NCIRC Security Tools NIAPC Submission Summary Harris STAT Scanner



Similar documents
NCIRC Security Tools NIAPC Submission Summary Microsoft Baseline Security Analyzer (MBSA)

Introduction to OVAL: A new language to determine the presence of software vulnerabilities

How To Use A Policy Auditor (Macafee) To Check For Security Issues

ANNEXURE-1 TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/1896. Network Security Software Nessus- Technical Details

FREQUENTLY ASKED QUESTIONS

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak Capture Link Server V1.00

GFI White Paper PCI-DSS compliance and GFI Software products

4. Getting started: Performing an audit

technical brief Multiple Print Queues

BMC Client Management - SCAP Implementation Statement. Version 12.0

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak DR V2.0

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak CR V4.1

National Information Assurance Partnership. Common Criteria Evaluation and Validation Scheme

IBM Internet Scanner software

Installing GFI LANguard Network Security Scanner

Assuria can help protectively monitor firewalls for PCI compliance. Assuria can also check the configurations of personal firewalls on host devices

Secure Content Automation Protocol (SCAP): How it is increasingly used to automate enterprise security management activities

VULNERABILITY ASSESSMENT WHITEPAPER INTRODUCTION, IMPLEMENTATION AND TECHNOLOGY DISCUSSION

The Nexpose Expert System

Running the SANS Top 5 Essential Log Reports with Activeworx Security Center

Xerox DocuShare Security Features. Security White Paper

ScanRouter Lite

A Nemaris Company. Formal Privacy & Security Assessment For Surgimap version and higher

VPN Overview. The path for wireless VPN users

Implementing and Supporting Microsoft Windows XP Professional

Penetration Testing. NTS330 Unit 1 Penetration V1.0. February 20, Juan Ortega. Juan Ortega, juaorteg@uat.edu. 1 Juan Ortega, juaorteg@uat.

A Vulnerability Assessment Tool based on OVAL in Linux System

NETWRIX IDENTITY MANAGEMENT SUITE

HP Security Assessment Services

CimTrak Technical Summary. DETECT All changes across your IT environment. NOTIFY Receive instant notification that a change has occurred

Product comparison. GFI LanGuard 2014 vs. Microsoft Windows InTune (October 2013 Release)

Connecticut Justice Information System Security Compliance Assessment Form

FISMA / NIST REVISION 3 COMPLIANCE

SANS Top 20 Critical Controls for Effective Cyber Defense

Windows Remote Access

Compliance series Guide to meeting requirements of USGCB

Microsoft Baseline Security Analyzer (MBSA)

How To Monitor Your Entire It Environment

Events Forensic Tools for Microsoft Windows

CA ARCserve Replication and High Availability

Windows Operating Systems. Basic Security

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Before deploying SiteAudit it is recommended to review the information below. This will ensure efficient installation and operation of SiteAudit.

Novell ZENworks Asset Management 7.5

Xerox Multifunction Devices. Verify Device Settings via the Configuration Report

Total Protection for Enterprise-Advanced

Transformational Vulnerability Management Through Standards. Robert A. Martin MITRE Corporation

Security Frameworks. An Enterprise Approach to Security. Robert Belka Frazier, CISSP

Introduction to the HP Server Automation system security architecture

Sygate Secure Enterprise and Alcatel

STEALTHbits Technologies, Inc. StealthAUDIT v5.1 System Requirements and Installation Notes

Patch Management Marvin Christensen /CIAC

FEATURE COMPARISON BETWEEN WINDOWS SERVER UPDATE SERVICES AND SHAVLIK HFNETCHKPRO

GFI Product Manual. Administration and Configuration Manual

Customer Tips. Xerox Network Scanning TWAIN Configuration for the WorkCentre 7328/7335/7345. for the user. Purpose. Background

Medical Device Security Health Group Digital Output

Blended Security Assessments

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 8 Desktop and Server OS Vulnerabilities

TEXAS AGRILIFE SERVER MANAGEMENT PROGRAM

Security Correlation Server Quick Installation Guide

Ovation Security Center Data Sheet

FINAL DoIT v.8 APPLICATION SECURITY PROCEDURE

Sophos Anti-Virus standalone startup guide. For Windows and Mac OS X

Kaseya 2. User Guide. Version R8. English

Security Content Automation Protocol for Governance, Risk, Compliance, and Audit

Upgrade to Webtrends Analytics 8.7: Best Practices

IBM Tivoli Endpoint Manager for Security and Compliance

May 11, (Revision 10)

BillQuick Web i Time and Expense User Guide

Agent vs. Agent-less auditing

Secure Web Appliance. SSL Intercept

HP Web Jetadmin Database Connector Plug-in reference manual

Product comparison. GFI LanGuard 2014 vs. Microsoft Windows Server Update Services 3.0 SP2

1 hours, 30 minutes, 38 seconds Heavy scan. All scanned network resources. Copyright 2001, FTP access obtained

USB Print Server User Manual (GPSU01)

RES ONE Automation 2015 Task Overview

Patch Management Reference

information security and its Describe what drives the need for information security.

PLUMgrid Toolbox: Tools to Install, Operate and Monitor Your Virtual Network Infrastructure

CA ARCserve Replication and High Availability

GFI Product Comparison. GFI LanGuard 2011 vs Retina Network Security Scanner

HP ProLiant Essentials Vulnerability and Patch Management Pack Release Notes

Streamlining Patch Testing and Deployment

Symantec Event Collector 4.3 for Microsoft Windows Quick Reference

Security Awareness For Server Administrators. State of Illinois Central Management Services Security and Compliance Solutions

Identity and Access Management Integration with PowerBroker. Providing Complete Visibility and Auditing of Identities

Payment Card Industry (PCI) Data Security Standard

Ovation Security Center Data Sheet

Shellshock Security Patch for X86

HP Insight Diagnostics Online Edition. Featuring Survey Utility and IML Viewer

Remote Administration

Compaq Batch Scheduler for Windows NT

Networking Best Practices Guide. Version 6.5

User Guide. Version 3.2. Copyright Snow Software AB. All rights reserved.

Introduction. Before you begin. Installing efax from our CD-ROM. Installing efax after downloading from the internet

MSP Center Plus Features Checklist

Transcription:

NCIRC Security Tools NIAPC Submission Summary Harris STAT Scanner Document Reference: Security Tools Internal NIAPC Submission NIAPC Category: Vulnerability Scanning Date Approved for Submission: 24-04-2007 Evaluation/Submission Agency: NCIRC Issue Number: Draft 0.01 NATO UNCLASSIFIED RELEASABLE TO THE INTERNET

TABLE of CONTENTS 1 Product...3 2 Category...3 3 Role...3 4 Overview...3 5 Certification...3 6 Company...3 7 Country of Origin...3 8 Web Link...3 9 Product Description...3 10 Technical Requirements...5 11 Limitations...5 12 Evaluation/Review Conclusions/Comments...5 NATO UNCLASSIFIED RELEASABLE TO THE INTERNET Page 2 of 5

1 Product Harris STAT Scanner version 6 2 Category Vulnerability Scanning 3 Role STAT Scanner is a complete stand-alone vulnerability scanning solution. 4 Overview STAT Scanner is a complete stand-alone vulnerability scanning solution. 5 Certification Earlier versions of Harris STAT Scanner has the following certifications: a) Harris STAT Scanner (STAT Scanner Professional Version 5.08) has been tested and awarded the International Common Criteria Certification (NIAP) Level EAL 2+ a. Certified By The Canadian CSE b. Certification Documents Are Available in English and French c. EAL 2+ augmentations for ACM_CAP.4, ACM_SCP.1, ALC_DVS.1, ALC_FLR.3, ALC_LCD.1, ALC_TAT.1, AVA_MSU.1 b) US Army ACERT Approved Product c) US Navy SPAWAR Preferred Product d) DOD IAVA / SANS Top 20 / MITRE CVE / MITRE OVAL. 6 Company Harris Corporation. 7 Country of Origin USA. 8 Web Link http://www.harris.com 9 Product Description STAT Scanner is a complete stand-alone vulnerability scanning solution. It includes comprehensive reports, local scan engine Role-Based Access Control (RBAC), many automation features, and a robust vulnerability database. The combination of a field-proven solution, a stringent software development process, and internationally recognized industry certifications NATO UNCLASSIFIED RELEASABLE TO THE INTERNET Page 3 of 5

provides a vulnerability scanning solution that will help support your overall business and operational objectives of securing the network from all threats. STAT Scanner 5 was the first vulnerability scanner to obtain Common Criteria certification, and holds several certifications that required extensive verification testing. Some of these certifications are listed on the Certifications and Standards page. STAT Scanner is engineered to deliver a solid balance of speed and accuracy via its adaptive scanning techniques and false-response correlation technology. Through deep inspection of target systems that include redundant file attribute and registry value correlation, as well as SSH tunneling and authenticated OS fingerprinting refinement, STAT Scanner dramatically reduces the risk of false positives and false negatives. This built-in capability provides a powerful tool to reduce the inherent waste associated with pursuing false alarms, and consequently will optimize the use of your resources. In addition to credential-based scanning, STAT Scanner performs anonymous scans on target systems to which it cannot authenticate. With these null-credential interrogations, it performs a multitude of enumeration techniques including in-depth OS fingerprinting, null session enumeration, port scanning, service identification, and protocol verification. STAT Scanner is capable of adapting its scanning technique based on its access-level to target systems. This adaptive profiling and interrogation of systems guarantees that the most accurate and comprehensive results available to the scan engine are provided. It also indicates the exact level of access it had for each target while performing an assessment to further validate the accuracy of results. This technology helps produce faster results because fewer checks are assessed against each machine. For network-based scanning, the scanning and network discovery operations are performed by the scan engine. Network discovery can be performed in a variety of ways, including IP ranges, Active Directory and/or Network Neighborhood enumerations. These discovery methods can be used separately or in conjunction because the scan engine transparently merges all the results into one cohesive list. STAT Scanner has no issues executing on or scanning any current Microsoft Service Pack, and requires no vendor-provided hardware for operation. STAT Scanner has the following capabilities: a) New vulnerability updates frequently during the month as they are identified and tested b) User is notified upon startup if a more recent STAT Scanner update is present to download from the website c) AutoFix capability for any registry fix or file deletion with re-test feature, also has undo and redo option d) Takes the user to an advisory or patch via hot URL links e) Runs on TCP/IP, NetBEUI, or IPX/SPX protocol f) Network discovery using Network Neighborhood/My Network Places or IP range g) Assesses one host or an entire domain h) Performs a complete security analysis of Windows NT, Windows 95/98/2000/Me/XP, Windows Server 2003, Sun Solaris, HP-UX, RedHat /Mandrake Linux, HP Printers and Cisco Routers. i) Checks for open ports and allows user to customize list of ports to be examined j) Includes password cracker and 200,000 word dictionary k) Contains Online Help to explain every command and feature l) Compares two analysis results for differences and similarities m) Includes many different configuration (policy) files like Quickscan.dat, CVE.dat, and SANS.dat n) Configuration files can be created by user o) Detects operating system type, version, server or workstation p) Sorts on vulnerability name, risk factor, machine name, CVE ID, and SANS Top 20 q) Provides vulnerability description, solution, source, advisory, URL, etc. NATO UNCLASSIFIED RELEASABLE TO THE INTERNET Page 4 of 5

r) Provides executive, network, vulnerability summary or detail Crystal reports s) Exports report results to PDF, XML, HTML, Word, Excel and many more. t) Furnishes history list of an analysis and provides vulnerability STAT us u) Compatible with Mitre Common Vulnerabilities and Exposures (CVE) v) Identifies the SANS Top 20 10 Technical Requirements STAT Scanner is run by a user with administrative rights to the host or target machine(s) to be scanned. The logon account being used to scan the target machine must be a member of that machine's Administrators group or a domain Administrators group. For target machines with UNIX/Linux operating systems, the user must be able to log onto machine via SSH with administrative account, however 'root' access is not required. STAT Scanner must be installed on a Windows NT 4.0 machine (Server or Workstation) with Service Pack 3 or later, Windows 2000 (Server or Professional), or Windows XP running TCP/IP, NetBEUI, or IPX/SPX.. 11 Limitations STAT Scanner is run by a user with administrative rights. NITC approval must be sought for use of as this application as inappropriate and misconfigured software can cause severe network infrastructure degradation and data loss. 12 Evaluation/Review Conclusions/Comments Harris STAT Scanner has proven to be an effective vulnerability scanning tool used to proactively improve network security within NITC. NATO UNCLASSIFIED RELEASABLE TO THE INTERNET Page 5 of 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information