ISS Proventia Network
Strengths: Highly customizable, powerful part of the Proventia suite.
Weaknesses: Difficult to implement, not effective as a standalone vulnerability scanner.
Verdict: If a vulnerability scanner or penetration tool is all you are looking for, keep looking. If you have or are planning to implement the Proventia suite, this is a powerful and flexible addition and should be included in your plans.
The ISS Proventia Network Enterprise Scanner is part of a larger security management system and, as such, shows its best performance as part of that suite. We tested the product outside of the Proventia suite and we do not recommend this approach. The network scanner requires, at minimum, MS SQLServer and ISS Site Protector to support it. If all you need is a vulnerability scanner, this is not your best bet.
Implementation of Proventia is not trivial. However, it is a powerful system when properly deployed. The suite, and thus the Network Scanner, uses the ISS Site Protector as a console, centralized management and correlation dashboard. We found that the use of a single product, such as Network Enterprise Scanner, out of the context of other products in the Proventia suite, does not allow the product to reach its potential.
Network Enterprise Scanner is highly customizable with significant policy granularity and both active and passive scanning. When used with the Proventia IPS, the device enables blocking based on known vulnerabilities. The scanner performs automatic discovery of devices on the network and recognizes virtually any device likely to be there.
We had difficulty getting the product to communicate properly with Site Protector and we do not recommend this for trivial applications. Once the device is in place and configured, operation is much easier, but getting it working initially requires a serious understanding of it, Site Protector, SQLServer and your network in general.
Documentation consists of a quick-start card that we found was not adequate to the job of installing the product. Other documentation is available online but, although it is extremely comprehensive, we found it somewhat cumbersome to use.
There is a customer support portal, and toll-free phone support also is available. Network Enterprise Scanner’s value is hard to calculate. At $7,250 it certainly is not expensive. However, the requirement for MS SQLServer and Site Protector, with accompanying hardware, push the price up, as does support and, most especially, management. Again, in the context of the overall Proventia suite this is a good buy. Alone, it is not.