Networks are huge. It is mind blowing how many different elements make up a network. You have at a high level the software and hardware. You get many different flavors of operating systems which might also differ in patch level and service packs installed on each. Hardware is even more diverse; apart from the different types of hardware which make up a computer, hardware also includes routers, printers, fax and other devices. On top of this you get the various software, desktop applications, servers, utility software, and an endless list of other software, possibly including some tailor-made for your organization. Some networks are also made up of different platforms; you can have Windows, Mac, and Linux. For an administrator to ensure the company network stays fully functional and secure, s/he needs to keep on top of every single element, as well as keep up-to-date with what security threats each needs to be protected from.
Doing such a job manually can be close to impossible and that is why the organization needs to deploy a vulnerability scanner. Using a vulnerability scanner means a lot of different tasks that the administrator is required to complete will be automated and countless hours spent on looking for any possible issues are saved; the administrator can therefore focus on mitigating actual existent issues.
Below is a list of important tasks a vulnerability scanner takes over:
- Inventory: The first process required to ensure your network security is to know what features form part of it. That means going though your entire list of hardware, software, as well as software configuration. A vulnerability scanner will do all this automatically.
- Vulnerability Research: New vulnerabilities are discovered every day and it is impossible for an administrator to know every possible weakness of every hardware and software on the network. A vulnerability scanner is constantly updated and scans each port and segment in the network for its corresponding weaknesses. This saves the administrator a substantial amount of time from having to check every vendor site on products in use on his/her network for newer vulnerabilities discovered
- Finding the Solution: Finding a network vulnerability is only half the battle. The administrator then needs to correct the problem and this generally means researching the particular attack and finding mitigating strategies. In some cases a vulnerability scanner will not be in a position to solve the vulnerability automatically as this will generally have a profound impact on the network and its operation. It is therefore under the purview of the administrator to make such decisions. A good vulnerability scanner will however offer the details including the recommended way to approach the vulnerability, as well as provide pointers where to further read on the vulnerability and its workarounds – saving the administrator more precious time.
- Configuration: Vulnerabilities are not created solely because of software issues; the way software is deployed and configured can also have an impact on the security of the network. Depending on the size of the network, it might actually be impractical or impossible for an administrator to review every software configuration for possible security issues. Some tasks are just not possible to do manually. Again this is where a vulnerability scanner is really useful; while checking every possible configuration is impossible for software as well, a vulnerability scanner will check for known weak configurations of software that might be a security risk. This too adds an extra layer of security that would otherwise have to be neglected for practicality reasons.
In the end, a vulnerability scanner will save any administrator considerable time. It also allows for checks that are impossible for an administrator to do as they’re way too time consuming. Time saved and accuracy by eliminating possible human error, are just two of the many valid justifications for employing a vulnerability scanner.
This guest post was provided by Emmanuel Carabott on behalf of GFI Software Ltd. GFI is a leading software developer that provides a single source for network administrators to address their network security, content security and messaging needs. Read more on why your organization needs a vulnerability scanner.
All product and company names herein may be trademarks of their respective owners.