Product Information

McAfee Vulnerability Manager

starstarstarstarstar

by Peter Stephenson May 01, 2012
Vendor:

McAfee

Product:

McAfee Vulnerability Manager

Website:

http://www.mcafee.com

Price

c£7,500 (exc VAT)

RATING BREAKDOWN

  • Features:
    starstarstarstarstar
  • Ease of Use:
    starstarstarstar
  • Performance:
    starstarstarstar
  • Documentation:
    starstarstarstarstar
  • Support:
    starstarstarstarstar
  • Value for Money:
    starstarstarstarstar
  • Overall Rating:
    starstarstarstarstar

QUICK READ

  • Strengths: Compliance scanning and risk-based correlation ability
  • Weaknesses: Easy to misconfigure if set-up procedures are not followed correctly
  • Verdict: If one wants bang for the buck, take a look at this. Just be prepared to support it if something goes haywire

Want an appliance that combines a powerful vulnerability scanner, penetration testing, web application scanning, compliance checks and integration into the existing environment? Well then, the McAfee Vulnerability Manager (MVM) should make your shortlist.

This appliance comes loaded to the gills with powerful onboard tools for solid vulnerability management. The MVM also packs the punch of built-in compliance and auditing through several ready-to-go compliance templates, such as for the Payment Card Industry Data Security Standard (PCI-DSS), among several others.

We found this appliance easy to set up and manage, but it can also be easily misconfigured if changes to the system are not made properly; we will get into that shortly. The initial set-up is quite straightforward as the appliance is pretty much plug-and-play with much of the heavy lifting of installing the applications already done out of the box.

Management is done through a web-based management console that we found to be quite overwhelming at first. However, we quickly got the hang of navigating around and setting up scans and managing the configuration. This tool also gives the option of carrying out both credential-based and null credential scans, along with many other types of scans, for discovery, inventory and compliance.

However, all this functionality comes with possible pitfalls. We found at one point in our testing that we were able to simply change a few things on the appliance itself, including the IP address, and things started going wrong almost instantly. After our IP change, the appliance lost its ability to find the scanning engine, so we deleted it in the settings in hope of being able to re-add it and bind it to the new IP address, but no dice. The scanning engine was lost and it would require a call to technical support to get things up and running again.

That said, this appliance has some outstanding features and functionality, and does a lot of compliance-based reporting at a granular level. It also features a dashboard that provides an excellent, in-depth look into trouble spots throughout the network at a single glance, along with risk assessment through the scoring of assets.

Documentation includes a full installation guide and a user guide, along with a few other supplements. The installation guide, for the most part, covers the actual software installation that is already done when the appliance arrives, but it also includes some helpful initial configuration tasks as well. The user guide provides excellent step-by-step instructions on configuration and management of the appliance, as well as detailed examples on how to use product features and functions.

McAfee provides several support options to customers based on the size and needs of their particular installation. Customers can obtain phone- and email-based technical help, as well as access to an online support area with many resources, including a knowledge base, tutorials and product documentation, as well as web-based chat.

At a price just shy of circa £7,500, we find this solution to be of excellent value for the money. The McAfee Vulnerability Manager provides a strong combination of features and function for full vulnerability management and compliance.
Peter Stephenson

SC Webcasts UK

Sign up to our newsletters

FOLLOW US