No-frills security scanning
Nessus and Internet Scanner prove less costly but less capableFollow @infoworld
We discovered we could schedule a scan several ways, but not from within the Windows application itself, and we didn’t particularly like the methods at our disposal. We were limited to either the Windows Task Scheduler or the Internet Scanner’s Engine Manager via command line. We were not impressed.
We did, however, like Internet Scanner’s ability to import IP addresses. In fact, its IP import functionality was better than any product we’ve tested so far. And we could easily select from a variety of vulnerability assessment policies to run, and even edit a policy while a scan was in process.
Internet Scanner breaks reports into three categories: Executive, Line Management, and Technician. We found the reports, based on Crystal Reports, to be simplistic for a commercial product, and the report-generated graph layout was somewhat confusing.
We could export reports in several formats, including PDF (in multiple languages), HTML, and RTF. We could also export a list of hosts based on OS and/or service to a text file.
Like Nessus, Internet Scanner includes a scripting language, FlexChecks, for creating custom security tests. FlexChecks scripts can be written in either C or Perl. Internet Scanner displays the MAC address of a scanned host, so we could more easily track a host down in a DHCP environment. During scans, Internet Scanner can detect which OS is running on a host and limit its vulnerability checks to the specific OS. On the down side, when we hid an IP address via stealth, Internet Scanner couldn’t initiate a scan.
Translating accurate vulnerability assessments into a foolproof report, one that even Dilbert’s boss can understand, should be the ultimate goal of a vulnerability scanner. Neither Nessus nor Internet Scanner achieved this level of perfection but both performed accurate scans and provided the essential information. Although neither of these products is in the same class as those from Qualys and Foundstone, either one can tell you what you need to know about your network and how to fix it. If the choice comes down to Nessus or Internet Scanner, Nessus is the clear winner in our book.