The Rapid7 NeXpose 4.6 appliance is a feature-packed vulnerability assessment and risk analysis tool that always goes beyond expectations. This product can not only scan for network-based vulnerabilities, but also looks inside web apps and databases for potential threats. Along with vulnerability assessment, this appliance also does risk analysis by finding how vulnerabilities in one asset can lead to problems in others.
This product is as close to plug-and-play as it can get. Setup takes just a few minutes, and once the appliance is on the network, discovery and scans can begin almost immediately. Management is done through the web GUI which is setup in a very intuitive fashion. To begin a scan takes just a few seconds, and scan setup is guided by an easy-to-follow wizard.
Once a scan is complete, results can be instantly viewed and pre-defined reports can be created. We found results were well organized and allowed us to quickly and easily sort and find information on possible threats and vulnerabilities. Scans can also be setup into various sites, which provides the ability to split the environment up into granular segments, if needed.
Two manuals are included with the NeXpose appliance. One is a short setup guide, which illustrates connecting the appliance to the network and setting up the first scan. The other is a PDF administrator guide. This provides a great amount of detail on using the appliance and configuring advanced features.
Rapid7 provides no-cost, eight hours a day/five days a week phone support at the time of purchase. Enterprise support can be purchased for an extra fee of 10 percent of purchase price, and this provides 24/7 technical support.
At a cost of $20,000, this product may seem quite pricey, but we find it to be an excellent combination of highly comprehensive features and simple management. We also find this tool to be a good value for the money.