McAfee Vulnerability Manager
Strengths: Solid feature set. Installed on a hardened appliance
Weaknesses: Initial configuration is a little awkward
Verdict: A venerable tool with lots of features, but requires real effort to set up and customise
McAfee Vulnerability Manager is a full-featured, comprehensive network vulnerability scanner and auditing tool. It can actively discover and scan network assets across the enterprise, using its very versatile scanning engine.
While it does come as a hardened appliance, the software on it needs to be set up before use. The appliance comes with Windows Server 2003, Microsoft SQL Server 2005 and the applications already installed. To get it running, we had to go through a few setup wizards to customise it. Setup was confusing in parts, especially after setting up the various database accounts and then trying to access databases.
We had trouble figuring out which accounts to use, because there were so many. After setup, administration and scanning are done through the main console. This can be accessed via a standalone application or via a web GUI. The console is well organised, has a clean look and is intuitive to navigate. The dashboard also features many tabs that give a quick overview of vulnerability and risk statistics.
This product is a solid vulnerability scanning tool that provides a lot of risk and vulnerability data. It allows for reports to be created from regulatory compliance templates, including FISMA, PCI DSS, ASCI 33, Basel II, Bill 198, CobIT, GLBA, HIPAA, ISO 20071, NIST SP 800-68, SANS-FBI Top 20 and SOX. Scans are easy to create and can be tuned and customised.
Documentation is in the form of several PDF manuals, including an installation guide, console reference guide, administrator guide and user guide. All are easy to follow, with many screenshots and step-by-step configuration instructions.
McAfee offers standard support at no additional cost for the first year. The gold software support provides 24/7 phone assistance, proactive notifications and daily product updates. Other support options are available at an additional cost. There is also a support area on the website, with various technical resources.
At a price of approximately £10,150 for 1,000 IPs, Vulnerability Manager is good value for the money. It has a solid feature set, which after initial setup, is easy to use and highly configurable.