Vendors tout vulnerability mgmt. wares

Bolstering network vulnerability remediation and the ability to track down problems more quickly are the focus of a variety of products expected to be announced this week.

Vulnerability-management packages have gained attention lately as users struggle to patch systems, eliminate network weaknesses, find and fix a plethora of security configuration errors, and protect at-risk systems.

The announcements include:

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

Bolstering network vulnerability remediation and the ability to track down problems more quickly are the focus of a variety of products expected to be announced this week.

Vulnerability-management packages have gained attention lately as users struggle to patch systems, eliminate network weaknesses, find and fix a plethora of security configuration errors, and protect at-risk systems.

The announcements include:

Citadel's Hercules 4.0 vulnerability-management product, an agent-based scanner that can integrate information collected by scanners from Internet Security Systems, eEye and Harris, to create an asset inventory.

StillSecure's upgrade of its VAM security software to include an analytics module that provides forensics capabilities.

Sourcefire's update of its 3D System vulnerability-detection and intrusion-prevention suite to feature better problem reporting.

Hercules 4.0 adds an audit and compliance-check feature that lets managers generate reports targeted at fulfilling regulatory requirements.

"Hercules now has templates to map to these regulations, without having to necessarily schedule remediation measures," says Carl Banzoff, CTO at Citadel.

In other changes, Citadel also is offering the Hercules server - the component for managing reporting and remediation - as a hardware appliance for managers preferring the ease of installation associated with one in contrast to acquiring a server separately. In addition, vulnerability-management reporting now can be displayed in a graphic format.

The software agent that's part of Hercules 4.0 has added support for the Network Admission Control (NAC) protocol developed by Cisco and its partners to detect whether anti-virus updates are in place or Windows-based software has been updated for patches before allowing network access.

Banzoff says customers aren't yet using the NAC capability in the updated Hercules product.

Competitor StillSecure's upgrade to VAM includes the VAM vulnerability and asset management software, the SafeAccess endpoint scanner and the BorderGuard intrusion-prevention system.

VAM now will include NAC support in the SafeAccess v.3.5 software, expected to ship in early July. The SafeAccess scanner has its own method for checking anti-virus and patch updates, but support for the NAC protocol broadens the product's policy enforcement to Cisco, as well.

"We're a Cisco shop and could see using it in the future," says Chris Asaro, network engineer at New England School of Law, which uses StillSecure's SafeAccess to check staff and student computers.

The agentless SafeAccess scanner looks to find out if each computer has up to date anti-virus and Windows patches.

Asaro says the Boston law school last year began this security procedure after students returned from summer vacation with their laptops infected with worms and viruses, which brought the campus network to a crawl.

Meanwhile, Sourcefire will bolster its Sourcefire 3D System by adding a 3D System scanner and policy-enforcement tool, called Real-Time Network Awareness (RNA). The feature will add support for third-party tools, including the Nessus freeware scanner, the Shavlik Patch Management System and Cisco IDS event data.