The latest version of Qualys QualysGuard managed vulnerability detection system, released last month, performed admirably in tests at eWeek Labs. I easily generated reports that showed problems and used QualysGuards new report formats to see trends among server vulnerabilities.
Unlike other vulnerability assessment tools, which focus on large-enterprise networks, Qualys provides scanning services and vulnerability patch information aimed at medium-size companies, with subscription-based services that start at $995 per monitored IP address per year.
I was impressed with the level of detail in the QualysGuard vulnerability reports—the system not only pointed out weaknesses but also directed me to possible fixes.
Many of the new features in QualysGuard revolve around applying the products power only to areas of the network that need close examination.
For example, I could easily specify a range of IP addresses that included a Web server for frequent monitoring. Similarly, I could easily send limited reports to specific administrators.
More information about the system is available at www.qualys.com.