Stat Scanner

 
 
By Cameron Sturdevant  |  Posted 2003-07-14 Print this article Print
 
 
 
 
 
 
 


Stat Scanner

EXECUTIVE SUMMARY
STAT Scanner Professional Edition Version 5.14
STAT Scanner is a no-nonsense vulnerability assessment tool that presents the facts, usually accurately, in clear—albeit sparse—reports. The product doesnt provide the depth of operating system identification that the other tools in our test provide. However, it is the first tool to make it through the Common Criteria certification process and the only one to scan network printers for vulnerabilities. STAT Scanner costs $990 for a 10-node license.
KEY PERFORMANCE INDICATORS
USABILITY GOOD
CAPABILITY GOOD
PERFORMANCE GOOD
INTEROPERABILITY GOOD
MANAGEABILITY EXCELLENT
SCALABILITY GOOD
SECURITY GOOD
  • PRO: Common Criteria certified; assesses network devices, including printers.

  • CON:Limited operating system identification; vulnerability descriptions are usually limited to vendor comments.

  • EVALUATION SHORT LIST
    Foundstones FS1000 Appliance Symantecs Symantec Vulnerability Assessment
    Harris STAT Scanner Professional Edition Version 5.14 was most recently revised in June 2002 and costs $990 for a 10-node license. As with all the products reviewed here, volume discounts are available, and the prices quoted are published list prices.

    STAT Scanner has a couple of "onlys" that made it stand out in the crowd: It was the only product in our tests that extended vulnerability testing to printers (specifically, Hewlett-Packard Co. printers)—a potential point of attack. STAT Scanner is also the only product we tested that was certified as compliant with Common Criteria, a tough international IT specification.

    However, STAT Scanner stumbled when it came to recognizing several systems in our testbed. A NetWare 5.0 server, for example, was marked as an unknown operating system, and efforts to get the product to recognize NetWare proved futile.

    STAT Scanner also had trouble correctly identifying Windows Server 2003-based systems. Although STAT Scanner did identify the Windows operating system, it used a Windows 2000 profile to scan for vulnerabilities. Thus, we got several false-positive vulnerability alerts, most pointing out that a variety of service packs had not been installed. Of course, Windows 2000 Server service packs are not applicable to Windows Server 2003, so the test systems were actually fine in that regard.

    IT managers who are looking at vulnerability assessment tools need to put operating system and application coverage at the top of the evaluation chart. As stated earlier, much of the value of these products comes from their ability to free IT security staff from routine security scans. However, that wont happen if a tool misses a crucial operating system.

    STAT Scanner can be scaled to incorporate multiple networks using STAT DVM (Distributed Vulnerability Management).

    During tests, STAT Scanner did as good a job as any of the products we looked at in limiting the amount of network bandwidth used. We recommend that IT managers pay close attention to the bandwidth-throttling capabilities of vulnerability assessment tools because networks or target systems can be quickly overwhelmed by some of the scanning techniques they use. STAT Scanner did not interfere with any of our database, Web or mail servers and placed very little load on our network infrastructure.



     
     
     
     
    Cameron Sturdevant Cameron Sturdevant has been with the Labs since 1997, and before that paid his IT management dues at a software publishing firm working with several Fortune 100 companies. Cameron also spent two years with a database development firm, integrating applications with mainframe legacy programs. Cameron's areas of expertise include virtual and physical IT infrastructure, cloud computing, enterprise networking and mobility, with a focus on Android in the enterprise. In addition to reviews, Cameron has covered monolithic enterprise management systems throughout their lifecycles, providing the eWEEK reader with all-important history and context. Cameron takes special care in cultivating his IT manager contacts, to ensure that his reviews and analysis are grounded in real-world concern. Cameron is a regular speaker at Ziff-Davis Enterprise online and face-to-face events. Follow Cameron on Twitter at csturdevant, or reach him by email at csturdevant@eweek.com.
     
     
     
     
     
     
     

    Submit a Comment

    Loading Comments...
     
    Manage your Newsletters: Login   Register My Newsletters























     
     
     
     
     
     
     
     
     
     
     
    Rocket Fuel