Symantec recently launched a new member of the Control Compliance Suite family - Symantec Control Compliance Suite Vulnerability Manager (CCS VM). This new product will help you when you are challenged to answer questions like which databases, servers and network devices are vulnerable to hacker attacks, which Web applications are exposed to SQL injection, and cross-site scripting threats, which unmanaged devices pose a security risk to your critical systems, or which vulnerabilities should receive highest priority for remediation efforts. How is this product working? Well, first of all, it scans host operating system, database and Web application (including AJAX and Web 2.0 applications) for vulnerabilities by using a unique vulnerability chaining mechanism to identify cumulative risks and attack vectors. As of today CCS VM provides scanning for more than 54,000 regularly updated vulnerability checks across 14,000+ vulnerabilities. It includes vulnerability content for the most popular database management systems, including MS SQL, IBM DB2, MySQL, Sybase, Informix, Oracle, PostgreSQL and others. The agent-less, native 64-bit scan engine provides high-performance scanning for faster results. In addition, a risk scoring algorithm provides insight into whether or not a vulnerability is exploitable. In particular on Microsoft, CCS VM receive updated vulnerability checks within 24 hours of Microsoft Patch Tuesday. It included checks for Red Hat Enterprise Linux patches, and provides other applications coverage, i.e. for Adobe Flash & Reader, Cisco IOS, Mozilla Firefox, Solaris, Sun JVM, etc. Last but not least, it is highly scalable via distributed scan engine architecture, and contains an open, standards-based integration API. In summary, CCS VM is a comprehensive expert technology, it scans entire Web application, database and operating system stack for vulnerabilities including mechanism for vulnerability “chaining” that enables detection of hidden vulnerabilities, and confirms whether exploits actually exist or not. So why Vulnerability Management matters? The answer is simple, investing into automating vulnerability management just pays. The recent published research by the IT Policy Compliance Group clearly shows that automating the procedures to find and fix vulnerabilities and unknown exploits in IT systems - Reduces unexpected business downtime from IT disruptions - Reduces the likelihood of data loss or theft - Contributes to reductions in security and audit deficiencies in IT - Is justified, with returns easily exceeding 150 percent annually You can get more information about it from the attached 2 page summary of the report, or get a full copy of this and related reports from the IT Policy Compliance Group website: www.itpolicycompliance.com. Feel free to contact me for any further question.
Yes, it is. The latest released added new platform support for Security Console and Scan Engine:
Windows 7 Professional (RTM and SP1), Ultimate, Enterprise; 32-bit and 64-bit (Security Console only) Windows Server 2008 R2 SP1, Standard, Enterprise; 64-bit Ubuntu 10.04 LTS 64-bit VMware ESX 3.5 VMware ESXi 3.5 VMware ESX 4.0 VMware ESXi 4.0
Please let me know any further question.
Hi Guido-
Is there support now for CCSVM to run on a VM infrastructure whether it be the console or a scan engine?
Thanks, Eric
I am not aware of a product benchmark comparison so far, but you will see some capabilities comparison as part of the Gartner Market Scope for Vulnerability Assessment and the Forrester Wave for Vulnerability Management. Please not that Symantec Vulnerability Manager is using the Rapid 7 Nexpose Engine, therefore you can apply the results for Rapid 7 to Symantec Vulnerability Manager, as the underlying engine is fully equal:
http://www.rapid7.com/resources/analyst-reports.jsp
Symantec strong capabilities for overall IT Governance, Risk and Compliance have been also acknowledged in the latest Forrester Wave for IT Governance, Risk, and Compliance Platforms 2011:
http://www.symantec.com/about/industryanalysts/analystreports.jsp#compliance
is there any benchmark between other products? or any comparation?
Hello. CCS VM licensing consists of a CCS VM base license plus additional IP packs or combinations of them (1.000, 5.000, 10.000, 65.000). The base license includes unlimited consoles, scan engines and templates for PCI. It also activates scanning and provides access to the console for user management and reporting. The base also includes functionality for scanning Web servers and is bundled with the ability to discover devices/assets in your environment.
Therefore, with the base license you will be able to discover devices in your environment without any limitation to a certain amount of IP's, but the vulnerability scans are bind to the amount of licensed IP packs.
-Guido
Thanks - a question...
How does licensing work? Is it per IP address?
If so, is there a discovery license to monitor all the unused IP addresses in the network?
i.e. in a subnet with 254 possible hosts, only 4 hosts are connected. Hence, a 4-license pack will suffice to scan those 4 hosts... what about the other 250 "dead" IPs? These need to be checked to ensure that no rogue hosts are connected to the network, but buying 254 IP licenses would be prohibitive.
I know Rapid7 do a discovery license pack, which doesn't check for vulnerabilities, but allows you to scan the entire estate to see if there is a host connected at each potential IP. Does Symantec do this as well?
M.
Thanks a'lot..I think these links will be very helpful for me.
The only trial version available can be found here.
https://www4.symantec.com/Vrt/offer?a_id=22294
http://www.symantec.com/business/control-compliance-suite
If you have more questions about the product, have a chat with Sales - https://symantecenterprise.rsys3.net/servlet/website/ResponseForm?lRtJETCTVVW_cd_.40hkt_yLjNLlmzHsLl9Hss_TCTVVW_zd
I got 64-bit version from the website :-( and after that i searched a'lot but didn't get 32bit version. Can you please suggest any resource with whom i can ask for my queries?
I think you can get it from symantec website, under products section....
This information was really helpful for me..i would like to know more about how to install this tool in 32-bit OS as a trialware..so that i will just have a brief regarding usage of the tool.