Upload
marian-mary-welch
View
217
Download
1
Tags:
Embed Size (px)
Citation preview
1
GFI LANguard N.S.S VS NeWT Security Scanner
Presented by:Li,Guorui
2
Agenda
Features comparisonSystem requirementsInstallationLicensing TestingConclusion Reference
3
Features comparison
Flexible scanning Common Vulnerabilities and Exposures (CVE) compatible
Easy vulnerability database updates
Results Comparison
4
Features comparison (cont’)
GFI LANguard Network Security Scanner version 5.0 Automatically detect security vulnerabilities on
your network Provides in-depth information about all
machines/devices Patch management
NeWT vulnerability scanner version 2.1 Provides Dos Attack in addition to the standard
set of tests Intelligent port scanning
5
System requirements
GFI LANguard N.S.S Windows 2000/2003 or Windows XP Internet Explorer 5.1 or higher Client for Microsoft Networks must be
installed. NO Personal Firewall software or the
Windows XP Internet Connection Firewall can be running while doing scans. It can block functionality of GFI LANguard N.S.S.
To deploy patches on remote machines you need to have administrator privileges
6
System requirements(cont’)
NeWT Security Scanner Windows 2000/2003 or Windows XP A resident copy of Microsoft’s Internet
Explorer is required Client for Microsoft Networks must be
installed. To forge custom TCP/IP packets, NeWT uses
the WinPcap (http://winpcap.polito.it ) driver To deploy patches on remote machines you
need to have administrator privileges
7
Installation
GFI LANguard 60 days full evaluation or freeware version http://www.gfi
.com/downloads/downloads.asp?pid=8&lid=1
NeWT Freeware http://www.tenablesecurity.com/newt.html
8
Licensing
GFI LANguard
Price Price
up to 25 IPs LANSS25 $ 315 up to 250 IPs LANSS250 $ 795
up to 50 IPs LANSS50 $ 395 unlimited IPs * LANSSUNL $ 995
up to 100 IPs LANSS100 $ 495
9
Licensing
NeWT Scanner Free Local network only NeWT Pro is for commercially use
($6000)
10
Testing environment
Server Intel Celeron 1.8 GHz 512 Mb of RAM Windows 2000 SP 4
Clients 2 Windows 2000 machines 2 Windows XP machines
11
Testing environment
Phase one Perform default vulnerability tests of
both software
Phase two Install patches, updates Rescan system again
Phase three Compare result comparison function
12
Test phase one result
13
14
15
Test phase one summary
Testing Items GFI LANguard NeWT Scanner
Total machine scanning 4 4
Scanning set Default Default
Total time 6-7 minutes 16-17 minutes
Total High vulnerability 8 29
Total Medium vulnerability
5 17
16
Test phase two result
GFI LANguard did not identify the software version correctly
Updated office 2000, SQL server 2000, WinAMP 5.05 / JRE/JDK 1.4.2_06
17
Test phase three result
18
19
Conclusion
GFI LANguard Fast Many extra features Buggy
NeWT scanner Powerful scanning ability Stable system performance A bit slow
20
Reference
http://www.tenablesecurity.com/newt.html
NeWT user manual
http://www.gfi.com/languard/
GFI LANguard user manual
21
Questions