This article can also be found in the Premium Editorial Download "Information Security magazine: Security Products Readers' Choice Awards 2007."
Download it now to read this article plus other related content.
GOLD | QualysGuard Enterprise
Price: $2,995 for an annual subscription
Readers applauded vulnerability management gold medal winner QualysGuard Enterprise's ability to identify vulnerabilities quickly and
QualysGuard--which identifies potential network exploits and audits networks for compliance--also received high marks for being easy to install, configure and administer. Respondents praised QualysGuard Enterprise for the breadth of applications and devices with which it works; vendor service and support; and ROI, which most respondents rated "excellent" or "good."
Readers weren't as effusive about QualysGuard's ability to integrate with threat management systems, with many rating that feature "good" or "fair."
QualysGuard Enterprise 5.0, which was announced in February at RSA Conference 2007 and went into general release last month, boasts a revamped GUI; accelerated scanning through parallelization of scanner appliances; enhanced reporting features; and the ability to track scanning usage by business unit, according to company officials.
CISOs inundated with information about the array of threats and potential threats want a product that can pare down the onslaught, Deeba says. "The new release filters out that overload of data and narrows it down to what is most important based on your role within the organization," he says. Rather than Qualys indicating "12 million problems, you only see what is relevant to you, based on your privileges."
While noting that Qualys management has been "thinking a lot" about the juncture between scanning for weaknesses and remediating them, Deeba says the company prefers "to remain a third-party auditor, where we can come in and audit you and give you full configuration and vulnerability information."
Qualys' other offerings include a product designed to measure PCI compliance, one aimed at security consultants, and several others.
SILVER | IBM Internet Scanner
IBM Internet Security Systems
Price: $7,250 for the appliance
IBM Internet Scanner earned the silver medal on equal merit for its ability to find vulnerabilities, ease of use and reporting capabilities. Internet Scanner, which IBM acquired with its purchase of Internet Security Systems last year, offers unlimited asset identification to help CISOs keep an accurate inventory of their networks' electronic assets; an intelligent scanning feature that identifies the operating systems of target hosts and runs appropriate OS-specific checks against them; and a Common Policy Editor with 20 predefined policies that provides greater control over corporate scanning.
BRONZE | GFI LANguard NSS
Price: $495 (up to 32 IP addresses)
GFI LANguard Network Security Scanner (NSS), which identifies vulnerabilities and can also deploy necessary patches, won the gold medal in vulnerability management. The product scans a network IP by IP to provide information on missing security patches, open ports, service pack level of a machine, USB devices, and more. Companies can set GFI LANguard NSS to perform scheduled, customized scans and the product compares the results with previous scans and issues email alerts of new security holes. After a scan, it provides recommendations on remediation. Users can use the tool to deploy service packs and patches in operating systems and applications, as well as to install custom software.
This was first published in April 2007