Managing security weaknesses no easy task
By Ellen Messmer
Vulnerability management starts with tools that assess security in network gear and applications, but it's a road that forks, one way leading to host- or agent-based scanners and the other to network-based or agentless scanners.
An agent-based vulnerability scanner is deployed directly on the host system; the alternative, an agentless scanner, probes machines at targeted IP addresses. By year-end, agent-based options are expected to nudge out agentless tools in sales volume by about $100 million, IDC predicts, with total sales for both types of about $600 million. Although the market is rich in both varieties, experts say several factors influence the choices that network managers make in vulnerability assessment.
Both approaches have pros and cons. "The bad thing about agents is that they're expensive to install and maintain," says John Pescatore, an analyst at Gartner, in describing the considerations that come up with the decision about which route to take.
The bigger the network, the more the agent-based software that has to be installed. Costs typically range from about $25 to $40 per desktop to hundreds of dollars for servers, according to vendors with agent-based products. On the other hand, "the huge benefit of an agent-based [scanner] is that you can get deeper information about the computer node, such as looking into the registry," Pescatore says.
To read this story in its entirety, please go to: http://www.networkworld.com/news/2005/121205-enterprise-security.html?rl