Software that analyzes a network to determine its exposure to unwanted intruders. Also called "vulnerability scanners," such products check client PCs, servers, routers, firewalls, network appliances, system software and applications for vulnerabilities that include open ports, back doors, poorly written scripts and unpatched operating systems.
A Security Scanner is a program used to find Security Exploit's (system bugs or misconfigurations which have a Security implication) on a network or Host System. Two common types of Security Scanners are:
Host Security Scanner - which tests a single system, starting with an authorized account.
Network Security Scanner - which looks for Security Exploit's one system from another, connected to the same network.
Why Use a Network Security Scanner?
Every IT administrator strives to use the best security measures available to protect and secure the corporate network. Essential security tool is the network security scanner, which not only helps to identify weaknesses and vulnerabilities in the network but great reduces the workload for administrators. Many different factors can impact security in modern business networks, and no IT department should be complacent about the possible consequences of failing to consider all of them. Good network security means a lot more than simply installing an antivirus product and occasionally deploying Windows updates. Security risks can come from so many other directions. Security holes in third party software products, employees’ use of uncontrolled devices, and failure to comply with regulatory requirements, can all land companies in hot water – both legally and financially. Good network security scanners are designed to take all these risks into consideration and guide companies on how to address the risks arising from the use of technology.
So, what kind of features should network administrators look for in a fully integrated network security scanner solution? Compatibility with, and awareness of, all the commonly used software products and operating systems is a very important factor, and the software should be able to work with these systems in both physical and virtualized environments, in recognition of the way many companies now construct their IT systems.
Patch management is a key concern. So many updates and patches are released to protect against newly discovered security vulnerabilities, that without a patch management solution it is nearly impossible to manually keep track of everything which needs to be applied across an infrastructure, both for individual software products as well as the operating systems. A good network security scanner should have the functionality to detect when important updates are missing, and to help IT staff respond quickly to update their systems. Vulnerabilities do not only exist because security or software updates have not been installed. Incorrect software configurations can create dangerous holes in the network, and these are sometimes caused by employees adjusting settings on their machines without knowledge of the knock-on effects. Choosing a network security scanner with change management and software audit capabilities can alert technical teams when these changes are made, allowing them to be quickly rectified. Asset inventory management is also essential. If a staff member has had a networked laptop offsite for a prolonged period and then rejoins it to the network, the IT team needs to be able to receive a notification, and should quickly ensure it is patched with recent updates so that it doesn’t become a potential easy target for malware attacks.
Finally, a network security scanner can help the technical department with an increasingly burdensome duty – compliance. It is best to look for a product that when deployed on a network fulfills most if not all of the requirements of a particular regulatory framework, for example, the PCI DSS standard for organizations that work with credit card details. A network security scanner is an essential addition to the modern IT department’s arsenal of security measures. The only alternative is to spend vast quantities of time performing manual tasks related to security and compliance, and still not achieve the levels of consistency possible with a dedicated solution managing these issues.
