Network Security and Vulnerability Assessment Solutions

Transcription

1 Network Security and Vulnerability Assessment Solutions

2 Unified Vulnerability Management It s a known fact that the exponential growth and successful exploitation of vulnerabilities create increasingly volatile network environments. Today, IT Managers need to proactively identify and remediate network vulnerabilities regularly and accurately. Vulnerability Management is a proactive process with one clear objective: the assessment and understanding of vulnerabilities affecting an IT environment followed by the accurate reporting and remediation to ensure that the network is not compromised. eeye s powerful and award winning Retina solution enables organizations both small and large to effectively assess and manage their vulnerabilities and maintain control over their network security. Retina has been at the forefront of Vulnerability Management for over a decade and is now available as software, as an appliance or as a managed service. The Retina Solution for Unified Vulnerability Management Retina is a powerful unified vulnerability management and compliance solution designed to help organizations of all sizes with vulnerability assessment, mitigation and protection. Retina is an integrated end-to-end vulnerability and compliance solution designed to help organizations with protection and compliancy by defining and monitoring relevant IT controls. Retina provides three core solution offerings: Assessment Retina provides industry leading vulnerability assessment, unified configuration and vulnerability scanning across network devices, operating systems, applications, databases, and web applications using a scalable, non-intrusive approach. Mitigation If computer controls or service levels are impacted by a network problem or intruder, alerts can be issued to notify to take immediate actions to re-establish operational and security controls. Retina adheres to broadly accepted standards which include integration with both SCAP and ASV (PCI) for assessment, risk scoring and reporting purposes to ensure reports are easily comprehendible and suitable to our customers and their partners. Protection Retina also provides unified zero-day protection for when a vendor supplies security patches which do not yet exist for an operating system or application. Retina s protection enforces policy and secures organizations from targeted or internet attacks that could compromise your systems and data.

3 Retina Unified Vulnerability Management Retina is a powerful unified vulnerability management and compliance solution designed to help organizations of all sizes with vulnerability assessment, mitigation and protection. The solution is founded from over a decade of technology innovation by eeye s world renowned security research team and is an integrated end-to-end vulnerability and compliance solution designed to help organizations with protection and compliancy by defining and monitoring relevant IT controls. Assessment Retina provides industry leading vulnerability assessment, unified configuration and vulnerability scanning across network devices, operating systems, applications, databases, and web applications using a scalable, nonintrusive approach. Mitigation If computer controls or service levels are impacted by a network problem or intruder, alerts can be issued to notify to take immediate actions to re-establish operational and security controls. Retina adheres to broadly accepted industry standards, and the solution includes risk scoring and reporting purposes to ensure reports are easily comprehendible and suitable to our customers and their partners. Protection Retina also provides unified zero-day protection for when a vendor supplies security patches which do not yet exist for an operating system or application. Retina s protection enforces policy and secures organizations from targeted or internet attacks that could compromise your systems and data.

4 Retina Unified Vulnerability Management Management Consoles There are two unique management consoles currently available for Retina: Retina CS and REM. They are recommended based on deployment needs and type of environment: REM Security Management Console Retina CS Management Console Standalone Retina Products In addition to our flagship Retina Vulnerability Management solution, standalone Retina scanning products are also available: Retina Network Security Scanner Retina Web Security Scanner

5 REM: Retina Enterprise Management Console The REM Security Management Console provides IT professionals with a single point of visibility into an organization s security posture. REM enables an organization to quickly identify and prioritize vulnerabilities by balancing the asset value with the severity of the threat. Users can then efficiently allocate resources based upon threat level and business function to focus on the most critical vulnerabilities and attacks first. REM is a multi-tier, scalable component to eeye s expanded Integrated Security and Threat Management Solutions. This solution provides a complete end-to-end vulnerability management and endpoint product solution for organizations that need to simplify the management of distributed, complex infrastructures while protecting its mission critical assets from evolving threats. Centralized Threat and Vulnerability Management Integrated vulnerability assessment, policy enforcement, policy auditing; improving enterprise network security. REM can immediately determine and illustrate where potential risks lie within an organization regardless of where the asset resides, such that security information is always aggregated to one single centralized view. Enterprise Security Reporting With integrated vulnerability, attack and policy information provided by Retina and Blink, REM provides organizations with metrics and graphical representations of their enterprise security posture. Executive Dashboard Customizable reports and charts; integrated asset management, client security, risk assessment, plus vulnerability & patch assessment. REM has the flexibility to be deployed the way you want, and managed the way your organization has set its business requirements.

6 Retina CS: Compliance and Network Security A complete security management console for vulnerability management, protection, and remediation management. Retina CS is a fully integrated, complete web-based security console for managing vulnerabilities, direct attacks, spyware and remediation. Now you can simplify the management of distributed, complex infrastructures while protecting your mission critical assets from evolving threats with one complete end-to-end vulnerability management system. Fast Facts Workflow oriented to meet regulatory and security compliance requirements Web user interface for management from almost any web browser and platform Asset driven architecture enables logical groupings of assets regardless of the IP address and business function Real time graphs allow rapid determination of risks within an environment by business function, asset, or event Complete threat, vulnerability, and remediation management

7 Retina Network Security Scanner Network vulnerabilities are an increasingly common issue in today's highly complex computing environments. With exploit attacks appearing faster than ever before, it has become significantly more challenging for organizations to protect against attack. Retina Network Security Scanner, the industry and government standard for multi-platform vulnerability management, identifies known and zero day vulnerabilities plus provides security risk assessment, enabling security best practices, policy enforcement, and regulatory audits. Retina NSS contains all the integrated security and vulnerability management tools needed to effectively identify and remediate the network vulnerabilities that lead to exposure and malicious attacks. Wasting time and money panic-patching? Retina can help you prioritize patches to meet YOUR project schedule and business objectives. Struggling to get an accurate view of your network - again? Retina discovers all connected computers, routers, and other network devices...even those not 'officially' deployed. Multiple security policies across multiple devices? Retina helps get a handle on all of your current configurations and patches, regardless of device type. Looking for IT security process efficiencies? Retina provides network vulnerability remediation guidance and helpdesk integration.

8 Retina Network Security Scanner Retina Network Security Scanner is designed for any size organization, from large enterprises to small and medium businesses. Retina is recognized as the industry standard for vulnerability assessment and is designed to identify known network security vulnerabilities and assist in prioritizing threats for remediation. This multi-platform scanner features fast, accurate, and non-intrusive scanning, enabling administrators to effectively and efficiently secure their networks against even the most recent of discovered vulnerabilities and missing patches. Organizations can also leverage Retina for security risk management and for enforcing standards-based policy settings in support of their corporate and regulatory audits. With eeye provided audit groups and reports, regulatory scanning and reporting are streamlined for efficient business implementations. Retina also provides centralized network policy assessment, centralized vulnerability management, and centralized event and scan job control through the REM Security Management Console allowing the solution to scale for any environment. Benefits and Features 1. Confidently identify all vulnerabilities with the lowest false positive rate in the industry; on average less than 1% Best-of-breed scan engine, comprehensive vulnerability database, and lowest false positive rate makes Retina the most efficient solution for any environment. 2. Proactively guard against known and newly-identified vulnerabilities with frequent, automated updates from the unrivaled eeye Research Team The eeye Research Team provides vulnerability audit updates for US Government recognized critical vulnerabilities three times faster than the leading competition. Updates are provided with a service level of 48 hours from public disclosure and are automatically downloaded and incorporated by the solution. 3. Quickly identify all machines on your network including rogue, virtual, and wireless devices Retina can reliably and non-intrusively scan your environment to identify all systems and devices. Essentially, if the device has a TCP/IP address, Retina will scan it and classify it with the highest accuracy in the industry. 4. Safely scan your network without crashing system devices and causing business interruptions Retina does not scan and test with exploit code and will not crash your systems during a scan. With Retina, you can scan an entire Class C network in approximately 15 minutes using our proprietary Adaptive Speed technology. 5. Extensive third party integration support into your existing infrastructure Retina provides an extensive command line, and event forwarding through SNMP, Syslogs, , and Windows Event Logs to integrate into virtually any network management solution, security information manager, or call center. 6. The only network vulnerability scanner to be available as an appliance, managed service or software supporting Windows 2000, XP, 2003, Vista, and 2008 Retina does not require high-end or high cost servers to perform vulnerability assessments.

9 Network Security Management Appliances eeye offers a full-line of integrated security and threat management appliances dedicated to endpoint protection, vulnerability assessment and risk management. eeye 1505 The eeye 1505 delivers pre-installed and pre-configured security and vulnerability management capabilities for eeye's Retina Network Security Scanner, Blink Enterprise and Blink Professional Client Security agents using the integrated REM Security Management Console. Retina 651 The Retina Security Management Appliance 651 is designed to facilitate setup and provide complete coverage for vulnerability assessment and network protection for any size network environment. Blink 200 The Blink Security Management Appliance 200 is designed to facilitate rapid deployment and provide complete endpoint protection for environments with less than 200 Windows personal computers. Integrated Security & Threat Management Appliances eeye offers a full line of integrated security and threat management appliances dedicated to endpoint protection, vulnerability assessment and risk management. The appliances, which come equipped with REM, Retina, and Blink provide multi-platform network discovery, automated vulnerability and risk assessment, centralized policy enforcement, and powerful compliance and regulatory audit capabilities. eeye integrated security & threat management appliances are also capable of managing Blink Professional endpoint protection clients all from within the REM Management Console. eeye appliances help customers by centralizing security management processes, dramatically reducing exposure, preventing attacks and improving overall security preparedness.

10 Network Security Management Appliances Business Benefits eeye integrated security and threat management appliances are designed to simplify vulnerability assessment and security management efforts and help maximize organizations limited resources. Rapid Deployment A wizard-driven install and best-practice default settings automate the setup process. In less than 15 minutes, the appliance can be deployed and scanning. All-In-One Security Management Everything the customer needs for centralized vulnerability and endpoint management comes pre-installed, pre-configured, pre-tuned, and pre-licensed in the appliance. Built for Scalability Growing organizations can rapidly add new boxes to the existing deployment while larger organizations can manage distributed eeye appliances or software versions at regional branches. Lower Total Cost of Ownership Combining disparate security practices into a cohesive policy, threat and vulnerability management framework leads to dramatic TCO savings. Vulnerability Assessment eeye appliances pinpoint network vulnerabilities, operating system vulnerabilities, application vulnerabilities, improper configurations, and published zero-day threats. Discovery and Patch Assessment eeye appliances can rapidly discover and assess all network devices, operating systems, applications, patch levels, and policy configurations. Centralized Policy Management Organizations can couple Blink and Retina to gain total policy enforcement, auditing, vulnerability assessment and protection for Microsoft Windows based hosts. Powerful Reporting and Analysis Retina and Blink are linked by a common management interface, REM, which generates detailed, customizable reports and graphs that expedite analysis and decision making.

11 Retina Web Security Scanner Web Security, Vulnerability Assessment and Policy Compliance The Retina Web Security Scanner is a best-in-class web scanning solution that rapidly and accurately scans large, complex web sites and web applications to tackle web-based vulnerabilities. The addition of this new product gives customers a complete picture of the performance and security status of deployed web applications plus ondemand inventory and diagnostic capabilities, ensuring privacy and compliance. Retina Web Security Scanner identifies application vulnerabilities as well as site exposure risk, ranks threat priority, produces highly graphical, intuitive HTML reports, and indicates site security posture by vulnerabilities and threat level. The Retina Web Security Scanner leverages eeye s advanced security intelligence capabilities, developed from years of product development, security research and professional services engagements. Using Retina Web Security Scanner and Retina Network Security Scanner in tandem, eeye customers now have a powerful multi-layered scanning approach. Using signature-based checks for known vulnerabilities is not useful in the web application space because almost all web applications are different. Instead of attempting a check the same way every time, Retina Web Security Scanner determines the best way to evaluate an application for vulnerabilities like input validation, poor coding practices, weak configuration management and more. By attempting context-sensitive vulnerability checking, Retina Web Security Scanner can offer complete assessment coverage with outstanding accuracy. Since all vulnerabilities are not created equal, Retina Web Security Scanner employs advanced intelligence engines to make sure the right priorities are communicated to you. By analyzing the content, structure and nature of each vulnerability, the solution can keep you focused on the real threats. From files/resources discovered to source code to scripts, comments, and directory contents, the automated reports will intelligently analyze all of Retina Web Security Scanner's findings to ensure you see the real threats. In addition to assessing application vulnerabilities, Retina Web Security Scanner performs an advanced site analysis on your site structure, content and configuration to identify inherent exposure to future or emerging threats. This can be critical in determining security requirements and site architecture planning to mitigate future threats. Exposure is communicated via a security posture rating and qualitative analysis of findings, including a complete catalog of all site resources and their attributes (e.g. forms, cookies, scripts, SQL strings and ODBC connectors, authentication, applets/objects, hidden fields, etc.). Retina Web Security Scanner is the easiest to deploy, easiest to manage and most accurate web application vulnerability scanner available. With industry leading reports and the most flexible data reporting possible, Retina Web Security Scanner provides you with the capability to communicate risk throughout your organization and secure your network. Combined with Retina Network Security Scanner, Retina Web Security Scanner customers are now able to extend their network vulnerability assessment best practices to include their growing portfolio of web applications and web sites.

12 Technical Support and Professional Services eeye Digital Security Support extending with E-SPIN local regional technical support and professional services is a critical function for the company as we together respect and value the need to provide an excellent and unparalleled experience to our customers from requirements, solutions, deployment, training, onsite/incident/preventive maintenance support on either 8x5 or 24x7 for mission critical enterprise deployment. We offer a varied and flexible support model depending on customer needs. Basic Product Support eeye/e-spin Basic Support services are for enterprise customer just required remote phone and support, include product knowledgebase and FAQs. These product support features are provided during normal business hours using the phone, and remote support request form. Support channels include: Product Knowledgebase (24 hours per day/7 days per week, support customer login ID and password required) and Remote Support (9AM-5PM Monday-Friday) Standard Product Support 8x5xNBD eeye /E-SPIN Standard Support services are provided to customers who desire a more comprehensive option. During normal business hours technical calls are automatically routed to an eeye Technical Support representative. Support channels include: Product Knowledgebase (24 hours per day/7 days per week, support customer login ID and password required) and Remote Support (9AM-5PM Monday-Friday) Telephone Support (9AM-5PM Monday-Friday) Onsite Incident Support up to subscribed bundled frequency within the maintenance period Preventive Maintenance Support up to subscribed bundled frequency within the maintenance period Platinum Product Support 24x7 eeye/e-spin Platinum Support services are provided to customers who want unrestricted access to the support team on 24x7 basis. During normal business hours support calls are automatically routed to an eeye Technical Support representative. Calls placed outside of normal business hours (evenings and weekends) will be directed to an on-call support representative for timely support, onsite incident support will be follow after the remote diagnosis session. Support channels include: Product Knowledgebase (24 hours per day/7 days per week, support customer login ID and password required) and Remote Support (9AM-5PM Monday-Friday) Telephone Support (24 hours per day/7 days per week for authenticated support customer only) Onsite Incident Support up to subscribed bundled frequency within the maintenance period (24 hours per day/7 days per week for authenticated support customer only) Preventive Maintenance Support up to subscribed bundled frequency within the maintenance period (24 hours per day/7 days per week for authenticated support customer only)

13 Consulting, Deployment, Technology Transfer and Skill Certification E-SPIN is deliver one stop technology consulting, solution development, project deployment, network/system integration, product customization, training, certification and maintenance support for corporate and government. We are staffed with professional and experienced domain expert to deliver insightful consultancy, solution architect, project management to instructor-led training or certification. You can direct undertaking the certification after the training when yours memory is still fresh on the learned subject matters. Technology Consulting and Project Deployment E-SPIN Technology Consulting Service will ensure enterprise know how and best practice to use the adopted technology to meet enterprise business objectives and providing advice, from implement, deploy, outsourcing to administer systems on enterprise behalf. E-SPIN Project Deployment Services address the challenges associated with efficient installation, secured deployment and effective project management. We cover all project deployment activities from anticipating all possible installation challenges, completing your projects on time and within budget, to giveing you an integrated solution that also facilitates future proof of your adopted technology with adequate post maintenance support services. Project Training and Skill Certification E-SPIN is Certified Proctor and Secure Online Testing Center Provider in Malaysia authorize to provide secure, professional testing on various IT/business skill certification testing for various professional institutions, authority association and vendor product certification. E-SPIN certified proctor staff can set up and manage temporary or private testing sites at conferences, corporations, universities or any place with Internet access to create a customized network for your testing program (for bulk onsite training and certification). E-SPIN also set up and manage a private testing center for your organization prefer to undertaking certification test in the testing center.

14