Network Computingwww.networkcomputing.com

	Issue TOC Print full article Print this page E-Mail this URL Discuss this article Flame the author     In this article Introduction Wants & Needs Foundstone Enterprise and FoundScan Engine 2.6 Qualys QualysGuard Intranet Scanner Harris Corp. STAT Scanner Professional Edition 5 eEye Digital Security Retina Network Security Scanner Vigilante.com SecureScan NX 2.6.50 SAINT 4.3 nCircle Network Security IP360 Vulnerability Management System 5.3 Other Products Reviewed How We Tested Web Links Report Card

nCircle’s IP360 is an extremely low maintenance and highly distributed VA system. Scanning appliances pull jobs, updates and vulnerability signatures from a master control and aggregation server over a secure transport. Once the appliances have been assigned jobs, they run at routine intervals, sending results back to the aggregator for reporting. Although this push/pull method makes the IP360 unique and easy to maintain, it also is a hindrance: Once a job is assigned to a scanning appliance, it scans indefinitely until it's stopped manually. In fact, we couldn't find any way to issue a simple one-time scan. Even when we tried to stop the appliance through the management server, the scans continued to function, and we were forced to restart each of the appliances manually. However, we were able to reboot appliances from the management interface.

On the management side, the Web-based user interface is a bit cumbersome: It consists of a series of tabbed pages that continually populate downward. One simple tab selection can result in an additional two or three rows of items. At one point we were confronted with four rows of tabs. IP360 would benefit from a new GUI design.

Although the IP360 doesn't offer an abundance of reports, those it does offer are well-designed, can be sorted by IP address or vulnerability, and provide an excellent array of cross-referencing hyperlinks to take you from one area in the report to another.

We liked being able to add commentary about individual assets. Although the main purpose of this is to better identify assets, it can be taken a step further. By including additional information, such as a corporate risk factor, about each asset and integrating such information with nCircle's numerical rating system, the company could offer a very useful tool for prioritizing internal security efforts.