AVO Chief

On one of my project assignments I had the opportunity to work with the McAfee Vulnerability Manager appliance (formerly Foundstone). It is a very powerful network vulnerability scanner. This appliance can do relatively quick discovery scans of network assets across the enterprise looking for possible threats that would be vulnerable to attack.

It can also provide very detailed information if provided with proper credentials for the assets being scanned. This means that the system not only identifies that a certain asset exists but that can provide even more detailed information about that asset such as what OS version its running on.

It comes with Windows Server 2003, Microsoft SQL Server 2005 and the Vulnerability Manager applications already installed. But to get the product up and running, though, you will need to go through a few setup wizards to customize it for your environment. The setup can get confusing, especially when trying to access various databases.

Since there are so many accounts I had to make sure I took good notes so I could figure out which ones to use. But once it’s setup, you can use the main console for administration and scanning. The console can be accessed via a web GUI. It has a nice look to it and is intuitive to navigate. The dashboard also provides many tabs that give a quick overview of vulnerability and risk statistics.

Your other challenge will be that this product may provide too much risk and vulnerability data. In another blog I will describe how best to deal with the mountains of data retrieved from vulnerability scans. The Vulnerability Manager also allows for reports to be created from regulatory compliance templates. The scans are easy to create and should work fine as is but for best results will probably need to be tuned to meet the needs of the environment.

The documentation is provided via PDF manuals and are helpful and not too difficult to use since they provide a good amount of screen shots and step-by-step configuration instructions.

Overall, along with McAfee’s service, this product appears to be a good value for the money. McAfee’s Vulnerability Manager has a good feature set. Although the initial setup is not totally a breeze once its up and running it is easy to use and highly configurable.

The use of the McAfee Vulnerability Manager has been made even more appealing with the integration of McAfee’s ePolicy Orchestrator component (ePO). ePO provides the more user friendly console and can be used to integrate with several of McAfee’s component and supporting partner products. And ePO can usually be added relatively inexpensively depending on the details of the system.

If you want good performance, usability and quick uptime McAfee Vulnerability Manager will be among the best vulnerabilty products you can use.

Written by AVO Chief

Efren Duarte is Director of Products & Services and AVO Chief (Strategist/Evangelist) at Avocera Products & Services Consulting and principal of the AVMI Group, a market research based venture management firm. The AVO Chief provides 2-Week Money Back Guarantee Product Marketing/Management Services Trial for qualified Startups and SMBs with growth potential. Inquire at avochief@ymail.com for more details.

Visit AVO Chief's Website

Follow AVO Chief on Twitter