McAfee Vulnerability Manager
Strengths: Solid feature set. Installed on a hardened appliance.
Weaknesses: Initial configuration is a little awkward.
Verdict: A venerable tool with lots of features, but requires real effort to set up and customize.
SummaryThe McAfee Vulnerability Manager is a full-featured, comprehensive network vulnerability scanner and network auditing tool. This appliance can actively discover and scan network assets across the enterprise looking for possible threats that leave these assets vulnerable to attack. Vulnerability Manager does this using its very versatile scanning engine.
While this product does come as a hardened appliance, the software on it needs to be set up before use. The appliance comes with Windows Server 2003, Microsoft SQL Server 2005 and the applications already installed. To get the product up and running, we had to go through a few setup wizards to customize it for our environment. We found setup to be confusing at parts, especially after setting up the various database accounts and then trying to access various databases.
We had a lot of trouble figuring out which accounts to use because there were so many. After setup, all administration and scanning is done through the main console. This console can be accessed via a standalone application or via a web GUI. The console is well organized and has a clean look. It is intuitive to navigate. The dashboard also features many tabs that give a quick overview of vulnerability and risk statistics.
This product is a solid vulnerability scanning tool that provides a lot of risk and vulnerability data. It allows for reports to be created from regulatory compliance templates. Scans are easy to create and can be tuned to meet the needs of any environment.
Documentation is provided in the form of several PDF manuals, including an installation guide, console reference guide, administrator guide and user guide. All these manuals are well organized and easy to follow with many screen shots and step-by-step configuration instructions.
McAfee offers standard support included at no additional cost. This support includes next business day onsite hardware support and McAfee Gold software support, both for a one-year period.
At a price of $16,820 for 1,000 IP addresses, we find this product to be a good value for the money. McAfee's Vulnerability Manager has a solid feature set which, after initial setup, is easy to use and highly configurable.