ibm_datasheet_enterprise_scanner
DESCRIPTION
De IBM Proventia Enterprise Scanner gives you insights in indentity risks and how to prioritize protection.TRANSCRIPT
![Page 1: IBM_Datasheet_Enterprise_Scanner](https://reader035.vdocuments.site/reader035/viewer/2022081822/568c503d1a28ab4916ae8225/html5/thumbnails/1.jpg)
Protecting corporate data with preemptive risk identification
IBM Proventia Network Enterprise Scanner
Identifying risk and prioritizing protection
IBM Proventia® Network Enterprise Scanner*
(Enterprise Scanner) is designed to ensure the
availability of your revenue-producing services
and to protect your corporate data by identify-
ing where risk exists, prioritizing and assigning
protection activities and reporting on results.
Benefits
• Reducerisktoyournetwork’suptime,band-
widthandcriticalsystemswithEnterprise
Scanner’svulnerabilitymanagementand
protection capabilities.
• Freeupresourcesbyautomatingthescan-
ning process.
• Leverageyourexistinginfrastructurecompo-
nents:EnterpriseScannerprovidesseamless
integration with Microsoft® Active Directory, asset
managementdatabasesandworkflowsystems.
• Virtuallyeliminateduplicatedeffort:Information
canbestoredonceandsharedamongsystems.
• Reduceemergencypatchingandfollownormal
change-controlprocesses:IBMVirtualPatch®
technologyhelpsprotectat-risksystemsand
segmentsbeforethevendor-suppliedpatch
is available.
• SupportregulatorycompliancewithEnterprise
Scanner’ssupersetofaudittoolstakenfrom
theauditors’preferredtool,IBMInternet
Scanner® software.
![Page 2: IBM_Datasheet_Enterprise_Scanner](https://reader035.vdocuments.site/reader035/viewer/2022081822/568c503d1a28ab4916ae8225/html5/thumbnails/2.jpg)
Features and capabilities
Specifications
• Identifies2,691assettypesout-of-the-box,includingdesktops,
servers,routers,switches,applicationsandoperatingsystems
• Identifiesnewlyconnecteddevicesandpreviouslyundis-
covered assets on the network
• Assignsorallowsresponsibilitytobeassignedto
specificassetstomeetcorporategovernanceand
traceability standards
• Iscapableofpassive/activeassetidentificationwiththe
inclusionoftheIBMProventiaNetworkAnomalyDetection
System(ADS)
Multisource discovery
• Activediscoveryscan
• ActiveDirectoryimport
• Intrusionpreventionsystem(IPS)-baseddiscovery
• ProventiaNetworkADSdiscovery
• Assetdatabaseimport
• Manualinput
• Customservicediscovery
–User-defined
Asset identification techniques
• Pingsweep
• UserDatagramProtocol(UDP)probe
• Assetfingerprinting
• Rapiddiscovery
• NetBIOS-baseddiscovery
• TransferControlProtocol(TCP)discovery
• UDPportdiscovery
• Operatingsystem(OS)fingerprinting
• Applicationfingerprinting
• IntegratedNetworkedMessagingApplicationProtocol
(NMAP) 4.0 database
Network services identified
–2,691
Asset classification
• Hierarchicalgroupstructurethatmirrorsyourorganizational
structure, providing context for both scanning and reporting
• ActiveDirectoryimportandmirroring
• Assetdatabaseimport
• Geographical,organizational,topologicalorsystem-
levelclassification
Vulnerability assessment
• Discovery-basedassessment
– Efficient,high-performancevulnerabilityassessment
• Scriptedassessment
– Allows for new content without updating product binaries
– Providessmallercontentupdates(IBMX-PressUpdate™
productenhancements)
– Supportsfastertimetomarketwithsecuritycontent
• Attackemulation
– Performsspecifictestsinanonimpactingmanner(pos-
ing no danger to your network) to analyze the effects of
a real attack
• RenownedvulnerabilitydatabasebytheIBMInternetSecurity
Systems™(ISS)X-Force®researchanddevelopmentteam
recognizesvulnerabilitiesandprogrammaticerrorsthat
couldcompromiseanasset
• Hostcriticality-prioritizedscanning
Security content updates featuring Virtual Patch technology
• Preemptive,ahead-of-the-threatcoverage,poweredby
X-Forcevulnerability-basedresearch
Spyware scanning
– Detects existence of spyware
Trust X-Force option
– Automaticallydetectsnewvulnerabilitiesbasedon
X-Forceexpertrecommendations
![Page 3: IBM_Datasheet_Enterprise_Scanner](https://reader035.vdocuments.site/reader035/viewer/2022081822/568c503d1a28ab4916ae8225/html5/thumbnails/3.jpg)
Scan windows
• Automatedscanningduringopenscanwindows
• Auto-pause/auto-resume—automaticscansuspension
uponclosureofscanwindows;resumeswhenthescan
window reopens
• Scan-windowconfigurationthat’sdesignedforeaseofuse
• Configurablerefreshperiodrefreshesdataautomatically
during open scan window, helping to ensure up-to-date
vulnerabilityinformation
• Group-orientedscanwindows
Workflow
• Vulnerabilityprioritization
• Internalticketingsystem
• Remedyintegration
• Openapplicationprogramminginterface(API),supporting
otherticketingsystems
• Ownershipassignmentandtracking
• Activityloggingandtracking
• Traditionalpatch-and-protectremediation
• VirtualPatchtechnology,incombinationwiththeIBM
ProventiaNetworkIntrusionPreventionSystem(IPS)portfolio
• Automaticresolutionvalidation
• Multiplevulnerabilitiesperticket
• Statusmonitoringandtracking(eightlevels)
Scan and block protection
• Vulnerabilityprotectionwithoutdeploymentofavendor-
suppliedpatchwhencombinedwithIBMProventia
Network IPS
• TurnkeyintegrationwithProventiaNetworkIPSthroughthe
IBMProventiaManagementSiteProtector™system
• Detectsvulnerabilitiesandidentifiescorrespondingblock-
ingalgorithmswithintheProventiaNetworkIPSportfolio
• Unifiedmanagementthatprovideseasyconfigurationof
IPS devices for discovered vulnerabilities
Reporting
• Reportsthatillustrateinformationinthecontextofyour
organization:
– Groupandreportonriskinapplicablebusinesscontext
usingamirrorofyourorganization
– Groupandreportbygeography,networklayout,business
systemoranyotherusefulgroupingofassets
– Reportrisktotherightpeopleattherighttime—
quicklycompareriskofdifferentbusinessunits,
systemsorgeographies
• Flexibleview-basedanalysiswithmorethan1,800reports
• Enterprise-levelmultiscan,multiscannerreports
• Preconfiguredreporttemplates
• ExportablereportstoPDF,CSV,HTML
• Schedule-drivenreports
• Web-accessiblereports
• FastAnalysisreports
• Extensivefiltering
Automation
• Virtuallyeliminatesmanualsteps,savingtimeandmoney
• Automaticandcontinuousscanning
• Scanprioritization
• Scanteams(multiplescannersworkingasone)
• X-PressUpdateenhancementsofvulnerabilityinformation
• Assetclassificationandgrouping
![Page 4: IBM_Datasheet_Enterprise_Scanner](https://reader035.vdocuments.site/reader035/viewer/2022081822/568c503d1a28ab4916ae8225/html5/thumbnails/4.jpg)
Easy-to-install appliance based on Linux ® management
• CentrallymanagedbySiteProtectorsystem—award-winning
managementsystemandthesecurityindustry’sonlyplatform
designed to unify the protection of network, server and desk-
top assets
• Emergencyscans—providingquick,adhocscansofyour
network on request
• Automatedsecurityintelligenceupdatesonthenewest
electronic threats
– X-PressUpdateproductenhancementsdeliveredbythe
globallyrespectedX-Forceresearchanddevelopmentteam
User interface options
• SiteProtectorsystemcentralizedmanagementinterface
• Web-basedProventiamanagerlocalmanagementinterface
SiteProtector system
– Centralizedcommand,reportingandanalysisforEnterprise
Scanner and all IBM ISS products
– User auditing
– Flexibleeventanalysis
Proventia manager
• Web-basedlocalmanagementinterface(LMI)
• Deviceconfiguration,establishmentofSiteProtectorcom-
municationslink
Device health monitoring
• SiteProtectorsystemcentralizedmanagementinterface
• Web-basedlocalmanagementinterface
Asset-based management
• Asset-centricassessmentpoliciesassociatedwithassets
rather than with scanner
• Scanpolicy—asset-basedscanpolicyallowspolicy
association with assets or groups of assets rather than with
scanners, allowing context-sensitive scanning
• Assessmentrefreshcycles
• Scanwindows
• AssessmentcredentialsforMicrosoftWindows® and Secure
Shell(SSH)technology
• Assessmentpolicy
• Discoverypolicy/scanexclusions
Correlation
• SupportsIBMSecurityFusion™module
• SiteProtectorFastAnalysisandcentralizedcorrelation
Independent discovery and assessment
• Separatepolicies
• Separatescanwindows
• Separaterefreshperiods
World-class support
• 24x7support,includingplatformupdates
![Page 5: IBM_Datasheet_Enterprise_Scanner](https://reader035.vdocuments.site/reader035/viewer/2022081822/568c503d1a28ab4916ae8225/html5/thumbnails/5.jpg)
Hardware specifications
Model Enterprise Scanner 1500 Enterprise Scanner 750
Physical characteristicsFormfactor 1-RU Desktop
DxWxH 429mmDx382mmWx44mmH16.9"Dx15.0"Wx1.73"H
177mmDx250mmWx39mmH6.9"Dx9.8"Wx1.5"H
Weight Gross11.1kg(24.47lb) Net:6.5kg(14.33lb)
1.2kg(2.6lb)
Emissions FCCClassA FCCClassA
Certifications CE/FCC/UL/cUL CE/FCC/UL/cUL
PowerPower supply unit Full-range250-wattPSU
auto-switching65-wattPSU,100–240voltsAC,47–63Hz
Operating environmentTemperature Temp:5°C–35°C(41°F–95°F)for
P43.0–3.4GHzprocessorsTemp:0°C–40°C(32°F–104°F)
Humidity 20%–90%relative 20%–90%relative
Storage environmentTemperature -20°C–70°C(-4°F–158°F) -20°C–70°C(-4°F–158°F)
PortsScan ports Five32-bitgigabitPCI-ExpressEthernetports
(one active, four reserved for future use) One10/100/1,000PCIEthernetport
Management One32-bitgigabitEthernetport One32-bitgigabitEthernetport
Console Serial port one – front-accessible RJ-45connector
Serialportone–front-accessibleRJ-45connector
USB TwoUSB2.0/frontaccessible TwoUSB2.0/rearaccessible
Front panelLCDdisplay LCDpanel2x16characters
LCDmodulewithfourbuttons
(reserved for future use)
N/A
![Page 6: IBM_Datasheet_Enterprise_Scanner](https://reader035.vdocuments.site/reader035/viewer/2022081822/568c503d1a28ab4916ae8225/html5/thumbnails/6.jpg)
Discovery performance specifications
Enterprise Scanner 1500
Discovery 2,600-3,000IPsperhour
Assessment 700-800assetsperhour
Enterprise Scanner 750
Discovery 2,400-2,800IPsperhour
Assessment 200-250assetsperhour
Performance figures based on Firmware 1.3 with XPU 1.21 default policies on several different sized networks. Discovery speeds can be 2x to 3x faster on much smaller networks (50-500) hosts due to the low number of time-outs.
Scan-team performance gains
Performance features
• DynamiccheckassignmenttoidentifyandrunOS-specific
checks
• Loadbalancing(teaming)amongmultiplescanners
Scan-time work distribution
• Abilitytoaddascanneratalocation,toautomaticallyand
transparently load balance
• Perspective-basedloadbalancing
Distributed scanning
• Performanceoptimizationbyaddingmultiplescannersin
multiplenetworklocations
• Multiplescannerscolocatedtoloadbalance
For more information
Proventia Network Enterprise Scanner is also an integral part
ofIBMManagedSecurityServices,includingIBMVulnerability
ManagementService,andIBMProfessionalSecurityServices.
IBMManagedSecurityServicesprovides24x7x365expert
monitoringandprotectionforafractionofthecostoftraining
![Page 7: IBM_Datasheet_Enterprise_Scanner](https://reader035.vdocuments.site/reader035/viewer/2022081822/568c503d1a28ab4916ae8225/html5/thumbnails/7.jpg)
Scan team performance gains
Scan team Percent reduction from base
Discovery Assessment Timeeffect
Onescanner 0 percent 0 percent (base)1hour
Twoscanners 45percent 45percent 35minutes
Threescanners 60percent 60percent 24minutes
Fourscanners 70percent 70percent 18minutes
Fivescanners 75percent 75percent 15minutes
Six scanners 80percent 80percent 12minutes
andmaintaininganin-housesecuritystaff.Discoverhow
EnterpriseScannercanprotectyourbusinessfromInternet
threats.Besuretoaskifyourcompanyqualifiesfora30-day
evaluation.Foranonsitedemonstration,contacttheIBMISSoffice
nearestyou.Forlocationsandmoreproductinformation,visit:
ibm.com/services/us/iss
![Page 8: IBM_Datasheet_Enterprise_Scanner](https://reader035.vdocuments.site/reader035/viewer/2022081822/568c503d1a28ab4916ae8225/html5/thumbnails/8.jpg)
©CopyrightIBMCorporation2008
IBMGlobalServices Route100 Somers,NY10589 U.S.A.
ProducedintheUnitedStatesofAmerica 02-08 AllRightsReserved
IBM, the IBM logo, Internet Scanner, Internet SecuritySystems,Proventia,SecurityFusion,SiteProtector, VirtualPatch,X-ForceandX-PressUpdatearetrademarksorregisteredtrademarksofInternationalBusinessMachinesCorporationin the United States, other countries, or both.
LinuxisaregisteredtrademarkofLinusTorvaldsintheUnitedStates,othercountries, or both.
MicrosoftandWindowsaretrademarksofMicrosoftCorporationintheUnitedStates,other countries, or both.
Othercompany,productandservicenamesmaybetrademarksorservicemarksofothers.
ReferencesinthispublicationtoIBMproductsorservicesdonotimplythatIBMintendstomakethemavailableinallcountries in which IBM operates.
Allperformancedatacontainedinthispublication was obtained in the specific operatingenvironmentandundertheconditions described above and is presentedasanillustration.Performanceobtainedinotheroperatingenvironmentsmayvaryandcustomersshouldconducttheir own testing.
* U.S.PatentNo.7,093,239
GTD01130-USEN-01