netVigilance Internal Scan - Cloud
Strengths: Full cloud-based internal and external scanning.
Weaknesses: Limited online support options.
Verdict: A good cloud-based solution to the vulnerability scanning challenge, especially for larger systems, though support needs some beefing up.
Internal Scan - Cloud edition from netVigilance offers a full cloud-based vulnerability scanning engine that can scan both internal and external systems for vulnerabilities and compliance. This solution is based entirely in the cloud, so there is no need for the purchase of any additional hardware. All that is required is the installation of the scanning agent on a Microsoft Windows-based machine somewhere on the internal network.
The installation and configuration is done in two steps. The first is to go to the web-based management portal and download the agent installer. This agent can be installed on any internet-connected Microsoft Windows machine on the network. We found the installation of the agent to be quick and simple. After we installed the agent and made sure it could connect to the netVigilance cloud service, we logged onto the web-based portal provided by netVigilance to manage scan tasks, as well as view reports and manage our account and profile. We found the portal to be easy to navigate with a simple design and easy-to-understand menu headings.
We found creating and launching scan jobs to be quite easy as well. When creating a scan job there are several options to choose from, including many regulatory compliance scanning templates. Some options are: Safe Scan, Only High Risk, Heavy Scan with DoS, SANS Top 20, GLBA, HIPAA, and External Firewall Scan, among others. Administrators also can create and save custom scan policies that are built from scratch or are a variant of the existing scan policies. Overall, we found creating and running scans to be easy and intuitive, but we did find it a little difficult to track our scanning progress. When a scan job is in progress, the menu just states that the job is running. There are no progress bars or estimated time to completion indicators available. However, after a scan is completed, reports can easily be generated in many format types, including PDF, HTML and CSV.
Documentation included a customized quick-start guide along with a short, 22-page PDF user guide. The customized quick-start details the steps necessary to access the web-base portal, download and install the agent, and get started with a basic scan. The user guide offers a more in-depth look at scanning options and how to use the product. This manual also features many screen shots and step-by-step instructions along with detailed descriptions of product features and functions.
As part of the purchase price, the company offers 10-hours-a-day/five-days-a-week phone- and email-based technical support along with updates and upgrades for the first year. After the first year, customers can purchase additional assistance as part of a contract. netVigilance offers three levels of support to customers, including silver, gold, and platinum. Each level includes assistance along with access to a small online support area with downloads and a FAQ. netVigilance does not offer a knowledge base at the current time.
At a price just shy of $12,000 for an entire Class C network, we find this product to be a solid value for the money. Internal Scan - Cloud offers full vulnerability scanning capability at a reasonable price with no hardware overhead.