Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Rollout: McAfee's Foundstone FS1000 5.0

The Upshot


Claim
McAfee's Foundstone FS1000 5.0 balances asset value, vulnerability severity and threat criticality to help organizations improve security status and best direct resources.
Context
Staying on top of the entire vulnerability-management process--identification, classification, mitigation, and verification--is critical to addressing risks. Tools that can aid in more than just simple identification can play a supporting role in making our lives easier.
Credibility
Foundstone does a better job than most in identifying known host and network-based vulnerabilities and provides good tools to help with the entire vulnerability management process. Tackling application-level vulnerabilities will require an alternative approach.

McAfee's Foundstone FS1000

By looking for known weaknesses in a dizzying array of OS and networking products, network-based vulnerability-assessment (VA) tools help admins find problems before bad things happen. McAfee's latest update to its flagship VA scanner, Foundstone FS1000, presents a mature platform for aiding in the vulnerability management process.

New to version 5.0 are the ability to log into systems using SSH to perform more granular vulnerability checking, an advanced notification module that allows for two-way communication to third-party ticketing systems using SNMP, and improved OS identification capabilities.

Like other products in the market, such as Qualys' Qualys Security Scan, ISS' Internet Scanner and Tenable's Nessus, Foundstone's strength is in performing network-based scans for known vulnerabilities in OSs and network devices. No longer considered rocket science, network-based OS vulnerability scanning has approached commoditization. All the products are based on a set of vulnerability-specific checks, all scan the network, all are prone to some false-positive IDs, and all report on their findings in a range of formats. Nevertheless, there are still key differences, particularly relating to ticketing, reporting and general workflow support. McAfee has identified and focused on several of these areas, and remains at the top end of the VA pack.

  • 1