Prevention
|
Allows automatic real-time filtering of unwanted traffic 24x7x365.
|
|
Real-time Attack Notification
|
Immediate email or email/pager notification of attacks.
|
|
Selective Notification Levels
|
The administrator may select the attack severity level for which they would like to be notified.
|
|
Reporting
|
|
Recent Attacks
|
Lists all the latest individual attacks.
|
|
Recent Attackers
|
Lists the latest source IPs of attacks.
|
|
Recent Attacked IPs
|
Lists the latest destination IPs of attacks.
|
|
Attack Types
|
Ranks the attack types.
|
|
Security Tests
|
|
Services
|
All 65,000 TCP services/ports are tested plus common UDP ports.
|
|
Vulnerabilities
|
1,000+ vulnerabilities are being tested. Issues include but are not limited to backdoors, buffer overflows, bad cgi
scripts, denial of service and a myriad of issues related to unauthorized access and control.
Some vendors & applications affected by vulnerabilities include:
3com
Alcatel
Anaconda
Apache
Appleshare
Atrium
Axis
Boa
Cabletron
Cayman
Checkpoint
Cisco
|
Cmail
Cobalt
Coldfusion
Compaq
Computer Associates
Groupwise
HP
IBM
Ichat
IIS
Imail
|
Informix
Iparty
Iplanet
Irix
Lotus Domino
Microsoft
Napster
Netbeans
Netcommerce
Netscape
Nortel
Novell
|
NT
Omnipro
Oracle
Piranha
Pix
Plusmail
Qpopper
Realserver
Redhat
Roxen
Samba
Sambar
|
Sawmill
Shiva
Silverstream
Simpleserver
Smartserver
Solaris
Sun
Suse
Tektronix
Tomcat
Tripwire
Ultraseek
|
Unify
Visualroute
Webalizer
Webcart
Webshield
Whatsup
Wingate
Xitami
Xserver
Xtramail
Xtropia
Zeus
|
Click here for a
complete list of vulnerabilities that we check for today. Denial of Service (DoS) tests have been removed.
Contact us for DoS testing.
|
|
General
|
Information leakage, open shares, and password problems are checked. Abbreviated brute force attempts are made with
common id/password combinations on multiple services and applications.
|
|
Output
|
|
Results Area
|
Each user has their own secure results web page to review their Network Checks. Unneeded results can be
deleted. Multiple results may be deleted, printed, viewed or emailed as a group.
|
|
Rating System
|
Each vulnerability is given a risk rating from 0 to 9, 9 being high risk and 0 being informational only.
|
|
Pass/Fail System
|
Any vulnerability discovered with rating of 4 or greater will fail the test for that IP.
|
|
Resolution Assistance
|
Information is provided on how to turn off services for most ports. Identified vulnerabilities include step
by step resolution instructions or links to the official sites regarding that specific vulnerability.
|
|
Individual Report
|
Each individual report includes three well organized sections of information:
The Summary Table includes a pass/fail rating, the total risk, the date run, start and stop times with a calculated
duration time, target IP, DNS entry and the estimated operating system.
The Services Table or port scan results includes the service family name, port number, port status, program or
service name, security summary discussion and most times a link to "how to" turn this service off.
The Vulnerabilities Table includes the service family name, port number, program name, risk rating and summary
information briefly explaining the nature of the vulnerability and the solution instructions or links.
External links are also provided to the current list of vulnerabilities, an OS patch database and further footprinting
options.
(Sample
Windows
/ Solaris reports)
|
|
Summary Report
|
Each Network Check is run against a "Network Check List". Initial results are presented per executed Network Check List. The
summary report will list the tested IPs in order of descending risk. Each line includes the
SecurityMetrics test ID, IP or DNS of the computer tested, start date, start time, finish time, status of test and
pass/fail rating with a link to the full individual IP report.
|
|
Function/Operation
|
|
Network Check Lists
|
Each user can create their own collection of Network Check Lists (IPs to be tested). A Network Check List is created by
entering the IPs or DNS entries of the computers to be tested. Users can also use an auto-discover feature which will
automatically find all the live computers in a class C sebnet and run the Network Check.
|
|
Scheduler
|
Users can schedule their Network Check lists to run immediately, once on an appointed date and time, daily,
weekly, twice monthly, monthly, and quarterly.
|
|
Technical Support
|
|
Available
|
Free telephone support for functional issues.
|
|
Consulting Available
|
Fee-based security consulting assistance also available.
|
