GFI LANguard N.S.S VS NeWT Security Scanner Presented by:Li,Guorui 1

GFI LANguard N.S.S VS NeWT Security Scanner Presented by:Li,Guorui 1

Agenda Features comparison System requirements Installation Licensing Testing Conclusion Reference 2

Features comparison Flexible scanning Common Vulnerabilities and Exposures (CVE) compatible Easy vulnerability database updates Results Comparison 3

Features comparison (cont’) GFI LANguard Network Security Scanner version 5.0 Automatically detect security vulnerabilities on your network Provides in-depth information about all machines/devices Patch management NeWT vulnerability scanner version 2.1 Provides Dos Attack in addition to the standard set of tests Intelligent port scanning 4

System requirements GFI LANguard N.S.S Windows 2000/2003 or Windows XP Internet Explorer 5.1 or higher Client for Microsoft Networks must be installed. NO Personal Firewall software or the Windows XP Internet Connection Firewall can be running while doing scans. It can block functionality of GFI LANguard N.S.S. To deploy patches on remote machines you need to have administrator privileges 5

System requirements(cont’) NeWT Security Scanner Windows 2000/2003 or Windows XP A resident copy of Microsoft’s Internet Explorer is required Client for Microsoft Networks must be installed. To forge custom TCP/IP packets, NeWT uses the WinPcap (http://winpcap.polito.it ) driver To deploy patches on remote machines you need to have administrator privileges 6

Installation GFI LANguard 60 days full evaluation or freeware version http://www.gfi .com/downloads/downloads.asp?pid 8&lid 1 NeWT Freeware http://www.tenablesecurity.com/newt.html 7

Licensing GFI LANguard Price Price up to 25 IPs LANSS25 315 up to 250 IPs LANSS250 795 up to 50 IPs LANSS50 395 unlimited IPs * LANSSUNL 995 up to 100 IPs LANSS100 495 8

Licensing NeWT Scanner Free Local network only NeWT Pro is for commercially use ( 6000) 9

Testing environment Server Intel Celeron 1.8 GHz 512 Mb of RAM Windows 2000 SP 4 Clients 2 Windows 2000 machines 2 Windows XP machines 10

Testing environment Phase one Perform default vulnerability tests of both software Phase two Install patches, updates Rescan system again Phase three Compare result comparison function 11

Test phase one result 12

13

14

Test phase one summary Testing Items GFI LANguard NeWT Scanner Total machine scanning 4 4 Scanning set Default Default Total time 6-7 minutes 16-17 minutes Total High vulnerability 8 29 Total Medium vulnerability 5 17 15

Test phase two result GFI LANguard did not identify the software version correctly Updated office 2000, SQL server 2000, WinAMP 5.05 / JRE/JDK 1.4.2 06 16

Test phase three result 17

18

Conclusion GFI LANguard Fast Many extra features Buggy NeWT scanner Powerful scanning ability Stable system performance A bit slow 19

Reference http://www.tenablesecurity.com/newt.html NeWT user manual http://www.gfi.com/languard/ GFI LANguard user manual 20

Questions 21