I'd only add that the licensing cost of SecurityCenter is roughly $15k for 500 IPs you are getting vulnerabilities for. We sell a good bit of SecurityCenter to SMBs who have 100s of devices they want to schedule scans for, have multiple Nessus scanners, perform configuraiton audits, have a dashboard, run different types of users, .etc.
Ron On 1/19/2011 8:50 AM, John Strand wrote: > You know I am biased. > > However, I have had nothing but good results from Nessus. > > Also, the reporting in the newest version is miles better then it was. > > For the cost, you cannot beat it. > > There has been a few people I have talked to recently that say that > Nessus does not do DB, network device or application level checks. Some > say, it only does OS checks. I do not quite know where this rumor > started, but it is untrue. It does excellent checks on these devices. > > I am sure Paul or Ron know the specifics. > > *Summon Gula or Asadorian!* > > Finally, check out the credentialed scans. Rather than just checking for > external vulnerabilities, you can also check client side software as well. > > HTH, > > John > > > > On Tue, Jan 18, 2011 at 10:59 AM, Butturini, Russell > <[email protected] > <mailto:[email protected]>> wrote: > > I'd just double check and make sure you understand the licensing > options for Nexpose. There are some very affordable ones that > don't' require buying big hardware and are optimized to run on > notebook PCs. > > -----Original Message----- > From: [email protected] > <mailto:[email protected]> > [mailto:[email protected] > <mailto:[email protected]>] On Behalf Of Zate Berg > Sent: Tuesday, January 18, 2011 10:29 AM > To: PaulDotCom Security Weekly Mailing List > Subject: Re: [Pauldotcom] Small/Medium Business Scanner > > I'd vote for Nessus in your situation too. Possibly combine it with > something like Seccubus (V2 is due out soon). > > Zate > > > > On Tue, Jan 18, 2011 at 10:00 AM, Dark Harper <[email protected] > <mailto:[email protected]>> wrote: > > Hi all, > > > > This ones probably been around and around a dozen times but I'm after > > some advice/recommendations on a vulnerability scanner for a small to > > medium sized business. > > > > My short list is now down to two - Nessus or NeXpose. > > > > Our environment is spread across three sites, around 50 nodes in > each. > > The sites are not permanently linked. One of those sites is PCI > DSS compliant. > > I've been using OpenVAS but am not a fan. Access to remote scanners > > is via SSH tunnels/small links. > > > > Cost is definitely a consideration as budget is tight this year. I'm > > leaning towards Nessus as it is miles cheaper than NeXpose and > > requires much lower spec hardware from what I can tell. Recent > > Metasploit plugin is also a plus. Can anyone say why I would put > up the extra cash for NeXpose? > > > > -Dark > > > > > > _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
