McAfee Vulnerability Manager
Strengths: Compliance scanning and risk-based correlation ability.
Weaknesses: Easy to misconfigure if setup procedures are not followed correctly.
Verdict: If one wants bang for the buck, take a look at this one. Just be prepared to support it if something goes haywire.
SummaryWant an appliance that combines a powerful vulnerability scanner, penetration testing, web application scanning, compliance checks and integration into the existing environment? Well then, the McAfee Vulnerability Manager should make your short list. This appliance comes loaded to the gills with powerful onboard tools for solid vulnerability management. The McAfee Vulnerability Manager, or MVM, also packs the punch of built-in compliance and auditing through several ready-to-go compliance templates, such as Sarbanes-Oxley Act (SOX), FISMA, Health Insurance Portability and Accountability Act (HIPAA), and the Payment Card Industry Data Security Standard (PCI DSS), among others.
We find this appliance easy to setup and manage, but it can also be easily misconfigured if changes to the system are not made properly.We will get into that shortly. The initial setup is quite straightforward as the appliance is pretty much plug-and-play with much of the heavy lifting of installing the applications already done out of the box. Management is done through a web-based management console that we find to be quite overwhelming at first. However, we quickly got the hang of navigating around and setting up scans and managing the configuration. This tool also gives the option of doing both credential-based and null credential scans, along with many other types of scans, for discovery, inventory and compliance.
But, all this functionality comes with possible pitfalls. We found at one point in our testing that we were able to simply change a few things on the appliance itself, including the IP address, and things started going wrong almost instantly. After our IP change, the appliance lost its ability to find the scanning engine, so we deleted it in the settings in hopes of being able to re-add it and bind it to the new IP address, but no dice. The scanning engine was lost and it would require a call with technical support to get things up and running again. With that said, this appliance has some outstanding features and functionality, and does a lot of compliance-based reporting at a granular level. It also features a dashboard that provides an excellent, in-depth look into trouble spots throughout the network at a single glance, along with risk assessment through scoring of assets.
Documentation includes a full installation guide and a user guide, along with a few other supplements. The installation guide, for the most part, covers the actual software installation that is already done when the appliance arrives, but it also includes some helpful initial configuration tasks as well. The user guide provides excellent step-by-step instructions on configuration and management of the appliance, as well as detailed examples on how to use product features and functions.
McAfee provides several support options to customers based on the size and needs of their particular installation. Customers can obtain phone- and email-based technical help, as well as access to an online support area with many resources, including a knowledge base, tutorials, product documentation and web-based chat.
At a price just shy of $12,000, we find this solution to be an excellent value for the money. The McAfee Vulnerability Manager provides a strong combination of features and function for full vulnerability management and compliance.