McAfee Vulnerability Manager
Strengths: Vulnerability management and penetration testing, as well as many compliance-based tools.
Weaknesses: None that we found.
Verdict: For its comprehensive capability and ease of use, we rate this one our Best Buy.
SummaryThe McAfee Vulnerability Manager is a powerful appliance-based tool that provides vulnerability assessment, penetration testing and web application scanning along with rogue device detection and plug-in capability to LDAP (Lightweight Directory Access Protocol) and Microsoft Active Directory for asset management. The software that powers the appliance can do over 15,000 vulnerability checks across a broad range of systems and network devices.
Vulnerability Manager comes as a plug-and-play server running Windows Server 2003 Appliance Edition. The software is pre-installed and ready to be configured. Once we had the device powered up and did some network configuration, we could access the web-based management interface. This interface is easy and intuitive to navigate and we were scanning in just a few minutes. While the interface itself is easy to use and the scanning is intuitive, the one feature we would have liked to have seen was a real-time, in-progress report of what the scanner was finding. While scanning we could just see the scan duration time and percent completed, not what host was being scanned or what it was finding during the scan.
Compliance is what drives this appliance, with references from CVE to Government-centric FDCC and SCAP. It's also certified under Common Criteria (EAL4) for Information Technology Security Evaluation, along with reporting for common regulatory compliance mandates, such PCI DSS, SOX, FISMA, HIPAA.
Documentation includes various PDF guides, the main one being an administrator guide that is loaded with step-by-step configuration instructions, screen shots and feature descriptions. This guide is easy to follow with an organized layout.
McAfee offers several support levels, including gold, gold select, platinum, platinum select and maximum access. Each of these levels has customized phone and email support options that can meet the needs of any size organization. There is also an extensive support area available on the website that includes technical documentation, downloads, a knowledge base and user forum.
At a price just shy of $12,000 with hardware included, we find this product to be a solid value for the money. Vulnerability Manager provides many easy-to-use powerful vulnerability assessment tools in one appliance.