Real Vulnerability Testing Tools Offer Actual Assessments, Not Just Hype

 
 
By Cameron Sturdevant  |  Posted 2005-03-07 Email Print this article Print
 
 
 
 
 
 
 

A good vulnerability assessment tool can stabilize the shifting terrain of threats to IT systems.

A good vulnerability assessment tool can stabilize the shifting terrain of threats to IT systems. But just about every configuration management, patch distribution and system monitoring tool these days comes with a "vulnerability assessment" utility, so IT managers face a challenge separating useful tools from creative marketing.

The good news is that most of these offerings actually can provide useful information to IT managers, including details about which systems are vulnerable to Internet worms and viruses.

The not-so-good news is that many of these tools dont provide much additional research about the threat, nor do they offer remediation instructions beyond the vendors terse commands.

LANDesk Software Inc.s Server Manager 8.5 includes a vulnerability assessment tool that uses standard information from Microsoft Corp. and Red Hat Inc. to assess server-specific application and operating system vulnerabilities. The vulnerability assessment tool is part of LANDesk Server Managers patch management system and uses LANDesk software distribution tools to ease the deployment of patches to affected systems.

Click here to read the review of Server Manager 8.5. This integrated approach to system management is a good one, we believe, because all the utilities needed to protect vulnerable systems are rolled into a single product—and, in LANDesks case, a product with a proven track record. Because LANDesk Server Manager combines reports with software and hardware asset information, IT managers should be able to significantly reduce the time between vulnerability discovery and corrective action.

This isnt to say that LANDesk Server Managers approach is flawless. Although the management dashboard usually made the task of identifying system problems simple in eWEEK Labs tests, we still needed to manually dig around in the reports section to get detailed information about possible problems.

As with so many vulnerability assessment tools, LANDesk Server Manager depends almost exclusively on vendor data to provide information about vulnerabilities and the steps needed to remove them. Wed like to see vulnerability assessment tools take a role in prioritizing problems to ensure discovering and correcting the most severe defects—especially when it comes to system vulnerabilities.

LANDesk Server Manager uses ratings provided by vendors to prioritize problems. Although the critical problems such as known system buffer overflows are flagged, systems administrators still need to manually sort problems to get the worst ones to the top of the list. Our tests show that this task is easy enough that it should be automated in a subsequent release of the product.

When it comes to identifying and assessing vulnerabilities, we think tools such as LANDesk Server Manager can significantly reduce the time needed to correct problems. As attacks become more shrewd, however, these tools will need to take the next step and use additional information gathered from the server itself to make suggestions to IT staff as to the best approach to fixing problems.

Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.
 
 
 
 
Cameron Sturdevant Cameron Sturdevant is the executive editor of Enterprise Networking Planet. Prior to ENP, Cameron was technical analyst at PCWeek Labs, starting in 1997. Cameron finished up as the eWEEK Labs Technical Director in 2012. Before his extensive labs tenure Cameron paid his IT dues working in technical support and sales engineering at a software publishing firm . Cameron also spent two years with a database development firm, integrating applications with mainframe legacy programs. Cameron's areas of expertise include virtual and physical IT infrastructure, cloud computing, enterprise networking and mobility. In addition to reviews, Cameron has covered monolithic enterprise management systems throughout their lifecycles, providing the eWEEK reader with all-important history and context. Cameron takes special care in cultivating his IT manager contacts, to ensure that his analysis is grounded in real-world concern. Follow Cameron on Twitter at csturdevant, or reach him by email at cameron.sturdevant@quinstreet.com.
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...

 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Rocket Fuel