NSFOCUS Remote Security Assessment System. Overview

Transcription

1 NSFOCUS Remote Security Assessment System Overview Network vulnerabilities are an increasingly common issue in today's highly complex computing environments. With exploit attacks appearing faster than ever before, it has become significantly more challenging for organizations to protect against attacks. Only if users could discover these vulnerabilities in their network and proactively get ready before attackers take action, can the losses of attacks be effectively avoided With years experience and practice in security services, along with requirements and product functionality from the end users, the NSFOCUS Remote Security Assessment System (RSAS) is a must have security assessment tool for enterprise s system/security administrators to effectively identify and remediate the network vulnerabilities that could lead to exposure and malicious attacks. Supported by professional NSFOCUS Security Research Team and integrated leading technologies such as NSIP (NSFOCUS Intelligent Profile), NSFOCUS RSAS discovers security vulnerabilities of the network and cyber asset automatically, efficiently and accurately. The Open Vulnerability Management (Open VM) platform provides powerful security solution to achieve vulnerability management in the entire workflow. The freestanding design and embedded operating system has dramatically improved the system s efficiency and keep the system itself in safe. It is stable and reliable, with no additional storage devices needed. The powerful Web application scanner can perform overall security scanning to Web applications, Web services and supportive systems, and help IT staff to simplify the work in finding and fixing application vulnerabilities. 1 / 8

2 NSFOCUS takes elaborate analysis to vulnerabilities found in the network assets, quantifies risks via an authoritative assessment model, and provides professional solutions to reduce risks. The convenient management function helps IT staffs quickly locate any risk residing in the information assets. Features Customer-friendly Design Assessment products are widely used in telecom carriers, governments and large-scale enterprises. NSFOCUS RSAS is designed to meet different and specific requirements in each focused field. Features like Multi-stage distributed deployment, open vulnerability management platform and multi-task capability are good choice to large network environments, while one-click intelligent task mode, quick reporting and intelligent digest technique are the highlights in organization and enterprise's network environments when it comes to ease of use and high performance. Complete Vulnerability Management Based on the Open VM workflow, NSFOCUS vulnerability management can be divided into five circular phases: vulnerability forecast, vulnerability detection, risk management, vulnerability remediation, and vulnerability audit. This compete solution can significantly reduce risks in the networks.. 2 / 8

3 Ease of Use It s not only easy to install this system, but also very simple to operate and maintain it. The intelligent one-click task mode, quick reporting, intelligent digest and many other techniques in this system have successfully realized the simplicity and efficiency in use. Meantime, NSFOCUS RSAS supports multi-user management. Through strict privilege division, the system can manage several virtual devices on one physical device, and support auditing logs about login, operation and anomaly. Largest Chinese Vulnerability Knowledge Base NSFOCUS is maintaining the largest Chinese vulnerability knowledge base (KB) in the global. This KB covers almost all common vulnerabilities in operating systems, databases, network devices and application programs which can be exploited remotely or locally. Over 9000 entries vulnerability information in the RSAS are picked from the KB. When a critical vulnerability is detected, the security team of NSFOCUS will forecast its potential threat and provide update packages within two days from the first discovery. 3 / 8

4 Accurate and Efficient Detection To ensure accuracy of vulnerability assessment, NSFOCUS RSAS is integrated Intelligent Profile technique to collect information of the target system and uninterruptedly adjust the data occurred in the middle of the progress to ensure a trusted final assessment. NSFOCUS RSAS is armed with a powerful scanning engine, namely NSSE (NSFOCUS Scanning Engine), which integrates automatic scanning technique relying on intelligent recognition of open port services and interdependent relationship with detection policies. Leveraging this powerful engine and a dedicated optimized operating system, the RSAS features very fast and accurate detection capability. Professional Web Application Scanner NSFOCUS RSAS Web application scanner is developed based on years of research on numerous Web attack tactics prevailing toady. It is an automatic security assessment and detection tool specially designed for Web application security administrators. Through combination of this modular scanner and traditional system scanning function, the RSAS greatly reduce the user s investment on additional appliance. Here we briefly introduce some characteristics of this scanner: Professional. It s a very professional tool to help administrators detect application vulnerabilities. Many advanced techniques (such as simulated clicking crawler to intelligently discover threats and active malware detection techniques) are integrated in this tool. Comprehensive. It provides multi-stage and overall vulnerability scanning, auditing, penetration testing and aided logical analysis to Web applications, Web services and supportive systems, keeping the network in safe by active finding potential risks and providing efficient remediation solutions. Effectiveness. It performs very fast and granular analysis to target Web applications by virtue of the embedded operating system, optimized scanning engine and high-performance intelligent crawler technique. Practiced Risk Management NSFOCUS RSAS provides a graphic assets management after combining assets, vulnerability and threats together, and present to users with a quantitative model, helping users to readily learn about risks in their networks. The authoritative model gives comprehensive assessment from 4 / 8

5 three aspects: assets, vulnerability, and threats. After assessment, this model outputs the trend analysis, both in quantity and in quality, with which users will be very clear about vulnerability distribution, top risk-ranged assets, and vulnerability distribution in a specific OS or application, as well as risks residing in their individual assets and the entire networks. By now, NSFOCUS RSAS is second to none vulnerability assessment product in China that adopts multi-dimensional and quantitative/qualitative assessment. Granular and Comprehensive Reporting NSFOCUS RSAS takes very granular analysis to security state of the entire network in different angle of views, like vulnerability distribution, threat severity, top 10 vulnerabilities and host information. It not only provides offline reporting, but also provides powerful online reporting. In addition, a practical report controller is designed to help users obtain effective information when requiring specific reports in line with a certain role, content or format. Risk analysis is given from the perspectives of macro and micro. At the macro scale, the RSAS reflects the whole network security status from different perspectives, including the granular statistical analysis of vulnerability distribution, threat severity, host information etc. in forms of column and pie charts; at the micro scale, the RSAS provides detailed solutions to each vulnerability detected, helping system administrators solve security issues quickly and accurately; moreover, it supports information retrieve by inputting key words, which facilitates knowing more about a host or a vulnerability. International Certificate and Standard NSFOCUS RSAS is a CVE Compatible assessment product and is the only vulnerability assessment product in China achieved the Checkmark Certification from West Coast Labs. 5 / 8

6 Specifications Table 1.1 NSFOCUS RSAS Functional Specification Specification RSAS X Series RSAS S Series RSAS E Series Vulnerability Assessment Weak Password Scan Vulnerabilities Checks > 9,000 > 9,000 > 9,000 Risk Mgt. Max. Number of Alive IP Addresses Scan Speed in Lab (IP/minute) Max. Concurrent Scan (IP address) Max. Number of Users Number of IP Addresses in Single Task Max. Concurrent Scan Tasks 512 Unlimited Unlimited Multiple IP addresses in Class B Multiple IP addresses in Class B Multiple IP addresses in Class B Max. Task Storage Basic Reports System Mgt. Advanced Data Analysis Web Application Scanner Application Programming Interface (API) Distributed Deployment Optional Optional Optional Optional Optional Optional Optional Optional Sub-node Device Optional Sub-node Device Optional Mgt./Sub-node Device Sub-node: 8 (recommended) 6 / 8

7 . Table 1.2 NSFOCUS RSAS Web Application Scanner Applications Vulnerabilities Functions & Features Specification All Series HTTP 1.0 &1.1 Web application system Web 2.0/Ajax application Static and dynamic webpage Web services Web underlying support system Authentication method (cookie, NTLM etc.) HTTPS Web application system SQL Injection vulnerability scan XSS vulnerability scan Webpage Trojan detection Web malware detection Form type detection Cookie security detection CGI vulnerability scan GOOGLE-HACK detection CSRF Invalid links discover Sensitive file detection Web services misconfiguration detection Intelligent crawling technology Back-end database identification WASC vulnerability classification One-click auto scanning Website structure display Regular, periodic scanning Multi-threaded, multi-task concurrent scanning Data analysis and report 7 / 8

8 For more information: For more information about NSFOCUS products and services, please contact the NSFOCUS sales NSFOCUS TEL: NSFOCUS US TEL: NSFOCUS Japan TEL: info-jp@nsfocus.com For more information visit NSFOCUS Website: Table 1.3 NSFOCUS RSAS Physical Specifications Model RSAS X Series RSAS S Series RSAS E Series NIC 100/1000M 100/1000M 100/1000M Adaptive Adaptive Adaptive Serial Port RS232 (DB9) RS232 (DB9) RS232 (RJ45) Memory 1G 2G 4G Rack Mountable 1 U 1 U 2 U Weight 7.0 Kg 7.0 Kg 12.0 Kg Dimension (H*L*W) 44*392*430 (mm) 44*392*430 (mm) 88*392*440 (mm) Power Supply 220 V,180 W 220 V, 180 W 220 V, 350 W MTBF > 60,000 hours > 60,000 hours > 60,000 hours Operating Temp Non-operating Temp Relative 10%-95% 10%-95% 10%-95% Humidity non-condensing non-condensing non-condensing Electromagnetic Class A, Class A, Class A, Radiation EN55022, FCC EN55022, FCC EN55022, FCC Standard Part15 Part15 Part15 NSFOCUS is the trademark of NSFOCUS Information Technology Co., Ltd. NSFOCUS enjoys all copyrights with respect to all textual narrations, document formats, illustrations, photographs, methods, processes and other contents, unless otherwise specified, which shall be governed by relevant property rights and copyright laws. Without written permission of NSFOCUS, any individual or institution shall be prohibited to copy or quote any section herein in any way. About NSFOCUS NSFOCUS is a proven global leader in active perimeter network security for service providers, data centers, and corporations. It focuses on providing network security solutions including: carrier-grade Anti-DDoS System, Web Application Firewall, and Network Intrusion Prevention System - all designed to help customers secure their networks and corporate-critical information. More detailed information is available at 8 / 8