Only Greenbone has it
Greenbone features a permanent stream of over 45,000 Network Vulnerability Tests (NVT) – and more are being added every day. The scan engine is capable of recognizing known and potential security problems thanks to this daily update, regardless of what devices are connected to your network.
- Tests according to CVE alerts
- Tests according to Bugtraq alerts
- Aggregate compliance rulesets
- Controls for scan agents
- Embedded Nmap NSE test routines
- Coverage: MS Windows, GNU/Linux (Debian, Fedora, Mandriva, Redhat, SUSE, Ubuntu), Solaris, HP-UX, Cisco and various active networks components
- Globally networked development team: North-America, Europe and Asia
- Multi-tier quality assurance process
- Multiple daily updates
- Encrypted transfer
- Test routines are digitally signed
- Vulnerability tests via remote network access
- Vulnerability tests via credentials
The core content of the Greenbone Security Feed consists of
- NVTs (Network Vulnerability Tests)
- SCAP (Security Content Automation Protocol) and
- CERT (Computer Emergency Respone Team) data.
The content of the Greenbone Security Feed undergoes a distinct process before it arrives at our customers’ sites.
- Screening (validity)
- Research (type, correlation, priority)
- Quality Assurance
- Release (into feed service)
The Greenbone Security Feed – Take a look at the Statistics
Greenbone OS (GOS) provides a robust basis for the Greenbone Security Manager. It includes the basic operating system, an administrative level and the scan applications. The hardware-specific functions vary according to the GSM version. The following features are available for all GSM variants (see remarks):
- Network integration: SMTP (Email), SNMP, SysLog, LDAP, NTP, DHCP, IPv4/IPv6
- Vulnerability detection: CVE, CPE, CVSS, OVAL
- Network scans: WMI, LDAP, HTTP, SMB, SSH, TCP, UDP, …
- Policies: IT-Grundschutz, PCI DSS, ISO 27001
Web-based interface (HTTPS)
- Scan tasks management with notes and false-positive marking
- Multi-user support
- Clustered and distributed scanning via master-slave mode
- Report browsing aided by filtering, sorting, annotating and risk scoring
- Plug-in framework for reports: XML, PDF, …
- Appliance performance overview
- OpenVAS Management Protocol (OMP), SSL-secured
- All user actions of web-based interface available via API
- Easy integration with other applications using the API
- Simple automation via command line tools (CLI)
Administrative console interface
(available as shell via SSHv2 or RS232)
- Network integration configuration
- Backup, restore, snapshot, factory reset, update
(approved and customized versions)
- Scan engine and framework: OpenVAS with integrated Greenbone Security Feed
- Additional scan tools: Nmap, w3af
Greenbone OS Architecture
Greenbone uses, extends and improves the Open Vulnerability Assessment System (OpenVAS) as a base technology of the Greenbone Security Solutions.
The internal architecture follows the approach of task-oriented components. In other words, instead of an all-in-one-tool, each task is designed as a service. Your benefits:
- Small, focused components can be implemented and operated transparently and securely. Each component uses only the system privileges that it needs to operate properly.
- Each of the service components offers a well-defined communication protocol.
Integration into security structures is a major design and architectural feature of Greenbone technology. Among other things, the comprehensive protocol (OMP) has been developed for this purpose. This is complemented by the report plug-in framework and alert modules.
System Monitoring: Nagios/Centreon
The scan results of the Greenbone Security Manager provide a great additional benefit when they are automatically connected to monitoring tools like Nagios. Nagios is considered, together with related products like Centreon and Icinga, an industry standard for monitoring IT infrastructures.
Scan results can be transferred from Greenbone Security Manager to the ISMS tool verinice. This allows linking Greenbone data with other security related business data in a comprehensive management tool for integrated reporting. At the same time, this also makes it possible to integrate the handling of detected vulnerabilities into the existing business process.