Open-source IT-Security does not only deliver a high level of transparency of the solution itself. It is a contribution to the IT Security community in general. We are connected with this idea and committed to it.
Our Greenbone technology is available in two different versions. The Greenbone Security Manager (GSM), build for the professional use in enterprises and administrations, delivered as a turn-key appliance; and the Greenbone Community Edition for the security-aware user in SOHO environments.
Main differences between the GSM and the GCE are listed in the tables below:
The Security Feed for both versions differs in content, quality and availability.
| Greenbone Security Feed | Greenbone Community Feed | |
|---|---|---|
| Quality Assurance (QA) | Consistent | Variable |
| Availability | Assured with SLA | No promise |
| Fixes / Improvements | Assured with SLA | No promise |
| Support | Assured with SLA | Via community on volunteer basis |
| Updates | Constantly / daily | Constantly / daily, but without enterprise features |
| Transfer | Encrypted | Unencrypted |
| NVT Signatures | SLA for QA/Fixes | Transfer Integrity |
Greenbone provides its Vulnerability Management Technology in different versions: as the Greenbone Security Manager for professional users, as GCE for users in SOHO environments, and as source packages, which are embedded into various Linux distributions as OpenVAS. The differences between these versions and the related Security Feed are explained in our White Paper, The Different Flavors of Greenbones Technology.
The Appliance stands for less effort in setup and operation.
| Greenbone Security Manager | Own GCE (OpenVAS) – Installation | |
|---|---|---|
| Setting-up | Turn-key (ca 10 minutes) | Selection of operating system and hardware, then build on your own or install readily available community packages; perhaps use a community VM |
| Coverage | Concerted: All OpenVAS modules with several scan tools | Select and align on your own or take community defaults |
| Feed compatibility | Assured with SLA | Establish your own |
| Performance | Optimzed for hardware | Optimize on your own |
| Backup/Recovery | Integrated | To be solved individually |
| Fixes | Assured with SLA | To be managed on your own, perhaps import Community-Fixes |
| Support | Assured with SLA | Via community on volunteer basis |
| Updates | Regularly and seamless | On your own pace and method |
Want to test the Greenbone solution? You can download our community edition or contact us to arrange a trial using one of our appliances.
The Features of GSM and GCE are tailored to the environment:
| GSM (professional environments) | GCE (SOHO environments) | |
|---|---|---|
| Ways for Updates & Feed | Possible via GSM Sync Port, via Proxy S-Connect, via AirGap, via GSM Master | only Community Feed |
| System Update | Contains Security Updates, can update from any version to latest release, Grace Periods for EoL and LTS, Migration of data and configurations between appliances and versions | Not available |
| Protocols | NTP, OMP, HTTPS, SSH, SNMPv2, SNMP, Syslog, IPv6, LDAP, RADIUS and more | HTTPS only for WebGUI; SSH, IPv6 |
| Integrations and Connectors | Different vendors like PaloAlto, Fortinet, Cisco FireSight, NAGIOS, Splunk, Verinice and more | Not available |
| Backup/Recovery | Backup for User Data, System Data via LVM, Transfer via SCP or USB, Import of GCE Data, Transfer between appliances | Only via environment (HyperVisor) |
| Alarms, Schedules | Via Email, via HTTP, via SMS, via connector to a SIEM or Ticket system. complete scheduling possible | Not available |
| Scan architecture | Master/Slave, AirGap inside of high-sec zones | Not available |
