○ Multilevel Scanner List
1. Belarc® BelManage: BelSecure Module
2. Critical Watch FusionVM® Enterprise and FusionVM MSSP
3. Imperva® SecureSphere® Discovery and Assessment Server
4. Integrigy AppSentry
5. Jump Network Jabil® Network Vulnerability Assessment System
6. NSFOCUS Remote Security Assessment System
7. Open Vulnerability Assessment System 4
8. SAINT® Professional and SAINT® Enterprise
9. SecPoint The Penetrator
10. SecPoint The Portable Penetrator
11. Symantec® Control Compliance Suite: Vulnerability Manager
12. Symantec Risk Automation Suite
13. Tenable® Nessus® 4.4
14. Tenable Passive Vulnerability Scanner
15. Venusense Vulnerability Scanning and Management System
1. Belarc® BelManage: BelSecure Module
| Type | Multilevel Scanner | |||||
| Target(s) | Windows Server 2008 R2, 2008, 7, Vista, 2003,
XP, 2000, NT 4, Me, 98, 95; Linux; Microsoft Office Suite applications, Web Applications |
|||||
| Format | Software | |||||
| OS | Agent: see targets | |||||
| Server: Windows Server 2008/2008 R2(64 or 32bit), Windows Server 2003(32bit), Windows 2000 Server, all running SQL Server (2005 Express (include), or 2008/ 2008 R2, @005, 2000, 7) or Oracle 10g | ||||||
| Hardware | Disk Space: 300MB disk + 1MB additional disk per target | |||||
| License | Commercial | |||||
| SCAP Validated | ||||||
| Standards | ||||||
| Supplier | Belarc, Inc. | |||||
| Information | http://www.belarc.com/belsecure.html | |||||
2. Critical Watch FusionVM® Enterprise and FusionVM MSSP
| Type | Multilevel Scanner | |||||
| Target(s) | ||||||
| Format | Appliance | |||||
| OS | ||||||
| Hardware | ||||||
| License | Commercial | |||||
| SCAP Validated | ||||||
| Standards | ||||||
| Supplier | Critical Watch | |||||
| Information | http://www.criticalwatch.com/ | |||||
3. Imperva® SecureSphere® Discovery and Assessment Server
| Type | Multilevel Scanner | |||||
| Target(s) | Oracle, SQL Server, Sybase, DB2, Informix, MySql | |||||
| SAP, Oracle e-Business Suite, PeopleSoft® | ||||||
| Format | Appliance or Software (virtual appliance) | |||||
| OS | Virtual Appliance: Vmware ESX/ESXi 3.5/4.0 | |||||
| Hardware | V2500: two dual-core server Intel V Tx or AMD-V, 4GB RAM | |||||
| V4500: four dual-core server Intel V Tx or AMD-V, 8GB RAM | ||||||
| Both: 250GB disk, hypervisor-supported NIC | ||||||
| License | Commercial | |||||
| SCAP Validated | ||||||
| Standards | ||||||
| Supplier | Imperva Inc. (US/Israel) | |||||
| Information | http://www.imperva.com/products/dsc_database-discovery-and-assessment-server.html | |||||
4. Integrigy AppSentry
| Type | Multilevel Scanner | |||||
| Target(s) | Oracle products (on Solaris, HP-UX, AIX, Linux, Windows Server), including Oracle database, E-Business Suite (on Solaris, HP-UX, AIX, Linux, Windows Server), Application Server, WebLogic, PeopleSoft; Microsoft SQL Server (on Windows Server 2000/2003/2008). |
|||||
| By July 2011, support for the following additional targets is expected: Oracle Collaboration Suite/Clinical/Retail/Siebel; SAP; DB2; Sybase; Apache; MySQL (AppSentry Open Source Edition only) |
||||||
| Format | Software | |||||
| OS | Windows 2000 SP4, XP SP1, Vista, 7; console must run Adobe Acrobat 4.0+ and IE 5.0+ |
|||||
| Hardware | Pentium+ or AMD CPU, 512MB RAM, 120MB free disk space |
|||||
| License | Commercial | |||||
| SCAP Validated | ||||||
| Standards | ||||||
| Supplier | Integrigy Corporation | |||||
| Information | http://www.integrigy.com/products/appsentry | |||||
5. Jump Network Jabil® Network Vulnerability Assessment System
| Type | Multilevel Scanner (with limited pen testing) | |||||
| Target(s) | Network services, host Oss, Web Applications/services | |||||
| databases (SQL Server, MySQL, PostgreSQL, etc.) | ||||||
| Format | ||||||
| OS | ||||||
| Hardware | ||||||
| License | Commercial | |||||
| SCAP Validated | ||||||
| Standards | CVE, CVSS | |||||
| Supplier | Xi’an Jiaotong University/Jump Network Technology Co., Ltd. (China) |
|||||
| Information | http://www.jump.net.cn/cp/cplx.aspx?code=19 (in Chinese only) | |||||
6. NSFOCUS Remote Security Assessment System
| Type | Multilevel Scanner | |||||
| Target(s) | OS (Windows, UNIX, AIX, BSD, HP-UX, Silicon
Graphics® Irix®, Linux, Mac OS X, NetWare, Solaris, others); Network Devices (Cisco, Huawei, 3COM®, Nortel®, Motorola® Vanguard router, Checkpoint firewall, ZyXEL® Prestige Asymmetric Digital Subscriber Line [ADSL] router, Alcatel® ADSL Modem, Alcatel-Lucent Ascend router, Shiva Integrator router, Nortel/Bay Networks Nautica Marlin router, others); HP JetDirect® printer; |
|||||
| Databases (SQL Server, Oracle, DB2, Informix,
Sybase, MySQL, PostgreSQL, others); Web applications |
||||||
| Format | Appliance | |||||
| OS | ||||||
| Hardware | ||||||
| License | Commercial | |||||
| SCAP Validated | ||||||
| Standards | CVE | |||||
| Supplier | NSFOCUS (China) | |||||
| Information | http://www.nsfocus.com/en/1_solution/1_2_3.html | |||||
7. Open Vulnerability Assessment System 4(5)
| Type | Multilevel Scanner | |||||
| Target(s) | Networks | |||||
| Applications | ||||||
| Format | Software, Appliance, or SaaS | |||||
| OS | Linux (CentOS/Fedora/Red Hat/Debian/ OpenSuSE/Ubuntu/Scientific Linux/ Mandriva/Gentoo®/Slackware/SuSE Linux Enterprise/ArchLinux/BackTrack); |
|||||
| FreeBSD; Windows | ||||||
| Hardware | ||||||
| License | Open Source | |||||
| SCAP Validated | ||||||
| Standards | ||||||
| Supplier | Atomic Corporation’s OpenVAS Project (Germany) |
|||||
| Information | http://www0.atomicorp.com/index.html | |||||
8. SAINT® Professional and SAINT® Enterprise
| Type | Multilevel Scanner | |||||
| Target(s) | Network devices; OSs, Databases, Desktop
applications, and Web applications on any host that can be identified by an IP Version 4 (v4) or v6 address or by a URL |
|||||
| Format | Software, Appliance, or SaaS | |||||
| OS | Linux (CentOS 5.5, Debian, Fedora 14, Mandriva 2010, Red Hat
Enterprise 5/6, SuSE, Ubuntu 9.04/10.04), UNIX (Free BSD, SPARC Solaris), |
|||||
| Mac OS X 10.6.5+, with Perl 5.004+ and Firefox 3.6+, IE 8+, Safari® 5+, or Opera® | ||||||
| Hardware | Professional: Minimum -1.6GHz+ CPU; 1GB RAM; 100MB free disk space (1GB recommended); Recommended: Small networks - 2.3GHz+ CPU, 2GB RAM, 1GB disk; Large networks - 2.6GHz+ CPU; 8GB RAM; 1GB disk; | |||||
| Enterprise: 3.0GHz dual CPU; 8GB RAM; 160GB disk | ||||||
| License | Commercial | |||||
| SCAP Validated | http://nvd.nist.gov/validation_saint.cfm | |||||
| Standards | SCAP, CVE, OVAL, CVSS | |||||
| Supplier | SAINT Corp. | |||||
| Information | http://www.saintcorporation.com/products/productsOverview.html | |||||
9. SecPoint The Penetrator
| Type | Multilevel Scanner (With limited pen testing) | |||||
| Target(s) | Windows (98, XP, 2000, Vista, Server
2003), OS/2®, UNIX (AIX, Solaris, NetBSD, OpenBSD, FreeBSD), Linux (Fedora, Gentoo, Slackware, Ubuntu, Mandriva), Mac OS/Mac OS X; Web Applications |
|||||
| Networking devices (routers, firewalls, voice over IP [VoIP] servers, other networking devices); |
||||||
| Format | Appliance (preconfigured Dell® desktop or 1U rackmount running customized Slackware 2.6) | |||||
| OS | ||||||
| Hardware | ||||||
| License | Commercial | |||||
| SCAP Validated | ||||||
| Standards | ||||||
| Supplier | SecPoint ApS [Anpartsselskab] (Denmark) | |||||
| Information | http://www.secpoint.com/penetrator.html | |||||
10. SecPoint The Portable Penetrator
| Type | Multilevel Scanner (With limited pen testing) | |||||
| Target(s) | Hosts running Windows (98, XP, 2000, Vista,
Server 2003), OS/2, UNIX (AIX, Solaris, NetBSD, OpenBSD, FreeBSD), Linux (Fedora, Gentoo, Slackware, Ubuntu, Mandriva), Mac OS/Mac OS X; Web Applications |
|||||
| Networking devices (routers, firewalls, VoIP servers, Wi-Fi hotspot devices, other networking devices); |
||||||
| Format | Appliance (preconfigured Dell laptop or netbook running customized Slackware 2.6) | |||||
| OS | ||||||
| Hardware | ||||||
| License | Commercial | |||||
| SCAP Validated | ||||||
| Standards | ||||||
| Supplier | SecPoint ApS [Anpartsselskab] (Denmark) | |||||
| Information | http://www.secpoint.com/portablepenetrator.html | |||||
11. Symantec® Control Compliance Suite: Vulnerability Manager
| Type | Multilevel Scanner | |||||
| Target(s) | Host operating systems (e.g., Windows, VMware
ESX/ESXi); Web applications |
|||||
| databases (e.g.,MySQL, Sybase, Informix,
Oracle, PostgreSQL) |
||||||
| Format | Software | |||||
| OS | Server: Windows Server 2003 SP2 or 2008 running Microsoft SQL Server 2005 SP2 | |||||
| Client: Windows XP/2008/Vista/7 running Microsoft Office® 2003 or later | ||||||
| Hardware | Server: Dual 3GHz CPU (64-bit); 4GB RAM; 130GB disk | |||||
| Client: 2.8GHz Intel CPU; 1GB RAM; 1024x768 (or better) res. monitor | ||||||
| License | Commercial | |||||
| SCAP Validated | http://nvd.nist.gov/validation_symantec.cfm | |||||
| Standards | SCAP, OVAL, CVE, CVSS | |||||
| Supplier | Symantec | |||||
| Information | http://www.symantec.com/business/control-compliance-suite | |||||
12. Symantec Risk Automation Suite
| Type | Multilevel Scanner | |||||
| Target(s) | Network devices, host OSs, databases, network applications |
|||||
| Format | Software | |||||
| OS | Portal Server: Windows Server 2003/2008 running IIS and SQL Server | |||||
| Scanning Server: Windows Server 2003/2008 running IIS | ||||||
| Hardware | Server: Dual 3GHz CPU (64-bit); 4GB RAM; 130GB disk | |||||
| Client: 2.8GHz CPU; 1GB RAM; 1024x768 (or better) res. monitor | ||||||
| License | Commercial | |||||
| SCAP Validated | http://nvd.nist.gov/validation_symantec.cfm | |||||
| Standards | SCAP, OVAL, CVE, CVSS | |||||
| Supplier | Symantec | |||||
| Information | http://www.symantec.com/business/risk-automation-suite | |||||
13. Tenable® Nessus® 4.4
| Type | Multilevel Scanner | |||||
| Target(s) | TCP/UDP/IP networks; Cisco IOS devices; operating systems including Windows (NT/2000/Server 2003/XP/Vista/7/2008), UNIX/Linux; Windows file content types; Web servers, CGI scripts |
|||||
| SQL databases (Oracle, Microsoft SQL Server, MySQL, DB2, Informix/Distributed Relational Database Architecture, PostgreSQL); | ||||||
| Format | Software | |||||
| OS | Linux (Debian 5, Fedora Core 12/13/14, Red Hat ES 4/5/6, SuSE
9.3/10.0/11, Ubuntu 8.04/9.10/10.04/10.10; FreeBSD 8; Mac OS X 10.4/10.5/10.6; SPARC Solaris 10; VMware if simulated machine does not use Network Address Translation (NAT) |
|||||
| Windows XP (pre SP2)/Server 2003/Server 2008/2008 R2/Vista/7; | ||||||
| Hardware | When running on Windows: 2GHz Pentium III+ or dual core Intel
CPU for Apple Computers; 1GB RAM (2GB recommended for moderate scans; 4GB for large scans) |
|||||
| License | Freeware/Commercial (software is free, but subscription must be purchased to operate and get support/updates) | |||||
| SCAP Validated | http://nvd.nist.gov/validation_tenable.cfm | |||||
| Standards | SCAP, OVAL, CVE, CVSS | |||||
| Supplier | Tenable Network Security® | |||||
| Information | http://www.nessus.org/products/nessus | |||||
14. Tenable Passive Vulnerability Scanner
| Type | Multilevel Scanner | |||||
| Target(s) | TCP/User Datagram Protocol [UDP]/IP networks
and associated servers (e.g., DNS servers); OS, email clients and servers (SMTP, IMAP, POP3), Web clients and servers, FTP servers, Web applications (CGI, Java, PHP, ActiveX), P2P servers, Internet Relay Chat/Instant Messaging clients |
|||||
| Format | Software | |||||
| OS | Linux (Red Hat 4/5, CentOS 4/5 [32/64-bit]), Windows (2003/2008); VMware ESX/Server/Workstation/Fusion® |
|||||
| Hardware | 3GHz CPU; 8GB RAM; 100/1000baseT NIC | |||||
| License | Commercial | |||||
| SCAP Validated | ||||||
| Standards | CVE, CVSS | |||||
| Supplier | Tenable Network Security® | |||||
| Information | http://www.nessus.org/products/tenable-passive-vulnerability-scanner | |||||
15. Venusense Vulnerability Scanning and Management System
| Type | Multilevel Scanner | |||||
| Target(s) | Network devices (e.g., Cisco, 3Com, Checkpoint,
others), network printers, servers and desktops running Microsoft Windows
9X/NT/2000/XP/2003, Sun Solaris, HP UNIX, IBM AIX, IRIX, Linux, BSD, etc.,
databases (SQL Server, Oracle, Sybase, DB2, MySQL, etc.) and applications (Web, FTP, Email, etc.) |
|||||
| Format | Appliance | |||||
| OS | ||||||
| Hardware | ||||||
| License | Commercial | |||||
| SCAP Validated | ||||||
| Standards | CVE, CVSS | |||||
| Supplier | Beijing Venustech Security Inc. (China) | |||||
| Information | http://english.venustech.com.cn/Products/ProductInfo_97.html | |||||
'IT 와 Social 이야기 > Security' 카테고리의 다른 글
| 취약점 분석(Vulnerability Assessments) 솔루션 소개 : Network Scanner (0) | 2012.08.12 |
|---|---|
| 취약점 분석(Vulnerability Assessments) 솔루션 소개 : Database Scanner (0) | 2012.08.07 |
| 2012년 1분기 보안 취약점 Top 10 [According to KSN data, Kaspersky Lab] (0) | 2012.07.27 |
| 스마트폰의 취약성과 위협 Vulnerability and Threats of Smart Phones (0) | 2012.07.25 |
| 보안 위협 Top 7 (Top 7 Security Threats) (0) | 2012.07.11 |
