Nessus Vulnerability Scan

“What it does – vulnerability management – it does as well or better than any system we’ve seen and its long history makes it completely reliable.”


The average cost of a cybersecurity breach is $7 million.

 

In today’s world of constantly changing security vulnerabilities and new exploits, no system should be left unmonitored, doing so would lead to a system compromise, potential data loss, ransomware, and any number of business-impacting threats. A critical step, in the monitoring of any system, is regular external scanning of all resources.

The Nessus service allows the scheduling of consistent monitoring of any network-accessible resource by the most up-to-date security monitoring platform available. Every system, exposed to the Internet, benefits from continual security monitoring. System administrators and security firms around the globe rely on this type of service to check routinely the integrity of their services and platforms.

Nessus also allows for the host to be scanned, either remotely by Fibernet or as an ‘agent’ on the customer’s server, as frequently as once daily. The remote security scan is hosted by Fibernet and the Agent scan is performed by the host itself. 

The scan report is integrated into the customer’s Fibernet Backroom, so it is easily accessible. Color-coded vulnerabilities, ranging from low to critical, make the report very legible, thereby prioritizing one’s time to fix the problems instead of trying to decipher the report. 

Fibernet offers two different types of service, the Remote Scan, and the Agent Scan.

Nessus Remote Vulnerability Scanner

The Nessus Remote Scan is an external vulnerability scanning software hosted offsite. It remotely scans all external-facing ports and searches for any communication with botnet-infected systems, or potential exploits from outside sources. The exploits used in the WannaCry ransomware attacks, for example, could have been easily discovered with a Nessus Remote Scan. A single host starts at $24.95 per month.

Nessus Agent Vulnerability Scanner

Unlike the Remote scan, the Nessus Agent Scan is installed directly on the host, which performs an internal scan on the host’s software. This allows for the discovery of malware, infected software, backdoor implants, and other potential vulnerabilities. The scan will expose potential threats that might cause an issue now or in the future. Pricing starts at $24.95 per month for 1 host.

What are the differences between the Remote Scan and Agent Scan?

Between the two, the Nessus Agent is different from Nessus Remote. Agent isn’t a more advanced, or an enterprise edition. While the Agent scans the host’s internal software; the Remote scanner works externally.

The Agent’s features:

Nessus Agent scans use lightweight, low-footprint programs that you install locally on hosts. Nessus Agents collect vulnerability, compliance, and system data, and report that for analysis. Nessus Agents are designed to have minimal impact on the system and the network, giving you the benefit of direct access to all hosts without disrupting your end users.

Benefits

  • Provides extended scan coverage and continuous security:
    • Can deploy where it’s not practical or possible to run network-based scans.
    • Can assess off-network assets and endpoints that intermittently connect to the internet (such as laptops). Nessus Agents can scan the devices regardless of network location and report results back to the manager.
  • Eliminates the need for credential management:
    • Doesn’t require host credentials to run, so you don’t need to manually update credentials in scan configurations when credentials change, or share credentials among administrators, scanning teams, or organizations.
    • Can deploy where remote credentialed access is undesirable, such as Domain Controllers, DMZs, or Certificate Authority (CA) networks.
  • Efficient:
    • Can reduce your overall network scanning overhead.
    • Relies on local host resources, where performance overhead is minimal.
    • Reduces network bandwidth needs, which is important for remote facilities connected by slow networks.
    • Removes the challenge of scanning systems over segmented or complex networks.
    • Minimizes maintenance, because Nessus Agents can update automatically without a reboot or end-user interaction.
    • Large-scale concurrent agent scans can run with little network impact.
  • Easy deployment and installation:
    • You can install and operate Nessus Agents on all major operating systems.
    • You can install Nessus Agents anywhere, including transient endpoints like laptops.
    • You can deploy Nessus Agents using software management systems such as Microsoft’s System Center Configuration Manager (SCCM).

Limitations

  • Network checks—Agents are not designed to perform network checks, so certain plugin items cannot be checked or obtained if you deploy only agent scans. Combining traditional scans with agent-based scanning eliminates this gap.
  • Remote connectivity—Agents miss things that can only specifically be performed through remote connectivity, such as logging into a DB server, trying default credentials (brute force), traffic-related enumeration, etc.

While one service can’t replace the other, it can work in conjunction to create a complete vulnerability scanner. With both, more vulnerabilities are found and then fixed promptly, instead of waiting for your PCI or compliance audit. The reports are still integrated into the customer’s Fibernet Backroom or can be easily downloaded in the same format from the software, with the same easy-to-read features and color-coded risk levels.

Why Nessus?

Nessus can benefit all who wish to improve their cyber security, which should be everyone. Cyber-attacks number in the billions according to the 2016 Dell Security Annual Threat Report, if you are under the impression that you aren’t at risk, you may want to reconsider that position.

Nessus is the best-known vulnerability scanner in the world, and with good reason, according to SCMagazine.com. In a product review, they stated that “What it does – vulnerability management – it does as well or better than any system we’ve seen and its long history makes it completely reliable.”

Any company that is required to be PCI or HIPAA-compliant knows the importance of regular scans and audits. The Nessus Vulnerability Scanners are impressive tools in preparation of these compliant scans and audits. Nessus can save you hundreds or thousands of dollars on remediation or repeat audits. Beyond compliance, the Nessus Vulnerability Scanner provides you with information at your fingertips to know exactly how to upgrade, update, and maintain your system so that you can have that peace of mind that your systems are compliant and you have minimized their vulnerability.

Cyber security is the future. Allow Fibernet to assist you with your compliance utilizing Nessus Vulnerability Scanners. 

Call for a free demo scan today (800) 305-6995.