Vulnerability Assessment (VA) Group Test

Group Test (Edition 2)

Foreword

Welcome to the Second Edition of the Vulnerability Assessment (VA) Group Test report

This report started life in 2000 as part of the IDS/VA testing project. Given the increase in the number of participants this year, however, we have decided to divide the report into two: one covering Vulnerability Assessment, and the other Intrusion Detection Systems.

In this report we have five VA products, two of which are updated entries ï¿½ those products from BindView and VIGILANTe. We have also updated the introductory and summary material, which we would encourage you to read since it covers many of the concepts mentioned in the technical evaluations.

Demand for, and interest in, this report has been tremendous. Feedback confirms we are providing a major source of much needed information and advice to security professionals, and The NSS Group VA Report is considered the definitive guide to the VA market place. Edition 2 provides independent and comprehensive technical evaluations of the current leading products in the market place, and we hope you find it informative and useful.

Bob Walder

Table of Contents

Introduction
Passive Scanner
Active Scanner
The Circle of Strife

Product Reviews

Bindview bv-Control for Internet Security V3
Installation
Configuration
Reporting and Analysis
Verdict
Contact Details

NAI Cybercop Scanner 5.5
Architecture
Installation
Configuration
Reporting and Analysis
Verdict
Contact Details

Symantec Enterprise Security Manager 5.1
Architecture
Agent
Manager
Enterprise Console
Installation
Configuration
Summary
Policies
Policy Runs
Templates
Reporting and Analysis
Verdict
Contact Details