NetVigilance Internal Scan - Cloud
Strengths: Full cloud-based internal and external scanning
Weaknesses: Limited online support options
Verdict: A good cloud-based solution to the vulnerability scanning challenge, especially for larger systems, though support needs some beefing up
Internal Scan - Cloud edition from netVigilance offers a full cloud-based vulnerability scanning engine that can scan both internal and external systems for vulnerabilities and compliance. This solution is based entirely in the cloud, so there is no need for the purchase of any additional hardware. All that is required is the installation of the scanning agent on a Microsoft Windows-based machine somewhere on the internal network.
The installation and configuration is done in two steps. The first is to go to the web-based management portal and download the agent installer. This agent can be installed on any internet-connected Microsoft Windows machine on the network. We found the installation of the agent to be quick and simple. After we installed the agent and made sure it could connect to the netVigilance cloud service, we logged onto the web-based portal provided by netVigilance to manage scan tasks, as well as view reports and manage our account and profile. We found the portal to be easy to navigate, with a simple design and easy-to-understand menu headings.
We found creating and launching scan jobs to be quite easy as well. When creating a scan job there are several options to choose from, including many regulatory compliance-scanning templates. Some options are: Safe Scan, Only High Risk, Heavy Scan with DoS, SANS Top 20, GLBA, HIPPA and External Firewall Scan. Administrators can also create and save custom scan policies that are built from scratch or are a variant of the existing scan policies.
Overall, we found creating and running scans to be easy and intuitive, but did find it a little difficult to track our scanning progress. When a scan job is in progress, the menu just states that the job is running. There are no progress bars or estimated time to completion indicators available. However, after a scan is completed, reports can easily be generated in many format types, including PDF, HTML and CSV.
Documentation included a customised quick-start guide, along with a short PDF user guide. The customised quick-start details the steps necessary to access the web-based portal, download and install the agent and get started with a basic scan. The user guide offers a more in-depth look at scanning options and how to use the product and features many screenshots and step-by-step instructions, along with detailed descriptions of product features and functions.
As part of the purchase price, the company offers ten-hours-a-day/five-days-a-week phone- and email-based technical support, along with updates and upgrades for the first year. After the first year, customers can purchase additional assistance as part of a contract. NetVigilance offers three levels of support to customers, including silver, gold and platinum. Each level includes assistance and access to a small online support area with downloads and a FAQ section. NetVigilance does not offer a knowledgebase at the current time.
At a price just shy of £9,995 for 1,024 IP addresses, we find this product to be solid value for the money. Internal Scan - Cloud offers full vulnerability scanning capability at a reasonable price with no hardware overhead.